Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/u21FT0RlZaYrSTSv_rqA0KNqnCk.roa
File: u21FT0RlZaYrSTSv_rqA0KNqnCk.roa (raw, json)
Hash identifier: aVkjaVJuBAgJOFHcqRTRDc7SDZqBbcp/nFPtlP7s0u4=
Subject key identifier: BB:6D:45:4F:44:65:65:A6:2B:49:34:AF:FE:BA:80:D0:A3:6A:9C:29
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 018ADAF24D8F508A4986B754B240F008D737
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/u21FT0RlZaYrSTSv_rqA0KNqnCk.roa
Signing time: Thu 28 Sep 2023 08:40:27 +0000
ROA not before: Thu 28 Sep 2023 08:40:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 89.42.82.0/23 maxlen: 23
89.42.80.0/23 maxlen: 23
93.119.105.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 02 Oct 2023 13:03:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:da:f2:4d:8f:50:8a:49:86:b7:54:b2:40:f0:08:d7:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Sep 28 08:40:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bb6d454f446565a62b4934affeba80d0a36a9c29
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:f3:75:da:fb:31:12:cb:d1:98:b2:a5:80:e7:
44:81:6d:cb:a5:cf:76:f3:5f:8c:4e:64:ab:f6:ce:
53:3b:9c:43:fa:72:5e:0f:86:42:65:31:1c:b8:0d:
c8:69:d3:25:86:b6:b8:ac:d0:bd:1a:a3:d2:16:a8:
16:5b:41:2f:e0:4e:62:f2:a5:78:9e:a9:9a:ba:e9:
6b:7a:27:d2:da:26:71:07:37:7c:0d:88:93:e1:7e:
91:f0:76:26:bb:49:35:cf:12:12:e7:30:12:1c:77:
a0:e0:79:11:6c:f7:df:32:69:34:84:aa:dd:f4:dc:
4b:4f:6b:de:1d:65:17:9f:2e:31:8b:65:bf:fc:6a:
43:bf:b8:26:94:23:c6:0b:13:3e:23:70:71:d0:07:
f7:ec:44:89:d2:5c:4c:3a:ae:5d:cf:f1:42:f0:b9:
e5:61:35:e0:76:aa:42:f1:32:cb:54:85:1d:70:db:
34:e9:2b:dc:c4:a6:e9:9d:a2:84:7d:fa:31:dd:f6:
50:47:d1:9c:17:5c:f1:5c:10:e3:ae:b1:f3:58:39:
ad:83:35:00:e1:2b:6b:f5:f2:3d:14:03:95:e7:4a:
a7:b3:df:05:f2:14:60:cc:65:23:db:d3:7b:81:70:
2e:3f:a0:12:05:8e:09:06:81:55:78:42:ab:c6:5f:
94:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:6D:45:4F:44:65:65:A6:2B:49:34:AF:FE:BA:80:D0:A3:6A:9C:29
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/u21FT0RlZaYrSTSv_rqA0KNqnCk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.42.80.0/22
93.119.105.0/24
Signature Algorithm: sha256WithRSAEncryption
00:03:a2:4d:2e:77:43:6b:ff:9d:b1:13:8b:7d:c5:b3:44:71:
48:bd:a6:6e:65:08:c8:0f:54:0a:76:5e:18:81:f0:d7:31:ea:
87:47:a3:40:da:a3:70:91:b3:79:b3:b2:5b:44:69:7e:a4:97:
71:8f:5a:5e:3c:f5:92:a0:44:2a:7b:97:56:59:70:68:c1:95:
2a:d2:b6:36:af:f4:fc:27:37:1f:3b:8e:c1:ea:86:91:f1:34:
d7:8c:c0:45:92:ed:16:49:a2:6c:de:84:15:5a:bc:e8:b3:45:
55:62:d6:16:80:aa:db:ac:95:98:5d:93:5b:95:cf:66:14:f1:
78:18:ad:1c:f0:93:fc:1b:82:3c:48:ab:66:9b:68:ee:54:e6:
05:3c:e0:26:55:69:e2:50:8a:8d:1a:46:31:b5:e2:cf:95:3f:
18:93:02:3b:de:9a:1b:f8:85:00:cf:eb:12:bf:07:1a:90:1f:
6a:8e:31:7a:b5:d5:c2:fb:5f:84:a8:29:e9:d6:ac:fb:fe:06:
a1:3f:6a:78:fc:65:ed:5d:f6:e3:bd:ea:ba:9a:30:9e:d6:ef:
41:df:87:20:41:9a:7b:a2:e6:67:8b:6a:c3:04:6d:23:1e:ad:
23:3e:9e:63:c9:9d:0a:23:70:3c:aa:6a:84:6c:43:c7:31:fc:
44:ea:ff:ab
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYra8k2PUIpJhrdUskDwCNc3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjMwOTI4MDg0MDI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjZkNDU0ZjQ0NjU2NWE2MmI0OTM0YWZmZWJhODBkMGEzNmE5YzI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjPN12vsxEsvRmLKlgOdEgW3Lpc92
81+MTmSr9s5TO5xD+nJeD4ZCZTEcuA3IadMlhra4rNC9GqPSFqgWW0Ev4E5i8qV4
nqmauulreifS2iZxBzd8DYiT4X6R8HYmu0k1zxIS5zASHHeg4HkRbPffMmk0hKrd
9NxLT2veHWUXny4xi2W//GpDv7gmlCPGCxM+I3Bx0Af37ESJ0lxMOq5dz/FC8Lnl
YTXgdqpC8TLLVIUdcNs06SvcxKbpnaKEffox3fZQR9GcF1zxXBDjrrHzWDmtgzUA
4Str9fI9FAOV50qns98F8hRgzGUj29N7gXAuP6ASBY4JBoFVeEKrxl+U5wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLttRU9EZWWmK0k0r/66gNCjapwpMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvdTIxRlQwUmxaYVlyU1RTdl9ycUEwS05xbkNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCWSpQAwQA
XXdpMA0GCSqGSIb3DQEBCwUAA4IBAQAAA6JNLndDa/+dsROLfcWzRHFIvaZuZQjI
D1QKdl4YgfDXMeqHR6NA2qNwkbN5s7JbRGl+pJdxj1pePPWSoEQqe5dWWXBowZUq
0rY2r/T8JzcfO47B6oaR8TTXjMBFku0WSaJs3oQVWrzos0VVYtYWgKrbrJWYXZNb
lc9mFPF4GK0c8JP8G4I8SKtmm2juVOYFPOAmVWniUIqNGkYxteLPlT8YkwI73pob
+IUAz+sSvwcakB9qjjF6tdXC+1+EqCnp1qz7/gahP2p4/GXtXfbjveq6mjCe1u9B
34cgQZp7ouZni2rDBG0jHq0jPp5jyZ0KI3A8qmqEbEPHMfxE6v+r
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:50 2024 by rpki-client on console-ams.rpki-client.org