Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/mqzG6x7eGYr2fxvfh1S1XvV7l4k.roa
File: mqzG6x7eGYr2fxvfh1S1XvV7l4k.roa (raw, json)
Hash identifier: daVKKmTt6swtPUYf4ZAks2vVvJVo3ECRuNbkXU7qWwo=
Subject key identifier: 9A:AC:C6:EB:1E:DE:19:8A:F6:7F:1B:DF:87:54:B5:5E:F5:7B:97:89
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 018B5C77C9062BD6BBB01B1EC8DC805BBF58
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/mqzG6x7eGYr2fxvfh1S1XvV7l4k.roa
Signing time: Mon 23 Oct 2023 12:17:15 +0000
ROA not before: Mon 23 Oct 2023 12:17:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 89.42.82.0/23 maxlen: 23
89.42.83.0/24 maxlen: 24
89.42.84.0/24 maxlen: 24
89.42.80.0/23 maxlen: 23
Validation: Failed, certificate revoked on Wed 25 Oct 2023 14:18:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:5c:77:c9:06:2b:d6:bb:b0:1b:1e:c8:dc:80:5b:bf:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Oct 23 12:17:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9aacc6eb1ede198af67f1bdf8754b55ef57b9789
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:e4:5f:68:f9:2b:de:26:62:7a:c9:5c:49:f4:
52:67:4f:e6:6a:fa:a5:1c:84:dd:67:f4:e3:d2:14:
47:22:a9:da:23:ac:e8:3b:05:00:1c:39:a9:ee:ce:
87:1a:d2:18:6d:55:51:70:4f:bf:a7:a0:19:60:12:
1f:51:0f:7e:e4:80:d9:d3:1a:28:c7:e8:9f:0c:df:
aa:30:d8:26:bd:cf:c1:39:7a:ca:24:90:5a:56:37:
fa:b2:e9:bf:dc:59:12:08:13:12:82:1c:a1:7d:a1:
ec:83:66:0e:94:15:e0:c1:91:7b:f0:bc:94:bd:4b:
9d:3a:52:6b:16:17:75:6b:b6:f0:cf:dd:2f:1a:f9:
58:fc:ea:c1:9a:d4:da:6f:50:f9:e2:d2:bd:a9:2a:
2b:34:6e:64:ec:47:e6:6f:c4:ba:41:43:4d:eb:55:
20:ad:44:e0:93:05:59:75:e7:6b:49:3e:3f:b2:ee:
74:3a:15:eb:f8:92:95:63:78:66:87:64:f1:bb:7d:
73:1f:9e:f4:32:03:df:5d:bf:ea:bb:a5:c6:e6:33:
0d:b6:ae:2e:57:e6:59:a4:05:c7:74:58:ea:81:b6:
f7:69:dd:e0:db:7b:d2:e3:c6:4f:3d:9d:74:dc:4d:
87:54:61:f1:b3:79:91:70:ab:1b:3d:50:16:f2:9e:
4a:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:AC:C6:EB:1E:DE:19:8A:F6:7F:1B:DF:87:54:B5:5E:F5:7B:97:89
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/mqzG6x7eGYr2fxvfh1S1XvV7l4k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.42.80.0-89.42.84.255
Signature Algorithm: sha256WithRSAEncryption
7c:1a:e2:05:c5:a7:d1:0d:91:56:b7:47:f4:82:f0:63:34:28:
81:e1:c5:37:69:32:c7:0d:79:1b:b1:8c:6d:8f:40:46:7d:4f:
ad:f3:04:b1:d8:5f:1b:3f:65:d1:1c:01:7a:cf:25:c0:e3:ed:
21:b1:2d:0d:0f:2e:a0:3c:af:ab:c1:37:6e:e7:3f:68:16:8d:
f6:8e:6b:fc:c5:89:ce:75:fb:58:f5:9a:7f:5c:4e:c8:d3:9b:
3d:8a:e8:76:5c:8d:e6:a9:e7:42:42:a2:e7:bc:e4:16:0d:7e:
d7:85:a3:4e:c0:29:51:86:bd:0c:ef:62:0b:bd:35:34:87:f7:
06:36:3b:89:e7:7d:b3:ec:80:bb:0c:14:9b:f1:8d:e2:ba:5f:
d7:66:bc:66:6e:f4:ee:cb:f6:7c:eb:5f:07:7f:91:1d:3c:b2:
9d:d9:fa:fe:37:52:4f:94:1f:c9:f4:18:9c:43:bb:44:d6:8d:
b3:43:37:ea:a1:d8:95:3a:97:cb:03:5a:a5:2f:d0:82:b1:24:
8b:34:2d:fa:a4:95:bf:3d:94:7d:c6:e5:fd:15:b3:3e:45:7d:
d1:f8:4a:bd:3c:5c:7a:9b:2b:41:d8:ef:bf:41:d7:95:e0:27:
e1:52:4f:6d:7f:7d:b3:e5:0e:cf:04:8a:05:aa:dd:e0:d8:44:
cf:7a:f1:7d
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYtcd8kGK9a7sBseyNyAW79YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjMxMDIzMTIxNzE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YWFjYzZlYjFlZGUxOThhZjY3ZjFiZGY4NzU0YjU1ZWY1N2I5Nzg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn+RfaPkr3iZieslcSfRSZ0/mavql
HITdZ/Tj0hRHIqnaI6zoOwUAHDmp7s6HGtIYbVVRcE+/p6AZYBIfUQ9+5IDZ0xoo
x+ifDN+qMNgmvc/BOXrKJJBaVjf6sum/3FkSCBMSghyhfaHsg2YOlBXgwZF78LyU
vUudOlJrFhd1a7bwz90vGvlY/OrBmtTab1D54tK9qSorNG5k7Efmb8S6QUNN61Ug
rUTgkwVZdedrST4/su50OhXr+JKVY3hmh2Txu31zH570MgPfXb/qu6XG5jMNtq4u
V+ZZpAXHdFjqgbb3ad3g23vS48ZPPZ103E2HVGHxs3mRcKsbPVAW8p5KWQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFJqsxuse3hmK9n8b34dUtV71e5eJMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvbXF6RzZ4N2VHWXIyZnh2ZmgxUzFYdlY3bDRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBARZKlAD
BABZKlQwDQYJKoZIhvcNAQELBQADggEBAHwa4gXFp9ENkVa3R/SC8GM0KIHhxTdp
MscNeRuxjG2PQEZ9T63zBLHYXxs/ZdEcAXrPJcDj7SGxLQ0PLqA8r6vBN27nP2gW
jfaOa/zFic51+1j1mn9cTsjTmz2K6HZcjeap50JCoue85BYNfteFo07AKVGGvQzv
Ygu9NTSH9wY2O4nnfbPsgLsMFJvxjeK6X9dmvGZu9O7L9nzrXwd/kR08sp3Z+v43
Uk+UH8n0GJxDu0TWjbNDN+qh2JU6l8sDWqUv0IKxJIs0Lfqklb89lH3G5f0Vsz5F
fdH4Sr08XHqbK0HY779B15XgJ+FST21/fbPlDs8EigWq3eDYRM968X0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:19 2024 by rpki-client on console-fra.rpki-client.org