Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/tShNa-MpUdyIcepkoHewxn6YF4M.roa
File: tShNa-MpUdyIcepkoHewxn6YF4M.roa (raw, json)
Hash identifier: fBmsMNN2qci6eIO4tnwsehqQN2J5Jyit+dfUiJCN7d0=
Subject key identifier: B5:28:4D:6B:E3:29:51:DC:88:71:EA:64:A0:77:B0:C6:7E:98:17:83
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 018A11B0F725B2A774D030938B280E09C205
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/tShNa-MpUdyIcepkoHewxn6YF4M.roa
Signing time: Sun 20 Aug 2023 06:45:24 +0000
ROA not before: Sun 20 Aug 2023 06:45:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 89.42.82.0/23 maxlen: 23
89.42.80.0/23 maxlen: 23
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:11:b0:f7:25:b2:a7:74:d0:30:93:8b:28:0e:09:c2:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Aug 20 06:45:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b5284d6be32951dc8871ea64a077b0c67e981783
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:63:99:cc:d6:70:aa:d6:e0:3f:11:d6:fa:1c:
63:7d:2f:5a:29:0f:0e:4e:e8:f1:df:31:04:6f:b5:
ae:33:54:98:9b:c3:88:8c:bd:dc:0c:10:a3:55:b1:
79:84:ba:e3:18:e2:d0:ee:dd:e3:87:7f:4c:8e:6d:
0c:76:bd:4c:50:3c:9d:da:9c:bb:be:8f:4c:fd:bc:
39:b2:33:f8:5b:c6:10:e7:58:4a:4a:23:b4:f7:7d:
6c:cc:27:7e:7b:44:6e:80:9a:15:09:91:20:d8:ce:
fd:a9:2c:ac:72:14:96:47:6b:00:dc:b5:f3:b2:ba:
2c:7d:0b:3b:c5:fc:12:0e:23:4a:1c:12:2f:96:98:
62:f9:41:04:5f:20:78:d9:14:99:6c:4f:f8:11:9a:
cc:ef:55:78:f1:26:86:c7:bd:b2:8e:aa:3d:ec:8f:
f1:5b:9f:32:91:2f:ab:29:42:6f:c8:9f:82:f5:b6:
fd:33:4d:3a:1d:77:b1:c7:a8:07:29:2e:76:9a:b6:
32:3a:0b:b4:de:f3:b1:46:75:ee:e8:c5:64:ff:a1:
34:67:23:cb:75:eb:9f:cf:3f:3f:f2:e1:9c:93:d0:
37:34:6d:02:0a:be:3a:14:45:45:23:19:2b:5d:2a:
d1:a3:8f:9e:78:1e:43:ee:6e:fb:d8:97:54:4f:e7:
86:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:28:4D:6B:E3:29:51:DC:88:71:EA:64:A0:77:B0:C6:7E:98:17:83
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/tShNa-MpUdyIcepkoHewxn6YF4M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.42.80.0/22
Signature Algorithm: sha256WithRSAEncryption
5e:e2:05:45:02:4b:36:82:8a:bc:cd:55:fb:dc:c9:f6:06:85:
fc:7f:a0:8e:1f:36:69:80:7b:0f:16:4f:c0:48:0f:88:bc:d1:
57:06:80:68:23:a6:c9:3b:2f:ff:c6:0e:89:79:21:fe:30:b1:
ee:de:c1:cb:05:8c:5f:3a:ae:97:63:2f:dd:1a:21:8a:81:8c:
0a:73:14:67:7e:b1:e9:45:9a:ac:03:6b:22:45:93:11:c3:a7:
26:e3:94:84:f8:4b:c3:e5:2a:ba:be:07:1e:ea:3f:c4:23:e1:
9c:f4:91:0f:93:6d:03:6f:60:7e:5b:c1:84:25:9a:0c:d1:36:
08:66:e6:92:35:11:94:99:c7:6e:92:f0:41:3a:a6:7d:a9:2a:
e2:7b:7e:20:0c:d9:14:4c:23:09:cb:57:45:71:bc:a9:d4:44:
71:93:0b:d6:2f:48:24:36:3d:46:53:24:d5:24:ff:89:8c:c2:
1c:13:5e:51:bb:ef:1c:12:13:f8:37:8f:13:ce:fb:0d:b6:7d:
87:26:32:73:50:2c:51:d1:d8:63:19:02:3c:45:7a:48:14:d1:
81:ff:32:66:83:b3:f9:e5:49:17:28:e6:af:01:04:44:72:78:
c2:cb:a0:32:85:e3:d4:b1:80:a4:5d:9b:62:df:7d:b2:95:24:
a7:d2:cf:54
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYoRsPclsqd00DCTiygOCcIFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjMwODIwMDY0NTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTI4NGQ2YmUzMjk1MWRjODg3MWVhNjRhMDc3YjBjNjdlOTgxNzgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqWOZzNZwqtbgPxHW+hxjfS9aKQ8O
Tujx3zEEb7WuM1SYm8OIjL3cDBCjVbF5hLrjGOLQ7t3jh39Mjm0Mdr1MUDyd2py7
vo9M/bw5sjP4W8YQ51hKSiO0931szCd+e0RugJoVCZEg2M79qSyschSWR2sA3LXz
srosfQs7xfwSDiNKHBIvlphi+UEEXyB42RSZbE/4EZrM71V48SaGx72yjqo97I/x
W58ykS+rKUJvyJ+C9bb9M006HXexx6gHKS52mrYyOgu03vOxRnXu6MVk/6E0ZyPL
deufzz8/8uGck9A3NG0CCr46FEVFIxkrXSrRo4+eeB5D7m772JdUT+eGGQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLUoTWvjKVHciHHqZKB3sMZ+mBeDMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvdFNoTmEtTXBVZHlJY2Vwa29IZXd4bjZZRjRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCWSpQMA0G
CSqGSIb3DQEBCwUAA4IBAQBe4gVFAks2goq8zVX73Mn2BoX8f6COHzZpgHsPFk/A
SA+IvNFXBoBoI6bJOy//xg6JeSH+MLHu3sHLBYxfOq6XYy/dGiGKgYwKcxRnfrHp
RZqsA2siRZMRw6cm45SE+EvD5Sq6vgce6j/EI+Gc9JEPk20Db2B+W8GEJZoM0TYI
ZuaSNRGUmcdukvBBOqZ9qSrie34gDNkUTCMJy1dFcbyp1ERxkwvWL0gkNj1GUyTV
JP+JjMIcE15Ru+8cEhP4N48TzvsNtn2HJjJzUCxR0dhjGQI8RXpIFNGB/zJmg7P5
5UkXKOavAQREcnjCy6AyhePUsYCkXZti332ylSSn0s9U
-----END CERTIFICATE-----
Generated at Thu Aug 24 09:39:24 2023 by rpki-client on console-ams.rpki-client.org