Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/s9FIe5ZZvOGbiqHYQjUptUmgSbU.roa
File: s9FIe5ZZvOGbiqHYQjUptUmgSbU.roa (raw, json)
Hash identifier: ggQcE+/j7JFvx+gXZ6Bhz7g1qWbZhNjpK4cltUmvtPE=
Subject key identifier: B3:D1:48:7B:96:59:BC:E1:9B:8A:A1:D8:42:35:29:B5:49:A0:49:B5
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 018B5648D85A7291783F17DD32C9E15B74CE
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/s9FIe5ZZvOGbiqHYQjUptUmgSbU.roa
Signing time: Sun 22 Oct 2023 07:28:16 +0000
ROA not before: Sun 22 Oct 2023 07:28:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60949
IP address blocks: 89.42.84.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 11 Nov 2023 23:26:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:56:48:d8:5a:72:91:78:3f:17:dd:32:c9:e1:5b:74:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Oct 22 07:28:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b3d1487b9659bce19b8aa1d8423529b549a049b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:4a:ff:6e:7a:ab:e3:60:cc:72:ce:89:df:2d:
db:2e:1c:5d:3c:af:bd:14:2b:73:0e:b2:4f:9a:49:
d0:d9:62:95:34:d3:86:f1:9c:0d:42:84:f6:7c:c9:
64:65:45:11:71:fb:8a:43:14:e8:68:b6:7c:e4:ef:
f8:a5:b1:92:3b:6b:a1:b9:76:fc:08:1c:0a:9c:39:
0b:22:96:d6:eb:de:64:07:5d:5d:42:81:4f:97:af:
53:1f:09:55:70:1a:f8:9f:25:9f:91:20:df:05:a5:
11:52:9e:6a:cb:41:4b:36:0d:5d:99:2e:1f:55:f1:
96:de:ae:d2:c4:c3:09:7b:06:44:4b:d1:aa:5f:6f:
6b:fb:95:db:28:13:62:89:c3:e7:00:ad:f2:d7:0c:
77:cd:56:06:3b:f1:28:f7:57:08:64:83:ff:17:17:
a7:da:2a:51:bf:9d:7f:7b:49:7c:33:9e:fe:39:c2:
95:1d:7c:b3:03:08:fb:87:ad:ee:a9:81:11:98:3f:
d4:7e:b8:0b:40:73:fd:a5:98:d0:2b:9e:28:c2:65:
0d:3d:80:69:61:6b:4d:da:e8:ab:73:5c:5e:5c:88:
5a:e8:45:87:b2:33:6d:e7:a5:2f:5f:08:5d:5f:97:
39:6e:e4:51:00:51:3b:93:ef:eb:5c:4c:70:ba:fa:
18:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:D1:48:7B:96:59:BC:E1:9B:8A:A1:D8:42:35:29:B5:49:A0:49:B5
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/s9FIe5ZZvOGbiqHYQjUptUmgSbU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.42.84.0/24
Signature Algorithm: sha256WithRSAEncryption
32:20:a6:ea:4e:83:62:f7:c6:1d:55:7c:83:36:13:19:94:7f:
d2:d8:9d:4c:5b:84:33:00:77:7e:3a:4e:66:eb:36:b8:41:d6:
ac:69:6e:af:b6:e6:89:7c:46:6a:1d:75:e3:4c:4d:68:c9:b9:
eb:e5:2d:97:11:af:a4:6f:73:76:b3:58:2c:9c:9f:bf:d0:fd:
e5:71:74:23:33:0f:08:40:ba:58:df:a8:74:dd:6d:00:2c:ec:
ec:c4:f1:0c:f5:2c:8e:c6:4b:39:8b:75:42:53:c5:3a:b8:7e:
07:3f:0b:b1:63:44:14:78:a8:93:c0:89:d1:53:66:90:98:f2:
9d:c9:e3:55:e1:0f:a4:ee:b7:28:21:67:b5:53:17:8f:e2:0c:
0a:79:8d:62:8c:b4:12:77:73:dd:31:ad:04:21:d6:db:30:fb:
bd:c8:a7:5f:46:25:15:38:8f:20:5b:21:4c:28:f3:ce:97:64:
b2:df:37:af:0d:5e:c5:f1:81:44:53:f6:4a:45:f9:4e:7a:52:
c8:6a:e1:ba:81:73:fe:c9:46:ed:ec:0b:98:d8:57:9c:0b:5d:
f0:8f:4c:d0:ff:d9:6d:12:76:92:51:fc:c6:1c:52:15:cb:6f:
be:74:04:23:2e:11:3e:4a:de:50:e2:7c:f5:ef:dd:f3:df:b7:
85:72:fd:31
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYtWSNhacpF4PxfdMsnhW3TOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjMxMDIyMDcyODE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiM2QxNDg3Yjk2NTliY2UxOWI4YWExZDg0MjM1MjliNTQ5YTA0OWI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm0r/bnqr42DMcs6J3y3bLhxdPK+9
FCtzDrJPmknQ2WKVNNOG8ZwNQoT2fMlkZUURcfuKQxToaLZ85O/4pbGSO2uhuXb8
CBwKnDkLIpbW695kB11dQoFPl69THwlVcBr4nyWfkSDfBaURUp5qy0FLNg1dmS4f
VfGW3q7SxMMJewZES9GqX29r+5XbKBNiicPnAK3y1wx3zVYGO/Eo91cIZIP/Fxen
2ipRv51/e0l8M57+OcKVHXyzAwj7h63uqYERmD/UfrgLQHP9pZjQK54owmUNPYBp
YWtN2uirc1xeXIha6EWHsjNt56UvXwhdX5c5buRRAFE7k+/rXExwuvoY0wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLPRSHuWWbzhm4qh2EI1KbVJoEm1MB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvczlGSWU1Wlp2T0diaXFIWVFqVXB0VW1nU2JVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWSpUMA0G
CSqGSIb3DQEBCwUAA4IBAQAyIKbqToNi98YdVXyDNhMZlH/S2J1MW4QzAHd+Ok5m
6za4QdasaW6vtuaJfEZqHXXjTE1oybnr5S2XEa+kb3N2s1gsnJ+/0P3lcXQjMw8I
QLpY36h03W0ALOzsxPEM9SyOxks5i3VCU8U6uH4HPwuxY0QUeKiTwInRU2aQmPKd
yeNV4Q+k7rcoIWe1UxeP4gwKeY1ijLQSd3PdMa0EIdbbMPu9yKdfRiUVOI8gWyFM
KPPOl2Sy3zevDV7F8YFEU/ZKRflOelLIauG6gXP+yUbt7AuY2FecC13wj0zQ/9lt
EnaSUfzGHFIVy2++dAQjLhE+St5Q4nz1793z37eFcv0x
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:19 2024 by rpki-client on console-fra.rpki-client.org