Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/Fev5fBsyn0ey4qmZjvlGAsqD8CQ.roa
File: Fev5fBsyn0ey4qmZjvlGAsqD8CQ.roa (raw, json)
Hash identifier: iArIB97cE9jiTfClUwTmi7Yk4dkS1hWi5d9AWNIqPQs=
Subject key identifier: 15:EB:F9:7C:1B:32:9F:47:B2:E2:A9:99:8E:F9:46:02:CA:83:F0:24
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 018F59B1D1A8DD11B89CE17A4EC5BB5D6F8B
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/Fev5fBsyn0ey4qmZjvlGAsqD8CQ.roa
Signing time: Wed 08 May 2024 19:32:56 +0000
ROA not before: Wed 08 May 2024 19:32:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 89.33.193.0/24 maxlen: 24
89.42.81.0/24 maxlen: 24
89.42.82.0/23 maxlen: 23
89.46.3.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 09 May 2024 07:07:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:59:b1:d1:a8:dd:11:b8:9c:e1:7a:4e:c5:bb:5d:6f:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: May 8 19:32:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=15ebf97c1b329f47b2e2a9998ef94602ca83f024
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:49:e5:18:df:1c:7c:7e:05:67:c2:10:c4:81:
7f:cf:15:00:0c:c5:67:28:f4:17:b4:8a:aa:6d:39:
17:6b:ac:f9:d0:83:aa:5f:73:17:a0:7b:3b:c0:30:
dd:77:2f:91:1a:70:06:74:66:67:48:1b:25:7a:a2:
9e:c4:93:73:da:b2:9d:ed:e8:17:85:8f:9d:74:3a:
be:75:99:dd:66:6d:f0:40:12:33:31:28:e9:62:1b:
95:de:7a:13:94:d8:d2:1c:2f:ba:0e:00:8b:0f:e9:
b3:09:79:cd:4e:ac:a8:33:2d:ee:53:20:a4:c3:9b:
59:25:11:71:f4:7f:8b:49:0f:de:77:4b:67:c2:84:
cd:4f:35:cd:90:71:76:7b:06:72:0c:ff:36:06:95:
04:51:60:e8:fe:c7:d3:6b:00:67:98:dc:cc:a0:15:
b2:eb:45:ed:e7:fd:39:35:97:8c:30:28:b4:53:0d:
9b:58:a0:b1:ba:29:a9:9e:33:6e:33:1c:4f:fb:b8:
48:98:53:3b:51:23:e0:1f:08:c5:8d:02:a6:a4:16:
f3:88:0e:e0:c9:85:80:57:bd:29:8b:d9:2f:a3:d5:
62:fc:42:8a:31:78:76:b3:37:db:38:9e:15:4d:d0:
9b:97:dc:e9:7e:ad:ab:83:7f:2c:32:ef:92:80:2d:
85:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:EB:F9:7C:1B:32:9F:47:B2:E2:A9:99:8E:F9:46:02:CA:83:F0:24
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/Fev5fBsyn0ey4qmZjvlGAsqD8CQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.33.193.0/24
89.42.81.0-89.42.83.255
89.46.3.0/24
Signature Algorithm: sha256WithRSAEncryption
73:6f:c2:75:d6:f1:dd:31:d3:ec:8f:45:f8:c1:11:d8:ca:b5:
af:46:87:73:a1:c4:39:bd:56:85:20:a0:c2:70:bf:b6:6b:63:
a9:0e:d4:36:71:df:a0:0d:b0:ec:41:2b:f2:84:f0:ea:d2:15:
ce:7f:80:5b:63:87:bb:61:21:f3:42:74:7c:f2:7d:5e:82:8a:
3f:ec:47:b5:ca:03:46:cb:09:d3:ec:6f:68:19:e7:e5:47:a0:
ec:70:75:51:8b:74:7a:32:6c:99:66:98:b6:92:97:2e:06:94:
77:3f:fd:63:17:66:11:3e:b2:83:7b:19:f3:37:8e:b1:d4:74:
0d:a2:6d:05:24:cc:9f:af:58:a4:d6:ff:3e:d1:62:93:2f:a4:
a9:9b:f1:d7:97:5e:b6:f6:44:13:83:e1:ba:70:95:b6:50:c4:
77:3f:d5:cf:61:1c:b6:e5:b3:ed:0e:8a:ff:87:10:29:98:04:
c1:de:92:62:50:1a:3a:d2:89:c6:c3:29:3a:e9:1b:e7:8b:ca:
09:fa:76:8f:01:eb:8f:1f:83:96:04:51:de:9d:73:fa:91:2c:
35:95:34:cb:60:38:d4:d6:3d:fd:e5:54:a0:d9:51:3c:6f:68:
80:c7:a1:91:3b:e8:94:ac:01:b3:d1:98:6f:05:6f:d0:ff:2c:
c4:60:c4:c5
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAY9ZsdGo3RG4nOF6TsW7XW+LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjQwNTA4MTkzMjU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNWViZjk3YzFiMzI5ZjQ3YjJlMmE5OTk4ZWY5NDYwMmNhODNmMDI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2EnlGN8cfH4FZ8IQxIF/zxUADMVn
KPQXtIqqbTkXa6z50IOqX3MXoHs7wDDddy+RGnAGdGZnSBsleqKexJNz2rKd7egX
hY+ddDq+dZndZm3wQBIzMSjpYhuV3noTlNjSHC+6DgCLD+mzCXnNTqyoMy3uUyCk
w5tZJRFx9H+LSQ/ed0tnwoTNTzXNkHF2ewZyDP82BpUEUWDo/sfTawBnmNzMoBWy
60Xt5/05NZeMMCi0Uw2bWKCxuimpnjNuMxxP+7hImFM7USPgHwjFjQKmpBbziA7g
yYWAV70pi9kvo9Vi/EKKMXh2szfbOJ4VTdCbl9zpfq2rg38sMu+SgC2FrwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFBXr+XwbMp9HsuKpmY75RgLKg/AkMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvRmV2NWZCc3luMGV5NHFtWmp2bEdBc3FEOENRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAWSHBMAwD
BABZKlEDBAJZKlADBABZLgMwDQYJKoZIhvcNAQELBQADggEBAHNvwnXW8d0x0+yP
RfjBEdjKta9Gh3OhxDm9VoUgoMJwv7ZrY6kO1DZx36ANsOxBK/KE8OrSFc5/gFtj
h7thIfNCdHzyfV6Cij/sR7XKA0bLCdPsb2gZ5+VHoOxwdVGLdHoybJlmmLaSly4G
lHc//WMXZhE+soN7GfM3jrHUdA2ibQUkzJ+vWKTW/z7RYpMvpKmb8deXXrb2RBOD
4bpwlbZQxHc/1c9hHLbls+0Oiv+HECmYBMHekmJQGjrSicbDKTrpG+eLygn6do8B
648fg5YEUd6dc/qRLDWVNMtgONTWPf3lVKDZUTxvaIDHoZE76JSsAbPRmG8Fb9D/
LMRgxMU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:19 2024 by rpki-client on console-fra.rpki-client.org