Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/5rteB0uzLI1b2YP5KZg1WkopcrY.roa
File: 5rteB0uzLI1b2YP5KZg1WkopcrY.roa (raw, json)
Hash identifier: Jsl1eMA/H0TdzCbX0LnEiZBSxEChWPOlkCV3aFXpAlI=
Subject key identifier: E6:BB:5E:07:4B:B3:2C:8D:5B:D9:83:F9:29:98:35:5A:4A:29:72:B6
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 018DD9E8C9F66CAFC4276B212B8C219FE8F9
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/5rteB0uzLI1b2YP5KZg1WkopcrY.roa
Signing time: Sat 24 Feb 2024 06:58:48 +0000
ROA not before: Sat 24 Feb 2024 06:58:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 89.42.81.0/24 maxlen: 24
89.42.82.0/23 maxlen: 23
89.46.3.0/24 maxlen: 24
93.119.107.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 24 Feb 2024 20:37:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:d9:e8:c9:f6:6c:af:c4:27:6b:21:2b:8c:21:9f:e8:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Feb 24 06:58:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e6bb5e074bb32c8d5bd983f92998355a4a2972b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:1d:d6:c9:16:aa:97:c5:39:e3:7e:24:60:e7:
62:27:c9:65:21:62:d3:ff:48:24:74:df:52:d8:77:
e8:c3:a4:fb:ab:eb:18:1d:6d:6e:dd:92:04:8c:df:
20:31:ea:25:f9:03:d5:d1:70:4b:e1:25:dd:dd:83:
4a:f6:77:08:5d:18:56:3c:ff:47:60:36:28:a2:d3:
71:c6:4f:4f:3c:c2:cd:2d:77:90:ef:ee:36:91:ae:
28:cd:49:8a:8f:8d:8e:a0:76:17:87:d3:fb:4f:62:
04:8b:33:26:72:b2:60:86:6b:41:8a:f6:1c:b1:6e:
85:1a:9e:bf:b6:32:bc:d9:d3:d5:1d:7a:e3:0d:a2:
c0:ee:94:4b:d2:d5:a1:4a:8a:df:a6:c0:19:06:a8:
a6:0e:01:78:72:46:83:c2:4f:f9:9d:ba:5d:b6:f6:
12:36:cd:b4:e8:03:a2:66:8a:d0:e0:91:40:cd:5d:
af:08:c1:9c:cd:99:4e:a8:ea:2d:66:57:55:1d:b2:
28:7f:87:16:0a:9c:6a:80:eb:93:b9:14:1d:30:1d:
20:e4:4a:42:25:a8:cd:67:80:df:5d:95:df:e0:f6:
87:da:ee:dc:86:1a:0e:21:f3:7d:6f:e2:99:db:0b:
5e:b5:79:0f:06:09:d0:a5:7c:65:23:24:08:29:01:
2c:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:BB:5E:07:4B:B3:2C:8D:5B:D9:83:F9:29:98:35:5A:4A:29:72:B6
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/5rteB0uzLI1b2YP5KZg1WkopcrY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.42.81.0-89.42.83.255
89.46.3.0/24
93.119.107.0/24
Signature Algorithm: sha256WithRSAEncryption
83:ef:32:42:29:cf:81:01:ec:6b:48:ed:e8:1b:f9:48:93:1e:
f7:83:13:6e:af:8b:ae:00:b0:07:de:87:b1:b4:2c:59:2d:ee:
15:64:0b:78:99:18:0d:9c:d7:20:39:f5:4a:ba:63:b1:85:54:
77:5a:84:c2:9f:4e:79:a9:68:25:0e:08:b1:4a:85:2a:16:7b:
fc:7c:0d:ff:61:81:67:8d:9e:9d:94:df:88:31:c5:26:eb:e9:
e0:95:08:2a:38:b3:fb:db:2a:77:80:31:98:57:ec:bf:41:8f:
34:30:25:f2:fe:65:ef:5d:0f:79:0d:77:17:06:ea:45:8b:fb:
ac:04:a8:f7:66:60:e8:1c:d7:d7:74:bc:bb:ae:76:a6:7a:83:
bd:86:e6:69:f7:ce:55:24:c8:be:d9:a7:87:1c:26:c1:1f:90:
23:cd:40:da:66:95:cf:89:49:63:9b:6a:ab:8a:0b:2c:96:85:
cf:12:19:a3:42:97:fc:f1:9a:9f:a9:aa:09:4f:b4:7e:b9:8d:
03:b5:b7:c4:de:e4:8e:ed:e0:66:6a:f0:63:21:b0:f3:5f:03:
8d:67:14:b7:d7:74:9c:bd:e9:64:c0:ba:01:33:6d:c4:8d:03:
96:1a:ca:40:03:b9:df:7d:f9:c1:de:d9:d1:e0:b3:5e:61:da:
35:1a:6d:7c
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAY3Z6Mn2bK/EJ2shK4whn+j5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjQwMjI0MDY1ODQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNmJiNWUwNzRiYjMyYzhkNWJkOTgzZjkyOTk4MzU1YTRhMjk3MmI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqB3WyRaql8U5434kYOdiJ8llIWLT
/0gkdN9S2Hfow6T7q+sYHW1u3ZIEjN8gMeol+QPV0XBL4SXd3YNK9ncIXRhWPP9H
YDYootNxxk9PPMLNLXeQ7+42ka4ozUmKj42OoHYXh9P7T2IEizMmcrJghmtBivYc
sW6FGp6/tjK82dPVHXrjDaLA7pRL0tWhSorfpsAZBqimDgF4ckaDwk/5nbpdtvYS
Ns206AOiZorQ4JFAzV2vCMGczZlOqOotZldVHbIof4cWCpxqgOuTuRQdMB0g5EpC
JajNZ4DfXZXf4PaH2u7chhoOIfN9b+KZ2wtetXkPBgnQpXxlIyQIKQEs9wIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFOa7XgdLsyyNW9mD+SmYNVpKKXK2MB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvNXJ0ZUIwdXpMSTFiMllQNUtaZzFXa29wY3JZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBABZKlED
BAJZKlADBABZLgMDBABdd2swDQYJKoZIhvcNAQELBQADggEBAIPvMkIpz4EB7GtI
7egb+UiTHveDE26vi64AsAfeh7G0LFkt7hVkC3iZGA2c1yA59Uq6Y7GFVHdahMKf
TnmpaCUOCLFKhSoWe/x8Df9hgWeNnp2U34gxxSbr6eCVCCo4s/vbKneAMZhX7L9B
jzQwJfL+Ze9dD3kNdxcG6kWL+6wEqPdmYOgc19d0vLuudqZ6g72G5mn3zlUkyL7Z
p4ccJsEfkCPNQNpmlc+JSWObaquKCyyWhc8SGaNCl/zxmp+pqglPtH65jQO1t8Te
5I7t4GZq8GMhsPNfA41nFLfXdJy96WTAugEzbcSNA5YaykADud99+cHe2dHgs15h
2jUabXw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:49 2024 by rpki-client on console-ams.rpki-client.org