Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/0952d4-4a49-447d-ad3c-1903edafa8bf/1/AjzPmttlJTJbRdWIKkPeyPQq1MQ.roa
File: AjzPmttlJTJbRdWIKkPeyPQq1MQ.roa (raw, json)
Hash identifier: K0CO+vPulMz5VvycNqvM7b+DY/Yv5SWJaEiIHHG5EFM=
Subject key identifier: 02:3C:CF:9A:DB:65:25:32:5B:45:D5:88:2A:43:DE:C8:F4:2A:D4:C4
Certificate issuer: /CN=ebf42e80602aedf58a3c7a81883c1a34f69d2fb4
Certificate serial: 018571B0F90778209F16D85A5DB04316B0C5
Authority key identifier: EB:F4:2E:80:60:2A:ED:F5:8A:3C:7A:81:88:3C:1A:34:F6:9D:2F:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6_QugGAq7fWKPHqBiDwaNPadL7Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/0952d4-4a49-447d-ad3c-1903edafa8bf/1/AjzPmttlJTJbRdWIKkPeyPQq1MQ.roa
Signing time: Mon 02 Jan 2023 08:55:01 +0000
ROA not before: Mon 02 Jan 2023 08:55:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41646
IP address blocks: 89.46.38.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:29:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:b0:f9:07:78:20:9f:16:d8:5a:5d:b0:43:16:b0:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ebf42e80602aedf58a3c7a81883c1a34f69d2fb4
Validity
Not Before: Jan 2 08:55:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=023ccf9adb6525325b45d5882a43dec8f42ad4c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:d3:07:00:ca:83:b9:f0:4e:3a:63:2a:7f:8c:
0a:cc:9b:f7:25:36:ef:98:07:67:29:9f:02:2c:b3:
e4:dc:e8:a9:77:de:67:84:7f:af:73:c6:69:97:2e:
9c:e2:fc:81:02:b8:4b:4d:e9:28:c0:bb:4a:7e:1c:
ed:b5:e0:7d:04:68:42:6f:c7:17:b4:51:60:1f:8e:
2a:0c:0b:3f:a9:ce:f5:12:5c:df:ee:69:8c:24:44:
76:df:6c:29:1a:1e:b1:6f:2b:dc:9f:64:b3:62:fd:
94:43:0b:af:e3:ce:da:a4:27:47:ec:f7:e1:60:ca:
2c:bc:d6:c7:85:1b:dd:09:21:98:07:df:dd:16:15:
c6:4a:fc:87:8c:b3:d5:31:09:9c:dd:06:af:56:5a:
bf:c0:b9:a8:63:ac:de:ae:26:e1:1c:e9:3e:92:9b:
11:2b:6c:fd:d9:85:1a:eb:8c:56:93:47:d1:04:55:
31:17:a2:70:4f:97:87:4d:85:9d:f2:14:bb:57:f7:
3f:eb:aa:a7:25:35:82:5a:e0:67:b9:28:79:60:0b:
f7:70:88:8e:be:aa:0f:e9:6f:a6:eb:71:b0:60:17:
38:0e:4d:60:b4:fa:20:41:50:97:8f:ac:c8:35:cc:
4b:fa:20:37:01:39:7b:82:ca:18:c6:da:20:44:1b:
d3:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:3C:CF:9A:DB:65:25:32:5B:45:D5:88:2A:43:DE:C8:F4:2A:D4:C4
X509v3 Authority Key Identifier:
keyid:EB:F4:2E:80:60:2A:ED:F5:8A:3C:7A:81:88:3C:1A:34:F6:9D:2F:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6_QugGAq7fWKPHqBiDwaNPadL7Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/0952d4-4a49-447d-ad3c-1903edafa8bf/1/AjzPmttlJTJbRdWIKkPeyPQq1MQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/0952d4-4a49-447d-ad3c-1903edafa8bf/1/6_QugGAq7fWKPHqBiDwaNPadL7Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.46.38.0/24
