Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/xiZOKDqXJGn-UB38l7i4GfHkTLE.roa
File: xiZOKDqXJGn-UB38l7i4GfHkTLE.roa (raw, json)
Hash identifier: eahVWfphBNFYWubU71+80tMvEEwfmORZHV9ygC3YDcY=
Subject key identifier: C6:26:4E:28:3A:97:24:69:FE:50:1D:FC:97:B8:B8:19:F1:E4:4C:B1
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 018DE427C6B75B8B5C882BAF70A5FEA1BE10
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/xiZOKDqXJGn-UB38l7i4GfHkTLE.roa
Signing time: Mon 26 Feb 2024 06:43:48 +0000
ROA not before: Mon 26 Feb 2024 06:43:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 89.42.81.0/24 maxlen: 24
89.42.82.0/23 maxlen: 23
89.42.91.0/24 maxlen: 24
89.46.3.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 27 Feb 2024 06:26:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:e4:27:c6:b7:5b:8b:5c:88:2b:af:70:a5:fe:a1:be:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Feb 26 06:43:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c6264e283a972469fe501dfc97b8b819f1e44cb1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:12:c8:44:e9:f8:dd:73:20:02:77:4b:6a:d4:
21:87:b1:4e:6d:e2:3b:b1:01:e8:da:d3:5c:c1:46:
13:17:06:e2:63:26:f7:30:27:00:c0:83:70:5b:f7:
d7:dc:cd:ec:0a:46:c8:0b:ed:19:bf:d0:e1:ac:1e:
e0:d5:36:32:52:5c:77:61:53:0c:36:e5:fa:7f:00:
52:e9:8e:50:d3:5d:08:5e:74:58:9c:a3:64:e5:04:
75:5a:e1:f2:8b:96:d5:5b:94:6a:f0:05:a7:a6:f0:
82:e6:fa:3f:95:39:92:56:e7:e0:66:d4:51:44:ee:
92:2b:c5:6b:c0:e9:03:d5:c5:c5:df:da:a0:0e:9f:
9a:f4:68:63:16:8b:bd:c0:f5:a9:a3:d8:f2:e7:10:
3b:16:df:fb:7d:a8:de:51:b2:13:be:b0:6e:2f:6c:
b9:17:24:bf:b1:c7:37:b6:6b:bc:6e:ec:6a:56:4f:
24:f8:21:07:0c:37:b5:b5:ce:c9:fa:5f:43:75:b3:
8e:ad:44:b9:7f:cb:81:13:f9:80:6f:0e:11:ab:ef:
6c:a9:00:be:24:21:54:ad:63:10:81:11:74:1e:45:
0a:25:2e:51:1a:31:a2:95:13:1a:af:2e:cf:c2:2b:
01:2d:66:19:f7:13:6a:e2:18:99:5c:9a:48:9d:5a:
bd:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:26:4E:28:3A:97:24:69:FE:50:1D:FC:97:B8:B8:19:F1:E4:4C:B1
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/xiZOKDqXJGn-UB38l7i4GfHkTLE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.42.81.0-89.42.83.255
89.42.91.0/24
89.46.3.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:75:ae:b4:54:7c:7f:1a:ce:6b:52:fc:55:b8:ef:6b:f1:8c:
93:0e:2e:9b:1d:25:f7:3e:b6:99:3a:8d:6e:43:db:86:be:47:
ae:df:fd:cb:43:07:f7:dd:2a:5a:96:0d:c0:78:b7:14:4a:17:
78:48:0d:aa:b9:79:e8:e4:86:bc:37:33:16:4d:f5:6e:05:93:
b9:01:39:61:6c:f0:39:af:9e:6c:6d:ea:b2:c2:4a:98:1a:7e:
35:8d:15:bc:3e:c0:40:49:98:92:8c:01:81:87:f6:cd:d6:77:
98:9d:52:4c:80:6e:ef:9d:9e:4c:99:ab:8f:83:46:ee:41:bd:
67:25:9f:40:cb:ae:2c:32:8c:1f:18:77:d5:d6:b2:9d:57:01:
78:d6:e1:f4:c2:7d:22:6d:d2:e8:0c:c3:b6:8f:9d:60:e5:61:
75:ac:36:43:30:ca:dd:a7:7d:7e:24:ba:d5:ae:49:ed:bc:8b:
51:56:4f:c0:85:20:71:12:a3:f5:f1:57:4a:f7:c0:82:b5:f3:
97:c4:48:c2:94:50:86:68:51:cb:3b:98:1b:96:40:1f:8b:d2:
7d:69:8f:87:07:e2:86:c9:cf:3d:78:b5:18:8a:0a:da:5b:3a:
02:88:f4:40:63:b2:10:b4:05:77:68:06:0e:4b:b8:3f:3b:12:
5b:b3:91:75
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAY3kJ8a3W4tciCuvcKX+ob4QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjQwMjI2MDY0MzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjI2NGUyODNhOTcyNDY5ZmU1MDFkZmM5N2I4YjgxOWYxZTQ0Y2IxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjxLIROn43XMgAndLatQhh7FObeI7
sQHo2tNcwUYTFwbiYyb3MCcAwINwW/fX3M3sCkbIC+0Zv9DhrB7g1TYyUlx3YVMM
NuX6fwBS6Y5Q010IXnRYnKNk5QR1WuHyi5bVW5Rq8AWnpvCC5vo/lTmSVufgZtRR
RO6SK8VrwOkD1cXF39qgDp+a9GhjFou9wPWpo9jy5xA7Ft/7fajeUbITvrBuL2y5
FyS/scc3tmu8buxqVk8k+CEHDDe1tc7J+l9DdbOOrUS5f8uBE/mAbw4Rq+9sqQC+
JCFUrWMQgRF0HkUKJS5RGjGilRMary7PwisBLWYZ9xNq4hiZXJpInVq9WQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFMYmTig6lyRp/lAd/Je4uBnx5EyxMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEveGlaT0tEcVhKR24tVUIzOGw3aTRHZkhrVExFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBABZKlED
BAJZKlADBABZKlsDBABZLgMwDQYJKoZIhvcNAQELBQADggEBAGt1rrRUfH8azmtS
/FW472vxjJMOLpsdJfc+tpk6jW5D24a+R67f/ctDB/fdKlqWDcB4txRKF3hIDaq5
eejkhrw3MxZN9W4Fk7kBOWFs8Dmvnmxt6rLCSpgafjWNFbw+wEBJmJKMAYGH9s3W
d5idUkyAbu+dnkyZq4+DRu5BvWcln0DLriwyjB8Yd9XWsp1XAXjW4fTCfSJt0ugM
w7aPnWDlYXWsNkMwyt2nfX4kutWuSe28i1FWT8CFIHESo/XxV0r3wIK185fESMKU
UIZoUcs7mBuWQB+L0n1pj4cH4obJzz14tRiKCtpbOgKI9EBjshC0BXdoBg5LuD87
EluzkXU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:19 2024 by rpki-client on console-fra.rpki-client.org