Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/xZdtvD3IFlFvDOp7YN_zCDn54CI.roa
File: xZdtvD3IFlFvDOp7YN_zCDn54CI.roa (raw, json)
Hash identifier: J4KmiZpjhaKeHcrhUvxzQXqCoGxB0WP9277OPTDHVME=
Subject key identifier: C5:97:6D:BC:3D:C8:16:51:6F:0C:EA:7B:60:DF:F3:08:39:F9:E0:22
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 018DDCD69B266F0C5E2E648A8E564C601FBC
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/xZdtvD3IFlFvDOp7YN_zCDn54CI.roa
Signing time: Sat 24 Feb 2024 20:37:48 +0000
ROA not before: Sat 24 Feb 2024 20:37:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 89.42.81.0/24 maxlen: 24
89.42.82.0/23 maxlen: 23
89.46.3.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 26 Feb 2024 06:43:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:dc:d6:9b:26:6f:0c:5e:2e:64:8a:8e:56:4c:60:1f:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Feb 24 20:37:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c5976dbc3dc816516f0cea7b60dff30839f9e022
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:66:a8:d5:ba:26:89:0b:6f:32:7b:da:fc:ac:
51:3b:65:01:75:c1:1e:bb:5f:83:04:05:27:e9:ed:
4a:41:7c:be:69:8a:ed:52:5a:ca:25:7c:86:00:3c:
b2:1d:fc:13:a9:7b:ff:b8:f4:11:e6:e5:e8:a5:84:
8c:0c:36:98:fe:7b:c9:fe:2c:ee:76:7e:2d:14:25:
c6:6e:12:3c:0a:a7:89:69:c2:c3:fd:08:d9:d4:2c:
b2:72:08:6a:55:b1:85:2c:34:0a:72:66:98:d2:73:
12:77:1e:a8:16:88:60:79:10:10:cf:08:5f:91:b4:
7d:2c:5e:24:1c:bb:c0:e0:df:76:0d:60:b9:f2:e7:
3f:6a:88:d1:02:6d:63:fb:1d:71:14:7d:96:b0:ef:
d6:ac:a1:06:0a:f3:36:6b:9c:6c:9a:5f:d8:f7:31:
df:93:06:8b:9b:e1:5d:d4:ce:ca:8a:20:81:f8:d4:
23:d2:46:65:88:a1:0c:cc:c2:b6:a8:bc:04:2f:08:
c7:71:d7:1f:42:2c:3e:68:5a:50:92:f3:af:67:c5:
ba:11:2a:27:33:29:bd:1c:3d:dc:84:d2:a2:9b:78:
23:da:f6:46:c5:3a:27:61:f4:90:f6:5b:80:c1:f4:
18:f9:95:21:00:90:2f:d5:f9:55:dd:39:60:46:d0:
32:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:97:6D:BC:3D:C8:16:51:6F:0C:EA:7B:60:DF:F3:08:39:F9:E0:22
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/xZdtvD3IFlFvDOp7YN_zCDn54CI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.42.81.0-89.42.83.255
89.46.3.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:b2:ed:5f:58:21:2f:80:34:41:cc:c4:9e:7c:1e:16:85:8c:
88:d5:af:fb:cf:32:59:e9:b2:e4:dd:1a:df:b8:11:1b:62:47:
1c:22:bb:06:ab:16:24:9f:d3:d0:88:71:17:6d:8f:e6:11:41:
21:67:6b:12:f0:d7:d4:d5:96:28:1f:3f:d9:f1:48:da:ec:15:
c6:80:2b:62:4d:b5:21:e3:1a:7e:05:92:dc:3a:1f:d1:a6:a2:
e5:fe:2d:e0:f5:ec:20:2a:7d:84:32:18:00:45:06:b7:68:8e:
78:43:ff:18:2a:9a:d6:6d:6c:fb:b1:4f:ad:22:9e:1e:7d:c3:
6b:67:84:d3:c9:bc:3e:44:54:91:77:03:65:26:44:8c:16:95:
ff:c5:dc:c7:71:46:fe:06:c3:4f:2d:f3:84:8c:c7:b1:d4:c5:
6a:0e:5e:b1:04:28:05:d2:2a:9e:10:d4:67:87:18:3c:af:bb:
79:13:28:f2:a8:1d:3d:58:bd:10:9e:72:43:85:50:6b:34:2c:
f0:47:93:36:c1:0c:73:65:91:e0:7c:31:6e:68:0f:d7:d7:62:
f0:00:13:39:a3:91:01:88:83:a1:f2:4f:cf:c6:1f:24:2c:f8:
c4:a5:bf:92:ac:d7:1b:cc:5d:3c:08:18:65:28:2e:9d:2f:ba:
b8:2c:c3:7f
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAY3c1psmbwxeLmSKjlZMYB+8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjQwMjI0MjAzNzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTk3NmRiYzNkYzgxNjUxNmYwY2VhN2I2MGRmZjMwODM5ZjllMDIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzmao1bomiQtvMnva/KxRO2UBdcEe
u1+DBAUn6e1KQXy+aYrtUlrKJXyGADyyHfwTqXv/uPQR5uXopYSMDDaY/nvJ/izu
dn4tFCXGbhI8CqeJacLD/QjZ1CyycghqVbGFLDQKcmaY0nMSdx6oFohgeRAQzwhf
kbR9LF4kHLvA4N92DWC58uc/aojRAm1j+x1xFH2WsO/WrKEGCvM2a5xsml/Y9zHf
kwaLm+Fd1M7KiiCB+NQj0kZliKEMzMK2qLwELwjHcdcfQiw+aFpQkvOvZ8W6ESon
Mym9HD3chNKim3gj2vZGxTonYfSQ9luAwfQY+ZUhAJAv1flV3TlgRtAyIwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFMWXbbw9yBZRbwzqe2Df8wg5+eAiMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEveFpkdHZEM0lGbEZ2RE9wN1lOX3pDRG41NENJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBABZKlED
BAJZKlADBABZLgMwDQYJKoZIhvcNAQELBQADggEBAA6y7V9YIS+ANEHMxJ58HhaF
jIjVr/vPMlnpsuTdGt+4ERtiRxwiuwarFiSf09CIcRdtj+YRQSFnaxLw19TVligf
P9nxSNrsFcaAK2JNtSHjGn4Fktw6H9GmouX+LeD17CAqfYQyGABFBrdojnhD/xgq
mtZtbPuxT60inh59w2tnhNPJvD5EVJF3A2UmRIwWlf/F3MdxRv4Gw08t84SMx7HU
xWoOXrEEKAXSKp4Q1GeHGDyvu3kTKPKoHT1YvRCeckOFUGs0LPBHkzbBDHNlkeB8
MW5oD9fXYvAAEzmjkQGIg6HyT8/GHyQs+MSlv5Ks1xvMXTwIGGUoLp0vurgsw38=
-----END CERTIFICATE-----
Generated at Mon Feb 26 11:39:51 2024 by rpki-client on console-fra.rpki-client.org