Signature Algorithm: sha256WithRSAEncryption
30:cb:91:86:56:49:74:f1:2c:f7:31:d0:d2:96:18:11:4f:3d:
ad:2b:1d:0e:bd:a7:80:f7:b1:e1:94:09:93:7a:41:bd:ab:2f:
e2:31:9b:96:3c:b7:af:4f:f4:af:70:8f:8d:31:21:28:9e:2f:
11:01:be:a8:89:04:53:0f:ab:da:8b:5d:3e:65:8e:04:ca:4e:
b5:28:b1:43:6d:b9:df:72:2c:88:fc:82:7c:67:e3:97:f2:65:
6a:28:f0:dd:ea:9d:7f:8a:72:8c:b0:07:f8:35:66:75:97:1f:
50:ec:41:4c:9c:37:51:68:12:81:05:c9:d0:45:cc:2f:a5:6a:
cf:c1:99:12:6f:d5:d8:9b:ec:28:a5:9f:2a:e3:ae:85:0b:fe:
22:20:6a:bc:45:f5:87:c1:e4:b3:6f:25:0d:83:50:f8:3e:05:
12:f9:ff:5d:0d:88:7e:64:53:fc:d0:e1:84:0a:a9:d7:fe:46:
7b:97:84:c9:3c:6b:48:16:b3:e1:a3:d1:65:6b:02:55:6e:ee:
55:71:fb:68:da:54:f7:86:12:80:8b:34:04:5c:49:9f:4e:22:
d3:a7:53:ea:1b:75:82:bd:08:f8:45:0c:d0:07:96:96:48:d4:
b0:76:15:0a:61:32:e7:a0:19:bf:c4:54:4a:b3:fc:a9:78:db:
df:4c:ab:e3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxsPkHeCCfFthaXbBDFrDFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGViZjQyZTgwNjAyYWVkZjU4YTNjN2E4MTg4M2MxYTM0ZjY5
ZDJmYjQwHhcNMjMwMTAyMDg1NTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjNjY2Y5YWRiNjUyNTMyNWI0NWQ1ODgyYTQzZGVjOGY0MmFkNGM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAldMHAMqDufBOOmMqf4wKzJv3JTbv
mAdnKZ8CLLPk3Oipd95nhH+vc8Zply6c4vyBArhLTekowLtKfhztteB9BGhCb8cX
tFFgH44qDAs/qc71Elzf7mmMJER232wpGh6xbyvcn2SzYv2UQwuv487apCdH7Pfh
YMosvNbHhRvdCSGYB9/dFhXGSvyHjLPVMQmc3QavVlq/wLmoY6zeribhHOk+kpsR
K2z92YUa64xWk0fRBFUxF6JwT5eHTYWd8hS7V/c/66qnJTWCWuBnuSh5YAv3cIiO
vqoP6W+m63GwYBc4Dk1gtPogQVCXj6zINcxL+iA3ATl7gsoYxtogRBvT7wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAI8z5rbZSUyW0XViCpD3sj0KtTEMB8GA1UdIwQY
MBaAFOv0LoBgKu31ijx6gYg8GjT2nS+0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNl9RdWdHQXE3ZldLUEhxQmlEd2FOUGFkTDdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS8wOTUyZDQtNGE0OS00NDdkLWFkM2Mt
MTkwM2VkYWZhOGJmLzEvQWp6UG10dGxKVEpiUmRXSUtrUGV5UFFxMU1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS8wOTUyZDQtNGE0OS00NDdkLWFkM2MtMTkwM2VkYWZhOGJm
LzEvNl9RdWdHQXE3ZldLUEhxQmlEd2FOUGFkTDdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWS4mMA0G
CSqGSIb3DQEBCwUAA4IBAQAwy5GGVkl08Sz3MdDSlhgRTz2tKx0OvaeA97HhlAmT
ekG9qy/iMZuWPLevT/SvcI+NMSEoni8RAb6oiQRTD6vai10+ZY4Eyk61KLFDbbnf
ciyI/IJ8Z+OX8mVqKPDd6p1/inKMsAf4NWZ1lx9Q7EFMnDdRaBKBBcnQRcwvpWrP
wZkSb9XYm+wopZ8q466FC/4iIGq8RfWHweSzbyUNg1D4PgUS+f9dDYh+ZFP80OGE
CqnX/kZ7l4TJPGtIFrPho9FlawJVbu5Vcfto2lT3hhKAizQEXEmfTiLTp1PqG3WC
vQj4RQzQB5aWSNSwdhUKYTLnoBm/xFRKs/ypeNvfTKvj
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:32 2024 by rpki-client on console-fra.rpki-client.org