Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/3B6rVcVMdVlkBnjTuOPz1xpak3s.roa
File: 3B6rVcVMdVlkBnjTuOPz1xpak3s.roa (raw, json)
Hash identifier: N8MzVVyJvR4Y5calrn2IdlefZgPCTwI4rAOSBGUmtmg=
Subject key identifier: DC:1E:AB:55:C5:4C:75:59:64:06:78:D3:B8:E3:F3:D7:1A:5A:93:7B
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 018AA21130DD6E31E3F4A4E2289C92320BB3
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/3B6rVcVMdVlkBnjTuOPz1xpak3s.roa
Signing time: Sun 17 Sep 2023 07:35:50 +0000
ROA not before: Sun 17 Sep 2023 07:35:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 89.42.82.0/23 maxlen: 23
89.42.84.0/24 maxlen: 24
89.42.80.0/23 maxlen: 23
89.42.85.0/24 maxlen: 24
89.42.87.0/24 maxlen: 24
93.119.105.0/24 maxlen: 24
89.34.224.0/23 maxlen: 23
Validation: Failed, certificate revoked on Mon 18 Sep 2023 11:15:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:a2:11:30:dd:6e:31:e3:f4:a4:e2:28:9c:92:32:0b:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Sep 17 07:35:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dc1eab55c54c7559640678d3b8e3f3d71a5a937b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:8b:32:f5:10:d4:ce:db:41:f6:62:ab:4d:02:
7b:0b:48:c5:a1:81:00:dc:8b:7c:d0:d1:8f:4c:2a:
ad:48:73:39:d2:d7:3b:fc:c1:52:49:fc:75:0e:0c:
03:fe:56:0c:5e:98:ce:b8:9e:4d:b7:f3:59:81:b6:
71:77:ac:75:b2:23:51:e2:da:d4:25:4c:a8:b4:00:
c9:00:b2:e8:b3:af:8f:40:ea:de:aa:c4:f6:0f:7b:
aa:1c:90:3c:56:f0:0b:fb:1d:37:9b:3e:12:e9:25:
96:7d:7a:b3:66:4d:60:2c:1f:fc:02:30:31:86:86:
40:6a:30:92:3e:81:5e:25:0e:4f:fd:a3:12:05:bb:
33:1d:4f:61:01:c6:c1:25:b1:b3:2f:60:cd:c0:4f:
d9:37:5d:62:f4:23:f1:d5:29:3e:fe:f2:1a:80:0b:
a1:c2:19:2a:c1:6e:08:b0:56:18:bd:84:b0:94:e6:
3d:b9:71:91:e7:6c:40:10:f1:ca:34:1e:82:a0:7b:
e8:8c:1a:0b:98:ba:6f:a9:33:0b:4a:38:93:f4:ab:
db:74:43:c6:64:a6:90:d7:65:b2:b0:a1:6f:f1:8b:
55:91:a0:09:6a:43:36:85:83:cd:64:12:28:d1:fc:
c8:0c:e8:8b:34:a1:a5:dd:27:6f:4a:dc:7f:ff:53:
af:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:1E:AB:55:C5:4C:75:59:64:06:78:D3:B8:E3:F3:D7:1A:5A:93:7B
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/3B6rVcVMdVlkBnjTuOPz1xpak3s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.34.224.0/23
89.42.80.0-89.42.85.255
89.42.87.0/24
93.119.105.0/24
Signature Algorithm: sha256WithRSAEncryption
56:e2:71:0f:d5:fd:60:bd:ce:1b:f1:ee:b9:db:83:23:06:2b:
30:c9:6f:97:8e:27:a3:b3:7a:47:d1:ab:58:bf:8c:59:46:46:
b0:03:5f:8a:38:1d:e4:8d:f4:a6:cf:f6:24:0f:fe:21:3e:4a:
55:c7:10:de:bc:2e:50:31:20:9c:ed:a9:50:98:ee:8d:c3:f9:
c5:e5:d8:65:b4:df:12:fa:66:d3:a6:76:45:cb:68:9e:b2:ec:
a9:a4:57:01:73:d3:db:6f:8c:73:78:fa:2a:dd:78:0e:b6:c6:
d7:c4:d9:23:db:a8:44:05:26:7b:47:d2:22:13:23:ca:79:7a:
a1:64:b6:0d:5f:ea:67:88:5e:e0:b7:93:cd:10:72:81:ca:55:
88:c3:3a:b1:e2:71:3a:76:bd:a1:61:f0:87:d1:ba:ea:f2:03:
1c:ab:e9:83:08:ed:29:4c:fe:d0:11:e7:c8:e3:26:57:55:ab:
92:18:ab:d0:6b:e5:50:27:18:2f:4c:b0:d8:da:7e:1d:b0:9f:
2c:7b:eb:10:21:6b:eb:f9:3c:30:90:c4:1c:a5:2b:b0:e1:87:
5b:a6:f5:57:32:19:44:8c:d2:60:10:2a:b2:a5:05:b1:0c:2f:
59:ba:ec:0b:47:24:b2:8f:7d:37:25:b3:68:c9:0e:5d:3a:1a:
b1:d4:58:45
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYqiETDdbjHj9KTiKJySMguzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjMwOTE3MDczNTUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzFlYWI1NWM1NGM3NTU5NjQwNjc4ZDNiOGUzZjNkNzFhNWE5MzdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsYsy9RDUzttB9mKrTQJ7C0jFoYEA
3It80NGPTCqtSHM50tc7/MFSSfx1DgwD/lYMXpjOuJ5Nt/NZgbZxd6x1siNR4trU
JUyotADJALLos6+PQOreqsT2D3uqHJA8VvAL+x03mz4S6SWWfXqzZk1gLB/8AjAx
hoZAajCSPoFeJQ5P/aMSBbszHU9hAcbBJbGzL2DNwE/ZN11i9CPx1Sk+/vIagAuh
whkqwW4IsFYYvYSwlOY9uXGR52xAEPHKNB6CoHvojBoLmLpvqTMLSjiT9KvbdEPG
ZKaQ12WysKFv8YtVkaAJakM2hYPNZBIo0fzIDOiLNKGl3SdvStx//1OvJQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFNweq1XFTHVZZAZ407jj89caWpN7MB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvM0I2clZjVk1kVmxrQm5qVHVPUHoxeHBhazNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQBWSLgMAwD
BARZKlADBAFZKlQDBABZKlcDBABdd2kwDQYJKoZIhvcNAQELBQADggEBAFbicQ/V
/WC9zhvx7rnbgyMGKzDJb5eOJ6OzekfRq1i/jFlGRrADX4o4HeSN9KbP9iQP/iE+
SlXHEN68LlAxIJztqVCY7o3D+cXl2GW03xL6ZtOmdkXLaJ6y7KmkVwFz09tvjHN4
+irdeA62xtfE2SPbqEQFJntH0iITI8p5eqFktg1f6meIXuC3k80QcoHKVYjDOrHi
cTp2vaFh8IfRuuryAxyr6YMI7SlM/tAR58jjJldVq5IYq9Br5VAnGC9MsNjafh2w
nyx76xAha+v5PDCQxBylK7Dhh1um9VcyGUSM0mAQKrKlBbEML1m67AtHJLKPfTcl
s2jJDl06GrHUWEU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:18 2024 by rpki-client on console-fra.rpki-client.org