Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/xWerKgvlYEjYSJ8C-OwYQMPrxGc.roa
File: xWerKgvlYEjYSJ8C-OwYQMPrxGc.roa (raw, json)
Hash identifier: z/J+5RxncdNE4SksTHmU9hQeLMHsLv90Lr8PD0lEFiE=
Subject key identifier: C5:67:AB:2A:0B:E5:60:48:D8:48:9F:02:F8:EC:18:40:C3:EB:C4:67
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 018F38187041EC9D1746771239BBD275353B
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/xWerKgvlYEjYSJ8C-OwYQMPrxGc.roa
Signing time: Thu 02 May 2024 06:57:56 +0000
ROA not before: Thu 02 May 2024 06:57:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 89.42.81.0/24 maxlen: 24
89.42.82.0/23 maxlen: 23
89.46.3.0/24 maxlen: 24
89.47.126.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 May 2024 18:06:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:38:18:70:41:ec:9d:17:46:77:12:39:bb:d2:75:35:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: May 2 06:57:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c567ab2a0be56048d8489f02f8ec1840c3ebc467
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:23:2b:28:03:bb:74:c2:df:83:dc:d0:9a:17:
d6:10:a7:7a:ed:34:6d:72:e1:24:08:5b:b7:38:93:
c3:cd:b7:7a:d1:2c:c3:cc:49:58:42:86:57:c6:d8:
3b:2e:6b:bf:e2:4c:03:cb:6d:40:fd:0d:99:16:f3:
2e:88:5f:da:6b:8a:8c:11:82:a9:6d:ea:0d:b0:4a:
5f:aa:0a:45:11:79:0c:27:22:a0:c0:a2:f8:40:be:
fa:d3:38:c2:cf:72:0b:ad:86:2b:05:2f:2c:54:31:
81:91:5c:7a:4a:57:b9:21:5a:ce:88:93:40:7f:4b:
fb:bd:07:55:c6:a2:3c:7c:77:7a:37:d6:24:6c:29:
96:61:1a:d9:07:fd:e2:08:11:8a:8a:09:80:ea:bf:
ef:df:8f:f1:25:f6:fa:f8:ce:c0:a2:d3:9f:7b:67:
0d:e1:38:f2:c1:15:c9:ae:8a:1a:01:a0:3f:10:8f:
76:c0:e4:91:bb:46:1e:14:ef:b4:92:97:25:75:63:
fc:d5:b7:5d:eb:6c:a2:42:d1:a4:10:fe:a8:9f:fe:
be:16:ab:c0:b0:24:74:a0:09:7b:0c:f3:d0:c9:23:
37:00:bf:91:f1:fc:e6:84:44:75:df:79:7a:fd:09:
7b:ce:b1:14:79:c6:88:6d:3c:0b:dc:6e:34:f8:4a:
05:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:67:AB:2A:0B:E5:60:48:D8:48:9F:02:F8:EC:18:40:C3:EB:C4:67
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/xWerKgvlYEjYSJ8C-OwYQMPrxGc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.42.81.0-89.42.83.255
89.46.3.0/24
89.47.126.0/24
Signature Algorithm: sha256WithRSAEncryption
09:a6:c5:b4:e5:13:90:a3:1f:15:a8:69:9b:3b:31:34:d9:9b:
32:26:1d:be:2d:d6:02:27:ed:c0:f5:ba:02:f8:68:3f:4a:48:
99:75:11:da:a3:37:dc:31:5d:7e:a5:fd:d2:6a:29:43:1a:81:
7a:4b:89:da:d2:94:bf:3f:12:6e:19:71:d1:80:93:1b:76:98:
86:1c:50:ca:63:25:79:cf:99:63:dd:a3:32:a9:12:2c:1f:dc:
f6:ca:a3:c2:32:a2:b4:db:7c:e9:1b:73:6e:6f:67:9f:58:6d:
7f:b2:d0:33:a0:ca:d0:e3:5f:40:82:9c:be:72:20:13:08:48:
da:12:e1:d6:e0:46:9c:8d:c4:1a:ac:37:38:fd:64:6e:f7:10:
9a:70:0b:83:38:45:b3:a0:df:00:9c:83:50:eb:8d:ef:43:7c:
f2:35:1f:b1:be:94:49:3e:78:f2:a4:7f:25:4c:2a:cf:3e:5a:
a9:d2:09:72:d4:2c:78:a5:18:31:af:c8:18:b1:2a:ae:76:8c:
cf:49:9a:ab:68:66:cc:cb:92:4d:c1:1a:95:2d:4b:8e:7d:95:
f8:af:ee:1e:12:d0:33:35:a7:49:60:9f:58:63:c4:70:7c:e9:
8e:f4:6a:dd:72:c5:16:1f:9d:e0:dd:37:db:f2:1b:3b:ac:44:
43:cc:07:00
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAY84GHBB7J0XRncSObvSdTU7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjQwNTAyMDY1NzU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTY3YWIyYTBiZTU2MDQ4ZDg0ODlmMDJmOGVjMTg0MGMzZWJjNDY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5CMrKAO7dMLfg9zQmhfWEKd67TRt
cuEkCFu3OJPDzbd60SzDzElYQoZXxtg7Lmu/4kwDy21A/Q2ZFvMuiF/aa4qMEYKp
beoNsEpfqgpFEXkMJyKgwKL4QL760zjCz3ILrYYrBS8sVDGBkVx6Sle5IVrOiJNA
f0v7vQdVxqI8fHd6N9YkbCmWYRrZB/3iCBGKigmA6r/v34/xJfb6+M7AotOfe2cN
4TjywRXJrooaAaA/EI92wOSRu0YeFO+0kpcldWP81bdd62yiQtGkEP6on/6+FqvA
sCR0oAl7DPPQySM3AL+R8fzmhER133l6/Ql7zrEUecaIbTwL3G40+EoFpwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFMVnqyoL5WBI2EifAvjsGEDD68RnMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEveFdlcktndmxZRWpZU0o4Qy1Pd1lRTVByeEdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBABZKlED
BAJZKlADBABZLgMDBABZL34wDQYJKoZIhvcNAQELBQADggEBAAmmxbTlE5CjHxWo
aZs7MTTZmzImHb4t1gIn7cD1ugL4aD9KSJl1EdqjN9wxXX6l/dJqKUMagXpLidrS
lL8/Em4ZcdGAkxt2mIYcUMpjJXnPmWPdozKpEiwf3PbKo8IyorTbfOkbc25vZ59Y
bX+y0DOgytDjX0CCnL5yIBMISNoS4dbgRpyNxBqsNzj9ZG73EJpwC4M4RbOg3wCc
g1Drje9DfPI1H7G+lEk+ePKkfyVMKs8+WqnSCXLULHilGDGvyBixKq52jM9Jmqto
ZszLkk3BGpUtS459lfiv7h4S0DM1p0lgn1hjxHB86Y70at1yxRYfneDdN9vyGzus
REPMBwA=
-----END CERTIFICATE-----
Generated at Thu May 2 21:31:57 2024 by rpki-client on console-fra.rpki-client.org