Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/0-9OONzcH3u9phnNWNnHPRXw6Ec.roa
File: 0-9OONzcH3u9phnNWNnHPRXw6Ec.roa (raw, json)
Hash identifier: /XawXtm0d5tX0ghnj+FMt7yOm94QHtyCv4epc8f75Lk=
Subject key identifier: D3:EF:4E:38:DC:DC:1F:7B:BD:A6:19:CD:58:D9:C7:3D:15:F0:E8:47
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 018C17292588108F672AEDA942DC93CC62F3
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/0-9OONzcH3u9phnNWNnHPRXw6Ec.roa
Signing time: Tue 28 Nov 2023 18:20:21 +0000
ROA not before: Tue 28 Nov 2023 18:20:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60949
IP address blocks: 109.122.45.0/24 maxlen: 24
89.251.27.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:31:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:17:29:25:88:10:8f:67:2a:ed:a9:42:dc:93:cc:62:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Nov 28 18:20:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d3ef4e38dcdc1f7bbda619cd58d9c73d15f0e847
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:95:c8:6e:e0:a9:82:27:6b:59:1f:3b:10:6d:
be:37:6d:e4:ac:dc:07:b4:25:a3:54:36:b7:ed:44:
14:37:a4:3a:40:8a:1c:af:8f:24:01:8a:2d:15:0d:
2a:92:fb:34:45:ff:89:d4:f6:ee:f6:2d:9c:36:b4:
fd:b2:2c:da:44:40:74:d6:e5:1f:ff:87:f5:b1:75:
75:26:97:18:bf:1b:89:ed:4a:0f:27:ba:d6:e2:e3:
96:35:30:19:24:dc:f5:70:a8:10:73:8b:67:f6:11:
a5:d3:c5:05:c4:4c:a5:0a:eb:1f:a0:5e:9b:df:c0:
dd:ca:36:59:6c:09:71:80:89:90:53:54:a7:6c:85:
2b:54:f2:4e:4e:86:3d:62:63:6c:21:66:8b:f6:b7:
5e:46:40:92:9c:88:5f:af:b7:62:11:f4:ea:f0:4c:
94:93:c4:0f:c1:75:58:ae:a9:85:02:ce:78:a3:6f:
be:86:e2:11:23:14:f3:21:73:3a:ba:58:89:aa:75:
20:60:c5:23:96:8e:80:bb:9b:5d:9e:bc:b1:b9:12:
02:16:ff:0c:5a:2d:a3:a9:9f:3a:54:d5:f7:6c:f3:
11:bd:0b:26:f3:e3:b1:cf:ba:89:2f:31:fc:83:97:
44:46:66:96:a2:c7:33:06:4a:8d:80:cd:cd:9a:86:
26:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:EF:4E:38:DC:DC:1F:7B:BD:A6:19:CD:58:D9:C7:3D:15:F0:E8:47
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/0-9OONzcH3u9phnNWNnHPRXw6Ec.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.251.27.0/24
109.122.45.0/24
Signature Algorithm: sha256WithRSAEncryption
69:3c:2f:29:55:4e:5d:e1:fa:a2:8d:89:66:a8:03:32:17:34:
29:0b:8c:0c:ec:98:98:4b:8f:3b:97:7b:8c:b2:f9:fe:26:43:
3c:65:58:a6:35:8e:1d:af:4e:b3:e8:66:08:42:0a:4f:e9:92:
2c:08:8d:e3:18:7e:87:4c:1d:77:3c:bf:82:c1:3b:fc:55:b4:
b7:47:be:f3:d5:5d:c8:3d:dd:38:20:d7:d0:6a:31:b9:22:1b:
5b:7b:19:fa:9f:3e:3d:62:31:fb:1d:05:58:bb:2a:52:3b:3d:
d0:ff:8b:43:cc:48:36:e9:64:3f:31:d4:1f:9a:63:33:54:31:
ff:17:a4:bc:aa:56:9c:0a:01:62:fa:76:11:7a:a2:56:f4:5b:
3b:ed:72:0d:ed:ad:6b:df:28:d2:60:ff:e4:92:4b:20:09:1f:
14:29:fc:bb:12:cd:98:e3:90:83:85:f1:9e:f0:47:e2:c3:a8:
8f:f8:e1:a3:33:31:83:83:ed:f7:6a:47:db:c5:2c:e2:7f:dc:
b0:52:e7:20:f0:87:02:2b:77:80:5c:bc:1d:8e:86:a7:bd:e1:
72:e9:17:5b:4e:d4:da:4b:17:65:ca:83:54:31:45:4d:9b:fc:
26:98:de:30:ca:bf:eb:c8:7c:2e:f4:77:2c:7e:e8:c5:ec:88:
1a:0f:1c:e6
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYwXKSWIEI9nKu2pQtyTzGLzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjMxMTI4MTgyMDIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkM2VmNGUzOGRjZGMxZjdiYmRhNjE5Y2Q1OGQ5YzczZDE1ZjBlODQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnZXIbuCpgidrWR87EG2+N23krNwH
tCWjVDa37UQUN6Q6QIocr48kAYotFQ0qkvs0Rf+J1Pbu9i2cNrT9sizaREB01uUf
/4f1sXV1JpcYvxuJ7UoPJ7rW4uOWNTAZJNz1cKgQc4tn9hGl08UFxEylCusfoF6b
38DdyjZZbAlxgImQU1SnbIUrVPJOToY9YmNsIWaL9rdeRkCSnIhfr7diEfTq8EyU
k8QPwXVYrqmFAs54o2++huIRIxTzIXM6uliJqnUgYMUjlo6Au5tdnryxuRICFv8M
Wi2jqZ86VNX3bPMRvQsm8+Oxz7qJLzH8g5dERmaWosczBkqNgM3NmoYmVQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNPvTjjc3B97vaYZzVjZxz0V8OhHMB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvMC05T09OemNIM3U5cGhuTldObkhQUlh3NkVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWfsbAwQA
bXotMA0GCSqGSIb3DQEBCwUAA4IBAQBpPC8pVU5d4fqijYlmqAMyFzQpC4wM7JiY
S487l3uMsvn+JkM8ZVimNY4dr06z6GYIQgpP6ZIsCI3jGH6HTB13PL+CwTv8VbS3
R77z1V3IPd04INfQajG5Ihtbexn6nz49YjH7HQVYuypSOz3Q/4tDzEg26WQ/MdQf
mmMzVDH/F6S8qlacCgFi+nYReqJW9Fs77XIN7a1r3yjSYP/kkksgCR8UKfy7Es2Y
45CDhfGe8Efiw6iP+OGjMzGDg+33akfbxSzif9ywUucg8IcCK3eAXLwdjoanveFy
6RdbTtTaSxdlyoNUMUVNm/wmmN4wyr/ryHwu9HcsfujF7IgaDxzm
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:05 2024 by rpki-client on console-ams.rpki-client.org