Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/fb1289-4d14-40f0-9679-11afb4992eef/1/9uht_d4dU96hds3G-8jB2khiztM.roa
File: 9uht_d4dU96hds3G-8jB2khiztM.roa (raw, json)
Hash identifier: 2ZivQVBH1vSdqKt85LUmNaPFeGfHJ1lMaBLX4iOkvaQ=
Subject key identifier: F6:E8:6D:FD:DE:1D:53:DE:A1:76:CD:C6:FB:C8:C1:DA:48:62:CE:D3
Certificate issuer: /CN=aaebc9bfef2b4d23f19513bfd4d60bb798f5a59d
Certificate serial: 01856E78CAFF5D73F2CE1DA378ABC3590715
Authority key identifier: AA:EB:C9:BF:EF:2B:4D:23:F1:95:13:BF:D4:D6:0B:B7:98:F5:A5:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/quvJv-8rTSPxlRO_1NYLt5j1pZ0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/fb1289-4d14-40f0-9679-11afb4992eef/1/9uht_d4dU96hds3G-8jB2khiztM.roa
Signing time: Sun 01 Jan 2023 17:54:48 +0000
ROA not before: Sun 01 Jan 2023 17:54:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21859
IP address blocks: 84.33.16.0/23 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 14:34:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:78:ca:ff:5d:73:f2:ce:1d:a3:78:ab:c3:59:07:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aaebc9bfef2b4d23f19513bfd4d60bb798f5a59d
Validity
Not Before: Jan 1 17:54:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f6e86dfdde1d53dea176cdc6fbc8c1da4862ced3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:bc:1a:d2:4e:1a:67:41:2d:7b:54:38:48:bb:
3d:23:23:49:40:c5:d3:5f:06:40:26:90:0a:80:ac:
9f:f1:81:9d:e1:2b:09:59:b9:10:ef:75:1e:e9:5d:
2e:a4:ee:62:26:de:c9:49:d2:96:ac:fa:6d:d0:aa:
21:07:2e:48:0e:32:26:0e:ac:c7:dc:1b:c7:b1:a7:
a3:02:d5:0c:71:46:17:f2:02:e0:bb:48:1b:9f:95:
86:93:7b:1f:58:e6:67:ab:22:10:04:b3:48:88:54:
19:b7:15:a2:4d:09:0a:a2:8c:1d:01:ea:17:2b:8e:
70:1b:3a:4b:db:4e:a6:78:04:8d:e3:d7:8f:e1:d1:
bf:60:78:27:57:17:37:61:77:cc:be:b7:56:64:6e:
b0:9e:b4:0d:ed:00:43:e6:e2:05:2b:1b:15:49:82:
1e:51:a3:5c:2d:ab:a3:37:6f:3f:37:9c:3a:7b:94:
b5:fa:57:24:d7:7b:28:f7:71:be:ac:13:de:87:2b:
df:32:95:a4:c4:c1:9e:3b:1c:88:56:46:bd:5f:96:
5b:eb:9b:c3:2f:96:ca:f9:32:56:85:9f:e8:d5:fa:
7e:a5:59:bf:d1:ed:a8:fb:92:1d:5f:85:5c:78:72:
45:e9:2a:5d:0d:8f:3e:58:59:cb:aa:47:08:24:92:
37:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:E8:6D:FD:DE:1D:53:DE:A1:76:CD:C6:FB:C8:C1:DA:48:62:CE:D3
X509v3 Authority Key Identifier:
keyid:AA:EB:C9:BF:EF:2B:4D:23:F1:95:13:BF:D4:D6:0B:B7:98:F5:A5:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/quvJv-8rTSPxlRO_1NYLt5j1pZ0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/fb1289-4d14-40f0-9679-11afb4992eef/1/9uht_d4dU96hds3G-8jB2khiztM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/fb1289-4d14-40f0-9679-11afb4992eef/1/quvJv-8rTSPxlRO_1NYLt5j1pZ0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.33.16.0/23
