Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/xx8JqLqZxuga-qHWMR3U_RlHV6I.roa
File: xx8JqLqZxuga-qHWMR3U_RlHV6I.roa (raw, json)
Hash identifier: 9BLJWMLHqA7wbKfy1/f1c01qqbbqss6KBKuKhQIA5ts=
Subject key identifier: C7:1F:09:A8:BA:99:C6:E8:1A:FA:A1:D6:31:1D:D4:FD:19:47:57:A2
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 01856ECB72CD954699494328A7BB9529AA7D
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/xx8JqLqZxuga-qHWMR3U_RlHV6I.roa
Signing time: Sun 01 Jan 2023 19:25:04 +0000
ROA not before: Sun 01 Jan 2023 19:25:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39345
IP address blocks: 89.34.24.0/23 maxlen: 23
77.81.181.0/24 maxlen: 24
188.214.88.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:cb:72:cd:95:46:99:49:43:28:a7:bb:95:29:aa:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Jan 1 19:25:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c71f09a8ba99c6e81afaa1d6311dd4fd194757a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:c2:de:a1:f8:c2:99:8e:b0:68:a9:47:4a:87:
52:46:54:18:1e:cd:da:ed:cb:d7:71:a0:ab:11:65:
ff:86:1e:8e:37:69:fb:c4:5d:c9:da:4d:5f:75:d1:
4b:9d:55:f4:28:cb:f5:a9:95:a1:07:92:03:e2:8a:
8e:b1:6c:2b:4a:4c:31:7e:3c:7f:d9:de:7d:8a:45:
11:a9:2c:88:8a:2c:fc:dc:e4:29:13:19:af:26:7c:
6d:64:a9:bb:bc:8f:e9:3f:f5:69:96:40:86:82:ce:
e3:f5:8c:8a:45:c3:88:fd:d1:a5:f9:08:87:39:94:
4b:5b:46:b4:83:46:af:d1:96:47:40:33:5b:78:bf:
84:2b:0c:d4:37:66:53:58:ee:6d:ee:61:1e:9a:b6:
fa:ec:41:f4:eb:ec:38:de:49:1f:8c:2d:26:b0:3e:
18:bd:17:a8:98:c7:c5:f8:c9:63:d1:cf:2b:b1:a9:
e2:86:e2:53:6f:bb:30:f9:56:da:bf:3b:0a:72:6f:
45:1e:80:ee:5f:7b:d2:f8:71:6d:8f:45:07:67:13:
3a:4b:5b:d9:5b:1f:7c:35:62:2b:26:37:2f:0c:97:
b1:54:48:90:7e:23:48:34:da:f5:7b:52:df:df:5f:
a1:ab:d5:f0:3e:3b:63:ba:67:a8:17:a9:b8:0b:2f:
50:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:1F:09:A8:BA:99:C6:E8:1A:FA:A1:D6:31:1D:D4:FD:19:47:57:A2
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/xx8JqLqZxuga-qHWMR3U_RlHV6I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.81.181.0/24
89.34.24.0/23
188.214.88.0/24
Signature Algorithm: sha256WithRSAEncryption
40:83:97:0b:c3:d4:1e:2a:1d:bc:e8:6e:96:8f:46:99:b8:8a:
5e:97:b2:1a:c4:a8:17:82:9b:cb:70:c0:44:43:2c:c5:b0:c9:
58:92:35:f5:81:e5:e3:89:c0:e3:ff:d6:16:db:32:c3:bc:49:
d3:91:d2:db:cb:5b:2f:0a:3e:49:23:0b:2e:45:f8:db:12:c3:
fe:76:df:80:bd:03:d7:c6:1f:a5:28:35:ac:d5:81:54:95:69:
f7:d1:2f:dd:02:a8:9a:24:b4:87:d5:69:38:5e:db:1d:fb:a4:
47:ca:70:de:d3:dd:ea:a7:a1:22:48:c9:72:8b:62:72:ec:7c:
ce:db:12:ff:f7:68:c2:0f:a7:3b:f2:90:88:76:92:07:0b:00:
8c:bc:03:5c:00:a9:af:ae:13:0f:74:8d:a2:97:2a:9c:d7:ff:
62:86:85:87:05:e3:21:48:e3:45:b6:64:19:61:eb:96:71:c6:
13:1c:d9:63:29:0d:ea:cd:cc:0c:61:b8:5f:ab:66:19:8c:40:
7a:69:49:cd:1f:5d:b3:f2:7f:65:a4:a6:20:91:3a:3a:91:7f:
4a:df:be:39:63:42:62:93:e6:a3:73:20:f6:6d:ff:c3:e3:f2:
8f:2e:45:99:e9:6c:9e:25:e3:45:50:10:67:a2:67:9e:5d:9c:
95:70:20:7e
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVuy3LNlUaZSUMop7uVKap9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjMwMTAxMTkyNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzFmMDlhOGJhOTljNmU4MWFmYWExZDYzMTFkZDRmZDE5NDc1N2EyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxMLeofjCmY6waKlHSodSRlQYHs3a
7cvXcaCrEWX/hh6ON2n7xF3J2k1fddFLnVX0KMv1qZWhB5ID4oqOsWwrSkwxfjx/
2d59ikURqSyIiiz83OQpExmvJnxtZKm7vI/pP/VplkCGgs7j9YyKRcOI/dGl+QiH
OZRLW0a0g0av0ZZHQDNbeL+EKwzUN2ZTWO5t7mEemrb67EH06+w43kkfjC0msD4Y
vReomMfF+Mlj0c8rsanihuJTb7sw+VbavzsKcm9FHoDuX3vS+HFtj0UHZxM6S1vZ
Wx98NWIrJjcvDJexVEiQfiNINNr1e1Lf31+hq9XwPjtjumeoF6m4Cy9QUwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMcfCai6mcboGvqh1jEd1P0ZR1eiMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEveHg4SnFMcVp4dWdhLXFIV01SM1VfUmxIVjZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQATVG1AwQB
WSIYAwQAvNZYMA0GCSqGSIb3DQEBCwUAA4IBAQBAg5cLw9QeKh286G6Wj0aZuIpe
l7IaxKgXgpvLcMBEQyzFsMlYkjX1geXjicDj/9YW2zLDvEnTkdLby1svCj5JIwsu
RfjbEsP+dt+AvQPXxh+lKDWs1YFUlWn30S/dAqiaJLSH1Wk4Xtsd+6RHynDe093q
p6EiSMlyi2Jy7HzO2xL/92jCD6c78pCIdpIHCwCMvANcAKmvrhMPdI2ilyqc1/9i
hoWHBeMhSONFtmQZYeuWccYTHNljKQ3qzcwMYbhfq2YZjEB6aUnNH12z8n9lpKYg
kTo6kX9K3745Y0Jik+ajcyD2bf/D4/KPLkWZ6WyeJeNFUBBnomeeXZyVcCB+
-----END CERTIFICATE-----
Generated at Mon Jan 1 02:54:12 2024 by rpki-client on console-ams.rpki-client.org