Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/TDNhdfe1p7-uV6cxtABp5rKJehQ.roa
File: TDNhdfe1p7-uV6cxtABp5rKJehQ.roa (raw, json)
Hash identifier: ZWeC6pldG6iPfhu7KxB57jdnAzhoJ5mIdY/8x18y7+o=
Subject key identifier: 4C:33:61:75:F7:B5:A7:BF:AE:57:A7:31:B4:00:69:E6:B2:89:7A:14
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 018B3E46C23525618D6AD1DDC4AD025D0DFA
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/TDNhdfe1p7-uV6cxtABp5rKJehQ.roa
Signing time: Tue 17 Oct 2023 15:35:06 +0000
ROA not before: Tue 17 Oct 2023 15:35:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212815
IP address blocks: 89.33.194.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:29:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:3e:46:c2:35:25:61:8d:6a:d1:dd:c4:ad:02:5d:0d:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Oct 17 15:35:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4c336175f7b5a7bfae57a731b40069e6b2897a14
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:e7:ea:33:de:bf:e8:83:91:23:58:4d:53:b0:
65:db:e2:d9:80:4d:4e:5a:59:a3:12:5f:f1:9d:b5:
a8:dc:f4:1e:29:51:9b:ba:08:04:3a:9d:0f:0a:49:
7a:2c:04:5a:55:e4:b2:6f:77:29:3a:2f:e1:5e:7d:
28:0f:b8:45:3b:0d:45:f9:e8:96:5e:bb:8f:81:fc:
a6:bb:27:c6:8d:66:91:0e:41:b8:a7:8d:99:fb:2d:
24:36:93:a8:97:f6:7f:05:c4:e7:c2:d6:09:4c:7d:
26:6c:76:55:7f:fb:e8:2e:08:26:67:a5:75:6e:45:
c6:10:15:5c:2a:15:5a:f3:6d:b8:1a:bd:c3:6c:b8:
1c:d0:10:09:15:ea:d3:2f:be:be:44:37:76:a6:bf:
47:5e:97:3c:3b:5b:e6:87:64:4a:23:c8:d1:cd:5e:
fd:01:40:9e:d7:99:5b:e9:9e:f3:81:a2:ce:68:03:
21:59:12:78:f4:69:0b:8b:d6:41:d0:20:cc:bc:de:
89:bf:ec:1f:fb:b5:42:b7:9c:3c:56:11:ab:e8:15:
8b:cc:c6:65:60:a4:12:a7:3f:70:9f:09:f5:15:73:
48:bd:8d:d1:f1:9a:65:5d:ed:21:64:84:22:94:29:
fb:35:29:1e:60:0e:cb:a9:e3:88:09:07:9e:4f:b2:
49:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:33:61:75:F7:B5:A7:BF:AE:57:A7:31:B4:00:69:E6:B2:89:7A:14
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/TDNhdfe1p7-uV6cxtABp5rKJehQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.33.194.0/24
Signature Algorithm: sha256WithRSAEncryption
16:6b:7e:b6:a6:32:dc:c3:d3:e8:c8:27:1b:89:d4:2d:7a:54:
bf:00:fc:78:50:4f:f5:91:0c:eb:03:7b:84:74:45:24:b2:48:
3f:b6:fd:ed:aa:54:3c:21:93:af:ab:48:77:52:e7:8b:8a:9b:
67:fd:5e:b3:65:ff:f9:7d:fc:98:e3:15:a2:5a:19:7a:36:f9:
89:fd:99:df:96:e9:5b:99:15:2f:6a:6f:51:0e:1b:32:81:3d:
e2:4d:95:dd:95:07:b5:52:bc:c3:08:4b:0a:e2:b1:ce:c2:28:
53:df:6f:2c:11:88:c9:9a:5c:2d:a1:36:21:0c:9f:a1:5b:cc:
26:19:dd:8d:46:1d:61:b9:a4:9c:07:fa:47:99:d8:4b:1c:c4:
d8:f1:08:60:b9:92:88:f7:03:86:0f:ad:93:c4:8f:54:ca:7a:
c0:27:51:34:35:61:df:b3:88:63:5d:33:bf:b7:73:f2:8b:1d:
4b:99:34:42:4d:7b:24:73:82:69:aa:af:05:ac:2a:3f:fd:3b:
a2:76:0b:0c:29:8b:ea:2d:92:de:b4:3f:8b:50:27:8a:8c:17:
f3:1d:54:66:c0:76:ce:20:dd:31:aa:76:8d:5a:cc:f5:0e:e1:
ad:5d:f0:37:33:42:56:4a:31:46:c9:66:99:04:8a:a3:82:4c:
a4:42:f0:34
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYs+RsI1JWGNatHdxK0CXQ36MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjMxMDE3MTUzNTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YzMzNjE3NWY3YjVhN2JmYWU1N2E3MzFiNDAwNjllNmIyODk3YTE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjufqM96/6IORI1hNU7Bl2+LZgE1O
WlmjEl/xnbWo3PQeKVGbuggEOp0PCkl6LARaVeSyb3cpOi/hXn0oD7hFOw1F+eiW
XruPgfymuyfGjWaRDkG4p42Z+y0kNpOol/Z/BcTnwtYJTH0mbHZVf/voLggmZ6V1
bkXGEBVcKhVa8224Gr3DbLgc0BAJFerTL76+RDd2pr9HXpc8O1vmh2RKI8jRzV79
AUCe15lb6Z7zgaLOaAMhWRJ49GkLi9ZB0CDMvN6Jv+wf+7VCt5w8VhGr6BWLzMZl
YKQSpz9wnwn1FXNIvY3R8ZplXe0hZIQilCn7NSkeYA7LqeOICQeeT7JJqQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEwzYXX3tae/rlenMbQAaeayiXoUMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvVEROaGRmZTFwNy11VjZjeHRBQnA1cktKZWhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWSHCMA0G
CSqGSIb3DQEBCwUAA4IBAQAWa362pjLcw9PoyCcbidQtelS/APx4UE/1kQzrA3uE
dEUkskg/tv3tqlQ8IZOvq0h3UueLiptn/V6zZf/5ffyY4xWiWhl6NvmJ/Znflulb
mRUvam9RDhsygT3iTZXdlQe1UrzDCEsK4rHOwihT328sEYjJmlwtoTYhDJ+hW8wm
Gd2NRh1huaScB/pHmdhLHMTY8QhguZKI9wOGD62TxI9UynrAJ1E0NWHfs4hjXTO/
t3Pyix1LmTRCTXskc4Jpqq8FrCo//TuidgsMKYvqLZLetD+LUCeKjBfzHVRmwHbO
IN0xqnaNWsz1DuGtXfA3M0JWSjFGyWaZBIqjgkykQvA0
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:19 2024 by rpki-client on console-fra.rpki-client.org