Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/3UCrHpA_RhuBgLW0HbhpeXr2XjU.roa
File: 3UCrHpA_RhuBgLW0HbhpeXr2XjU.roa (raw, json)
Hash identifier: 65c93JRnl7dZf/pzfOzKgQ2msSWw47wB1dY4wEyS2V8=
Subject key identifier: DD:40:AB:1E:90:3F:46:1B:81:80:B5:B4:1D:B8:69:79:7A:F6:5E:35
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 0189594DB5021DE185C38CB31D6E7EB983E1
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/3UCrHpA_RhuBgLW0HbhpeXr2XjU.roa
Signing time: Sat 15 Jul 2023 11:26:51 +0000
ROA not before: Sat 15 Jul 2023 11:26:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205220
IP address blocks: 89.251.16.0/24 maxlen: 24
89.251.19.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 15 Aug 2023 04:26:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:59:4d:b5:02:1d:e1:85:c3:8c:b3:1d:6e:7e:b9:83:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Jul 15 11:26:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dd40ab1e903f461b8180b5b41db869797af65e35
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:34:7e:f5:61:f4:f9:5c:25:cc:19:61:30:d1:
2b:e4:27:e3:ac:c2:37:37:d3:a6:69:b2:fd:1f:e6:
c9:41:35:fa:0e:96:96:c7:a6:31:67:a2:9b:1f:51:
d1:df:68:57:bf:7e:3a:12:4d:e7:3a:f4:e6:bb:7e:
ba:95:e6:58:4e:97:b4:de:5e:7e:dc:4d:5e:85:bb:
84:bb:57:66:32:ca:e9:94:bc:e5:47:22:6c:d0:e1:
38:85:b2:9a:0b:9d:b3:e0:80:91:0b:f6:51:62:fd:
2d:b1:bf:e9:77:31:5a:14:7d:d4:a2:14:81:61:af:
5f:6a:c5:00:ea:f9:ac:d6:e5:ba:a7:c0:e7:ae:92:
bd:c7:80:10:cd:46:15:16:8c:28:64:11:e4:f9:b2:
fe:c9:a1:17:90:b3:67:41:7b:05:c9:fd:be:58:68:
3e:fe:09:36:08:f4:08:9f:27:0d:28:a1:da:2b:94:
f1:8f:9c:6e:63:0e:77:14:fc:09:ac:74:f9:fd:c4:
4a:61:60:d0:7a:fd:95:5b:b6:1d:98:30:97:2b:bf:
92:5b:86:5e:0d:e9:c2:87:99:ba:d2:6e:e6:9c:dc:
5c:b4:f5:3c:2c:25:1a:06:d3:86:e4:94:aa:0a:bd:
b7:8a:f8:3c:2b:51:81:94:42:4c:08:38:24:cc:18:
b8:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:40:AB:1E:90:3F:46:1B:81:80:B5:B4:1D:B8:69:79:7A:F6:5E:35
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/3UCrHpA_RhuBgLW0HbhpeXr2XjU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.251.16.0/24
89.251.19.0/24
Signature Algorithm: sha256WithRSAEncryption
5e:41:0c:2d:0e:ba:0d:cd:df:71:84:ff:f0:cc:aa:75:83:64:
d0:2a:c8:0e:f6:6f:fc:c7:34:f1:41:b1:b2:ea:4b:13:ca:a4:
11:06:71:9c:77:f6:dc:5c:83:9f:33:11:b6:19:2b:f2:e5:55:
c2:85:bf:73:64:ad:28:f2:c2:a2:6a:d6:33:06:03:94:05:14:
2d:a3:1d:0c:00:33:e2:70:8d:e1:83:01:d2:7b:12:da:ec:c6:
25:d4:f4:0a:23:22:80:ed:0a:b9:40:e7:30:bc:61:c0:89:01:
26:78:9d:65:bb:52:bc:d4:b0:78:0c:00:dd:53:1d:ee:af:df:
24:38:e6:e9:ad:1a:6f:8e:b8:44:ba:39:c2:d2:b0:0a:b6:ae:
c5:11:f7:be:94:cb:20:93:2d:ff:5c:f4:bd:8a:3e:94:28:ae:
66:fc:66:14:d0:a8:8c:dd:4a:8a:e6:61:8c:55:7b:84:d4:59:
cd:23:2d:ad:8f:5a:24:70:1e:8e:50:b8:14:24:70:ab:a8:a9:
c9:e3:68:36:ca:d4:a1:bf:fc:2d:96:1f:e9:cb:d6:e6:5a:23:
b3:fe:52:56:3d:d6:b5:09:e4:7e:b3:b6:03:50:44:25:19:31:
fe:90:cc:c5:a9:18:1a:13:aa:f6:b0:69:98:57:de:da:2d:d4:
e5:c2:a3:f1
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYlZTbUCHeGFw4yzHW5+uYPhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjMwNzE1MTEyNjUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDQwYWIxZTkwM2Y0NjFiODE4MGI1YjQxZGI4Njk3OTdhZjY1ZTM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjTR+9WH0+VwlzBlhMNEr5CfjrMI3
N9OmabL9H+bJQTX6DpaWx6YxZ6KbH1HR32hXv346Ek3nOvTmu366leZYTpe03l5+
3E1ehbuEu1dmMsrplLzlRyJs0OE4hbKaC52z4ICRC/ZRYv0tsb/pdzFaFH3UohSB
Ya9fasUA6vms1uW6p8DnrpK9x4AQzUYVFowoZBHk+bL+yaEXkLNnQXsFyf2+WGg+
/gk2CPQInycNKKHaK5Txj5xuYw53FPwJrHT5/cRKYWDQev2VW7YdmDCXK7+SW4Ze
DenCh5m60m7mnNxctPU8LCUaBtOG5JSqCr23ivg8K1GBlEJMCDgkzBi4PQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFN1Aqx6QP0YbgYC1tB24aXl69l41MB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvM1VDckhwQV9SaHVCZ0xXMEhiaHBlWHIyWGpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWfsQAwQA
WfsTMA0GCSqGSIb3DQEBCwUAA4IBAQBeQQwtDroNzd9xhP/wzKp1g2TQKsgO9m/8
xzTxQbGy6ksTyqQRBnGcd/bcXIOfMxG2GSvy5VXChb9zZK0o8sKiatYzBgOUBRQt
ox0MADPicI3hgwHSexLa7MYl1PQKIyKA7Qq5QOcwvGHAiQEmeJ1lu1K81LB4DADd
Ux3ur98kOObprRpvjrhEujnC0rAKtq7FEfe+lMsgky3/XPS9ij6UKK5m/GYU0KiM
3UqK5mGMVXuE1FnNIy2tj1okcB6OULgUJHCrqKnJ42g2ytShv/wtlh/py9bmWiOz
/lJWPda1CeR+s7YDUEQlGTH+kMzFqRgaE6r2sGmYV97aLdTlwqPx
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:05 2024 by rpki-client on console-ams.rpki-client.org