Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/0AFHWcWBLg5CK-GMlnb1apoTQN0.roa
File: 0AFHWcWBLg5CK-GMlnb1apoTQN0.roa (raw, json)
Hash identifier: 3/DeCy7uxenI8cyZM9Nvuyk1OgREU0T9hZwS9UMuZ3I=
Subject key identifier: D0:01:47:59:C5:81:2E:0E:42:2B:E1:8C:96:76:F5:6A:9A:13:40:DD
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 018F464EBF6EAD8CCE7CADFE677CD4ED38E8
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/0AFHWcWBLg5CK-GMlnb1apoTQN0.roa
Signing time: Sun 05 May 2024 01:11:56 +0000
ROA not before: Sun 05 May 2024 01:11:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 64267
IP address blocks: 89.251.16.0/24 maxlen: 24
89.251.19.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 25 Sep 2024 19:13:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:46:4e:bf:6e:ad:8c:ce:7c:ad:fe:67:7c:d4:ed:38:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: May 5 01:11:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d0014759c5812e0e422be18c9676f56a9a1340dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:ff:71:8b:94:9e:db:28:b1:50:90:df:e5:ef:
dc:54:1e:f3:fc:65:f5:f2:6b:50:97:60:99:96:d2:
12:8a:ef:61:a5:9b:56:4f:ab:a9:a6:9e:54:ae:a9:
59:9c:bc:12:89:3f:05:13:f5:06:2b:0d:02:52:65:
92:81:45:5b:35:73:70:69:16:5a:20:8c:5d:c2:13:
e3:a5:87:99:1e:88:b4:6f:5c:ad:46:a6:fb:00:8f:
46:61:ab:54:cc:9b:08:46:a2:bf:ea:70:6a:eb:f6:
bd:a1:f2:fe:97:94:a5:0a:c2:38:34:37:9e:52:23:
0d:28:e9:b3:21:57:8c:ac:11:d2:13:f0:9c:ed:4a:
ec:19:bb:52:27:8e:78:de:97:d6:bb:e8:13:bd:2a:
e0:bf:f9:a4:ad:c1:7d:bd:22:e6:5c:25:b8:50:e5:
08:7b:39:23:c2:cb:2d:86:d1:e9:1d:ef:47:f9:11:
4e:e2:2b:d6:57:cf:0a:21:d6:ab:f8:0a:61:91:99:
00:8c:80:d7:2c:b7:96:60:03:f9:d7:0f:70:b6:a2:
72:98:47:81:29:9a:41:aa:2f:9b:e8:a0:02:bd:5d:
f8:02:42:93:12:20:8b:69:53:6c:67:4c:c3:54:92:
f1:07:86:60:33:bb:4c:72:75:7d:14:bb:02:e9:ff:
e8:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:01:47:59:C5:81:2E:0E:42:2B:E1:8C:96:76:F5:6A:9A:13:40:DD
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/0AFHWcWBLg5CK-GMlnb1apoTQN0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.251.16.0/24
89.251.19.0/24
Signature Algorithm: sha256WithRSAEncryption
04:fb:e2:ab:f3:6a:92:ef:d8:14:81:e9:d4:38:eb:cb:6f:da:
c3:c1:79:8f:cc:b1:06:ad:7b:93:5e:36:25:63:00:9f:13:e1:
02:e0:18:4f:ba:b4:aa:0d:dc:8c:06:4a:a9:50:b6:eb:9c:2a:
31:4c:c4:bc:30:1b:12:42:dc:bc:51:db:ab:ed:b7:14:a0:5c:
bf:06:17:ba:e0:1c:da:2b:11:8c:12:65:dc:60:b8:b6:d3:98:
38:11:91:f5:7f:cb:50:a3:a1:f5:9a:bf:28:70:ec:7c:6f:af:
32:51:7b:e2:4e:9d:a0:4e:d3:77:36:08:9a:24:86:94:cf:92:
f4:f5:c2:5e:fe:2e:90:f3:81:b1:6c:23:28:57:4b:90:8d:73:
1c:a1:8c:d2:f6:ff:5d:88:a0:5b:f4:23:3b:4b:d7:92:8d:ae:
36:37:a2:45:30:5d:27:35:9d:f6:52:f6:56:24:8c:fe:db:2a:
34:14:20:24:76:41:93:fb:de:10:d1:db:a3:4b:df:c3:b3:f7:
62:7c:c7:86:a2:a0:30:1f:71:c1:23:64:bc:e0:b9:17:c1:db:
f1:d0:07:e8:aa:ad:6e:6c:40:0c:f9:1d:1c:90:fb:07:0f:70:
b8:f5:29:40:c1:c2:b8:7a:37:16:f3:0e:a6:4c:db:b9:09:41:
db:f6:38:c9
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY9GTr9urYzOfK3+Z3zU7TjoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjQwNTA1MDExMTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDAxNDc1OWM1ODEyZTBlNDIyYmUxOGM5Njc2ZjU2YTlhMTM0MGRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7/9xi5Se2yixUJDf5e/cVB7z/GX1
8mtQl2CZltISiu9hpZtWT6uppp5UrqlZnLwSiT8FE/UGKw0CUmWSgUVbNXNwaRZa
IIxdwhPjpYeZHoi0b1ytRqb7AI9GYatUzJsIRqK/6nBq6/a9ofL+l5SlCsI4NDee
UiMNKOmzIVeMrBHSE/Cc7UrsGbtSJ4543pfWu+gTvSrgv/mkrcF9vSLmXCW4UOUI
ezkjwssthtHpHe9H+RFO4ivWV88KIdar+AphkZkAjIDXLLeWYAP51w9wtqJymEeB
KZpBqi+b6KACvV34AkKTEiCLaVNsZ0zDVJLxB4ZgM7tMcnV9FLsC6f/oCwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNABR1nFgS4OQivhjJZ29WqaE0DdMB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvMEFGSFdjV0JMZzVDSy1HTWxuYjFhcG9UUU4wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWfsQAwQA
WfsTMA0GCSqGSIb3DQEBCwUAA4IBAQAE++Kr82qS79gUgenUOOvLb9rDwXmPzLEG
rXuTXjYlYwCfE+EC4BhPurSqDdyMBkqpULbrnCoxTMS8MBsSQty8Udur7bcUoFy/
Bhe64BzaKxGMEmXcYLi205g4EZH1f8tQo6H1mr8ocOx8b68yUXviTp2gTtN3Ngia
JIaUz5L09cJe/i6Q84GxbCMoV0uQjXMcoYzS9v9diKBb9CM7S9eSja42N6JFMF0n
NZ32UvZWJIz+2yo0FCAkdkGT+94Q0dujS9/Ds/difMeGoqAwH3HBI2S84LkXwdvx
0Afoqq1ubEAM+R0ckPsHD3C49SlAwcK4ejcW8w6mTNu5CUHb9jjJ
-----END CERTIFICATE-----
Generated at Wed Sep 25 20:37:39 2024 by rpki-client on console-fra.rpki-client.org