Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/u4saX0BqUBxJ5qxa-q-AOpAgu50.roa
File: u4saX0BqUBxJ5qxa-q-AOpAgu50.roa (raw, json)
Hash identifier: 9Fz4MPvH7hklwSWUoPd9ZH6Dt1ZOnEgXY3gY7cnsAyg=
Subject key identifier: BB:8B:1A:5F:40:6A:50:1C:49:E6:AC:5A:FA:AF:80:3A:90:20:BB:9D
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 018C7B9BD212DD82C0B33DB1419F3B785EEE
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/u4saX0BqUBxJ5qxa-q-AOpAgu50.roa
Signing time: Mon 18 Dec 2023 06:27:38 +0000
ROA not before: Mon 18 Dec 2023 06:27:38 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 89.42.81.0/24 maxlen: 24
89.42.82.0/23 maxlen: 23
89.46.3.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:7b:9b:d2:12:dd:82:c0:b3:3d:b1:41:9f:3b:78:5e:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Dec 18 06:27:38 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bb8b1a5f406a501c49e6ac5afaaf803a9020bb9d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:3c:12:fc:1b:86:85:36:fb:b9:3d:61:72:18:
c4:74:da:ef:cc:3e:68:19:70:0c:dd:45:c7:19:b9:
09:7a:d4:b5:7b:01:21:09:d3:77:71:e2:93:ca:f2:
7b:b0:d2:9a:19:5a:8a:73:c6:74:14:8b:d4:87:06:
0b:5a:57:e8:95:55:e3:31:06:41:3b:25:77:86:b5:
db:25:ab:a8:6e:0a:25:15:44:26:47:23:8c:84:7f:
2b:67:39:98:fb:11:99:04:1f:71:c2:1b:a0:6f:5e:
33:3f:dc:a8:43:0a:b1:c7:a5:d3:ef:bf:38:2b:c4:
d0:00:28:da:23:c0:f2:ff:83:ef:2f:44:f4:72:28:
c9:f9:97:72:59:be:19:bb:89:48:d4:cc:2c:6c:07:
98:61:e6:93:7b:ec:f4:7d:20:b7:72:ad:0c:58:09:
c8:c7:0b:48:75:6f:fc:d3:09:e2:66:29:38:11:3e:
1a:20:79:50:e2:21:33:69:35:a0:b9:11:d4:08:3d:
35:47:9f:a2:4d:75:71:06:a3:8e:81:df:b7:62:8c:
bc:9e:5a:77:86:81:ce:c4:d2:20:86:6c:37:b2:ff:
fb:2d:10:c1:fa:8d:3f:7f:dd:d5:03:58:6b:dc:28:
e3:28:0d:53:b0:ba:1a:dd:0a:10:e6:46:e6:58:00:
47:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:8B:1A:5F:40:6A:50:1C:49:E6:AC:5A:FA:AF:80:3A:90:20:BB:9D
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/u4saX0BqUBxJ5qxa-q-AOpAgu50.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.42.81.0-89.42.83.255
89.46.3.0/24
Signature Algorithm: sha256WithRSAEncryption
50:ca:14:76:cc:81:0f:1d:8e:76:86:6e:63:be:b6:91:48:fd:
54:35:b6:e0:6c:33:d7:3a:0c:f7:c9:b7:28:cb:b5:eb:f6:cd:
15:8f:5d:6b:55:bb:d8:92:f2:33:c7:b1:21:9e:c4:6e:b7:7f:
01:88:43:21:2d:b0:83:3c:08:3e:74:3c:90:5d:c7:da:29:0b:
a4:cd:e2:2d:02:73:0d:20:c4:12:3f:fc:49:9d:25:ac:59:90:
71:d5:87:76:a2:b7:d4:8a:07:21:31:9b:d2:04:b4:c2:15:b6:
81:39:29:9c:16:64:2f:15:e1:d4:82:2e:01:6a:95:21:6a:55:
a2:91:39:ad:01:fa:97:ac:f8:0b:6f:93:70:13:7b:b7:45:36:
52:5d:1c:15:ea:15:2e:6a:8d:e1:44:50:ad:89:8d:34:d6:78:
f1:c7:18:59:46:c7:f9:9c:c9:31:65:f3:85:74:ee:93:c9:32:
8b:9d:4b:88:ea:62:ae:f0:0f:63:fa:62:b8:13:92:7f:6c:54:
ee:e7:9a:97:f4:56:74:e0:7d:79:88:df:82:b6:26:e8:5f:d9:
4e:d5:67:d6:37:ec:ad:bc:f0:4c:0f:08:1e:68:3d:e1:c3:ee:
fb:1c:d0:69:89:40:a3:7e:dd:b3:bb:01:6b:85:d1:e9:b5:f4:
52:02:a1:4f
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYx7m9IS3YLAsz2xQZ87eF7uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjMxMjE4MDYyNzM4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjhiMWE1ZjQwNmE1MDFjNDllNmFjNWFmYWFmODAzYTkwMjBiYjlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAizwS/BuGhTb7uT1hchjEdNrvzD5o
GXAM3UXHGbkJetS1ewEhCdN3ceKTyvJ7sNKaGVqKc8Z0FIvUhwYLWlfolVXjMQZB
OyV3hrXbJauobgolFUQmRyOMhH8rZzmY+xGZBB9xwhugb14zP9yoQwqxx6XT7784
K8TQACjaI8Dy/4PvL0T0cijJ+ZdyWb4Zu4lI1MwsbAeYYeaTe+z0fSC3cq0MWAnI
xwtIdW/80wniZik4ET4aIHlQ4iEzaTWguRHUCD01R5+iTXVxBqOOgd+3Yoy8nlp3
hoHOxNIghmw3sv/7LRDB+o0/f93VA1hr3CjjKA1TsLoa3QoQ5kbmWABHzwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFLuLGl9AalAcSeasWvqvgDqQILudMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvdTRzYVgwQnFVQnhKNXF4YS1xLUFPcEFndTUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBABZKlED
BAJZKlADBABZLgMwDQYJKoZIhvcNAQELBQADggEBAFDKFHbMgQ8djnaGbmO+tpFI
/VQ1tuBsM9c6DPfJtyjLtev2zRWPXWtVu9iS8jPHsSGexG63fwGIQyEtsIM8CD50
PJBdx9opC6TN4i0Ccw0gxBI//EmdJaxZkHHVh3ait9SKByExm9IEtMIVtoE5KZwW
ZC8V4dSCLgFqlSFqVaKROa0B+pes+Atvk3ATe7dFNlJdHBXqFS5qjeFEUK2JjTTW
ePHHGFlGx/mcyTFl84V07pPJMoudS4jqYq7wD2P6YrgTkn9sVO7nmpf0VnTgfXmI
34K2Juhf2U7VZ9Y37K288EwPCB5oPeHD7vsc0GmJQKN+3bO7AWuF0em19FICoU8=
-----END CERTIFICATE-----
Generated at Tue Dec 19 13:28:44 2023 by rpki-client on console-fra.rpki-client.org