Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/hzkiwS0uehJ7EvdFbPNRdYJZ9_Q.roa
File: hzkiwS0uehJ7EvdFbPNRdYJZ9_Q.roa (raw, json)
Hash identifier: uAGHrKwxtMsXaCL9nSrM3my5C6VeFTcQnxSo8cUX/Pk=
Subject key identifier: 87:39:22:C1:2D:2E:7A:12:7B:12:F7:45:6C:F3:51:75:82:59:F7:F4
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 018C1070321B29C81CD196EEF7EF2C558572
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/hzkiwS0uehJ7EvdFbPNRdYJZ9_Q.roa
Signing time: Mon 27 Nov 2023 11:00:37 +0000
ROA not before: Mon 27 Nov 2023 11:00:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20473
IP address blocks: 89.42.87.0/24 maxlen: 24
93.119.106.0/24 maxlen: 24
93.113.183.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:29:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:10:70:32:1b:29:c8:1c:d1:96:ee:f7:ef:2c:55:85:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Nov 27 11:00:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=873922c12d2e7a127b12f7456cf351758259f7f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:96:6a:92:97:ed:0b:78:2c:5b:58:9a:8f:e3:
c8:54:d4:ea:a3:8a:fe:f5:59:60:4b:5d:17:3f:7a:
0b:53:71:97:a4:d6:93:66:27:19:c5:7e:3a:9a:a8:
de:0d:6b:7b:0b:c7:40:3f:e1:89:06:85:e9:64:10:
16:ec:19:1b:b5:41:13:ca:b3:56:ce:cb:3d:ce:12:
b9:b8:dd:73:79:d3:e3:c8:6e:ee:c2:c3:af:16:02:
39:13:b4:d2:cb:c2:30:b3:3e:3b:24:28:53:41:4d:
3b:99:b6:fb:54:1b:2a:6b:4f:24:71:c9:bb:93:4b:
7d:43:21:05:5a:e4:cc:06:b0:a7:1e:60:c4:b8:e0:
47:e3:e3:4f:18:7f:cc:9e:23:a2:e4:6c:32:22:a8:
8b:2d:58:2f:a2:41:8e:ea:89:bc:91:c2:e8:4e:cf:
ce:33:06:78:05:76:10:6d:99:61:b8:df:21:d0:36:
24:88:02:3c:61:8d:cd:2f:9b:cf:8d:ce:b9:4b:e5:
4f:96:53:92:fb:ca:fa:98:75:e1:43:de:ce:be:05:
18:ef:9e:cc:23:ea:67:2e:72:29:1b:6b:5b:61:f4:
97:ce:2e:11:77:98:0a:c8:0c:9e:db:31:86:af:27:
40:d1:bc:23:9c:ae:45:28:b1:b3:1c:6e:8c:12:4d:
f3:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:39:22:C1:2D:2E:7A:12:7B:12:F7:45:6C:F3:51:75:82:59:F7:F4
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/hzkiwS0uehJ7EvdFbPNRdYJZ9_Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.42.87.0/24
93.113.183.0/24
93.119.106.0/24
Signature Algorithm: sha256WithRSAEncryption
83:92:68:b5:1a:45:b6:5c:9b:47:28:9c:05:16:dc:7e:52:c4:
53:1c:a5:89:8a:84:6c:5e:6b:6b:4a:24:76:8c:61:c7:13:c1:
a4:ea:e8:bb:7e:72:5e:c7:39:49:6d:e9:7d:8b:5e:eb:f5:5f:
bf:79:30:68:2d:d7:1c:c0:e3:8b:1d:a9:f8:40:79:f6:8f:fe:
03:74:20:34:c2:42:33:ce:e9:a5:4a:38:1a:fa:92:f1:4b:fe:
96:53:f1:59:85:76:65:f6:64:6d:71:80:72:74:1b:03:77:36:
79:c1:71:f0:3d:32:a9:5e:62:84:1e:6d:46:5e:92:78:da:82:
63:8f:f1:0a:e8:ee:62:b8:0e:04:ea:37:4f:db:6b:f8:a0:91:
0f:b8:a3:b3:5c:b1:d8:9f:61:86:13:0c:34:f0:34:bf:84:47:
0d:ad:61:95:a4:e4:71:6f:83:2c:c7:47:d5:ac:b0:93:c0:ff:
24:e1:23:72:c2:0f:d8:51:2d:d8:b0:85:df:d2:9a:e5:ca:5b:
c3:5f:4f:e1:79:4b:3e:a2:09:bf:38:d7:50:45:18:6a:2f:9b:
9a:42:50:0f:63:bb:b6:ec:78:25:dc:a2:42:da:19:3b:6d:ec:
cc:f1:8b:46:63:d4:44:5c:e6:1b:1c:08:cd:c9:eb:ab:9d:29:
08:5a:cc:0f
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYwQcDIbKcgc0Zbu9+8sVYVyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjMxMTI3MTEwMDM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzM5MjJjMTJkMmU3YTEyN2IxMmY3NDU2Y2YzNTE3NTgyNTlmN2Y0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhZZqkpftC3gsW1iaj+PIVNTqo4r+
9VlgS10XP3oLU3GXpNaTZicZxX46mqjeDWt7C8dAP+GJBoXpZBAW7BkbtUETyrNW
zss9zhK5uN1zedPjyG7uwsOvFgI5E7TSy8Iwsz47JChTQU07mbb7VBsqa08kccm7
k0t9QyEFWuTMBrCnHmDEuOBH4+NPGH/MniOi5GwyIqiLLVgvokGO6om8kcLoTs/O
MwZ4BXYQbZlhuN8h0DYkiAI8YY3NL5vPjc65S+VPllOS+8r6mHXhQ97OvgUY757M
I+pnLnIpG2tbYfSXzi4Rd5gKyAye2zGGrydA0bwjnK5FKLGzHG6MEk3z1wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIc5IsEtLnoSexL3RWzzUXWCWff0MB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvaHpraXdTMHVlaEo3RXZkRmJQTlJkWUpaOV9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAWSpXAwQA
XXG3AwQAXXdqMA0GCSqGSIb3DQEBCwUAA4IBAQCDkmi1GkW2XJtHKJwFFtx+UsRT
HKWJioRsXmtrSiR2jGHHE8Gk6ui7fnJexzlJbel9i17r9V+/eTBoLdccwOOLHan4
QHn2j/4DdCA0wkIzzumlSjga+pLxS/6WU/FZhXZl9mRtcYBydBsDdzZ5wXHwPTKp
XmKEHm1GXpJ42oJjj/EK6O5iuA4E6jdP22v4oJEPuKOzXLHYn2GGEww08DS/hEcN
rWGVpORxb4Msx0fVrLCTwP8k4SNywg/YUS3YsIXf0prlylvDX0/heUs+ogm/ONdQ
RRhqL5uaQlAPY7u27Hgl3KJC2hk7bezM8YtGY9REXOYbHAjNyeurnSkIWswP
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:19 2024 by rpki-client on console-fra.rpki-client.org