Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/wJ1Z4D_vzuAg9m11xvPI60DfshM.roa
File: wJ1Z4D_vzuAg9m11xvPI60DfshM.roa (raw, json)
Hash identifier: pg0FqXLJAVPvfSSjkTDC5mNBfJFELmdRglpTBy/Cifs=
Subject key identifier: C0:9D:59:E0:3F:EF:CE:E0:20:F6:6D:75:C6:F3:C8:EB:40:DF:B2:13
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 01856ECB76D05E9A1A64AF20F33576485685
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/wJ1Z4D_vzuAg9m11xvPI60DfshM.roa
Signing time: Sun 01 Jan 2023 19:25:06 +0000
ROA not before: Sun 01 Jan 2023 19:25:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41672
IP address blocks: 89.38.228.0/24 maxlen: 24
89.38.229.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:29:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:cb:76:d0:5e:9a:1a:64:af:20:f3:35:76:48:56:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Jan 1 19:25:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c09d59e03fefcee020f66d75c6f3c8eb40dfb213
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:d7:8d:f2:33:75:61:fa:e0:e4:ec:24:18:f2:
a2:3f:1f:d7:16:ce:f7:ff:3d:e3:c7:6f:40:a0:6f:
35:c5:05:72:29:33:24:6d:52:97:26:4f:94:6c:00:
d1:5c:24:0b:d3:ba:f9:53:c8:3d:a1:77:60:f8:df:
0d:61:11:ee:30:1b:fb:63:8c:9a:9d:24:66:1b:67:
c1:a8:c5:8d:cf:4e:fe:79:fe:bc:73:d5:70:63:d4:
be:70:fa:86:6d:7e:3b:bc:88:e3:45:b5:50:bb:d9:
bd:53:f1:32:32:8d:59:6c:7e:c4:c2:c9:fe:c1:7f:
7b:11:ec:97:93:5c:66:82:8e:50:f2:7c:73:64:d2:
6a:c3:53:46:92:d9:f6:2a:e5:0c:c8:f1:ea:bd:29:
c6:02:58:f1:da:bf:73:b0:61:53:6f:a2:ae:e2:65:
7b:fa:8f:38:84:1d:80:91:5b:fb:e9:c2:85:77:df:
d7:e4:a0:31:10:bd:b6:40:47:b2:ad:d5:28:76:33:
e9:4e:b9:b3:9c:79:33:19:41:5a:60:b4:b8:89:1d:
f5:ea:d7:32:c5:a7:0b:61:b0:e1:bd:77:86:61:c6:
ad:fb:cc:3c:62:7e:e4:7b:40:6c:93:61:a4:cb:3a:
fa:58:f2:86:ef:40:c4:44:bf:4c:df:d5:df:8f:98:
9c:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:9D:59:E0:3F:EF:CE:E0:20:F6:6D:75:C6:F3:C8:EB:40:DF:B2:13
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/wJ1Z4D_vzuAg9m11xvPI60DfshM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.38.228.0/23
Signature Algorithm: sha256WithRSAEncryption
5a:12:d2:d6:70:a7:6c:7b:cb:ac:8a:ca:5a:46:c2:2e:2b:27:
24:04:d2:0e:b3:26:6c:64:57:54:6a:35:34:4d:de:0e:26:d7:
cf:be:83:6c:0f:df:0e:df:53:d6:ea:d7:cd:d9:ae:ca:12:7e:
14:93:34:ba:9a:d6:b9:c7:ef:b9:cd:df:a5:28:ae:38:99:e1:
b8:2b:d0:e4:bb:06:76:28:30:06:8e:c5:b9:6d:87:80:69:0f:
4c:6a:e5:9d:dc:cf:76:64:2e:79:f8:78:f4:dd:c2:30:f6:61:
e8:f2:47:51:65:38:bc:0c:b5:68:8b:87:94:86:89:92:a9:89:
a1:57:d6:2c:a2:27:5e:53:fb:a5:9c:95:9c:59:74:18:da:eb:
96:4d:fa:47:7e:e4:40:35:0d:04:a8:08:11:9f:2f:1e:d7:3f:
8d:3c:ac:0e:c5:28:8f:3d:26:fa:22:55:e8:e9:f6:0d:93:3b:
90:e0:c5:b0:a0:38:13:32:90:00:59:dd:d1:22:d8:3c:08:f3:
49:8e:54:06:6a:88:b9:f7:39:9a:24:c7:07:df:a1:92:1a:69:
80:7e:e0:c4:b8:8f:f7:fe:97:67:fa:83:5d:bc:2f:94:66:9c:
6f:50:ae:85:a7:0c:66:33:4e:e2:55:bd:cd:55:6c:2f:4d:37:
4f:e2:f7:a7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuy3bQXpoaZK8g8zV2SFaFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjMwMTAxMTkyNTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMDlkNTllMDNmZWZjZWUwMjBmNjZkNzVjNmYzYzhlYjQwZGZiMjEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl9eN8jN1Yfrg5OwkGPKiPx/XFs73
/z3jx29AoG81xQVyKTMkbVKXJk+UbADRXCQL07r5U8g9oXdg+N8NYRHuMBv7Y4ya
nSRmG2fBqMWNz07+ef68c9VwY9S+cPqGbX47vIjjRbVQu9m9U/EyMo1ZbH7Ewsn+
wX97EeyXk1xmgo5Q8nxzZNJqw1NGktn2KuUMyPHqvSnGAljx2r9zsGFTb6Ku4mV7
+o84hB2AkVv76cKFd9/X5KAxEL22QEeyrdUodjPpTrmznHkzGUFaYLS4iR316tcy
xacLYbDhvXeGYcat+8w8Yn7ke0Bsk2Gkyzr6WPKG70DERL9M39Xfj5icxwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMCdWeA/787gIPZtdcbzyOtA37ITMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvd0oxWjREX3Z6dUFnOW0xMXh2UEk2MERmc2hNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBWSbkMA0G
CSqGSIb3DQEBCwUAA4IBAQBaEtLWcKdse8usispaRsIuKyckBNIOsyZsZFdUajU0
Td4OJtfPvoNsD98O31PW6tfN2a7KEn4UkzS6mta5x++5zd+lKK44meG4K9DkuwZ2
KDAGjsW5bYeAaQ9MauWd3M92ZC55+Hj03cIw9mHo8kdRZTi8DLVoi4eUhomSqYmh
V9YsoideU/ulnJWcWXQY2uuWTfpHfuRANQ0EqAgRny8e1z+NPKwOxSiPPSb6IlXo
6fYNkzuQ4MWwoDgTMpAAWd3RItg8CPNJjlQGaoi59zmaJMcH36GSGmmAfuDEuI/3
/pdn+oNdvC+UZpxvUK6FpwxmM07iVb3NVWwvTTdP4ven
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:19 2024 by rpki-client on console-fra.rpki-client.org