Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/098d13-6d6d-4294-9753-a8773de768f7/1/kFNu6bIWDt_GEw26vM2rmdvXKOc.roa
File: kFNu6bIWDt_GEw26vM2rmdvXKOc.roa (raw, json)
Hash identifier: xTs+5ADK0ubq4UWkqL6j8xOXSnSXoQ3cT7fMQIJu8ww=
Subject key identifier: 90:53:6E:E9:B2:16:0E:DF:C6:13:0D:BA:BC:CD:AB:99:DB:D7:28:E7
Certificate issuer: /CN=00aff6b4effe7c363ef200f6f3e5888b915ba681
Certificate serial: 018B38EB70CEDC95FCB2DF472F2B08051B8E
Authority key identifier: 00:AF:F6:B4:EF:FE:7C:36:3E:F2:00:F6:F3:E5:88:8B:91:5B:A6:81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AK_2tO_-fDY-8gD28-WIi5FbpoE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/098d13-6d6d-4294-9753-a8773de768f7/1/kFNu6bIWDt_GEw26vM2rmdvXKOc.roa
Signing time: Mon 16 Oct 2023 14:37:15 +0000
ROA not before: Mon 16 Oct 2023 14:37:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 185.81.180.0/23 maxlen: 23
93.114.61.0/24 maxlen: 24
89.46.11.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:38:eb:70:ce:dc:95:fc:b2:df:47:2f:2b:08:05:1b:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00aff6b4effe7c363ef200f6f3e5888b915ba681
Validity
Not Before: Oct 16 14:37:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=90536ee9b2160edfc6130dbabccdab99dbd728e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:dd:c5:86:08:9c:7a:9c:bd:a6:65:c9:76:1c:
92:90:51:23:bc:e5:32:fc:4c:b8:11:9c:db:2b:09:
72:b4:88:7f:ee:22:7b:56:a8:15:64:6a:22:db:46:
84:29:35:fd:41:56:04:96:c2:76:4f:b8:8e:38:1a:
40:11:78:d3:b5:85:08:34:81:b7:e9:3b:e5:21:ea:
07:e2:5e:9d:cc:72:3f:86:96:39:96:94:51:d8:9a:
12:2e:48:9d:e5:af:25:16:70:8c:95:3a:64:9b:63:
70:37:f2:5f:b6:d7:98:a2:a5:05:3f:0e:11:5a:7c:
dd:2c:13:1f:bd:c9:e4:8d:34:86:b3:59:a4:c6:91:
07:86:10:27:86:27:48:11:6e:c4:bb:47:e4:d8:7c:
c3:1a:c1:29:98:1d:6c:c3:56:02:ef:8d:5e:0f:f6:
fe:6c:9a:e6:93:65:2e:8f:64:10:b0:0a:04:56:1a:
e2:f2:8c:d9:2e:3c:16:2e:5d:84:e3:3d:26:81:51:
b8:08:1a:89:5f:49:26:4f:4d:ab:da:d7:ae:1c:16:
5c:1c:48:58:44:d3:ae:90:32:60:d6:70:6e:4e:a6:
4f:79:bf:35:f6:ca:6c:59:13:2d:7d:4b:6a:7f:e6:
2d:b9:5b:89:f6:a3:83:86:1f:04:33:92:28:46:3f:
65:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:53:6E:E9:B2:16:0E:DF:C6:13:0D:BA:BC:CD:AB:99:DB:D7:28:E7
X509v3 Authority Key Identifier:
keyid:00:AF:F6:B4:EF:FE:7C:36:3E:F2:00:F6:F3:E5:88:8B:91:5B:A6:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AK_2tO_-fDY-8gD28-WIi5FbpoE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/098d13-6d6d-4294-9753-a8773de768f7/1/kFNu6bIWDt_GEw26vM2rmdvXKOc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/098d13-6d6d-4294-9753-a8773de768f7/1/AK_2tO_-fDY-8gD28-WIi5FbpoE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.46.11.0/24
