Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/qvIdOW3BT6jCQvkYtFG3nsLWbWQ.roa
File: qvIdOW3BT6jCQvkYtFG3nsLWbWQ.roa (raw, json)
Hash identifier: LDAodDOwFJybDHEzLBvbgSQsE8OQFTHRDYZ0ibwJJhw=
Subject key identifier: AA:F2:1D:39:6D:C1:4F:A8:C2:42:F9:18:B4:51:B7:9E:C2:D6:6D:64
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 018CE7D11586500AFCA1473E5615E0560C39
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/qvIdOW3BT6jCQvkYtFG3nsLWbWQ.roa
Signing time: Mon 08 Jan 2024 06:44:48 +0000
ROA not before: Mon 08 Jan 2024 06:44:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 89.42.81.0/24 maxlen: 24
89.42.82.0/23 maxlen: 23
89.37.196.0/24 maxlen: 24
89.47.121.0/24 maxlen: 24
89.34.230.0/24 maxlen: 24
89.46.3.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 08 Jan 2024 12:43:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:e7:d1:15:86:50:0a:fc:a1:47:3e:56:15:e0:56:0c:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Jan 8 06:44:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=aaf21d396dc14fa8c242f918b451b79ec2d66d64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:29:07:98:8b:33:f7:d0:8e:d5:7d:45:5b:96:
cc:d5:c0:d5:88:fd:a8:0d:4b:22:7b:58:96:24:ea:
7b:d5:d4:56:b1:a6:f7:ae:1f:f0:54:6a:c4:d5:f9:
0e:31:49:26:33:62:cb:a0:ea:37:34:d9:19:34:d8:
d6:30:4d:8a:42:f6:53:7b:90:ac:3b:c1:c1:21:d6:
35:73:ae:05:01:18:02:6f:26:7d:3b:22:2f:bd:7d:
37:cf:60:59:a4:7c:37:bb:0c:f7:a2:75:c2:87:a9:
74:ff:dd:17:27:81:4a:80:23:8f:59:3f:c8:21:4e:
2d:b4:33:6d:0d:3b:d9:bb:2d:a4:4e:d6:14:8a:05:
cf:92:66:03:de:82:3e:3a:82:08:af:20:d2:d4:03:
01:2f:e1:5a:37:88:03:af:44:94:cc:81:ee:df:67:
11:9b:21:98:77:15:71:9f:6e:3a:0c:9a:bf:ea:7a:
f4:04:bd:48:bf:00:b4:28:31:39:0e:43:8f:10:18:
4b:5b:c4:1c:b9:9a:31:d9:6c:4b:11:c9:54:b9:f8:
19:6b:30:8d:2c:05:64:0a:de:b9:ea:91:42:5f:96:
13:f1:5a:cb:3b:bc:2c:e0:92:e3:5a:03:54:c8:96:
d9:9c:7e:63:d7:27:71:e6:46:02:23:ac:0d:53:42:
af:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:F2:1D:39:6D:C1:4F:A8:C2:42:F9:18:B4:51:B7:9E:C2:D6:6D:64
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/qvIdOW3BT6jCQvkYtFG3nsLWbWQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.34.230.0/24
89.37.196.0/24
89.42.81.0-89.42.83.255
89.46.3.0/24
89.47.121.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:ac:80:83:dc:61:46:f3:7b:d0:7d:85:56:26:05:0d:3a:43:
70:5e:8c:eb:4b:12:aa:9a:79:b2:ae:20:ae:93:c4:7c:d1:9a:
64:84:d1:61:b1:d6:55:81:87:ef:01:d0:e8:22:06:fb:1e:b7:
6a:a0:ff:e0:5a:76:90:88:21:b8:50:06:76:df:25:49:62:50:
3c:a2:5f:19:7e:7b:bf:81:d9:2d:e5:06:64:ed:5f:9c:83:b2:
12:54:c2:39:b8:b6:21:5c:e5:40:93:39:a3:7a:25:6a:a6:c8:
74:e2:d4:e5:d3:ef:24:8d:35:7f:85:c4:ab:84:24:7f:98:06:
e9:6f:d8:5b:03:32:4e:0e:84:8c:11:0b:56:ed:65:5c:ab:58:
20:4b:9d:30:a8:03:47:bd:a6:33:32:13:cd:72:2c:d1:4e:d3:
72:0c:e9:f7:14:a6:c5:e1:5e:b2:9e:40:99:07:1c:3d:00:b8:
cd:7e:97:ea:be:a5:5e:18:95:d6:20:70:3c:40:bb:35:ef:b9:
9f:89:ca:4e:5c:09:42:31:93:3f:1a:60:56:9f:f3:68:99:16:
b7:ff:68:13:c0:a6:2c:9d:31:cf:4b:1f:a5:82:34:80:4c:29:
da:25:3a:72:69:8d:f1:cf:c0:86:55:6b:09:41:5f:2d:30:76:
8f:05:31:46
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYzn0RWGUAr8oUc+VhXgVgw5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjQwMTA4MDY0NDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYWYyMWQzOTZkYzE0ZmE4YzI0MmY5MThiNDUxYjc5ZWMyZDY2ZDY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgCkHmIsz99CO1X1FW5bM1cDViP2o
DUsie1iWJOp71dRWsab3rh/wVGrE1fkOMUkmM2LLoOo3NNkZNNjWME2KQvZTe5Cs
O8HBIdY1c64FARgCbyZ9OyIvvX03z2BZpHw3uwz3onXCh6l0/90XJ4FKgCOPWT/I
IU4ttDNtDTvZuy2kTtYUigXPkmYD3oI+OoIIryDS1AMBL+FaN4gDr0SUzIHu32cR
myGYdxVxn246DJq/6nr0BL1IvwC0KDE5DkOPEBhLW8QcuZox2WxLEclUufgZazCN
LAVkCt656pFCX5YT8VrLO7ws4JLjWgNUyJbZnH5j1ydx5kYCI6wNU0Kv1wIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFKryHTltwU+owkL5GLRRt57C1m1kMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvcXZJZE9XM0JUNmpDUXZrWXRGRzNuc0xXYldRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQAWSLmAwQA
WSXEMAwDBABZKlEDBAJZKlADBABZLgMDBABZL3kwDQYJKoZIhvcNAQELBQADggEB
AG+sgIPcYUbze9B9hVYmBQ06Q3BejOtLEqqaebKuIK6TxHzRmmSE0WGx1lWBh+8B
0OgiBvset2qg/+BadpCIIbhQBnbfJUliUDyiXxl+e7+B2S3lBmTtX5yDshJUwjm4
tiFc5UCTOaN6JWqmyHTi1OXT7ySNNX+FxKuEJH+YBulv2FsDMk4OhIwRC1btZVyr
WCBLnTCoA0e9pjMyE81yLNFO03IM6fcUpsXhXrKeQJkHHD0AuM1+l+q+pV4YldYg
cDxAuzXvuZ+Jyk5cCUIxkz8aYFaf82iZFrf/aBPApiydMc9LH6WCNIBMKdolOnJp
jfHPwIZVawlBXy0wdo8FMUY=
-----END CERTIFICATE-----
Generated at Mon Jan 8 17:51:38 2024 by rpki-client on console-ams.rpki-client.org