Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/aeedZLDUCDP5nResrcGjvm01cjQ.roa
File: aeedZLDUCDP5nResrcGjvm01cjQ.roa (raw, json)
Hash identifier: DAh1vhM4lgcBoIZD2yN7JyJLX2flyg3WYKmBgT2HZFQ=
Subject key identifier: 69:E7:9D:64:B0:D4:08:33:F9:9D:17:AC:AD:C1:A3:BE:6D:35:72:34
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 018B3725DC7C218DDE50BC84C4E42F6AC1B5
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/aeedZLDUCDP5nResrcGjvm01cjQ.roa
Signing time: Mon 16 Oct 2023 06:21:50 +0000
ROA not before: Mon 16 Oct 2023 06:21:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 89.42.81.0/24 maxlen: 24
89.42.82.0/23 maxlen: 23
89.42.80.0/23 maxlen: 23
93.119.105.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 16 Oct 2023 10:45:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:37:25:dc:7c:21:8d:de:50:bc:84:c4:e4:2f:6a:c1:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Oct 16 06:21:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=69e79d64b0d40833f99d17acadc1a3be6d357234
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:54:f3:ce:2f:74:77:9c:3b:03:99:f1:2e:83:
97:0c:c4:c2:44:1d:67:b3:d9:01:88:26:75:9f:85:
26:07:1f:ce:aa:f5:69:9e:5f:8f:d9:a8:ed:48:64:
88:57:3a:a9:30:65:17:2d:aa:af:e2:6a:47:71:a6:
d2:df:76:7d:26:39:df:78:2d:e3:02:8e:d2:7c:ac:
55:79:c3:2f:05:af:51:f9:c8:3f:45:79:4c:4d:d6:
ab:2f:71:b0:8b:33:23:31:85:27:81:c9:94:6a:f6:
93:da:11:1f:27:d7:f9:b6:cf:3d:0b:48:89:d8:6f:
b9:d7:21:4d:50:ee:a0:88:29:94:97:bc:6f:aa:2d:
f0:f6:0f:69:df:0f:6f:e0:ca:b5:5b:09:97:52:ba:
21:91:1a:c3:b3:25:e5:85:09:b4:82:99:f7:ac:79:
57:39:11:07:fa:0b:84:2a:b7:f5:9f:12:8f:c2:04:
3d:ff:e9:78:9c:db:b3:4d:fa:ac:57:b8:3f:09:38:
fa:61:34:8a:4c:41:4f:2a:3a:c0:ab:5a:0d:2f:b6:
0d:fa:eb:c6:0e:85:44:ec:0a:23:ad:61:34:e3:4a:
85:ce:1a:6f:9d:a7:72:00:f2:8b:ae:10:11:53:e5:
40:f8:91:d8:6f:90:c9:ae:c7:ae:13:e6:e6:7a:79:
9c:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:E7:9D:64:B0:D4:08:33:F9:9D:17:AC:AD:C1:A3:BE:6D:35:72:34
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/aeedZLDUCDP5nResrcGjvm01cjQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.42.80.0/22
93.119.105.0/24
Signature Algorithm: sha256WithRSAEncryption
79:99:4d:0e:d7:b1:8a:35:dd:75:98:30:6f:f8:9e:ea:8c:b2:
8e:ad:03:c2:c2:0c:47:cb:f6:fc:1e:16:99:5b:aa:ad:22:2c:
be:c4:e5:73:a3:d3:79:93:7d:8c:73:b0:47:61:2c:66:f2:15:
7f:2f:47:3a:a0:da:38:c2:f2:51:6d:d1:03:05:55:03:4e:16:
7d:6b:92:38:f8:5d:0a:6f:46:00:6d:71:4d:22:c7:46:55:2f:
89:fa:1e:27:a7:1e:2b:ba:1a:7b:c7:9b:a5:03:1b:87:5f:65:
96:fb:ca:a3:c6:47:07:16:e6:a3:b6:c8:0e:a5:b7:7f:46:43:
bd:85:67:94:b8:80:df:5d:3d:3e:39:bd:1e:0f:96:05:9c:20:
04:f4:db:b0:c5:89:8c:23:01:e3:74:f1:06:55:5b:35:46:78:
2b:08:b9:40:2a:cc:ef:c5:de:36:74:34:fd:7d:9d:fe:48:5d:
94:8f:da:3f:6a:f1:4f:a8:3d:bc:0b:e8:d4:1d:fe:ff:87:61:
f2:5e:f2:2d:b9:fa:20:57:5b:f7:1d:80:92:32:0a:f8:af:0c:
74:9e:e2:04:c6:45:db:25:98:53:ca:c4:9e:50:e9:9e:c7:a1:
d4:22:aa:ec:18:74:f3:26:f3:a4:b6:b4:4d:f2:28:1d:eb:fa:
dc:cd:2f:60
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYs3Jdx8IY3eULyExOQvasG1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjMxMDE2MDYyMTUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OWU3OWQ2NGIwZDQwODMzZjk5ZDE3YWNhZGMxYTNiZTZkMzU3MjM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtlTzzi90d5w7A5nxLoOXDMTCRB1n
s9kBiCZ1n4UmBx/OqvVpnl+P2ajtSGSIVzqpMGUXLaqv4mpHcabS33Z9JjnfeC3j
Ao7SfKxVecMvBa9R+cg/RXlMTdarL3GwizMjMYUngcmUavaT2hEfJ9f5ts89C0iJ
2G+51yFNUO6giCmUl7xvqi3w9g9p3w9v4Mq1WwmXUrohkRrDsyXlhQm0gpn3rHlX
OREH+guEKrf1nxKPwgQ9/+l4nNuzTfqsV7g/CTj6YTSKTEFPKjrAq1oNL7YN+uvG
DoVE7AojrWE040qFzhpvnadyAPKLrhARU+VA+JHYb5DJrseuE+bmenmc5wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGnnnWSw1Agz+Z0XrK3Bo75tNXI0MB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvYWVlZFpMRFVDRFA1blJlc3JjR2p2bTAxY2pRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCWSpQAwQA
XXdpMA0GCSqGSIb3DQEBCwUAA4IBAQB5mU0O17GKNd11mDBv+J7qjLKOrQPCwgxH
y/b8HhaZW6qtIiy+xOVzo9N5k32Mc7BHYSxm8hV/L0c6oNo4wvJRbdEDBVUDThZ9
a5I4+F0Kb0YAbXFNIsdGVS+J+h4npx4ruhp7x5ulAxuHX2WW+8qjxkcHFuajtsgO
pbd/RkO9hWeUuIDfXT0+Ob0eD5YFnCAE9NuwxYmMIwHjdPEGVVs1RngrCLlAKszv
xd42dDT9fZ3+SF2Uj9o/avFPqD28C+jUHf7/h2HyXvItufogV1v3HYCSMgr4rwx0
nuIExkXbJZhTysSeUOmex6HUIqrsGHTzJvOktrRN8igd6/rczS9g
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:19 2024 by rpki-client on console-fra.rpki-client.org