Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/w2qfxz7rEd5xFtS38iVabMLzanA.roa
File: w2qfxz7rEd5xFtS38iVabMLzanA.roa (raw, json)
Hash identifier: 53Xjf6kGk/z8FbGn/SjSXIL6jSww9RYMM16KEc3tBnU=
Subject key identifier: C3:6A:9F:C7:3E:EB:11:DE:71:16:D4:B7:F2:25:5A:6C:C2:F3:6A:70
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 018B38DBBBB450A12CCC10F8676B938C1847
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/w2qfxz7rEd5xFtS38iVabMLzanA.roa
Signing time: Mon 16 Oct 2023 14:20:06 +0000
ROA not before: Mon 16 Oct 2023 14:20:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 89.42.82.0/23 maxlen: 23
89.42.80.0/23 maxlen: 23
93.119.105.0/24 maxlen: 24
89.46.0.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 17 Oct 2023 05:36:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:38:db:bb:b4:50:a1:2c:cc:10:f8:67:6b:93:8c:18:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Oct 16 14:20:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c36a9fc73eeb11de7116d4b7f2255a6cc2f36a70
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:3f:d1:fc:19:91:7d:27:10:cf:e7:08:9a:4f:
a9:a8:ee:c5:a4:f7:0d:2c:7f:87:24:fe:d3:e3:fa:
57:3a:6c:73:d4:48:87:c2:de:d2:fe:32:3f:cd:95:
d5:85:62:19:38:53:47:c8:ce:40:e1:93:9c:a4:93:
c4:97:75:71:21:b2:52:60:f5:3a:91:9e:17:36:b7:
fa:36:6b:69:1e:77:b0:39:73:18:f3:cc:59:b1:99:
1a:ab:89:04:b4:c2:d7:e2:96:b6:fc:bb:24:6b:e6:
49:ce:1c:a8:46:17:39:51:97:a3:ed:2c:30:09:49:
27:13:9e:d9:68:03:c2:ba:83:5c:65:30:bc:40:b7:
16:dc:60:2a:65:de:64:4b:40:0a:d8:2c:b6:5d:b5:
d8:d6:1e:f1:c7:da:45:1f:be:e0:88:fc:cd:07:d9:
9c:e6:f5:8a:7c:b8:2d:17:84:ca:fb:a6:36:4c:85:
fc:99:b4:dd:a6:df:2d:4d:c6:76:13:21:59:29:28:
8d:21:c0:7b:5c:52:95:85:85:c9:2f:5c:43:2e:3c:
05:4a:0f:0d:7b:30:0b:c7:06:6d:30:14:68:4f:28:
53:ba:fe:3c:05:2d:d5:b5:3f:92:52:d3:65:84:bc:
b3:46:a9:e8:cd:67:0a:c1:e7:87:b7:f1:5f:33:41:
b9:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:6A:9F:C7:3E:EB:11:DE:71:16:D4:B7:F2:25:5A:6C:C2:F3:6A:70
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/w2qfxz7rEd5xFtS38iVabMLzanA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.42.80.0/22
89.46.0.0/24
93.119.105.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:20:93:66:ef:0c:42:87:d9:bd:90:72:45:28:81:25:ab:14:
2b:96:92:2e:6d:ec:71:14:1e:60:13:55:c9:06:c2:2e:33:22:
ef:4f:dc:9e:3a:b7:0c:8a:22:2a:fc:70:81:10:bb:b3:f4:2d:
b5:b8:72:4a:75:1b:a7:52:a6:52:53:96:7c:8f:de:19:04:b6:
7a:df:a1:76:8a:45:60:bb:90:e5:32:b1:e3:ff:b6:6b:26:95:
d7:cc:25:5a:ef:f0:0f:a8:53:e5:d0:2a:d4:db:dc:3a:d1:6d:
34:41:a7:93:09:f9:ea:b9:ae:16:c2:a4:30:dc:74:bc:7f:5f:
60:40:15:ec:45:e8:77:18:13:0c:78:6b:f1:20:54:a1:b0:ae:
f9:92:aa:23:9b:0a:cf:0c:8a:b4:bd:08:0c:7c:17:8d:c0:65:
cf:74:86:90:3b:c4:e5:f2:6d:93:63:31:26:4c:8b:c1:3f:49:
e2:9e:c2:fd:95:32:1e:4b:68:15:8a:40:97:65:d2:15:06:e0:
8b:46:86:ad:9a:9f:a4:c7:29:c3:d7:08:0c:f3:8b:61:31:ca:
30:86:92:48:01:55:16:09:62:05:79:75:be:d7:3d:0d:c3:b3:
2a:61:ae:f5:ee:63:a1:ff:91:14:f4:72:e7:61:02:45:a1:d5:
f5:d4:f1:e1
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYs427u0UKEszBD4Z2uTjBhHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjMxMDE2MTQyMDA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMzZhOWZjNzNlZWIxMWRlNzExNmQ0YjdmMjI1NWE2Y2MyZjM2YTcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgD/R/BmRfScQz+cImk+pqO7FpPcN
LH+HJP7T4/pXOmxz1EiHwt7S/jI/zZXVhWIZOFNHyM5A4ZOcpJPEl3VxIbJSYPU6
kZ4XNrf6NmtpHnewOXMY88xZsZkaq4kEtMLX4pa2/Lska+ZJzhyoRhc5UZej7Sww
CUknE57ZaAPCuoNcZTC8QLcW3GAqZd5kS0AK2Cy2XbXY1h7xx9pFH77giPzNB9mc
5vWKfLgtF4TK+6Y2TIX8mbTdpt8tTcZ2EyFZKSiNIcB7XFKVhYXJL1xDLjwFSg8N
ezALxwZtMBRoTyhTuv48BS3VtT+SUtNlhLyzRqnozWcKweeHt/FfM0G5jQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMNqn8c+6xHecRbUt/IlWmzC82pwMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvdzJxZnh6N3JFZDV4RnRTMzhpVmFiTUx6YW5BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCWSpQAwQA
WS4AAwQAXXdpMA0GCSqGSIb3DQEBCwUAA4IBAQAuIJNm7wxCh9m9kHJFKIElqxQr
lpIubexxFB5gE1XJBsIuMyLvT9yeOrcMiiIq/HCBELuz9C21uHJKdRunUqZSU5Z8
j94ZBLZ636F2ikVgu5DlMrHj/7ZrJpXXzCVa7/APqFPl0CrU29w60W00QaeTCfnq
ua4WwqQw3HS8f19gQBXsReh3GBMMeGvxIFShsK75kqojmwrPDIq0vQgMfBeNwGXP
dIaQO8Tl8m2TYzEmTIvBP0ninsL9lTIeS2gVikCXZdIVBuCLRoatmp+kxynD1wgM
84thMcowhpJIAVUWCWIFeXW+1z0Nw7MqYa717mOh/5EU9HLnYQJFodX11PHh
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:50 2024 by rpki-client on console-ams.rpki-client.org