Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/xSjskEvARP0VQOJ14PYnCmfqrM0.roa
File: xSjskEvARP0VQOJ14PYnCmfqrM0.roa (raw, json)
Hash identifier: RIqIwjulz2kilnE821zx6iz7QfCMPv5dYjGjY7KIZAY=
Subject key identifier: C5:28:EC:90:4B:C0:44:FD:15:40:E2:75:E0:F6:27:0A:67:EA:AC:CD
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 018B673348F8202F7B0CA36752E1DF9678FE
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/xSjskEvARP0VQOJ14PYnCmfqrM0.roa
Signing time: Wed 25 Oct 2023 14:18:16 +0000
ROA not before: Wed 25 Oct 2023 14:18:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 89.42.82.0/23 maxlen: 23
89.42.84.0/24 maxlen: 24
89.42.80.0/23 maxlen: 23
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:67:33:48:f8:20:2f:7b:0c:a3:67:52:e1:df:96:78:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Oct 25 14:18:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c528ec904bc044fd1540e275e0f6270a67eaaccd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:b2:21:83:9b:03:01:f3:70:21:50:d0:35:39:
55:25:35:7d:73:90:57:9b:08:61:80:03:b7:62:bd:
71:b6:ec:d8:f0:7a:10:e8:76:2c:2d:e8:7d:ac:06:
c0:47:fe:cc:64:4f:55:c4:04:73:a2:12:c1:54:6c:
e0:85:9e:7a:24:89:1f:a7:34:31:50:92:91:c8:ed:
88:17:f5:08:78:f8:6b:fb:20:bb:c9:bf:9d:73:31:
60:03:5a:53:f2:00:e4:75:c0:a3:db:7c:e7:36:15:
0f:45:a0:68:45:48:b0:de:f9:de:78:9f:5a:c3:31:
ce:ae:52:9b:7a:b8:79:64:46:2a:cb:5f:95:75:fc:
81:d5:63:22:87:99:4c:cf:68:83:e2:1c:ed:de:a5:
27:e8:72:93:a1:e6:be:3c:60:68:3c:ac:3a:0c:6f:
36:87:a9:21:6f:b5:27:c8:e5:be:b2:8e:ce:f4:88:
d8:1c:13:90:7e:32:51:33:6b:5f:67:95:d3:74:49:
9e:49:10:98:5c:c9:b7:41:2d:21:94:fb:8c:38:a2:
7d:ed:be:02:12:19:90:c2:cf:2b:e1:c7:8d:07:4c:
74:5e:9b:c9:60:de:21:21:a3:13:92:1c:1d:36:4a:
24:a2:cf:c8:24:09:69:35:35:6d:72:74:0f:da:19:
cf:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:28:EC:90:4B:C0:44:FD:15:40:E2:75:E0:F6:27:0A:67:EA:AC:CD
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/xSjskEvARP0VQOJ14PYnCmfqrM0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.42.80.0-89.42.84.255
Signature Algorithm: sha256WithRSAEncryption
04:92:03:b9:89:d7:fa:27:d3:70:d1:54:b9:d0:58:9c:18:3d:
b8:40:2a:48:d8:29:d4:d7:a6:95:0b:ac:07:da:19:31:e7:b3:
c8:3a:18:4f:ec:06:4e:5a:41:4d:5e:48:0e:9f:59:80:4a:32:
3c:c7:1f:e1:c0:73:eb:3c:c1:d2:33:b1:d5:93:a9:18:a0:4e:
f7:53:44:f4:1d:99:43:61:bb:e8:17:2b:ae:ab:44:53:16:7f:
00:6e:b0:01:57:d7:e4:bf:97:2d:c1:b8:ff:62:6b:44:b1:0e:
88:31:0c:13:9a:55:89:99:47:20:d2:9a:28:91:8e:8a:bc:3b:
58:90:fd:d5:17:80:6c:05:dc:e9:24:1d:c0:31:f0:2c:8e:47:
2a:21:60:a6:1a:a7:de:99:55:f5:f1:8b:df:19:32:a8:e1:0f:
1f:8b:40:23:c6:37:4b:62:66:aa:16:bf:c0:1f:e6:ea:17:8c:
c6:aa:57:57:2d:45:71:f8:d9:ff:f7:83:7d:66:09:fe:24:55:
78:99:43:5c:55:bc:fb:75:91:b0:28:88:e9:df:66:e6:0a:a0:
d9:62:bb:68:e2:8b:b7:9c:94:31:6b:6f:14:9b:6a:76:f6:3d:
d6:0b:40:a9:ea:f1:17:86:5f:16:7f:01:97:84:b2:1c:ce:b5:
e3:03:cd:a3
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYtnM0j4IC97DKNnUuHflnj+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjMxMDI1MTQxODE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTI4ZWM5MDRiYzA0NGZkMTU0MGUyNzVlMGY2MjcwYTY3ZWFhY2NkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr7Ihg5sDAfNwIVDQNTlVJTV9c5BX
mwhhgAO3Yr1xtuzY8HoQ6HYsLeh9rAbAR/7MZE9VxARzohLBVGzghZ56JIkfpzQx
UJKRyO2IF/UIePhr+yC7yb+dczFgA1pT8gDkdcCj23znNhUPRaBoRUiw3vneeJ9a
wzHOrlKberh5ZEYqy1+VdfyB1WMih5lMz2iD4hzt3qUn6HKToea+PGBoPKw6DG82
h6khb7UnyOW+so7O9IjYHBOQfjJRM2tfZ5XTdEmeSRCYXMm3QS0hlPuMOKJ97b4C
EhmQws8r4ceNB0x0XpvJYN4hIaMTkhwdNkokos/IJAlpNTVtcnQP2hnPcwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFMUo7JBLwET9FUDideD2Jwpn6qzNMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEveFNqc2tFdkFSUDBWUU9KMTRQWW5DbWZxck0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBARZKlAD
BABZKlQwDQYJKoZIhvcNAQELBQADggEBAASSA7mJ1/on03DRVLnQWJwYPbhAKkjY
KdTXppULrAfaGTHns8g6GE/sBk5aQU1eSA6fWYBKMjzHH+HAc+s8wdIzsdWTqRig
TvdTRPQdmUNhu+gXK66rRFMWfwBusAFX1+S/ly3BuP9ia0SxDogxDBOaVYmZRyDS
miiRjoq8O1iQ/dUXgGwF3OkkHcAx8CyORyohYKYap96ZVfXxi98ZMqjhDx+LQCPG
N0tiZqoWv8Af5uoXjMaqV1ctRXH42f/3g31mCf4kVXiZQ1xVvPt1kbAoiOnfZuYK
oNliu2jii7eclDFrbxSbanb2PdYLQKnq8ReGXxZ/AZeEshzOteMDzaM=
-----END CERTIFICATE-----
Generated at Thu Nov 2 06:56:47 2023 by rpki-client on console-fra.rpki-client.org