Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/xcvAq4vM7M24mvcisCEBfiLXkoo.roa
File: xcvAq4vM7M24mvcisCEBfiLXkoo.roa (raw, json)
Hash identifier: hXubdf1fbz//+F4DgPjsrRA40f4ieL5wpz5WkWQbsdA=
Subject key identifier: C5:CB:C0:AB:8B:CC:EC:CD:B8:9A:F7:22:B0:21:01:7E:22:D7:92:8A
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 018C57BFDD51663C9063175CD6BE9B30A2EA
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/xcvAq4vM7M24mvcisCEBfiLXkoo.roa
Signing time: Mon 11 Dec 2023 07:20:40 +0000
ROA not before: Mon 11 Dec 2023 07:20:40 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 89.42.81.0/24 maxlen: 24
89.42.82.0/23 maxlen: 23
89.42.80.0/23 maxlen: 23
185.101.105.0/24 maxlen: 24
89.34.231.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:57:bf:dd:51:66:3c:90:63:17:5c:d6:be:9b:30:a2:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Dec 11 07:20:40 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c5cbc0ab8bcceccdb89af722b021017e22d7928a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:3f:4e:c8:b1:ad:94:f7:92:5b:30:ad:0b:48:
58:65:b6:ce:1f:4a:d2:ea:15:a6:cb:57:6c:8e:d6:
fc:13:1c:c7:e5:7f:c2:db:e6:04:b9:7f:ab:07:5d:
03:f4:3e:9d:00:30:2e:b9:34:2a:4e:4a:34:38:2a:
ea:e9:3a:e0:9c:c3:96:b5:e9:70:57:32:44:1a:d3:
09:20:d4:c8:b5:05:5a:6a:f5:1a:b3:dc:ae:cb:d7:
6d:67:88:52:cc:fa:ce:04:15:b6:16:ca:19:dc:a5:
8e:fc:18:2a:ae:46:03:f3:58:db:68:3f:b0:4c:80:
d0:53:3f:42:e6:c9:ff:04:21:03:f5:d9:43:c1:bf:
a9:5e:6e:62:0c:d4:8e:9a:56:d1:73:26:8c:56:c9:
47:4c:34:f2:88:74:7b:ab:34:84:7a:7b:16:18:d5:
10:13:2a:4a:e5:ee:f0:ee:c1:56:27:21:59:99:af:
01:b4:e5:ee:cf:30:b8:5d:64:40:9d:ca:e4:87:da:
cd:63:88:bb:92:39:a8:f3:a4:58:a2:92:e3:fa:b3:
6f:4a:0d:5e:cd:2a:6a:73:bd:f9:92:95:ce:9b:23:
fd:8a:b0:f9:d0:83:62:b5:83:08:19:f5:14:26:b6:
21:2f:1f:b0:11:b6:b9:b5:a8:03:d1:60:4e:ff:94:
91:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:CB:C0:AB:8B:CC:EC:CD:B8:9A:F7:22:B0:21:01:7E:22:D7:92:8A
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/xcvAq4vM7M24mvcisCEBfiLXkoo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.34.231.0/24
89.42.80.0/22
185.101.105.0/24
Signature Algorithm: sha256WithRSAEncryption
58:89:e4:0a:fa:51:90:9b:89:49:5f:0c:bf:00:d1:1e:79:2b:
74:14:30:0c:63:29:f5:6a:1f:b9:c5:36:9f:53:89:3c:d6:93:
ab:33:0b:0d:de:08:b8:32:ba:b0:2c:15:29:d6:b3:6b:8d:48:
71:2e:76:22:4b:9a:15:a9:12:36:e2:45:20:d6:6e:c3:36:c7:
7a:08:32:ea:f7:4a:b1:49:0a:80:eb:64:12:c9:20:75:c9:63:
b9:fa:6b:ef:c3:2b:92:7e:c6:b1:e2:d8:3f:4f:6b:6a:51:bc:
8f:fd:b4:50:54:a1:52:8a:11:42:a4:5c:41:17:60:fd:3b:70:
65:96:f4:7b:61:ef:a3:7d:e5:a0:75:39:d0:87:49:c2:33:68:
b9:81:e9:61:93:4b:95:31:38:b2:53:8d:49:24:38:df:50:ca:
64:b2:53:f2:5d:95:b3:9f:91:f3:90:b4:7a:7c:e7:93:00:e5:
43:cf:bc:66:43:f1:5a:2e:db:66:6b:98:89:0c:11:28:a7:6c:
23:cc:87:e1:7f:75:50:d0:75:0a:a8:24:3d:08:05:a0:01:07:
53:c3:9e:4b:51:09:06:cb:5b:79:27:13:bb:39:e2:1c:55:42:
52:e5:c3:99:ee:f8:03:45:3f:81:08:03:4e:be:18:f7:8e:e9:
a1:0c:c5:ef
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYxXv91RZjyQYxdc1r6bMKLqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjMxMjExMDcyMDQwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNWNiYzBhYjhiY2NlY2NkYjg5YWY3MjJiMDIxMDE3ZTIyZDc5MjhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAij9OyLGtlPeSWzCtC0hYZbbOH0rS
6hWmy1dsjtb8ExzH5X/C2+YEuX+rB10D9D6dADAuuTQqTko0OCrq6TrgnMOWtelw
VzJEGtMJINTItQVaavUas9yuy9dtZ4hSzPrOBBW2FsoZ3KWO/BgqrkYD81jbaD+w
TIDQUz9C5sn/BCED9dlDwb+pXm5iDNSOmlbRcyaMVslHTDTyiHR7qzSEensWGNUQ
EypK5e7w7sFWJyFZma8BtOXuzzC4XWRAncrkh9rNY4i7kjmo86RYopLj+rNvSg1e
zSpqc735kpXOmyP9irD50INitYMIGfUUJrYhLx+wEba5tagD0WBO/5SRMQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMXLwKuLzOzNuJr3IrAhAX4i15KKMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEveGN2QXE0dk03TTI0bXZjaXNDRUJmaUxYa29vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAWSLnAwQC
WSpQAwQAuWVpMA0GCSqGSIb3DQEBCwUAA4IBAQBYieQK+lGQm4lJXwy/ANEeeSt0
FDAMYyn1ah+5xTafU4k81pOrMwsN3gi4MrqwLBUp1rNrjUhxLnYiS5oVqRI24kUg
1m7DNsd6CDLq90qxSQqA62QSySB1yWO5+mvvwyuSfsax4tg/T2tqUbyP/bRQVKFS
ihFCpFxBF2D9O3BllvR7Ye+jfeWgdTnQh0nCM2i5gelhk0uVMTiyU41JJDjfUMpk
slPyXZWzn5HzkLR6fOeTAOVDz7xmQ/FaLttma5iJDBEop2wjzIfhf3VQ0HUKqCQ9
CAWgAQdTw55LUQkGy1t5JxO7OeIcVUJS5cOZ7vgDRT+BCANOvhj3jumhDMXv
-----END CERTIFICATE-----
Generated at Mon Dec 11 14:55:58 2023 by rpki-client on console-fra.rpki-client.org