Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/1-vDeeNkJRFKPTf7SLCEier0ay2I.roa
File: 1-vDeeNkJRFKPTf7SLCEier0ay2I.roa (raw, json)
Hash identifier: pmectnHxEXlz9d2xl4I4pV38rX8tkxTea7/Vpo775Ow=
Subject key identifier: FA:F0:DE:78:D9:09:44:52:8F:4D:FE:D2:2C:21:22:7A:BD:1A:CB:62
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 018965DDF2F37584FEAF44183253F5748C56
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/1-vDeeNkJRFKPTf7SLCEier0ay2I.roa
Signing time: Mon 17 Jul 2023 21:59:51 +0000
ROA not before: Mon 17 Jul 2023 21:59:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 174
IP address blocks: 89.42.85.0/24 maxlen: 24
89.42.84.0/24 maxlen: 24
93.119.105.0/24 maxlen: 24
89.42.87.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 17 Sep 2023 07:26:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:65:dd:f2:f3:75:84:fe:af:44:18:32:53:f5:74:8c:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Jul 17 21:59:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=faf0de78d90944528f4dfed22c21227abd1acb62
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:9f:0a:69:f1:f2:d8:6f:5d:19:c6:c4:72:12:
3e:3a:4a:ff:b2:58:64:6c:e0:e6:92:e9:2d:65:f4:
63:43:05:a8:d1:1c:5b:1b:79:b4:43:af:37:30:fa:
ab:8e:27:5f:1c:2f:32:24:3b:22:06:03:f3:ec:68:
91:0a:16:48:3f:ca:ec:47:e7:07:bd:c3:5d:86:d1:
4c:00:8a:62:57:ff:e6:d6:bd:18:c0:d5:c5:1a:33:
17:29:87:fe:94:2c:0b:77:ab:8a:5e:04:81:ff:93:
a1:23:1f:2d:79:84:b5:6b:d9:b1:fa:46:fe:74:7d:
bc:45:30:30:a0:ca:24:4e:b1:5b:59:23:01:3c:cd:
6c:b7:ef:1f:6c:f6:5c:51:55:79:52:b4:cf:65:a2:
23:ad:30:34:8b:c7:e8:c2:b7:e1:a7:4a:0a:7d:b7:
e4:cc:c8:0c:4d:b2:f6:28:34:ba:37:e6:50:70:ea:
81:9a:7b:7f:41:0f:36:e4:99:8e:6f:40:3d:24:8a:
25:a9:d2:d0:35:90:b0:ac:ea:05:e0:59:b9:03:06:
6c:08:ca:9b:f6:0d:d3:e4:21:28:02:81:0a:ea:fc:
01:97:11:22:30:81:7b:56:ec:ed:75:73:58:aa:6e:
ae:55:d0:a7:94:e9:1e:38:60:f0:ec:5a:83:2d:55:
71:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:F0:DE:78:D9:09:44:52:8F:4D:FE:D2:2C:21:22:7A:BD:1A:CB:62
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/1-vDeeNkJRFKPTf7SLCEier0ay2I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.42.84.0/23
89.42.87.0/24
93.119.105.0/24
Signature Algorithm: sha256WithRSAEncryption
55:0f:d6:b4:47:e2:e1:b5:87:e1:a0:d6:b4:2d:22:6d:34:df:
9a:25:16:af:60:52:89:7d:6a:76:f7:df:3d:11:4f:4b:6e:da:
5e:f1:1f:16:73:c3:1e:ae:68:76:3e:6d:a2:d5:dd:78:64:b1:
b2:3b:e5:e6:a3:5e:6a:0e:05:a9:58:08:89:6c:97:a4:0a:c3:
01:c3:56:25:ee:0e:e4:16:64:79:15:70:d4:a5:d3:79:6c:b8:
b8:c2:5f:9d:dd:fc:97:12:82:f7:92:f4:69:4b:12:fa:11:bb:
a9:34:ab:13:53:af:08:09:b4:5e:be:1e:4e:75:3a:c8:6a:41:
1f:42:21:7a:8f:00:d0:48:44:0d:ae:7a:2b:e1:28:cf:e1:4d:
8d:ea:7f:9c:7b:d3:2f:1d:0e:b6:75:e4:70:19:ea:0b:25:cd:
54:65:34:28:2b:c6:e6:0d:aa:ac:31:bc:46:02:5c:a9:c6:d4:
95:7f:6f:de:7b:2c:73:89:93:78:21:22:80:d8:9f:ae:fe:89:
ed:33:1c:ff:68:d0:40:33:78:81:2b:64:2e:55:7e:00:2e:71:
33:e2:07:ad:5e:ef:a0:7e:b9:cb:ab:c6:cb:6b:6d:ec:81:5a:
8a:d2:c7:37:e0:cd:4b:59:ea:0c:ae:c2:3c:25:6c:cb:02:29:
68:a0:8c:39
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAYll3fLzdYT+r0QYMlP1dIxWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjMwNzE3MjE1OTUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYWYwZGU3OGQ5MDk0NDUyOGY0ZGZlZDIyYzIxMjI3YWJkMWFjYjYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhZ8KafHy2G9dGcbEchI+Okr/slhk
bODmkuktZfRjQwWo0RxbG3m0Q683MPqrjidfHC8yJDsiBgPz7GiRChZIP8rsR+cH
vcNdhtFMAIpiV//m1r0YwNXFGjMXKYf+lCwLd6uKXgSB/5OhIx8teYS1a9mx+kb+
dH28RTAwoMokTrFbWSMBPM1st+8fbPZcUVV5UrTPZaIjrTA0i8fowrfhp0oKfbfk
zMgMTbL2KDS6N+ZQcOqBmnt/QQ825JmOb0A9JIolqdLQNZCwrOoF4Fm5AwZsCMqb
9g3T5CEoAoEK6vwBlxEiMIF7VuztdXNYqm6uVdCnlOkeOGDw7FqDLVVxlQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFPrw3njZCURSj03+0iwhInq9GstiMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvMS12RGVlTmtKUkZLUFRmN1NMQ0VpZXIwYXkySS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYWIvODRlYjQ0LWJiZGYtNDZjMS1iMDQzLWI0MmYyM2Q4Mjhj
My8xLzhkUnVEajZNcXE3VXBTbTlmWE1JdlI3d0hCMC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjArBggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAVkqVAME
AFkqVwMEAF13aTANBgkqhkiG9w0BAQsFAAOCAQEAVQ/WtEfi4bWH4aDWtC0ibTTf
miUWr2BSiX1qdvffPRFPS27aXvEfFnPDHq5odj5totXdeGSxsjvl5qNeag4FqVgI
iWyXpArDAcNWJe4O5BZkeRVw1KXTeWy4uMJfnd38lxKC95L0aUsS+hG7qTSrE1Ov
CAm0Xr4eTnU6yGpBH0Iheo8A0EhEDa56K+Eoz+FNjep/nHvTLx0OtnXkcBnqCyXN
VGU0KCvG5g2qrDG8RgJcqcbUlX9v3nssc4mTeCEigNifrv6J7TMc/2jQQDN4gStk
LlV+AC5xM+IHrV7voH65y6vGy2tt7IFaitLHN+DNS1nqDK7CPCVsywIpaKCMOQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:18 2024 by rpki-client on console-fra.rpki-client.org