Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/1-EH3vymi3YPIcH55ZFMSlUcI8Cw.roa
File: 1-EH3vymi3YPIcH55ZFMSlUcI8Cw.roa (raw, json)
Hash identifier: I/UP7e+IkxwRBLdu4oksHz9Oy6eKJnk436P8uejN5Pk=
Subject key identifier: F8:41:F7:BF:29:A2:DD:83:C8:70:7E:79:64:53:12:95:47:08:F0:2C
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 01894D3E8A0E454BD139E881F37CBD6D314B
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/1-EH3vymi3YPIcH55ZFMSlUcI8Cw.roa
Signing time: Thu 13 Jul 2023 03:14:51 +0000
ROA not before: Thu 13 Jul 2023 03:14:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 91.200.222.0/24 maxlen: 24
91.200.223.0/24 maxlen: 24
109.122.46.0/24 maxlen: 24
89.251.16.0/24 maxlen: 24
91.226.56.0/24 maxlen: 24
89.251.21.0/24 maxlen: 24
193.93.52.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 15 Jul 2023 11:26:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:4d:3e:8a:0e:45:4b:d1:39:e8:81:f3:7c:bd:6d:31:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Jul 13 03:14:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f841f7bf29a2dd83c8707e79645312954708f02c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:2e:29:67:3a:a2:31:c4:d2:cf:67:6a:0c:11:
a7:12:62:70:92:f7:6b:6d:d9:a8:d1:9a:68:ee:3f:
a1:40:2a:5b:27:c5:3c:17:4a:c4:fe:11:ae:36:d5:
a7:2d:05:4e:6b:97:ae:ee:49:71:68:57:ee:c7:e4:
51:8c:cb:61:7d:28:64:d0:77:2c:2c:61:f6:3b:5a:
c4:78:86:49:4d:60:d1:ca:74:45:4f:15:70:5e:91:
b6:22:1c:f2:0f:71:80:de:6c:0f:bf:04:f8:61:8a:
2a:4e:37:17:82:ec:9b:28:97:32:36:1b:94:1d:e0:
0a:91:06:3b:1b:2a:d2:c4:d3:8c:c7:c5:56:5e:26:
8a:85:d2:34:99:dd:be:0b:56:2f:37:39:92:d9:53:
79:ad:de:12:ba:cd:08:e2:55:11:bf:04:ea:08:42:
68:52:ba:bc:1d:3e:6c:bf:ee:a4:c0:27:67:9b:67:
87:d7:6a:cf:7e:26:66:02:eb:ba:d6:58:6b:9d:10:
ae:8c:32:c3:be:d3:7b:93:6d:20:93:bd:22:db:39:
4e:70:6e:12:5a:54:2f:b2:59:c7:89:98:12:30:46:
93:f9:ef:b7:86:62:ce:ed:e9:95:8d:92:26:ec:c6:
cc:45:a2:65:40:18:0c:35:8e:9a:cc:ee:41:d6:71:
09:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:41:F7:BF:29:A2:DD:83:C8:70:7E:79:64:53:12:95:47:08:F0:2C
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/1-EH3vymi3YPIcH55ZFMSlUcI8Cw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.251.16.0/24
89.251.21.0/24
91.200.222.0/23
91.226.56.0/24
109.122.46.0/24
193.93.52.0/24
Signature Algorithm: sha256WithRSAEncryption
