Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/wzqhTbIj0lZOv5OjXr3_2O6raRA.roa
File: wzqhTbIj0lZOv5OjXr3_2O6raRA.roa (raw, json)
Hash identifier: bwn8x3jOzc6xvTbBf4IaDVYHZ2NQG3eclSlmT4OtJ04=
Subject key identifier: C3:3A:A1:4D:B2:23:D2:56:4E:BF:93:A3:5E:BD:FF:D8:EE:AB:69:10
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 018B8458D5CF3A70BCF017669217668DB775
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/wzqhTbIj0lZOv5OjXr3_2O6raRA.roa
Signing time: Tue 31 Oct 2023 06:08:16 +0000
ROA not before: Tue 31 Oct 2023 06:08:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57673
IP address blocks: 185.101.104.0/24 maxlen: 24
185.101.105.0/24 maxlen: 24
89.34.26.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Nov 2023 09:19:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:84:58:d5:cf:3a:70:bc:f0:17:66:92:17:66:8d:b7:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Oct 31 06:08:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c33aa14db223d2564ebf93a35ebdffd8eeab6910
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:fe:84:f8:b6:ae:fd:2a:8c:c2:d2:29:5b:03:
1e:dc:77:38:96:e5:df:37:cf:65:28:5b:38:6b:d7:
7d:06:36:44:e5:f0:53:04:ac:b3:53:f6:4b:be:51:
9f:b8:e1:b0:63:19:f6:8a:67:c7:d8:aa:18:dc:52:
35:a3:b9:b2:ca:a3:6f:ba:33:0f:93:ca:cf:e2:a1:
6a:7c:a5:c3:0e:61:04:96:a7:0c:7e:31:07:b5:1c:
d1:90:18:cf:b8:b1:03:0e:fa:bd:d0:9e:ce:e3:e2:
44:92:97:6e:ad:3f:ac:c7:46:3e:d6:c9:21:37:30:
59:d9:cd:e2:92:ba:17:01:40:0f:c1:66:ff:41:2c:
23:ee:9d:7b:36:a7:7c:fa:f2:e6:2e:4c:62:11:1c:
b7:7e:e0:fe:25:92:98:d5:87:7c:05:99:65:b9:25:
40:db:da:98:ec:c7:ad:2a:35:43:d6:26:dc:8e:ef:
8c:05:ed:e3:60:96:e4:0b:16:d5:25:ba:e9:c4:1d:
c8:51:25:19:fb:85:98:25:a8:88:83:0d:c7:6f:93:
6e:01:f5:cf:2c:7c:10:93:59:4f:bc:81:1f:d3:68:
51:95:ec:7b:4e:e1:d8:31:fe:29:5c:ed:28:52:be:
ce:f6:d1:f2:b1:1f:79:65:af:c6:7d:bf:69:1c:46:
30:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:3A:A1:4D:B2:23:D2:56:4E:BF:93:A3:5E:BD:FF:D8:EE:AB:69:10
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/wzqhTbIj0lZOv5OjXr3_2O6raRA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.34.26.0/24
185.101.104.0/23
Signature Algorithm: sha256WithRSAEncryption
32:0f:88:d1:cd:27:b4:c1:da:18:a3:81:d2:d2:87:ff:fc:df:
69:3f:f2:bc:b2:30:05:74:05:92:ac:16:79:a9:93:ee:35:d4:
69:1d:a1:4d:b7:a2:8d:b9:75:5a:74:51:fc:82:96:fc:fd:b4:
b8:90:7a:01:9b:65:c5:25:ec:3c:1c:70:4a:c6:b3:5e:99:87:
2e:fa:5a:46:ec:96:20:27:1a:e9:d9:ac:23:80:b3:b6:1f:2c:
ab:f3:e0:5d:75:3b:c4:0f:3c:82:eb:35:da:85:a8:e9:d2:69:
90:ae:05:ab:95:6b:b4:09:2e:8b:32:5d:c3:85:ee:2d:22:45:
d2:ac:1d:4c:65:ee:56:63:82:52:ed:67:7d:69:d7:96:ea:01:
b6:fd:1a:70:02:a9:78:04:c6:fb:98:d6:50:25:7b:a9:af:16:
f1:1e:c2:dc:df:67:e3:43:7f:9f:14:60:48:24:f9:62:31:aa:
11:90:f0:ac:14:93:5e:53:6e:b4:a6:19:00:37:38:d2:4c:75:
f8:a5:87:27:2c:39:79:b7:27:c0:e0:c5:99:17:ef:ea:30:24:
7f:5e:df:08:3c:6a:eb:ed:83:e6:5f:e6:bc:2d:d2:c5:18:30:
09:5d:00:f8:bb:ad:fc:58:a0:00:cd:ae:13:8e:e2:64:f6:7f:
c7:d7:d8:f7
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYuEWNXPOnC88Bdmkhdmjbd1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjMxMDMxMDYwODE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMzNhYTE0ZGIyMjNkMjU2NGViZjkzYTM1ZWJkZmZkOGVlYWI2OTEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjv6E+Lau/SqMwtIpWwMe3Hc4luXf
N89lKFs4a9d9BjZE5fBTBKyzU/ZLvlGfuOGwYxn2imfH2KoY3FI1o7myyqNvujMP
k8rP4qFqfKXDDmEElqcMfjEHtRzRkBjPuLEDDvq90J7O4+JEkpdurT+sx0Y+1skh
NzBZ2c3ikroXAUAPwWb/QSwj7p17Nqd8+vLmLkxiERy3fuD+JZKY1Yd8BZlluSVA
29qY7MetKjVD1ibcju+MBe3jYJbkCxbVJbrpxB3IUSUZ+4WYJaiIgw3Hb5NuAfXP
LHwQk1lPvIEf02hRlex7TuHYMf4pXO0oUr7O9tHysR95Za/Gfb9pHEYwwQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMM6oU2yI9JWTr+To169/9juq2kQMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvd3pxaFRiSWowbFpPdjVPalhyM18yTzZyYVJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWSIaAwQB
uWVoMA0GCSqGSIb3DQEBCwUAA4IBAQAyD4jRzSe0wdoYo4HS0of//N9pP/K8sjAF
dAWSrBZ5qZPuNdRpHaFNt6KNuXVadFH8gpb8/bS4kHoBm2XFJew8HHBKxrNemYcu
+lpG7JYgJxrp2awjgLO2Hyyr8+BddTvEDzyC6zXahajp0mmQrgWrlWu0CS6LMl3D
he4tIkXSrB1MZe5WY4JS7Wd9adeW6gG2/RpwAql4BMb7mNZQJXuprxbxHsLc32fj
Q3+fFGBIJPliMaoRkPCsFJNeU260phkANzjSTHX4pYcnLDl5tyfA4MWZF+/qMCR/
Xt8IPGrr7YPmX+a8LdLFGDAJXQD4u638WKAAza4TjuJk9n/H19j3
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:50 2024 by rpki-client on console-ams.rpki-client.org