Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/Otwu3sz9B-__cMPST5sQEOxdXWE.roa
File: Otwu3sz9B-__cMPST5sQEOxdXWE.roa (raw, json)
Hash identifier: xPLwqLQDRsIXd71nc255HpsBjFrd6sNScXauoEhgIOk=
Subject key identifier: 3A:DC:2E:DE:CC:FD:07:EF:FF:70:C3:D2:4F:9B:10:10:EC:5D:5D:61
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 018BFB190056E48C0CD57945A4B5E7C8274E
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/Otwu3sz9B-__cMPST5sQEOxdXWE.roa
Signing time: Thu 23 Nov 2023 07:33:21 +0000
ROA not before: Thu 23 Nov 2023 07:33:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 89.42.81.0/24 maxlen: 24
89.42.82.0/23 maxlen: 23
89.42.80.0/23 maxlen: 23
89.34.227.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 24 Nov 2023 07:58:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:fb:19:00:56:e4:8c:0c:d5:79:45:a4:b5:e7:c8:27:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Nov 23 07:33:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3adc2edeccfd07efff70c3d24f9b1010ec5d5d61
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:fd:2f:dc:c7:bc:66:62:c2:db:6e:1d:9b:0f:
a5:fd:4b:6c:02:f4:2c:09:c2:60:bf:47:51:51:37:
5d:46:44:7b:a5:dd:ed:bc:a0:01:f4:89:de:9b:11:
6b:0a:6e:0a:00:03:56:c4:aa:10:f1:e9:90:cb:92:
a8:40:56:e1:19:ce:78:da:06:6e:d9:62:93:88:ba:
35:a3:dd:c5:2c:86:1f:f1:82:5b:10:d5:f7:58:4c:
3f:3d:63:b1:e2:51:37:8d:db:23:c7:97:10:4c:7c:
cc:15:0d:01:fb:96:e2:ac:d1:18:52:91:d2:a4:39:
f7:0f:02:1e:73:04:98:48:89:d2:45:eb:84:15:5f:
e5:ad:30:27:14:63:82:02:b3:b6:b2:bc:7b:fb:7e:
49:b9:3a:8e:e4:f3:d6:e7:0d:a9:46:94:3a:98:2c:
0b:2a:a8:b7:ed:aa:e9:e7:26:3d:87:fa:94:9f:f4:
87:ec:ed:f1:90:19:49:1c:40:4a:35:1c:58:89:b0:
e5:39:04:80:99:96:ad:d9:67:5f:a4:bb:5b:18:98:
06:13:40:2d:17:7e:63:86:8a:e4:81:7f:f9:2a:45:
57:ee:42:ea:85:ce:db:77:78:c3:fc:32:c1:e0:6c:
e2:d5:9e:ed:6e:77:cc:f2:85:92:e1:1b:c8:e1:04:
fc:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:DC:2E:DE:CC:FD:07:EF:FF:70:C3:D2:4F:9B:10:10:EC:5D:5D:61
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/Otwu3sz9B-__cMPST5sQEOxdXWE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.34.227.0/24
89.42.80.0/22
Signature Algorithm: sha256WithRSAEncryption
51:fe:5f:3a:43:3f:d7:cf:ce:e3:53:92:ca:06:fd:e5:d2:86:
b1:59:14:19:57:eb:bc:07:96:1b:22:d7:cb:ff:4e:0b:bf:0b:
35:6b:26:de:e4:0e:c2:da:b9:47:39:2e:f9:aa:6c:00:b9:12:
cd:9d:85:23:ec:9c:9d:4a:d3:d9:18:73:e5:97:b6:e5:1e:0d:
c3:de:b7:9a:54:34:a4:1f:ad:e9:02:39:05:c1:ee:02:f0:93:
a8:40:12:7c:17:9b:9b:75:58:c2:79:97:44:4f:58:b3:6e:2a:
18:11:bb:0d:8e:ac:a5:51:63:f6:63:2c:c2:2c:dc:da:a9:fe:
ed:ea:0a:54:58:39:33:ad:2f:9f:1c:44:e4:ba:60:82:05:73:
13:36:7c:37:6f:bb:4e:ce:4b:97:85:f4:1c:fc:d8:b5:0f:81:
43:9c:d9:2c:b1:d4:68:83:29:4c:68:98:4b:5a:e2:34:ae:9b:
cb:a5:2d:e4:e2:11:da:4d:fc:8f:e8:33:bd:4d:ed:a8:56:0c:
3a:a5:ae:a3:78:51:d9:fc:4a:dd:78:b4:84:e2:fa:56:6c:6b:
3c:20:2c:e0:61:84:80:c7:c4:53:92:da:88:a8:32:22:0f:7f:
f6:79:d3:f3:94:52:0c:d4:0a:dc:74:cf:c3:01:e0:f8:28:6e:
0b:b0:44:f6
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYv7GQBW5IwM1XlFpLXnyCdOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjMxMTIzMDczMzIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYWRjMmVkZWNjZmQwN2VmZmY3MGMzZDI0ZjliMTAxMGVjNWQ1ZDYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtv0v3Me8ZmLC224dmw+l/UtsAvQs
CcJgv0dRUTddRkR7pd3tvKAB9InemxFrCm4KAANWxKoQ8emQy5KoQFbhGc542gZu
2WKTiLo1o93FLIYf8YJbENX3WEw/PWOx4lE3jdsjx5cQTHzMFQ0B+5birNEYUpHS
pDn3DwIecwSYSInSReuEFV/lrTAnFGOCArO2srx7+35JuTqO5PPW5w2pRpQ6mCwL
Kqi37arp5yY9h/qUn/SH7O3xkBlJHEBKNRxYibDlOQSAmZat2WdfpLtbGJgGE0At
F35jhorkgX/5KkVX7kLqhc7bd3jD/DLB4Gzi1Z7tbnfM8oWS4RvI4QT8dQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDrcLt7M/Qfv/3DD0k+bEBDsXV1hMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvT3R3dTNzejlCLV9fY01QU1Q1c1FFT3hkWFdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWSLjAwQC
WSpQMA0GCSqGSIb3DQEBCwUAA4IBAQBR/l86Qz/Xz87jU5LKBv3l0oaxWRQZV+u8
B5YbItfL/04Lvws1aybe5A7C2rlHOS75qmwAuRLNnYUj7JydStPZGHPll7blHg3D
3reaVDSkH63pAjkFwe4C8JOoQBJ8F5ubdVjCeZdET1izbioYEbsNjqylUWP2YyzC
LNzaqf7t6gpUWDkzrS+fHETkumCCBXMTNnw3b7tOzkuXhfQc/Ni1D4FDnNkssdRo
gylMaJhLWuI0rpvLpS3k4hHaTfyP6DO9Te2oVgw6pa6jeFHZ/ErdeLSE4vpWbGs8
ICzgYYSAx8RTktqIqDIiD3/2edPzlFIM1ArcdM/DAeD4KG4LsET2
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:19 2024 by rpki-client on console-fra.rpki-client.org