61:eb:6f:9d:4f:8e:fd:c3:b9:b1:67:dc:d9:bb:81:99:a8:0c:
5d:03:a9:d5:d2:67:21:f9:db:8f:53:87:88:4b:00:4d:f2:8c:
39:92:b4:65:3b:d6:08:d1:5d:47:12:97:a7:d0:be:00:b1:d6:
ab:0d:be:8f:e5:3b:b6:44:b7:07:49:38:6a:eb:d1:b0:e8:5c:
da:a3:0d:4f:8b:19:3f:ad:35:b9:3d:44:bd:88:58:36:9a:d7:
c1:08:85:2a:92:d2:6d:d3:f1:46:74:71:4f:8e:c7:45:0e:9c:
a2:f0:49:42:1c:26:96:b6:68:f9:c4:ac:ec:83:30:2b:c7:af:
30:f5:59:98:60:32:d4:fe:b2:10:04:5e:a3:d1:0a:1f:9a:38:
a7:c4:7e:23:aa:69:c2:f2:06:f1:55:c7:0b:e8:74:02:4f:01:
7b:99:d8:f8:ce:30:95:61:fd:5b:50:c7:15:57:1b:6d:9c:f2:
95:0d:d7:36:e3:80:d7:39:b1:98:4f:15:ad:56:01:ed:d6:aa:
5e:cd:e7:94:01:c6:84:f4:f5:71:cc:47:26:cf:9f:77:9e:a6:
27:4e:c5:e7:ac:c4:c5:a0:5c:58:22:98:e6:c4:fb:72:62:ec:
fa:eb:53:bc:73:c3:34:34:a1:f0:90:20:3c:97:ad:fb:01:d4:
32:c4:bb:6e
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgISAYlNPooORUvROeiB83y9bTFLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjMwNzEzMDMxNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmODQxZjdiZjI5YTJkZDgzYzg3MDdlNzk2NDUzMTI5NTQ3MDhmMDJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAly4pZzqiMcTSz2dqDBGnEmJwkvdr
bdmo0Zpo7j+hQCpbJ8U8F0rE/hGuNtWnLQVOa5eu7klxaFfux+RRjMthfShk0Hcs
LGH2O1rEeIZJTWDRynRFTxVwXpG2IhzyD3GA3mwPvwT4YYoqTjcXguybKJcyNhuU
HeAKkQY7GyrSxNOMx8VWXiaKhdI0md2+C1YvNzmS2VN5rd4Sus0I4lURvwTqCEJo
Urq8HT5sv+6kwCdnm2eH12rPfiZmAuu61lhrnRCujDLDvtN7k20gk70i2zlOcG4S
WlQvslnHiZgSMEaT+e+3hmLO7emVjZIm7MbMRaJlQBgMNY6azO5B1nEJuwIDAQAB
o4ICKDCCAiQwHQYDVR0OBBYEFPhB978pot2DyHB+eWRTEpVHCPAsMB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvMS1FSDN2eW1pM1lQSWNINTVaRk1TbFVjSThDdy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMWMvZDI2NjE4LWIzNDAtNGY1MC1iMzMwLTMxOGEyNmQ0YThj
OS8xL2d6NF9YdmdsVldzQlNnaGRNbFpic012RnJJMC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA9BggrBgEFBQcBBwEB/wQuMCwwKgQCAAEwJAMEAFn7EAME
AFn7FQMEAVvI3gMEAFviOAMEAG16LgMEAMFdNDANBgkqhkiG9w0BAQsFAAOCAQEA
YetvnU+O/cO5sWfc2buBmagMXQOp1dJnIfnbj1OHiEsATfKMOZK0ZTvWCNFdRxKX
p9C+ALHWqw2+j+U7tkS3B0k4auvRsOhc2qMNT4sZP601uT1EvYhYNprXwQiFKpLS
bdPxRnRxT47HRQ6covBJQhwmlrZo+cSs7IMwK8evMPVZmGAy1P6yEAReo9EKH5o4
p8R+I6ppwvIG8VXHC+h0Ak8Be5nY+M4wlWH9W1DHFVcbbZzylQ3XNuOA1zmxmE8V
rVYB7daqXs3nlAHGhPT1ccxHJs+fd56mJ07F56zExaBcWCKY5sT7cmLs+utTvHPD
NDSh8JAgPJet+wHUMsS7bg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:36 2024 by rpki-client on console-fra.rpki-client.org