Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/pXrd8QihzUB8IlDGpFKP3nWXOqk.roa
File: pXrd8QihzUB8IlDGpFKP3nWXOqk.roa (raw, json)
Hash identifier: VMLgLiL2093Eo0iMmUJotzFTzdtEQ0cyK41n+U6HVPU=
Subject key identifier: A5:7A:DD:F1:08:A1:CD:40:7C:22:50:C6:A4:52:8F:DE:75:97:3A:A9
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 01856ECB6DB897120BFCE20B0210D67C67C5
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/pXrd8QihzUB8IlDGpFKP3nWXOqk.roa
Signing time: Sun 01 Jan 2023 19:25:03 +0000
ROA not before: Sun 01 Jan 2023 19:25:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9009
IP address blocks: 93.119.107.0/24 maxlen: 24
89.33.192.0/24 maxlen: 24
89.33.193.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 28 Feb 2023 09:22:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:cb:6d:b8:97:12:0b:fc:e2:0b:02:10:d6:7c:67:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Jan 1 19:25:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a57addf108a1cd407c2250c6a4528fde75973aa9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:d0:9d:9f:83:09:e2:ba:13:9e:a4:4d:0a:b3:
9c:9c:33:e1:f0:c2:44:c8:55:a9:82:c3:02:ee:44:
49:87:4a:5a:44:98:e7:a4:31:22:41:6e:65:bd:4e:
e9:d7:b5:5c:3a:9a:f3:94:ca:f9:4a:fb:93:81:ee:
d7:12:6d:a7:7b:7f:a5:0d:b9:c9:25:b9:c4:fc:13:
90:ed:96:ad:08:9b:d9:fb:27:ec:ed:c9:99:7c:a2:
35:fd:f7:e2:47:34:2a:de:22:d3:cb:d4:51:af:f6:
e7:d4:3e:67:93:18:c7:06:b5:4e:a4:a5:77:67:6f:
13:0b:aa:ef:6c:e4:00:db:85:ec:79:c5:d1:f4:0a:
f3:cc:c0:a5:02:22:b7:a1:aa:e5:9e:6a:e4:99:7e:
02:b4:77:bc:dd:b2:5b:e1:2a:34:f0:06:05:03:6c:
67:fc:92:dd:ac:ae:d2:1e:00:c3:8d:d5:be:26:de:
63:64:0a:17:67:9b:e9:08:2d:bc:ce:90:56:a7:8d:
01:86:b5:33:e9:f5:80:65:d9:7e:15:fa:47:52:5e:
19:f9:7e:10:24:4c:50:ab:0e:40:dd:99:c7:77:cb:
36:37:0e:b0:33:17:49:fd:6c:85:3c:c3:74:ae:ae:
5a:5f:97:e1:35:c8:18:34:ff:b8:53:43:b2:90:6c:
ff:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:7A:DD:F1:08:A1:CD:40:7C:22:50:C6:A4:52:8F:DE:75:97:3A:A9
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/pXrd8QihzUB8IlDGpFKP3nWXOqk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.33.192.0/23
93.119.107.0/24
Signature Algorithm: sha256WithRSAEncryption
29:5f:a6:6c:7e:78:21:a6:b8:40:6f:39:7d:24:1f:9f:b2:ad:
ae:42:0c:56:b4:48:75:82:86:c2:b6:25:46:3b:a3:ff:2c:3b:
f7:79:9c:d9:c8:73:08:48:db:18:19:cb:b5:a8:0f:f9:b0:85:
32:32:a2:97:48:13:c8:08:6b:c3:9a:c4:31:e4:2c:42:c7:8a:
cd:94:5c:08:1b:98:d6:9e:37:eb:3a:78:9d:4d:42:be:e4:91:
50:03:5f:7c:c2:db:24:ed:18:e3:00:d7:cb:df:d7:40:0b:19:
a6:46:f0:9f:ca:93:93:7c:b5:86:1f:c7:1c:73:42:98:49:49:
f7:fc:f3:f8:38:d3:53:39:96:2b:13:ca:37:42:ca:0b:1a:4d:
20:bc:6c:50:79:54:e1:79:c3:2e:46:31:c8:9d:9c:1e:f8:9c:
5a:22:bf:7f:e4:d4:38:41:60:d0:54:49:8c:64:4e:ae:27:1b:
fa:a3:5a:f8:d8:66:6f:c8:3e:c4:6c:46:6d:2f:af:68:fd:49:
a3:51:e7:c2:aa:54:be:5e:05:ab:a7:f4:24:f3:d6:45:8c:fe:
ae:fa:5a:d1:70:97:a5:fe:47:dc:ca:a6:5c:27:6c:65:8f:29:
04:73:8f:32:86:7e:98:d1:33:fc:d7:c4:6f:a9:98:18:4e:1f:
2c:f2:43:1f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVuy224lxIL/OILAhDWfGfFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjMwMTAxMTkyNTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTdhZGRmMTA4YTFjZDQwN2MyMjUwYzZhNDUyOGZkZTc1OTczYWE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzNCdn4MJ4roTnqRNCrOcnDPh8MJE
yFWpgsMC7kRJh0paRJjnpDEiQW5lvU7p17VcOprzlMr5SvuTge7XEm2ne3+lDbnJ
JbnE/BOQ7ZatCJvZ+yfs7cmZfKI1/ffiRzQq3iLTy9RRr/bn1D5nkxjHBrVOpKV3
Z28TC6rvbOQA24XsecXR9ArzzMClAiK3oarlnmrkmX4CtHe83bJb4So08AYFA2xn
/JLdrK7SHgDDjdW+Jt5jZAoXZ5vpCC28zpBWp40BhrUz6fWAZdl+FfpHUl4Z+X4Q
JExQqw5A3ZnHd8s2Nw6wMxdJ/WyFPMN0rq5aX5fhNcgYNP+4U0OykGz/ywIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKV63fEIoc1AfCJQxqRSj951lzqpMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvcFhyZDhRaWh6VUI4SWxER3BGS1AzbldYT3FrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBWSHAAwQA
XXdrMA0GCSqGSIb3DQEBCwUAA4IBAQApX6ZsfnghprhAbzl9JB+fsq2uQgxWtEh1
gobCtiVGO6P/LDv3eZzZyHMISNsYGcu1qA/5sIUyMqKXSBPICGvDmsQx5CxCx4rN
lFwIG5jWnjfrOnidTUK+5JFQA198wtsk7RjjANfL39dACxmmRvCfypOTfLWGH8cc
c0KYSUn3/PP4ONNTOZYrE8o3QsoLGk0gvGxQeVThecMuRjHInZwe+JxaIr9/5NQ4
QWDQVEmMZE6uJxv6o1r42GZvyD7EbEZtL69o/UmjUefCqlS+XgWrp/Qk89ZFjP6u
+lrRcJel/kfcyqZcJ2xljykEc48yhn6Y0TP818RvqZgYTh8s8kMf
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:50 2024 by rpki-client on console-ams.rpki-client.org