Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/wyRR29NsKTBvPjYiT8apm2QGc8Q.roa
File: wyRR29NsKTBvPjYiT8apm2QGc8Q.roa (raw, json)
Hash identifier: 1v86KAwltIv5ox5rH/2ff7b2TgOaivpzbUbvgC5xan4=
Subject key identifier: C3:24:51:DB:D3:6C:29:30:6F:3E:36:22:4F:C6:A9:9B:64:06:73:C4
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 018C107031D0C861476D86759FF46524AF87
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/wyRR29NsKTBvPjYiT8apm2QGc8Q.roa
Signing time: Mon 27 Nov 2023 11:00:37 +0000
ROA not before: Mon 27 Nov 2023 11:00:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 89.42.81.0/24 maxlen: 24
89.42.82.0/23 maxlen: 23
89.42.80.0/23 maxlen: 23
89.42.94.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:10:70:31:d0:c8:61:47:6d:86:75:9f:f4:65:24:af:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Nov 27 11:00:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c32451dbd36c29306f3e36224fc6a99b640673c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:86:a9:3c:f3:c0:b8:0d:fd:3d:74:cc:e0:3e:
af:b9:8d:34:ed:19:e2:a7:64:e1:56:92:20:62:4f:
67:ee:0e:f6:ea:58:20:f3:51:c3:f1:84:86:45:35:
0d:d9:a1:53:76:cc:1a:2c:f5:95:3a:48:88:63:54:
b8:9a:50:5c:fd:bd:7e:78:e9:af:8a:32:10:42:36:
18:ad:7b:af:84:ac:40:d2:56:32:04:0f:2b:b0:82:
66:db:e6:15:03:bc:1e:1e:b9:d7:bf:42:7c:5a:a4:
db:6a:dc:7d:21:7e:7b:f7:4d:61:49:88:63:c4:c3:
ca:54:f5:95:e3:fb:6d:7c:05:fc:12:06:c8:51:07:
d1:61:1c:a3:6d:d8:fd:b1:61:ef:53:63:09:13:e3:
23:a3:67:66:85:07:c6:80:ee:0b:52:2b:8d:d6:f7:
02:79:e8:19:b9:57:f1:db:90:ce:1b:14:1c:d1:0f:
bb:38:2a:55:2e:46:30:12:20:59:88:13:f9:12:78:
b9:2e:2b:2b:3c:79:da:1d:08:ac:3a:d2:e9:23:e8:
18:8a:9e:38:be:69:4d:23:30:25:23:a0:a1:16:ab:
3b:d8:98:c8:1e:6f:e3:c9:d3:8e:13:e7:67:4c:c3:
05:b9:5f:63:5c:1e:48:50:52:12:76:38:f4:a5:d8:
31:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:24:51:DB:D3:6C:29:30:6F:3E:36:22:4F:C6:A9:9B:64:06:73:C4
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/wyRR29NsKTBvPjYiT8apm2QGc8Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.42.80.0/22
89.42.94.0/24
Signature Algorithm: sha256WithRSAEncryption
2c:8a:2e:41:55:87:8d:c1:3d:ec:32:5d:9d:7e:20:82:d6:10:
3a:dc:8c:77:3b:43:9b:2a:a7:3e:a4:31:2e:a0:a3:d3:29:e3:
ea:19:73:a5:01:8f:9e:c7:df:c5:5a:0b:ab:6a:61:4c:5c:ce:
7a:19:09:9c:98:4d:09:3b:f1:b1:ee:87:03:ee:d7:34:17:ed:
42:2e:d3:1d:67:c0:ce:8f:4a:ca:d4:95:8f:6d:29:12:ce:f3:
60:d9:ca:5b:5a:fe:b9:63:9b:33:94:7e:0e:1a:52:83:d9:38:
8a:d2:d3:7c:19:a7:a5:f5:11:8f:d8:b1:43:53:0b:71:fe:f7:
f8:fe:e0:e3:bd:b3:fb:00:29:36:dc:ca:92:ce:ea:ca:42:6c:
39:3c:55:6e:33:25:60:4c:cb:ea:c1:43:21:bf:4e:bd:9e:bc:
ac:4c:af:55:2e:03:9c:cd:5b:b3:4d:6b:33:10:47:10:a7:f5:
03:79:63:6d:6e:71:ba:14:62:d5:48:a6:52:7d:5d:f9:d7:95:
fc:d4:a9:55:4c:2d:7b:da:bc:84:3c:cf:c3:57:03:55:7a:9a:
9b:53:a9:db:dd:29:b3:b4:2f:64:4a:77:22:f4:7e:45:7f:35:
80:3b:a2:d4:45:88:6c:d1:d6:35:25:c5:63:9a:2a:92:f6:47:
25:a9:6c:d7
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYwQcDHQyGFHbYZ1n/RlJK+HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjMxMTI3MTEwMDM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMzI0NTFkYmQzNmMyOTMwNmYzZTM2MjI0ZmM2YTk5YjY0MDY3M2M0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo4apPPPAuA39PXTM4D6vuY007Rni
p2ThVpIgYk9n7g726lgg81HD8YSGRTUN2aFTdswaLPWVOkiIY1S4mlBc/b1+eOmv
ijIQQjYYrXuvhKxA0lYyBA8rsIJm2+YVA7weHrnXv0J8WqTbatx9IX57901hSYhj
xMPKVPWV4/ttfAX8EgbIUQfRYRyjbdj9sWHvU2MJE+Mjo2dmhQfGgO4LUiuN1vcC
eegZuVfx25DOGxQc0Q+7OCpVLkYwEiBZiBP5Eni5LisrPHnaHQisOtLpI+gYip44
vmlNIzAlI6ChFqs72JjIHm/jydOOE+dnTMMFuV9jXB5IUFISdjj0pdgxawIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMMkUdvTbCkwbz42Ik/GqZtkBnPEMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvd3lSUjI5TnNLVEJ2UGpZaVQ4YXBtMlFHYzhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCWSpQAwQA
WSpeMA0GCSqGSIb3DQEBCwUAA4IBAQAsii5BVYeNwT3sMl2dfiCC1hA63Ix3O0Ob
Kqc+pDEuoKPTKePqGXOlAY+ex9/FWguramFMXM56GQmcmE0JO/Gx7ocD7tc0F+1C
LtMdZ8DOj0rK1JWPbSkSzvNg2cpbWv65Y5szlH4OGlKD2TiK0tN8Gael9RGP2LFD
Uwtx/vf4/uDjvbP7ACk23MqSzurKQmw5PFVuMyVgTMvqwUMhv069nrysTK9VLgOc
zVuzTWszEEcQp/UDeWNtbnG6FGLVSKZSfV3515X81KlVTC172ryEPM/DVwNVepqb
U6nb3SmztC9kSnci9H5FfzWAO6LURYhs0dY1JcVjmiqS9kclqWzX
-----END CERTIFICATE-----
Generated at Tue Nov 28 12:57:49 2023 by rpki-client on console-fra.rpki-client.org