Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/kYGt8UkOxwL5nHJqx-UpIyElIJE.roa
File: kYGt8UkOxwL5nHJqx-UpIyElIJE.roa (raw, json)
Hash identifier: N0vt1CGYECsZwwVASYvvkhF0RIMl2zMiHDEo2j2cDVY=
Subject key identifier: 91:81:AD:F1:49:0E:C7:02:F9:9C:72:6A:C7:E5:29:23:21:25:20:91
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 018B14028EDB5EABFF9B95F7EE9348B7FCFD
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/kYGt8UkOxwL5nHJqx-UpIyElIJE.roa
Signing time: Mon 09 Oct 2023 10:36:33 +0000
ROA not before: Mon 09 Oct 2023 10:36:33 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 89.42.82.0/23 maxlen: 23
89.42.80.0/23 maxlen: 23
93.119.105.0/24 maxlen: 24
89.42.93.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 09 Oct 2023 15:09:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:14:02:8e:db:5e:ab:ff:9b:95:f7:ee:93:48:b7:fc:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Oct 9 10:36:33 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9181adf1490ec702f99c726ac7e5292321252091
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:33:3f:e6:cc:66:dd:8c:86:97:36:ff:5b:82:
33:38:c4:2d:2c:d4:4b:e6:26:44:58:24:e9:51:49:
82:23:52:b6:ae:53:04:94:f7:06:e5:bb:11:67:cf:
85:8a:b3:9c:42:e0:ea:ac:59:02:3c:f0:d4:2d:05:
02:2c:2b:b8:f3:dc:dd:f5:27:01:c6:a1:0b:58:0b:
f7:77:ae:6b:82:3b:b1:df:57:23:89:60:ae:3e:a8:
1b:1b:c5:2d:60:4b:1f:f7:76:d5:42:1e:ac:2a:ea:
02:ce:65:34:7c:65:94:72:6c:98:3e:f2:c3:69:7a:
ae:08:6b:f7:9a:c5:a5:ff:67:5c:af:a4:3e:f7:78:
67:46:69:a0:23:0c:d0:f4:9f:c4:58:98:51:5d:d7:
ac:39:6e:85:2c:1f:41:dd:3e:84:d7:61:33:47:72:
2c:67:4c:2c:16:05:0b:8d:b6:c3:42:ce:d5:f1:88:
9a:f1:11:db:a7:2c:ae:ab:77:0d:39:c1:0c:28:d9:
ae:78:cd:f0:70:d2:41:01:d3:fb:99:10:85:50:cf:
89:87:87:f3:67:f6:82:8a:57:71:be:f4:71:b6:d2:
b8:09:2c:dd:6c:32:a7:75:4f:63:2c:8d:68:22:ae:
6a:be:9f:f6:da:55:9a:ce:39:6b:a4:2f:18:09:d0:
4a:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:81:AD:F1:49:0E:C7:02:F9:9C:72:6A:C7:E5:29:23:21:25:20:91
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/kYGt8UkOxwL5nHJqx-UpIyElIJE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.42.80.0/22
89.42.93.0/24
93.119.105.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:05:d6:53:35:e6:dd:84:a1:e4:f6:ad:2f:4c:83:1d:37:6c:
b6:89:8d:16:10:c8:18:4b:c0:f4:16:4d:b1:62:06:ff:d0:c5:
17:86:9c:c6:1b:d8:a0:ca:eb:fe:29:1b:12:d8:c3:04:6f:8f:
05:fd:a2:a3:36:31:c0:f5:21:ce:8d:20:49:9f:9a:49:d1:b4:
bd:c9:39:a4:54:cb:ae:31:fa:2c:c5:86:a0:f6:86:01:bc:9c:
d2:fc:bb:95:52:4e:df:7b:4d:ba:90:d2:b3:aa:c6:03:9b:f4:
39:a4:4e:1b:36:17:57:ee:4c:16:a1:de:b8:26:34:13:96:b3:
19:5c:38:fd:f6:43:e5:ef:04:a0:fb:58:57:19:ce:15:69:31:
4c:d6:00:bf:72:2b:8c:f6:05:e8:5a:1d:06:63:7a:4c:c5:57:
b2:74:ef:c1:39:bc:e3:d6:12:89:e0:e5:44:b5:1b:c4:d6:7b:
1d:b4:ab:65:cb:64:14:a3:d5:1b:13:74:eb:1c:14:b7:1c:a7:
7b:a5:59:20:71:8d:3a:e2:69:f7:63:de:59:60:d0:f6:6c:47:
76:ef:d6:fa:e9:da:1d:fa:3b:a5:00:a2:b4:40:fc:57:4a:42:
69:31:58:0f:7e:9b:f1:cc:e5:51:2a:e4:c1:1f:bd:f0:db:a5:
2e:08:12:16
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYsUAo7bXqv/m5X37pNIt/z9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjMxMDA5MTAzNjMzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTgxYWRmMTQ5MGVjNzAyZjk5YzcyNmFjN2U1MjkyMzIxMjUyMDkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhzM/5sxm3YyGlzb/W4IzOMQtLNRL
5iZEWCTpUUmCI1K2rlMElPcG5bsRZ8+FirOcQuDqrFkCPPDULQUCLCu489zd9ScB
xqELWAv3d65rgjux31cjiWCuPqgbG8UtYEsf93bVQh6sKuoCzmU0fGWUcmyYPvLD
aXquCGv3msWl/2dcr6Q+93hnRmmgIwzQ9J/EWJhRXdesOW6FLB9B3T6E12EzR3Is
Z0wsFgULjbbDQs7V8Yia8RHbpyyuq3cNOcEMKNmueM3wcNJBAdP7mRCFUM+Jh4fz
Z/aCildxvvRxttK4CSzdbDKndU9jLI1oIq5qvp/22lWazjlrpC8YCdBKcwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJGBrfFJDscC+ZxyasflKSMhJSCRMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEva1lHdDhVa094d0w1bkhKcXgtVXBJeUVsSUpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCWSpQAwQA
WSpdAwQAXXdpMA0GCSqGSIb3DQEBCwUAA4IBAQBNBdZTNebdhKHk9q0vTIMdN2y2
iY0WEMgYS8D0Fk2xYgb/0MUXhpzGG9igyuv+KRsS2MMEb48F/aKjNjHA9SHOjSBJ
n5pJ0bS9yTmkVMuuMfosxYag9oYBvJzS/LuVUk7fe026kNKzqsYDm/Q5pE4bNhdX
7kwWod64JjQTlrMZXDj99kPl7wSg+1hXGc4VaTFM1gC/ciuM9gXoWh0GY3pMxVey
dO/BObzj1hKJ4OVEtRvE1nsdtKtly2QUo9UbE3TrHBS3HKd7pVkgcY064mn3Y95Z
YND2bEd279b66dod+julAKK0QPxXSkJpMVgPfpvxzOVRKuTBH73w26UuCBIW
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:50 2024 by rpki-client on console-ams.rpki-client.org