Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/qjSOz67V-2nn1FLOardxdQewF28.roa
File: qjSOz67V-2nn1FLOardxdQewF28.roa (raw, json)
Hash identifier: dx5EJmZgqGgHBLC7ZaIpJob5f1zSlzFKfkevO6sOON8=
Subject key identifier: AA:34:8E:CF:AE:D5:FB:69:E7:D4:52:CE:6A:B7:71:75:07:B0:17:6F
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 0191230A525B3FE9990E27EF3BC3A583958D
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/qjSOz67V-2nn1FLOardxdQewF28.roa
Signing time: Mon 05 Aug 2024 14:56:04 +0000
ROA not before: Mon 05 Aug 2024 14:56:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 89.42.81.0/24 maxlen: 24
89.42.82.0/23 maxlen: 23
Validation: Failed, certificate revoked on Sun 25 Aug 2024 14:14:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:23:0a:52:5b:3f:e9:99:0e:27:ef:3b:c3:a5:83:95:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Aug 5 14:56:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=aa348ecfaed5fb69e7d452ce6ab7717507b0176f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:f9:2f:16:ac:d9:f6:ba:ac:f7:34:91:28:ad:
f2:1f:b8:b7:f0:d0:0b:0e:a2:a1:2a:16:f6:e9:62:
57:11:55:98:fd:d0:3c:3a:29:59:f7:21:ab:fd:55:
20:6a:66:7d:d5:2f:46:a1:30:50:b7:90:86:b4:14:
96:e2:78:55:a2:bc:92:3a:fd:5e:80:27:78:af:a8:
80:f4:8c:42:c7:87:2f:80:6f:24:fb:87:a4:b3:c5:
79:24:d8:49:0f:fd:54:15:54:01:24:cf:61:06:40:
a9:a1:a2:1a:ce:2c:ed:96:df:41:07:80:cc:37:a2:
dd:e3:af:da:80:b6:28:35:0a:0a:59:41:1c:6f:42:
ee:11:db:e4:0a:87:56:66:53:a4:91:4f:e6:55:a6:
dd:04:af:21:63:e9:1b:32:ce:6f:1e:cc:bb:b6:32:
0c:fe:8f:3b:28:c2:73:c7:28:f0:ae:f8:1e:b7:0a:
fb:e8:15:3b:72:d5:31:12:63:72:26:22:58:03:82:
2d:7c:51:5d:d2:0e:d9:ec:a6:e7:2b:b3:b0:1b:cd:
e8:61:17:ab:4e:96:ab:06:c3:d0:9b:d3:93:2c:80:
77:ea:5e:13:73:53:4f:db:90:51:26:f4:6c:4c:41:
07:20:c1:f0:99:60:dc:b4:2f:02:33:92:4c:9b:b3:
08:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:34:8E:CF:AE:D5:FB:69:E7:D4:52:CE:6A:B7:71:75:07:B0:17:6F
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/qjSOz67V-2nn1FLOardxdQewF28.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.42.81.0-89.42.83.255
Signature Algorithm: sha256WithRSAEncryption
31:ad:ed:43:05:77:87:0b:91:78:04:ad:95:e5:b6:d8:e6:d4:
05:81:3a:78:38:50:f8:86:69:e5:d7:79:c0:7c:1e:0f:ac:ea:
98:2c:dd:ef:c4:80:d8:5e:ee:75:cb:5c:19:22:d4:86:1d:64:
b1:31:55:5b:83:49:ce:d0:5a:12:f9:84:1e:c5:63:56:4e:60:
91:07:36:ce:64:0e:cf:75:06:10:7f:22:a3:37:21:3d:d2:cb:
f7:0c:c7:8e:25:c6:96:05:b3:ea:31:24:1c:93:50:07:b4:3c:
73:ce:46:09:58:38:ca:15:92:c4:9d:b2:39:58:cb:70:39:c5:
03:4f:46:3d:38:cb:3f:34:b1:83:b3:8e:7c:bb:c7:9e:38:1f:
d4:1a:dc:73:79:a8:31:39:d2:2a:2e:1e:ed:b2:12:b9:d6:69:
07:37:4e:a5:42:c7:ff:70:1b:de:91:b9:1f:1f:10:2a:6e:d9:
dd:93:7e:70:7f:87:c9:e1:17:cc:f6:f2:5b:32:c7:5c:46:a4:
78:88:c7:d3:8d:c0:cb:35:01:e4:6b:23:8c:d1:94:f0:f3:f9:
8f:86:99:82:37:6d:a4:53:2f:1c:23:e4:79:b4:fe:33:8b:e0:
97:ef:c3:87:1a:16:60:d9:e2:4f:1e:e5:04:65:e3:49:79:ce:
b4:b3:c4:d5
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZEjClJbP+mZDifvO8Olg5WNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjQwODA1MTQ1NjA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTM0OGVjZmFlZDVmYjY5ZTdkNDUyY2U2YWI3NzE3NTA3YjAxNzZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1vkvFqzZ9rqs9zSRKK3yH7i38NAL
DqKhKhb26WJXEVWY/dA8OilZ9yGr/VUgamZ91S9GoTBQt5CGtBSW4nhVorySOv1e
gCd4r6iA9IxCx4cvgG8k+4eks8V5JNhJD/1UFVQBJM9hBkCpoaIaziztlt9BB4DM
N6Ld46/agLYoNQoKWUEcb0LuEdvkCodWZlOkkU/mVabdBK8hY+kbMs5vHsy7tjIM
/o87KMJzxyjwrvgetwr76BU7ctUxEmNyJiJYA4ItfFFd0g7Z7KbnK7OwG83oYRer
TparBsPQm9OTLIB36l4Tc1NP25BRJvRsTEEHIMHwmWDctC8CM5JMm7MI5wIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFKo0js+u1ftp59RSzmq3cXUHsBdvMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvcWpTT3o2N1YtMm5uMUZMT2FyZHhkUWV3RjI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBABZKlED
BAJZKlAwDQYJKoZIhvcNAQELBQADggEBADGt7UMFd4cLkXgErZXlttjm1AWBOng4
UPiGaeXXecB8Hg+s6pgs3e/EgNhe7nXLXBki1IYdZLExVVuDSc7QWhL5hB7FY1ZO
YJEHNs5kDs91BhB/IqM3IT3Sy/cMx44lxpYFs+oxJByTUAe0PHPORglYOMoVksSd
sjlYy3A5xQNPRj04yz80sYOzjny7x544H9Qa3HN5qDE50iouHu2yErnWaQc3TqVC
x/9wG96RuR8fECpu2d2TfnB/h8nhF8z28lsyx1xGpHiIx9ONwMs1AeRrI4zRlPDz
+Y+GmYI3baRTLxwj5Hm0/jOL4Jfvw4caFmDZ4k8e5QRl40l5zrSzxNU=
-----END CERTIFICATE-----
Generated at Sun Aug 25 17:41:48 2024 by rpki-client on console-ams.rpki-client.org