Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/AdUiwykfQdjvhj8vWlIgsQIggkg.roa
File: AdUiwykfQdjvhj8vWlIgsQIggkg.roa (raw, json)
Hash identifier: VnhLxLmpaCEzidp5gxNOevh5h1Gpr814Ts81kUrRhKU=
Subject key identifier: 01:D5:22:C3:29:1F:41:D8:EF:86:3F:2F:5A:52:20:B1:02:20:82:48
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 018C487C796E13360CAC9B24EE3FE55D9CC6
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/AdUiwykfQdjvhj8vWlIgsQIggkg.roa
Signing time: Fri 08 Dec 2023 08:12:46 +0000
ROA not before: Fri 08 Dec 2023 08:12:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 89.42.81.0/24 maxlen: 24
89.42.82.0/23 maxlen: 23
89.42.80.0/23 maxlen: 23
185.101.104.0/24 maxlen: 24
89.34.231.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 10 Dec 2023 10:11:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:48:7c:79:6e:13:36:0c:ac:9b:24:ee:3f:e5:5d:9c:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Dec 8 08:12:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=01d522c3291f41d8ef863f2f5a5220b102208248
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:bb:00:20:41:4f:e3:7a:b6:05:4d:58:d3:db:
38:7e:c4:4a:db:8a:e0:0e:65:e5:d6:78:d1:df:05:
7c:a6:ea:09:4c:c3:e3:04:08:69:26:ae:37:19:a1:
b1:a6:65:16:1c:f8:2a:9b:8a:55:55:8f:84:52:76:
5c:85:a7:ca:ef:83:27:98:b8:71:0e:a9:d5:4f:7e:
6b:e2:ac:76:d0:78:1a:38:09:70:da:f1:eb:97:36:
69:a9:bc:91:b3:5f:72:37:b2:cd:7e:11:63:6e:81:
66:52:ed:46:56:80:ee:1d:93:4d:d2:50:3b:96:e3:
fb:b2:ca:2b:d3:ed:8d:e7:fc:28:25:95:0e:fb:4b:
d3:2e:5e:e6:68:a1:0d:7d:ba:01:e7:da:13:cb:30:
af:04:23:45:3a:e0:ca:e3:d9:3e:bb:71:dc:89:1c:
1e:8c:18:f1:37:64:af:ff:ac:73:96:85:00:11:cc:
bb:4c:4a:fe:59:1e:83:97:93:b6:75:60:1d:08:82:
85:ff:7a:cf:53:04:14:b1:ea:0a:ca:e8:7d:9e:66:
1c:de:26:8e:f5:30:0e:21:07:87:6a:e8:e6:a5:e8:
96:4f:27:6d:59:de:9d:47:5f:9c:ce:80:dd:2b:9c:
c7:0c:8d:82:2d:85:94:79:21:f1:5f:6c:16:8a:c9:
3a:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:D5:22:C3:29:1F:41:D8:EF:86:3F:2F:5A:52:20:B1:02:20:82:48
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/AdUiwykfQdjvhj8vWlIgsQIggkg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.34.231.0/24
89.42.80.0/22
185.101.104.0/24
Signature Algorithm: sha256WithRSAEncryption
71:1c:c0:f2:f5:7b:15:b7:fe:9e:8d:28:3c:ff:ae:25:40:f3:
19:48:f7:75:86:9b:c5:cd:ca:3b:d5:15:ba:d8:4d:05:55:fa:
bb:f8:21:d8:1e:62:01:67:12:f7:2c:ae:6e:01:e7:9f:03:8e:
22:be:ac:cc:c5:d2:c9:5f:48:78:2a:fb:ab:9b:31:f4:1c:61:
57:90:24:71:56:15:11:e6:d8:89:b9:9d:d8:87:6e:d6:f0:39:
92:11:1b:5c:9a:59:55:26:ee:8f:77:4c:1a:87:63:a6:a2:12:
d3:28:73:c3:4d:f5:d3:65:12:98:2c:a0:53:80:f5:da:f7:88:
01:76:cf:e9:ba:5b:d9:7f:c0:d6:f3:30:1f:12:34:7e:5d:92:
c0:40:13:05:9d:a1:f2:f3:e2:e0:b4:99:ae:21:7c:3b:ef:f7:
b2:17:03:4b:04:10:96:e8:10:af:ee:68:68:d8:da:dd:e0:6b:
7c:68:ba:4e:c7:63:91:23:f7:be:55:80:1d:02:be:44:95:b1:
38:be:97:81:4f:df:82:81:6c:51:69:be:6b:65:87:cd:1b:b2:
45:25:18:c2:bc:20:89:da:d5:46:c8:8d:4f:7e:cd:ef:69:9b:
2a:2f:33:b4:99:1a:79:3b:38:a5:77:e1:90:39:73:63:0a:fb:
86:36:d6:48
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYxIfHluEzYMrJsk7j/lXZzGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjMxMjA4MDgxMjQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMWQ1MjJjMzI5MWY0MWQ4ZWY4NjNmMmY1YTUyMjBiMTAyMjA4MjQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlbsAIEFP43q2BU1Y09s4fsRK24rg
DmXl1njR3wV8puoJTMPjBAhpJq43GaGxpmUWHPgqm4pVVY+EUnZchafK74MnmLhx
DqnVT35r4qx20HgaOAlw2vHrlzZpqbyRs19yN7LNfhFjboFmUu1GVoDuHZNN0lA7
luP7ssor0+2N5/woJZUO+0vTLl7maKENfboB59oTyzCvBCNFOuDK49k+u3HciRwe
jBjxN2Sv/6xzloUAEcy7TEr+WR6Dl5O2dWAdCIKF/3rPUwQUseoKyuh9nmYc3iaO
9TAOIQeHaujmpeiWTydtWd6dR1+czoDdK5zHDI2CLYWUeSHxX2wWisk6iQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFAHVIsMpH0HY74Y/L1pSILECIIJIMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvQWRVaXd5a2ZRZGp2aGo4dldsSWdzUUlnZ2tnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAWSLnAwQC
WSpQAwQAuWVoMA0GCSqGSIb3DQEBCwUAA4IBAQBxHMDy9XsVt/6ejSg8/64lQPMZ
SPd1hpvFzco71RW62E0FVfq7+CHYHmIBZxL3LK5uAeefA44ivqzMxdLJX0h4Kvur
mzH0HGFXkCRxVhUR5tiJuZ3Yh27W8DmSERtcmllVJu6Pd0wah2OmohLTKHPDTfXT
ZRKYLKBTgPXa94gBds/pulvZf8DW8zAfEjR+XZLAQBMFnaHy8+LgtJmuIXw77/ey
FwNLBBCW6BCv7mho2Nrd4Gt8aLpOx2ORI/e+VYAdAr5ElbE4vpeBT9+CgWxRab5r
ZYfNG7JFJRjCvCCJ2tVGyI1Pfs3vaZsqLzO0mRp5Ozild+GQOXNjCvuGNtZI
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:18 2024 by rpki-client on console-fra.rpki-client.org