Signature Algorithm: sha256WithRSAEncryption
49:e2:49:7c:48:a0:3e:a1:3e:4f:a7:88:32:bc:bf:5c:51:aa:
1f:76:88:45:db:8f:4e:83:27:58:c5:02:5e:8c:66:45:df:db:
5c:8a:9a:09:51:8f:12:06:51:c0:23:02:80:91:cc:57:bc:8e:
5d:d3:8c:44:3d:62:bb:87:53:a0:43:43:b3:33:5c:6c:69:e4:
a4:22:43:58:12:85:3a:d5:bb:3b:7e:ac:85:34:c8:91:5c:6f:
15:cf:21:d9:1d:cf:71:16:bc:22:6e:af:37:49:51:48:23:dc:
ec:5c:36:18:b8:4d:ea:c7:a5:38:66:be:b2:45:7b:be:a2:78:
be:d4:0a:24:0f:7a:f9:b9:b3:a5:be:cf:c5:8a:21:51:5b:b8:
2b:20:18:a7:58:ae:e5:ac:fe:ed:37:2b:5a:2e:2e:22:98:1b:
98:73:48:17:14:39:76:57:60:00:87:b3:ad:b2:d5:d5:1c:3b:
17:69:6b:40:8f:af:74:05:50:d2:de:78:87:a7:46:9e:93:f4:
22:d5:86:25:7a:02:a5:b0:9a:f6:ac:72:cd:11:65:bd:bc:fb:
45:e8:90:4c:55:10:4f:f3:0c:eb:f3:f0:8c:fb:cc:d4:13:8d:
84:dc:f0:30:39:57:85:8e:ff:78:b4:0f:a7:6c:7b:2f:ea:31:
9e:9f:d0:29
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVueMr/XXPyzh2jeKvDWQcVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhZWJjOWJmZWYyYjRkMjNmMTk1MTNiZmQ0ZDYwYmI3OThm
NWE1OWQwHhcNMjMwMTAxMTc1NDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNmU4NmRmZGRlMWQ1M2RlYTE3NmNkYzZmYmM4YzFkYTQ4NjJjZWQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqbwa0k4aZ0Ete1Q4SLs9IyNJQMXT
XwZAJpAKgKyf8YGd4SsJWbkQ73Ue6V0upO5iJt7JSdKWrPpt0KohBy5IDjImDqzH
3BvHsaejAtUMcUYX8gLgu0gbn5WGk3sfWOZnqyIQBLNIiFQZtxWiTQkKoowdAeoX
K45wGzpL206meASN49eP4dG/YHgnVxc3YXfMvrdWZG6wnrQN7QBD5uIFKxsVSYIe
UaNcLaujN28/N5w6e5S1+lck13so93G+rBPehyvfMpWkxMGeOxyIVka9X5Zb65vD
L5bK+TJWhZ/o1fp+pVm/0e2o+5IdX4VceHJF6SpdDY8+WFnLqkcIJJI3GQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPbobf3eHVPeoXbNxvvIwdpIYs7TMB8GA1UdIwQY
MBaAFKrryb/vK00j8ZUTv9TWC7eY9aWdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXV2SnYtOHJUU1B4bFJPXzFOWUx0NWoxcFowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9mYjEyODktNGQxNC00MGYwLTk2Nzkt
MTFhZmI0OTkyZWVmLzEvOXVodF9kNGRVOTZoZHMzRy04akIya2hpenRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9mYjEyODktNGQxNC00MGYwLTk2NzktMTFhZmI0OTkyZWVm
LzEvcXV2SnYtOHJUU1B4bFJPXzFOWUx0NWoxcFowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBVCEQMA0G
CSqGSIb3DQEBCwUAA4IBAQBJ4kl8SKA+oT5Pp4gyvL9cUaofdohF249OgydYxQJe
jGZF39tcipoJUY8SBlHAIwKAkcxXvI5d04xEPWK7h1OgQ0OzM1xsaeSkIkNYEoU6
1bs7fqyFNMiRXG8VzyHZHc9xFrwibq83SVFII9zsXDYYuE3qx6U4Zr6yRXu+oni+
1AokD3r5ubOlvs/FiiFRW7grIBinWK7lrP7tNytaLi4imBuYc0gXFDl2V2AAh7Ot
stXVHDsXaWtAj690BVDS3niHp0aek/Qi1YYlegKlsJr2rHLNEWW9vPtF6JBMVRBP
8wzr8/CM+8zUE42E3PAwOVeFjv94tA+nbHsv6jGen9Ap
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:38 2024 by rpki-client on console-fra.rpki-client.org