Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/ucIpAEMc7b1NryebOUdqbVO7ld8.roa
File: ucIpAEMc7b1NryebOUdqbVO7ld8.roa (raw, json)
Hash identifier: QwYQyuV+4yb1+tsoeGypKbtOOIz3laUo4PxerFNEGEU=
Subject key identifier: B9:C2:29:00:43:1C:ED:BD:4D:AF:27:9B:39:47:6A:6D:53:BB:95:DF
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 018CF98792868B4855B978A42AA872130F1C
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/ucIpAEMc7b1NryebOUdqbVO7ld8.roa
Signing time: Thu 11 Jan 2024 17:17:40 +0000
ROA not before: Thu 11 Jan 2024 17:17:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7018
IP address blocks: 89.42.81.0/24 maxlen: 24
89.42.95.0/24 maxlen: 24
89.47.125.0/24 maxlen: 24
89.47.127.0/24 maxlen: 24
89.34.224.0/23 maxlen: 24
89.34.228.0/24 maxlen: 24
89.34.231.0/24 maxlen: 24
93.113.181.0/24 maxlen: 24
89.46.0.0/24 maxlen: 24
89.43.143.0/24 maxlen: 24
89.43.140.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 19 Jan 2024 08:23:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:f9:87:92:86:8b:48:55:b9:78:a4:2a:a8:72:13:0f:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Jan 11 17:17:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b9c22900431cedbd4daf279b39476a6d53bb95df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:e5:6c:35:74:42:a9:c6:7a:84:3a:80:74:14:
09:da:67:7f:14:bc:89:59:fb:58:c0:5f:3f:8d:a6:
fe:85:ae:70:c0:d5:97:ca:cd:93:75:58:39:41:e1:
f1:97:4f:66:d8:b9:d4:65:c2:d7:8a:1d:98:d9:c1:
06:e8:66:55:a9:81:6f:f0:d2:88:70:e9:94:cd:da:
0a:93:82:6f:c7:cb:4e:f3:85:6e:5b:ab:34:ae:84:
17:f5:67:84:7e:08:65:d7:1e:a6:42:58:c7:68:ec:
68:5b:a9:7a:23:6c:73:78:9d:cf:2b:ba:1b:da:49:
70:c4:af:71:d6:30:9a:69:91:83:e2:1a:05:51:79:
d3:cb:88:d5:75:0a:98:fd:e7:60:73:45:0b:6c:ed:
81:ed:7a:d2:44:ba:da:08:76:a2:a4:48:7f:2e:31:
dd:4a:71:56:89:82:3d:2e:cf:e3:97:96:55:a3:e5:
c5:5c:17:12:15:ff:fb:5e:80:8b:7d:30:99:7f:92:
a6:e6:0e:b0:1d:49:a6:7e:b8:a1:8a:f0:34:39:98:
7a:f8:f8:9e:14:d1:38:5a:d9:e2:e5:c4:f2:d1:80:
37:30:8b:a4:2f:8d:12:93:d2:4d:f6:b1:ca:18:87:
62:9f:49:71:c1:33:c7:fd:fe:6f:9f:71:91:44:cb:
85:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:C2:29:00:43:1C:ED:BD:4D:AF:27:9B:39:47:6A:6D:53:BB:95:DF
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/ucIpAEMc7b1NryebOUdqbVO7ld8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.34.224.0/23
89.34.228.0/24
89.34.231.0/24
89.42.81.0/24
89.42.95.0/24
