Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/tpMlIDJTi6yzFsmPFmaBfIw4Jhg.roa
File: tpMlIDJTi6yzFsmPFmaBfIw4Jhg.roa (raw, json)
Hash identifier: B8q5kz3bJMIUtDtgLo/mNAPtanKBoqt7vhRz4JT+Dso=
Subject key identifier: B6:93:25:20:32:53:8B:AC:B3:16:C9:8F:16:66:81:7C:8C:38:26:18
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 018D3A8E29660408D2A1973C907CEFE4E6E5
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/tpMlIDJTi6yzFsmPFmaBfIw4Jhg.roa
Signing time: Wed 24 Jan 2024 08:20:11 +0000
ROA not before: Wed 24 Jan 2024 08:20:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 89.42.81.0/24 maxlen: 24
89.42.82.0/23 maxlen: 23
89.42.142.0/24 maxlen: 24
89.46.2.0/24 maxlen: 24
89.46.3.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 24 Jan 2024 10:35:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:3a:8e:29:66:04:08:d2:a1:97:3c:90:7c:ef:e4:e6:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Jan 24 08:20:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b693252032538bacb316c98f1666817c8c382618
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:95:46:eb:1c:70:9a:33:31:86:d8:a9:a6:51:
62:3b:a8:c6:64:1a:05:0e:fc:f7:72:12:8d:74:16:
6a:49:1d:15:2b:b3:b8:f7:56:bb:32:35:ef:1e:26:
de:ab:38:25:a8:17:40:96:b0:76:67:36:1d:06:41:
21:72:db:f4:a3:7d:9e:58:2a:50:57:57:97:e1:c0:
84:5a:c2:ce:68:bb:8f:b9:9c:02:4c:6d:64:14:66:
e8:b2:4a:62:ad:3a:98:a6:13:a4:b4:56:e6:c0:28:
3f:23:3b:d7:59:5f:74:29:24:d6:71:98:18:8f:da:
5d:94:bc:b1:15:3e:71:c1:d5:c9:53:8c:ed:76:a2:
97:a2:11:44:5a:9e:ca:a7:7a:4b:87:0e:fa:47:ee:
ef:cc:4c:92:37:4b:68:b1:3e:2c:b1:86:8c:d3:f5:
4e:5e:73:d8:94:f6:61:ef:3e:d2:3c:4a:f1:46:c0:
9e:a4:13:3c:b2:9b:f7:42:41:6b:21:79:59:ce:43:
8d:d8:e7:9e:3c:39:e3:8c:31:45:1a:05:33:97:e7:
35:5d:e5:96:a8:23:6b:42:93:bc:c6:77:c4:9d:08:
d9:2c:1e:b4:5e:1e:84:fd:35:d3:98:ef:7a:15:04:
78:5a:db:c5:ad:94:c2:cb:7b:da:fd:7d:53:41:bb:
81:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:93:25:20:32:53:8B:AC:B3:16:C9:8F:16:66:81:7C:8C:38:26:18
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/tpMlIDJTi6yzFsmPFmaBfIw4Jhg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.42.81.0-89.42.83.255
89.42.142.0/24
89.46.2.0/23
Signature Algorithm: sha256WithRSAEncryption
0d:a3:15:6d:d4:3f:55:14:00:17:84:c5:fb:3f:b2:e0:6b:25:
0b:74:22:ed:57:ed:1b:dd:1b:30:dc:ee:7e:78:69:dc:2d:72:
73:6c:2d:92:cd:ee:fc:1e:13:32:09:94:4d:8c:42:36:22:75:
1d:0a:fc:b6:ab:b3:ad:2f:cf:97:5b:c0:8f:f0:16:ba:8b:b7:
e8:50:a2:58:e0:0c:c6:a4:79:ec:f6:a7:9a:d1:dd:22:15:a5:
c6:ad:90:8b:cc:34:9f:6f:ab:78:8a:0d:e6:b8:20:43:b4:3d:
7c:2d:29:39:bd:1b:c1:62:0c:6e:97:d2:1f:a2:41:dd:be:ac:
06:99:62:25:11:8f:6a:af:03:0a:e8:e8:18:2f:5c:91:12:47:
64:e9:26:67:40:ec:50:6b:32:67:72:38:76:e5:14:eb:ab:85:
e0:20:14:9a:c2:1c:73:cd:8a:9a:ab:67:a8:54:37:76:6f:6d:
75:58:a4:1d:95:b9:53:b0:7b:53:a9:c7:9e:2e:65:de:02:30:
40:c6:37:90:28:7f:07:f1:70:f9:39:1b:b5:a2:b2:23:16:6d:
67:0d:d2:cc:0c:95:b0:9b:b0:cd:91:02:7b:d9:43:77:42:3b:
df:0f:62:5c:6e:e5:c3:94:e4:56:cc:ba:c7:53:3f:e9:93:5b:
ec:7a:d3:a9
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAY06jilmBAjSoZc8kHzv5OblMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjQwMTI0MDgyMDExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjkzMjUyMDMyNTM4YmFjYjMxNmM5OGYxNjY2ODE3YzhjMzgyNjE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq5VG6xxwmjMxhtipplFiO6jGZBoF
Dvz3chKNdBZqSR0VK7O491a7MjXvHibeqzglqBdAlrB2ZzYdBkEhctv0o32eWCpQ
V1eX4cCEWsLOaLuPuZwCTG1kFGboskpirTqYphOktFbmwCg/IzvXWV90KSTWcZgY
j9pdlLyxFT5xwdXJU4ztdqKXohFEWp7Kp3pLhw76R+7vzEySN0tosT4ssYaM0/VO
XnPYlPZh7z7SPErxRsCepBM8spv3QkFrIXlZzkON2OeePDnjjDFFGgUzl+c1XeWW
qCNrQpO8xnfEnQjZLB60Xh6E/TXTmO96FQR4WtvFrZTCy3va/X1TQbuBRQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFLaTJSAyU4ussxbJjxZmgXyMOCYYMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvdHBNbElESlRpNnl6RnNtUEZtYUJmSXc0SmhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBABZKlED
BAJZKlADBABZKo4DBAFZLgIwDQYJKoZIhvcNAQELBQADggEBAA2jFW3UP1UUABeE
xfs/suBrJQt0Iu1X7RvdGzDc7n54adwtcnNsLZLN7vweEzIJlE2MQjYidR0K/Lar
s60vz5dbwI/wFrqLt+hQoljgDMakeez2p5rR3SIVpcatkIvMNJ9vq3iKDea4IEO0
PXwtKTm9G8FiDG6X0h+iQd2+rAaZYiURj2qvAwro6BgvXJESR2TpJmdA7FBrMmdy
OHblFOurheAgFJrCHHPNipqrZ6hUN3ZvbXVYpB2VuVOwe1Opx54uZd4CMEDGN5Ao
fwfxcPk5G7WisiMWbWcN0swMlbCbsM2RAnvZQ3dCO98PYlxu5cOU5FbMusdTP+mT
W+x606k=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:50 2024 by rpki-client on console-ams.rpki-client.org