93.114.61.0/24
185.81.180.0/23
Signature Algorithm: sha256WithRSAEncryption
15:ab:a6:c8:c5:6a:93:6d:79:7c:f3:c2:02:1a:d7:c4:5e:b9:
06:5f:e0:bf:17:c9:6e:00:4f:08:b5:f9:90:7c:d4:94:e0:2a:
49:55:57:07:8f:a5:1c:2e:81:4b:47:6f:ce:1f:d0:65:29:f0:
a0:f7:af:e2:c0:e6:7d:2c:5d:04:fb:ed:9e:1b:b2:94:43:3a:
9e:3e:41:30:b8:94:be:dc:42:ed:c6:3e:08:0e:dc:60:ae:b1:
5d:05:9c:1f:cc:8b:fa:dc:37:74:c2:1f:18:d8:99:94:5d:8b:
70:1f:c0:03:67:7c:2e:b5:37:70:00:5d:33:4d:fb:cc:26:c0:
3d:8c:7e:32:11:dc:4e:bd:c9:30:24:e8:dd:58:f5:c1:1f:4b:
e2:4e:1f:b5:3f:36:01:f0:c0:68:61:89:3e:5e:8f:81:ca:ba:
ad:4c:17:86:03:96:bf:12:45:52:6e:cf:77:5c:d6:82:05:bb:
48:72:a3:0d:28:eb:6f:cc:cb:fd:2c:29:1b:8d:37:a8:6a:3e:
23:40:ca:7d:1a:6c:e1:31:cc:90:7d:20:ec:ff:3e:f4:23:35:
0d:ba:30:45:52:df:1d:86:84:d7:b8:9f:9f:f0:69:2b:72:a1:
17:92:e2:99:5c:99:4f:5c:ca:96:4b:f1:6b:9f:e8:3b:b6:e4:
5b:93:74:97
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYs463DO3JX8st9HLysIBRuOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwYWZmNmI0ZWZmZTdjMzYzZWYyMDBmNmYzZTU4ODhiOTE1
YmE2ODEwHhcNMjMxMDE2MTQzNzE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDUzNmVlOWIyMTYwZWRmYzYxMzBkYmFiY2NkYWI5OWRiZDcyOGU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApN3Fhgicepy9pmXJdhySkFEjvOUy
/Ey4EZzbKwlytIh/7iJ7VqgVZGoi20aEKTX9QVYElsJ2T7iOOBpAEXjTtYUINIG3
6TvlIeoH4l6dzHI/hpY5lpRR2JoSLkid5a8lFnCMlTpkm2NwN/JftteYoqUFPw4R
WnzdLBMfvcnkjTSGs1mkxpEHhhAnhidIEW7Eu0fk2HzDGsEpmB1sw1YC741eD/b+
bJrmk2Uuj2QQsAoEVhri8ozZLjwWLl2E4z0mgVG4CBqJX0kmT02r2teuHBZcHEhY
RNOukDJg1nBuTqZPeb819spsWRMtfUtqf+YtuVuJ9qODhh8EM5IoRj9l9QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJBTbumyFg7fxhMNurzNq5nb1yjnMB8GA1UdIwQY
MBaAFACv9rTv/nw2PvIA9vPliIuRW6aBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUtfMnRPXy1mRFktOGdEMjgtV0lpNUZicG9FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8wOThkMTMtNmQ2ZC00Mjk0LTk3NTMt
YTg3NzNkZTc2OGY3LzEva0ZOdTZiSVdEdF9HRXcyNnZNMnJtZHZYS09jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8wOThkMTMtNmQ2ZC00Mjk0LTk3NTMtYTg3NzNkZTc2OGY3
LzEvQUtfMnRPXy1mRFktOGdEMjgtV0lpNUZicG9FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAWS4LAwQA
XXI9AwQBuVG0MA0GCSqGSIb3DQEBCwUAA4IBAQAVq6bIxWqTbXl888ICGtfEXrkG
X+C/F8luAE8ItfmQfNSU4CpJVVcHj6UcLoFLR2/OH9BlKfCg96/iwOZ9LF0E++2e
G7KUQzqePkEwuJS+3ELtxj4IDtxgrrFdBZwfzIv63Dd0wh8Y2JmUXYtwH8ADZ3wu
tTdwAF0zTfvMJsA9jH4yEdxOvckwJOjdWPXBH0viTh+1PzYB8MBoYYk+Xo+Byrqt
TBeGA5a/EkVSbs93XNaCBbtIcqMNKOtvzMv9LCkbjTeoaj4jQMp9GmzhMcyQfSDs
/z70IzUNujBFUt8dhoTXuJ+f8GkrcqEXkuKZXJlPXMqWS/Frn+g7tuRbk3SX
-----END CERTIFICATE-----
Generated at Wed Oct 18 10:20:52 2023 by rpki-client on console-fra.rpki-client.org