Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/VGppyVIZGWPzW2cVhf15wNVzdSs.roa
File: VGppyVIZGWPzW2cVhf15wNVzdSs.roa (raw, json)
Hash identifier: 3AV1PbxUOE5HtBfikhUWuIMvVfB0NtOCo5d/M9EwNhc=
Subject key identifier: 54:6A:69:C9:52:19:19:63:F3:5B:67:15:85:FD:79:C0:D5:73:75:2B
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 018AF07CE65E416849A87575BC8AD3548CCF
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/VGppyVIZGWPzW2cVhf15wNVzdSs.roa
Signing time: Mon 02 Oct 2023 13:03:51 +0000
ROA not before: Mon 02 Oct 2023 13:03:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 89.42.82.0/23 maxlen: 23
89.42.80.0/23 maxlen: 23
93.119.105.0/24 maxlen: 24
93.119.106.0/24 maxlen: 24
89.46.4.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 02 Oct 2023 18:19:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:f0:7c:e6:5e:41:68:49:a8:75:75:bc:8a:d3:54:8c:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Oct 2 13:03:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=546a69c952191963f35b671585fd79c0d573752b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:cc:3e:e3:ea:e8:c0:80:8e:54:68:45:b9:e1:
fc:1e:70:4b:c7:5b:47:15:1d:f6:51:ca:f7:3d:98:
61:c9:32:bc:23:75:f2:80:08:c7:6c:0b:9b:0a:ca:
da:ed:73:31:e3:5c:fb:bf:d5:f9:b1:86:b5:c5:81:
4f:be:10:27:dc:da:ff:cb:f8:79:2f:2e:f8:b7:c4:
b6:37:38:c2:32:9b:35:d9:73:7f:e8:91:b8:33:ad:
7f:16:63:91:ea:f2:9f:d7:aa:49:0e:dd:eb:9f:6a:
85:fb:d8:8d:9b:d7:df:a7:e7:62:58:12:ee:b8:53:
80:4c:66:03:30:27:1f:98:5c:ab:60:64:97:d5:eb:
a1:8f:7b:cf:35:46:00:43:be:3e:f9:c2:77:ae:af:
a2:4d:9e:61:c0:7e:9d:b0:3c:00:80:62:dc:fe:60:
31:10:b4:dd:6c:93:52:d4:30:8d:0c:cd:c8:e9:b4:
3b:f8:96:d4:f5:46:88:4f:4e:a9:87:9a:0b:f2:2c:
c6:5d:a1:16:15:07:49:42:ef:95:e5:1c:9c:83:42:
5e:db:86:02:ea:65:05:3e:cd:ff:f4:18:d4:ea:d6:
fe:6f:c3:fa:bf:ad:cd:e9:58:eb:cd:0d:00:e0:1c:
b6:ad:94:73:b6:09:da:dd:cf:bd:3e:7c:ca:6a:e2:
10:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:6A:69:C9:52:19:19:63:F3:5B:67:15:85:FD:79:C0:D5:73:75:2B
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/VGppyVIZGWPzW2cVhf15wNVzdSs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.42.80.0/22
89.46.4.0/24
93.119.105.0-93.119.106.255
Signature Algorithm: sha256WithRSAEncryption
19:5d:bc:3c:58:f3:0c:c2:3f:70:af:67:02:ba:15:d2:bd:4a:
e7:e7:55:fd:de:d3:25:80:93:fe:c4:fc:8a:8e:04:36:57:dc:
45:7b:52:b8:45:7c:59:d1:9d:b2:6b:6d:9d:6a:d4:48:97:d0:
fc:ac:60:3e:bb:d4:17:4b:08:e5:dc:69:0a:e1:35:45:4d:cb:
79:30:1a:d9:c9:4e:64:8e:58:ae:29:4f:6d:51:dc:92:7f:7c:
12:86:5f:a5:a7:ec:4d:f0:f6:30:4f:d0:b0:43:f8:0e:a4:92:
3b:64:c6:be:22:72:53:cc:99:7e:f4:11:f6:40:76:e4:83:c0:
0e:31:87:b9:99:95:30:1a:5e:e2:94:64:45:29:63:df:71:57:
9d:20:61:9e:0f:63:d9:0a:a4:7e:cf:f6:bb:5f:89:39:59:52:
8b:74:65:83:a1:1c:de:7c:2b:87:d9:a3:34:21:95:23:c6:cd:
18:b5:5c:22:c0:7f:e7:fd:9a:37:2d:78:81:a7:56:90:c6:0a:
07:f8:54:0a:7c:b6:83:2f:b2:0f:84:a3:2d:29:78:b3:ba:88:
81:c2:62:4e:8d:c3:0f:06:f3:0f:3a:25:39:62:22:e1:ff:cf:
b2:97:6f:4d:b2:10:f8:1b:31:9a:d5:13:08:c9:53:b3:95:52:
dc:0c:3d:2c
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYrwfOZeQWhJqHV1vIrTVIzPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjMxMDAyMTMwMzUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NDZhNjljOTUyMTkxOTYzZjM1YjY3MTU4NWZkNzljMGQ1NzM3NTJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzsw+4+rowICOVGhFueH8HnBLx1tH
FR32Ucr3PZhhyTK8I3XygAjHbAubCsra7XMx41z7v9X5sYa1xYFPvhAn3Nr/y/h5
Ly74t8S2NzjCMps12XN/6JG4M61/FmOR6vKf16pJDt3rn2qF+9iNm9ffp+diWBLu
uFOATGYDMCcfmFyrYGSX1euhj3vPNUYAQ74++cJ3rq+iTZ5hwH6dsDwAgGLc/mAx
ELTdbJNS1DCNDM3I6bQ7+JbU9UaIT06ph5oL8izGXaEWFQdJQu+V5Rycg0Je24YC
6mUFPs3/9BjU6tb+b8P6v63N6VjrzQ0A4By2rZRztgna3c+9PnzKauIQ3QIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFFRqaclSGRlj81tnFYX9ecDVc3UrMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvVkdwcHlWSVpHV1B6VzJjVmhmMTV3TlZ6ZFNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQCWSpQAwQA
WS4EMAwDBABdd2kDBABdd2owDQYJKoZIhvcNAQELBQADggEBABldvDxY8wzCP3Cv
ZwK6FdK9SufnVf3e0yWAk/7E/IqOBDZX3EV7UrhFfFnRnbJrbZ1q1EiX0PysYD67
1BdLCOXcaQrhNUVNy3kwGtnJTmSOWK4pT21R3JJ/fBKGX6Wn7E3w9jBP0LBD+A6k
kjtkxr4iclPMmX70EfZAduSDwA4xh7mZlTAaXuKUZEUpY99xV50gYZ4PY9kKpH7P
9rtfiTlZUot0ZYOhHN58K4fZozQhlSPGzRi1XCLAf+f9mjcteIGnVpDGCgf4VAp8
toMvsg+Eoy0peLO6iIHCYk6Nww8G8w86JTliIuH/z7KXb02yEPgbMZrVEwjJU7OV
UtwMPSw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:50 2024 by rpki-client on console-ams.rpki-client.org