Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/39qTuFfNYERDW5FquYv0u-Dab_A.roa
File: 39qTuFfNYERDW5FquYv0u-Dab_A.roa (raw, json)
Hash identifier: KTwbd5liBqJPG+q5+XJPOFfdmRRlRGb2akAE18ERHog=
Subject key identifier: DF:DA:93:B8:57:CD:60:44:43:5B:91:6A:B9:8B:F4:BB:E0:DA:6F:F0
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 018B6B80A9516196AAD7F0C71D48357C01E0
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/39qTuFfNYERDW5FquYv0u-Dab_A.roa
Signing time: Thu 26 Oct 2023 10:21:15 +0000
ROA not before: Thu 26 Oct 2023 10:21:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 30890
IP address blocks: 195.28.2.0/23 maxlen: 23
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:29:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:6b:80:a9:51:61:96:aa:d7:f0:c7:1d:48:35:7c:01:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Oct 26 10:21:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dfda93b857cd6044435b916ab98bf4bbe0da6ff0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:66:02:1a:55:fa:6b:0b:0c:cf:cd:d5:66:12:
9c:b1:52:58:d4:83:c7:d2:e2:f7:8c:7e:e5:0a:f9:
aa:24:d9:30:7c:5f:d8:9f:5f:4e:c4:a3:04:44:89:
88:e2:c0:7b:39:cc:3d:7a:2d:01:e3:48:41:0e:61:
db:75:74:d5:b8:26:af:da:ef:59:39:12:44:ce:e3:
e5:29:4a:bb:46:5c:6f:2a:b1:58:33:a8:fc:07:82:
1a:84:26:e3:b9:b3:7a:aa:76:dc:1d:73:b0:b2:5a:
55:a0:f6:fa:e4:0f:06:4b:32:17:79:93:9e:6e:47:
c3:eb:6e:a0:6d:b7:15:e1:a4:03:29:34:3b:15:32:
99:7a:56:71:ef:96:7b:34:df:1b:63:be:42:5e:a6:
c8:4c:7a:e8:e8:e3:15:59:66:1c:d9:c5:83:06:f9:
52:ea:9c:d1:fb:a5:d9:07:4e:2d:03:1b:fa:a8:07:
23:18:5b:31:32:a2:ae:78:6e:24:ac:b4:00:a6:56:
a8:a2:a4:d1:8a:db:23:0b:54:31:fd:84:53:e4:6e:
eb:0a:4c:43:28:e8:29:16:94:73:53:89:17:08:e0:
7c:20:6a:aa:41:ad:11:59:dd:0a:91:4a:92:16:9d:
d9:61:97:3f:92:02:0a:81:8a:a3:af:50:5b:08:63:
60:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:DA:93:B8:57:CD:60:44:43:5B:91:6A:B9:8B:F4:BB:E0:DA:6F:F0
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/39qTuFfNYERDW5FquYv0u-Dab_A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.28.2.0/23
Signature Algorithm: sha256WithRSAEncryption
70:0f:9f:9c:20:1b:bd:e3:de:fb:56:a4:b2:b9:fa:2e:f6:d4:
7e:6e:86:ac:98:d9:b1:1e:72:74:18:60:ad:98:d5:7b:32:13:
58:3c:0f:ef:57:69:54:25:bb:b8:ab:1b:72:e2:06:73:0e:68:
49:1a:1c:59:67:f4:b2:4c:c4:c6:f0:ae:23:20:04:db:3a:f4:
d6:3f:e5:64:0d:99:10:0c:84:81:95:e3:89:f0:dc:56:7a:f3:
6d:ae:06:46:88:e6:90:bc:f5:af:ec:23:7e:eb:dd:6b:8d:d0:
ec:8f:b2:52:a0:d0:75:5d:6f:9c:1a:e4:11:a8:c3:44:5c:b1:
d2:7e:77:40:80:5d:8b:e1:2e:a1:af:ca:5d:44:57:e8:e0:0a:
0a:2f:aa:97:98:e3:0c:bf:f3:89:56:ce:af:cf:c8:21:75:19:
e1:84:3b:0f:fb:c1:96:23:0c:63:13:09:78:55:e6:f6:cc:d2:
8a:57:97:9c:e1:85:85:95:39:a3:88:11:69:74:35:77:dc:f9:
08:51:89:d1:f8:8e:6e:9f:81:60:93:7a:b7:6f:cd:36:9d:0e:
1d:87:c3:0c:08:b1:5d:1d:a1:eb:70:28:36:1e:fb:06:14:16:
bc:92:80:92:d1:f1:54:b4:a8:fc:80:36:e0:b6:f5:05:1d:c7:
04:32:44:db
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYtrgKlRYZaq1/DHHUg1fAHgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjMxMDI2MTAyMTE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZmRhOTNiODU3Y2Q2MDQ0NDM1YjkxNmFiOThiZjRiYmUwZGE2ZmYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAymYCGlX6awsMz83VZhKcsVJY1IPH
0uL3jH7lCvmqJNkwfF/Yn19OxKMERImI4sB7Ocw9ei0B40hBDmHbdXTVuCav2u9Z
ORJEzuPlKUq7RlxvKrFYM6j8B4IahCbjubN6qnbcHXOwslpVoPb65A8GSzIXeZOe
bkfD626gbbcV4aQDKTQ7FTKZelZx75Z7NN8bY75CXqbITHro6OMVWWYc2cWDBvlS
6pzR+6XZB04tAxv6qAcjGFsxMqKueG4krLQAplaooqTRitsjC1Qx/YRT5G7rCkxD
KOgpFpRzU4kXCOB8IGqqQa0RWd0KkUqSFp3ZYZc/kgIKgYqjr1BbCGNguwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN/ak7hXzWBEQ1uRarmL9Lvg2m/wMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvMzlxVHVGZk5ZRVJEVzVGcXVZdjB1LURhYl9BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwxwCMA0G
CSqGSIb3DQEBCwUAA4IBAQBwD5+cIBu94977VqSyufou9tR+boasmNmxHnJ0GGCt
mNV7MhNYPA/vV2lUJbu4qxty4gZzDmhJGhxZZ/SyTMTG8K4jIATbOvTWP+VkDZkQ
DISBleOJ8NxWevNtrgZGiOaQvPWv7CN+691rjdDsj7JSoNB1XW+cGuQRqMNEXLHS
fndAgF2L4S6hr8pdRFfo4AoKL6qXmOMMv/OJVs6vz8ghdRnhhDsP+8GWIwxjEwl4
Veb2zNKKV5ec4YWFlTmjiBFpdDV33PkIUYnR+I5un4Fgk3q3b802nQ4dh8MMCLFd
HaHrcCg2HvsGFBa8koCS0fFUtKj8gDbgtvUFHccEMkTb
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:18 2024 by rpki-client on console-fra.rpki-client.org