89.43.140.0/24
89.43.143.0/24
89.46.0.0/24
89.47.125.0/24
89.47.127.0/24
93.113.181.0/24
Signature Algorithm: sha256WithRSAEncryption
65:c2:56:47:fa:db:b6:ad:22:e2:ff:e7:85:16:04:39:3a:9f:
f1:55:42:a8:ba:ce:80:78:4c:e1:a5:22:fa:1e:76:6e:d6:ef:
08:5b:57:6e:28:54:cd:ac:3c:a9:2b:4b:74:3d:36:5c:7d:6d:
fb:d8:93:5d:23:1a:b0:1f:55:15:c3:93:c6:a2:1e:34:9a:82:
87:63:5a:71:d0:99:e0:04:fb:5c:d1:06:dd:b0:2f:cc:51:bf:
ca:25:0a:a6:bf:33:26:03:17:d8:bc:c5:26:2c:6a:3f:d8:b0:
d8:df:34:9a:6a:fe:f7:e4:eb:15:ae:34:85:76:ec:99:35:79:
fe:05:c5:a1:db:78:9f:18:e9:7e:8f:98:0e:f3:78:ac:1a:14:
83:97:25:15:e5:b5:8d:66:aa:42:6d:b4:ca:8c:42:6e:59:05:
5f:68:08:99:eb:e3:15:d2:93:1e:08:88:a2:a4:92:b4:b8:42:
5e:0d:4d:3f:4f:dd:44:2a:be:26:7b:ce:f5:24:2a:89:7b:c0:
ca:21:18:b0:3b:39:9d:24:a1:e1:6c:38:f0:ef:6c:52:6d:f0:
a7:81:11:e9:c3:5e:42:c4:c2:7c:88:5e:fc:38:22:e4:9a:20:
c3:9b:fc:c5:15:72:d1:2e:c0:ef:bb:08:20:94:96:f0:c9:6b:
a7:2e:d5:a9
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAYz5h5KGi0hVuXikKqhyEw8cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjQwMTExMTcxNzQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOWMyMjkwMDQzMWNlZGJkNGRhZjI3OWIzOTQ3NmE2ZDUzYmI5NWRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwuVsNXRCqcZ6hDqAdBQJ2md/FLyJ
WftYwF8/jab+ha5wwNWXys2TdVg5QeHxl09m2LnUZcLXih2Y2cEG6GZVqYFv8NKI
cOmUzdoKk4Jvx8tO84VuW6s0roQX9WeEfghl1x6mQljHaOxoW6l6I2xzeJ3PK7ob
2klwxK9x1jCaaZGD4hoFUXnTy4jVdQqY/edgc0ULbO2B7XrSRLraCHaipEh/LjHd
SnFWiYI9Ls/jl5ZVo+XFXBcSFf/7XoCLfTCZf5Km5g6wHUmmfrihivA0OZh6+Pie
FNE4Wtni5cTy0YA3MIukL40Sk9JN9rHKGIdin0lxwTPH/f5vn3GRRMuFVwIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFLnCKQBDHO29Ta8nmzlHam1Tu5XfMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvdWNJcEFFTWM3YjFOcnllYk9VZHFiVk83bGQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQBWSLgAwQA
WSLkAwQAWSLnAwQAWSpRAwQAWSpfAwQAWSuMAwQAWSuPAwQAWS4AAwQAWS99AwQA
WS9/AwQAXXG1MA0GCSqGSIb3DQEBCwUAA4IBAQBlwlZH+tu2rSLi/+eFFgQ5Op/x
VUKous6AeEzhpSL6HnZu1u8IW1duKFTNrDypK0t0PTZcfW372JNdIxqwH1UVw5PG
oh40moKHY1px0JngBPtc0QbdsC/MUb/KJQqmvzMmAxfYvMUmLGo/2LDY3zSaav73
5OsVrjSFduyZNXn+BcWh23ifGOl+j5gO83isGhSDlyUV5bWNZqpCbbTKjEJuWQVf
aAiZ6+MV0pMeCIiipJK0uEJeDU0/T91EKr4me871JCqJe8DKIRiwOzmdJKHhbDjw
72xSbfCngRHpw15CxMJ8iF78OCLkmiDDm/zFFXLRLsDvuwgglJbwyWunLtWp
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:50 2024 by rpki-client on console-ams.rpki-client.org