Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/qVwCpX7WhtCY8v0IJubClkHV1o0.roa
File: qVwCpX7WhtCY8v0IJubClkHV1o0.roa (raw, json)
Hash identifier: SLLkw1SKGBBM3zICXtT5UJSLN6b+iWe5wakgk0nsRsE=
Subject key identifier: A9:5C:02:A5:7E:D6:86:D0:98:F2:FD:08:26:E6:C2:96:41:D5:D6:8D
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 018CC26D1CF58087803C7F1B014078D32B06
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/qVwCpX7WhtCY8v0IJubClkHV1o0.roa
Signing time: Mon 01 Jan 2024 00:29:39 +0000
ROA not before: Mon 01 Jan 2024 00:29:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7018
IP address blocks: 89.42.81.0/24 maxlen: 24
89.42.95.0/24 maxlen: 24
89.47.127.0/24 maxlen: 24
89.34.228.0/24 maxlen: 24
93.113.181.0/24 maxlen: 24
89.46.0.0/24 maxlen: 24
89.43.143.0/24 maxlen: 24
89.43.140.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 11 Jan 2024 16:26:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:1c:f5:80:87:80:3c:7f:1b:01:40:78:d3:2b:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Jan 1 00:29:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a95c02a57ed686d098f2fd0826e6c29641d5d68d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:46:cf:d6:fd:ab:42:f9:6d:aa:63:2d:2e:1d:
95:a2:5a:b2:27:92:8f:26:d6:10:5c:c5:68:d7:41:
ee:76:dd:b9:65:57:ec:fa:d2:d6:07:2a:59:93:c4:
df:b3:85:9b:36:61:2c:4e:96:ba:d4:46:a9:04:4b:
13:c3:0b:61:30:5c:a2:5a:d4:e9:c4:82:a4:bb:44:
69:6e:33:3a:c3:32:fc:81:21:9c:04:4c:c7:05:99:
2f:65:b3:db:fd:a7:a0:0a:3d:30:3a:9f:e7:08:54:
50:e6:cb:8c:8c:15:ad:98:97:fd:aa:f0:6c:65:e9:
d1:3c:42:f7:2b:3c:35:4f:1f:9f:f1:0c:31:2f:a6:
2c:6e:d8:7c:1b:96:be:95:b7:63:b3:6d:78:cd:5c:
81:79:fb:bd:7f:2a:ba:05:34:0e:49:9e:91:ff:d9:
72:6f:fc:7e:a4:95:79:f4:78:10:0c:46:5d:f5:1a:
0f:7d:52:ab:43:45:b4:d8:34:7d:30:ca:98:8d:f5:
6b:67:4b:01:4f:13:51:ae:7d:30:c6:01:4c:33:86:
7b:16:0c:ef:55:4f:06:12:fa:0c:24:b0:1d:31:e6:
95:d1:e7:78:1b:fc:a4:f3:c8:c7:38:ca:f1:4a:e4:
2d:50:4e:cc:f8:e8:81:69:0a:68:22:36:5e:f6:15:
86:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:5C:02:A5:7E:D6:86:D0:98:F2:FD:08:26:E6:C2:96:41:D5:D6:8D
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/qVwCpX7WhtCY8v0IJubClkHV1o0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.34.228.0/24
89.42.81.0/24
89.42.95.0/24
89.43.140.0/24
89.43.143.0/24
89.46.0.0/24
89.47.127.0/24
93.113.181.0/24
Signature Algorithm: sha256WithRSAEncryption
7b:c3:6a:43:21:2f:a5:26:ea:68:c5:83:ea:b0:59:07:7f:8a:
50:05:ec:53:7d:bd:00:5b:d2:6d:9a:47:5d:45:4d:9f:4d:c1:
b8:68:49:77:87:b2:f2:4c:a4:64:01:fd:53:ae:5b:4a:58:61:
58:7f:66:c2:ba:3e:26:68:1c:9a:be:70:8b:c5:2d:8d:1c:e2:
20:a4:96:0e:d5:4c:76:3c:05:8b:ef:1f:7a:21:5d:eb:a5:65:
30:88:66:07:d2:22:6d:8d:65:c7:5d:29:58:65:80:be:9c:91:
1b:cb:f8:ac:65:39:bd:3b:55:cc:66:42:a6:dd:c8:8a:64:71:
8a:2d:e3:94:14:6f:cc:57:c8:0a:b1:d3:65:99:1c:37:6d:66:
d6:bd:04:97:eb:55:cd:3a:a0:f7:82:c6:2d:d9:6d:c8:24:ee:
f2:16:06:ee:82:d0:55:38:10:2c:6a:27:87:05:7b:23:bc:3b:
4e:e6:73:63:ca:bf:0c:a2:be:bc:d2:bd:3f:a5:47:b3:8e:bd:
37:12:17:6a:1e:ca:fa:c0:1c:af:26:e1:1b:53:e5:c0:fb:c7:
57:0b:0c:54:4d:b1:8b:3f:3c:0e:36:08:1d:a9:af:5e:7e:5a:
5f:36:7a:4e:97:9a:47:8b:7c:71:70:39:89:59:32:7a:b1:39:
3e:20:5d:e0
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYzCbRz1gIeAPH8bAUB40ysGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjQwMTAxMDAyOTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOTVjMDJhNTdlZDY4NmQwOThmMmZkMDgyNmU2YzI5NjQxZDVkNjhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhEbP1v2rQvltqmMtLh2VolqyJ5KP
JtYQXMVo10Hudt25ZVfs+tLWBypZk8Tfs4WbNmEsTpa61EapBEsTwwthMFyiWtTp
xIKku0RpbjM6wzL8gSGcBEzHBZkvZbPb/aegCj0wOp/nCFRQ5suMjBWtmJf9qvBs
ZenRPEL3Kzw1Tx+f8QwxL6Ysbth8G5a+lbdjs214zVyBefu9fyq6BTQOSZ6R/9ly
b/x+pJV59HgQDEZd9RoPfVKrQ0W02DR9MMqYjfVrZ0sBTxNRrn0wxgFMM4Z7Fgzv
VU8GEvoMJLAdMeaV0ed4G/yk88jHOMrxSuQtUE7M+OiBaQpoIjZe9hWGvQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFKlcAqV+1obQmPL9CCbmwpZB1daNMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvcVZ3Q3BYN1dodENZOHYwSUp1YkNsa0hWMW8wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAWSLkAwQA
WSpRAwQAWSpfAwQAWSuMAwQAWSuPAwQAWS4AAwQAWS9/AwQAXXG1MA0GCSqGSIb3
DQEBCwUAA4IBAQB7w2pDIS+lJupoxYPqsFkHf4pQBexTfb0AW9JtmkddRU2fTcG4
aEl3h7LyTKRkAf1TrltKWGFYf2bCuj4maByavnCLxS2NHOIgpJYO1Ux2PAWL7x96
IV3rpWUwiGYH0iJtjWXHXSlYZYC+nJEby/isZTm9O1XMZkKm3ciKZHGKLeOUFG/M
V8gKsdNlmRw3bWbWvQSX61XNOqD3gsYt2W3IJO7yFgbugtBVOBAsaieHBXsjvDtO
5nNjyr8Mor680r0/pUezjr03EhdqHsr6wByvJuEbU+XA+8dXCwxUTbGLPzwONggd
qa9eflpfNnpOl5pHi3xxcDmJWTJ6sTk+IF3g
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:19 2024 by rpki-client on console-fra.rpki-client.org