Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/u9eLiBJTP3fNz3SyGqog6k_5Mso.roa
File: u9eLiBJTP3fNz3SyGqog6k_5Mso.roa (raw, json)
Hash identifier: 6sDRLtz81aE2ErBXQKJG7LWNjhB5c7vS1g1nJME36Po=
Subject key identifier: BB:D7:8B:88:12:53:3F:77:CD:CF:74:B2:1A:AA:20:EA:4F:F9:32:CA
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 0189F2AFDD62674B0A99F4C4B581E9F19057
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/u9eLiBJTP3fNz3SyGqog6k_5Mso.roa
Signing time: Mon 14 Aug 2023 06:15:58 +0000
ROA not before: Mon 14 Aug 2023 06:15:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 54339
IP address blocks: 89.42.89.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:f2:af:dd:62:67:4b:0a:99:f4:c4:b5:81:e9:f1:90:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Aug 14 06:15:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bbd78b8812533f77cdcf74b21aaa20ea4ff932ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:1e:9e:3f:12:45:81:93:01:ff:97:14:03:2a:
b8:95:41:43:85:e2:03:6a:e9:71:fb:58:f0:57:5b:
69:9d:8c:43:f5:4c:1b:99:4e:f6:64:3c:8b:23:3f:
f9:14:45:8d:2f:f3:d5:70:c0:ef:43:ca:70:de:bd:
a2:c7:ea:3b:6d:93:fe:11:cc:f5:f9:2e:73:fc:42:
1a:71:ee:88:37:36:1e:c2:6d:48:9f:0b:b9:0f:30:
aa:57:89:35:1d:a5:f7:7a:2a:72:aa:67:7e:e1:bd:
d4:bc:e5:b3:ff:ca:0a:cf:5a:e1:fb:c0:58:11:57:
85:ee:03:ed:17:4a:23:4e:bd:7d:2f:60:ab:a8:c2:
36:76:9f:57:36:f1:ac:f6:33:d3:07:8f:4b:51:4b:
7d:87:b8:f2:7f:58:fb:36:29:a8:7c:c2:28:e3:19:
d4:53:98:99:22:e4:b5:b7:e0:50:17:01:0c:84:01:
46:72:92:11:34:05:6e:e9:7f:2c:38:1a:54:1c:c2:
70:26:97:5b:98:26:14:d3:cf:88:53:53:d1:ea:31:
3e:da:80:ef:b4:8f:1f:04:9d:01:b7:ae:d3:d5:d7:
82:e4:49:34:b8:74:c8:51:3b:4e:46:38:6a:c2:99:
58:eb:a8:b8:bc:f6:64:4b:39:98:e3:4f:8e:c1:8f:
5f:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:D7:8B:88:12:53:3F:77:CD:CF:74:B2:1A:AA:20:EA:4F:F9:32:CA
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/u9eLiBJTP3fNz3SyGqog6k_5Mso.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.42.89.0/24
Signature Algorithm: sha256WithRSAEncryption
1b:c8:14:45:88:13:80:71:f8:65:e2:ab:64:a3:45:ef:27:43:
8e:c0:e2:d9:d1:ee:e1:39:27:ca:2e:ba:c0:88:3d:5e:06:91:
f5:db:0a:9b:dd:ae:e4:cd:8e:f7:58:0b:0c:28:92:33:cc:23:
35:ae:37:05:fe:69:f4:0a:e0:56:a5:0f:f9:f4:27:3e:54:92:
bc:de:ee:39:51:3d:6a:59:ff:45:7f:48:20:da:ba:c3:0b:22:
c8:bb:b4:f4:5f:4e:00:36:0c:74:4c:fd:e7:80:39:30:e7:c2:
ac:70:1a:0c:32:ba:fe:11:01:81:f2:89:47:8e:dc:93:e3:7a:
cb:34:8f:24:42:1f:4a:12:ac:c1:d6:6d:ef:01:e1:79:53:1b:
d6:38:2b:6f:b3:af:47:42:fa:ed:49:ba:64:5b:dc:69:04:40:
9c:b7:54:40:ca:2e:b6:5e:9b:7e:6e:39:ef:9c:1d:8a:ce:cd:
38:c7:b4:37:64:22:8b:e2:05:33:e7:16:31:19:0d:77:ce:4e:
61:90:98:6b:7c:c5:ea:bd:28:ab:d5:fa:05:bd:ee:2e:f8:bc:
e6:04:59:fa:16:1e:17:30:44:a1:ac:39:70:78:30:30:86:27:
f1:f7:b7:5f:3a:6a:e4:9b:f0:90:81:45:a3:18:ff:5a:c6:13:
a7:bf:24:57
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYnyr91iZ0sKmfTEtYHp8ZBXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjMwODE0MDYxNTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYmQ3OGI4ODEyNTMzZjc3Y2RjZjc0YjIxYWFhMjBlYTRmZjkzMmNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApR6ePxJFgZMB/5cUAyq4lUFDheID
aulx+1jwV1tpnYxD9UwbmU72ZDyLIz/5FEWNL/PVcMDvQ8pw3r2ix+o7bZP+Ecz1
+S5z/EIace6INzYewm1Inwu5DzCqV4k1HaX3eipyqmd+4b3UvOWz/8oKz1rh+8BY
EVeF7gPtF0ojTr19L2CrqMI2dp9XNvGs9jPTB49LUUt9h7jyf1j7NimofMIo4xnU
U5iZIuS1t+BQFwEMhAFGcpIRNAVu6X8sOBpUHMJwJpdbmCYU08+IU1PR6jE+2oDv
tI8fBJ0Bt67T1deC5Ek0uHTIUTtORjhqwplY66i4vPZkSzmY40+OwY9fcQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLvXi4gSUz93zc90shqqIOpP+TLKMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvdTllTGlCSlRQM2ZOejNTeUdxb2c2a181TXNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWSpZMA0G
CSqGSIb3DQEBCwUAA4IBAQAbyBRFiBOAcfhl4qtko0XvJ0OOwOLZ0e7hOSfKLrrA
iD1eBpH12wqb3a7kzY73WAsMKJIzzCM1rjcF/mn0CuBWpQ/59Cc+VJK83u45UT1q
Wf9Ff0gg2rrDCyLIu7T0X04ANgx0TP3ngDkw58KscBoMMrr+EQGB8olHjtyT43rL
NI8kQh9KEqzB1m3vAeF5UxvWOCtvs69HQvrtSbpkW9xpBECct1RAyi62Xpt+bjnv
nB2Kzs04x7Q3ZCKL4gUz5xYxGQ13zk5hkJhrfMXqvSir1foFve4u+LzmBFn6Fh4X
MEShrDlweDAwhifx97dfOmrkm/CQgUWjGP9axhOnvyRX
-----END CERTIFICATE-----
Generated at Thu Sep 28 09:25:01 2023 by rpki-client on console-fra.rpki-client.org