Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/0LlPNyEk4gpmIWRg7CTxvKXQSYw.roa
File: 0LlPNyEk4gpmIWRg7CTxvKXQSYw.roa (raw, json)
Hash identifier: zuyzGsMi98S2zvK65T2Dnd9pPlipnVE6wJA08GqiYdA=
Subject key identifier: D0:B9:4F:37:21:24:E2:0A:66:21:64:60:EC:24:F1:BC:A5:D0:49:8C
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 01920E3F6629441975F9B4669063FAF298AF
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/0LlPNyEk4gpmIWRg7CTxvKXQSYw.roa
Signing time: Fri 20 Sep 2024 07:04:48 +0000
ROA not before: Fri 20 Sep 2024 07:04:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16276
IP address blocks: 89.21.84.0/24 maxlen: 24
89.251.22.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 16 Oct 2024 09:44:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:0e:3f:66:29:44:19:75:f9:b4:66:90:63:fa:f2:98:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Sep 20 07:04:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d0b94f372124e20a66216460ec24f1bca5d0498c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:84:34:ac:60:3b:83:0f:d7:68:b5:e4:4b:c6:
2c:e2:59:b8:4d:68:53:6b:a2:d5:60:1f:75:e2:b3:
90:73:f5:9c:ad:fb:31:9f:3c:b4:eb:e7:66:8c:00:
3b:82:cd:5f:fa:14:0d:2a:c6:7a:2d:30:37:3e:97:
be:90:b3:2c:3e:68:80:35:18:96:cd:62:26:ea:96:
9a:b9:4a:75:4e:e8:21:18:91:9a:45:6e:60:ed:bc:
db:f5:64:24:a6:32:03:73:b0:72:ad:51:24:15:6e:
01:75:fa:a4:a9:34:96:f6:c8:f6:1d:d8:39:5f:6d:
a2:c7:28:12:7c:dd:44:c8:25:95:1c:bf:64:13:ac:
e8:32:59:3c:23:4a:f9:14:77:74:ce:6c:30:0c:bb:
b5:68:f6:2c:26:ba:66:4f:ce:7d:7d:56:fe:7e:8a:
be:49:55:f2:de:cf:dc:63:b5:29:5f:cf:87:73:89:
ca:28:7e:dc:55:d0:4e:e2:40:dc:ce:68:05:e1:b1:
b3:9c:72:4a:d6:5e:bf:63:81:71:78:60:ed:6a:2f:
ef:74:ff:f2:83:95:57:b9:32:5c:4b:0a:7d:dc:b4:
4e:b3:94:9f:c5:e2:c3:97:2b:bb:6b:4e:23:4b:9f:
82:f1:39:eb:28:7f:7c:7f:68:3d:86:fa:c4:1b:f3:
5d:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:B9:4F:37:21:24:E2:0A:66:21:64:60:EC:24:F1:BC:A5:D0:49:8C
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/0LlPNyEk4gpmIWRg7CTxvKXQSYw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.21.84.0/24
89.251.22.0/24
Signature Algorithm: sha256WithRSAEncryption
18:db:09:79:e7:1c:65:8a:1f:88:79:01:63:df:22:3f:fd:27:
04:42:cd:39:19:f1:aa:9c:f1:41:0b:c5:cb:bf:a6:91:e1:d9:
b3:d1:4c:03:7a:3a:a5:35:be:d8:a3:76:88:24:fb:e5:8b:ec:
09:3e:4f:e8:fe:0a:3b:7e:ba:91:7b:d7:8d:d8:6b:1b:58:b6:
d1:1d:dd:58:e0:c9:17:12:3b:44:9b:2b:af:77:09:0a:a4:cd:
84:78:13:60:c1:ae:30:65:a7:df:f1:26:70:22:35:78:c4:f2:
ed:20:97:c0:89:02:51:2b:19:48:8f:05:42:9d:72:f0:77:6c:
ae:a1:ed:45:d6:5d:2b:da:d4:65:c6:54:a0:3c:03:63:64:2e:
de:76:74:45:fb:6a:a7:9f:cf:08:de:5f:e6:2b:ac:86:62:1c:
2d:d1:77:f3:cf:6c:da:4d:32:c3:22:f0:f6:85:bc:b7:4d:33:
38:aa:43:e6:43:d5:48:59:b4:e1:e0:2c:a3:c4:aa:45:5b:5b:
5a:72:f1:2f:e8:d1:72:8a:c7:92:dc:03:50:fa:f4:41:de:93:
56:2e:88:97:57:81:dd:7f:42:2c:e4:d0:c5:9a:b3:cf:a8:ae:
5d:b7:d4:ec:0d:65:a2:95:cf:9c:0c:5f:a4:6a:98:50:a8:7f:
05:70:8d:a3
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZIOP2YpRBl1+bRmkGP68pivMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjQwOTIwMDcwNDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMGI5NGYzNzIxMjRlMjBhNjYyMTY0NjBlYzI0ZjFiY2E1ZDA0OThjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzYQ0rGA7gw/XaLXkS8Ys4lm4TWhT
a6LVYB914rOQc/Wcrfsxnzy06+dmjAA7gs1f+hQNKsZ6LTA3Ppe+kLMsPmiANRiW
zWIm6paauUp1TughGJGaRW5g7bzb9WQkpjIDc7ByrVEkFW4BdfqkqTSW9sj2Hdg5
X22ixygSfN1EyCWVHL9kE6zoMlk8I0r5FHd0zmwwDLu1aPYsJrpmT859fVb+foq+
SVXy3s/cY7UpX8+Hc4nKKH7cVdBO4kDczmgF4bGznHJK1l6/Y4FxeGDtai/vdP/y
g5VXuTJcSwp93LROs5SfxeLDlyu7a04jS5+C8TnrKH98f2g9hvrEG/NduwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNC5TzchJOIKZiFkYOwk8byl0EmMMB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvMExsUE55RWs0Z3BtSVdSZzdDVHh2S1hRU1l3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWRVUAwQA
WfsWMA0GCSqGSIb3DQEBCwUAA4IBAQAY2wl55xxlih+IeQFj3yI//ScEQs05GfGq
nPFBC8XLv6aR4dmz0UwDejqlNb7Yo3aIJPvli+wJPk/o/go7frqRe9eN2GsbWLbR
Hd1Y4MkXEjtEmyuvdwkKpM2EeBNgwa4wZaff8SZwIjV4xPLtIJfAiQJRKxlIjwVC
nXLwd2yuoe1F1l0r2tRlxlSgPANjZC7ednRF+2qnn88I3l/mK6yGYhwt0Xfzz2za
TTLDIvD2hby3TTM4qkPmQ9VIWbTh4CyjxKpFW1tacvEv6NFyiseS3ANQ+vRB3pNW
LoiXV4Hdf0Is5NDFmrPPqK5dt9TsDWWilc+cDF+kaphQqH8FcI2j
-----END CERTIFICATE-----
Generated at Wed Oct 16 13:21:10 2024 by rpki-client on console-ams.rpki-client.org