Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/4_vR0xi2YhPIA7W8ivA0jNbE2NI.roa
File: 4_vR0xi2YhPIA7W8ivA0jNbE2NI.roa (raw, json)
Hash identifier: T+X04tdj6ydrguk1T0RmLdWlp7Mm2t2YVEY7fidsgdQ=
Subject key identifier: E3:FB:D1:D3:18:B6:62:13:C8:03:B5:BC:8A:F0:34:8C:D6:C4:D8:D2
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 018B496BB0B3DE404927770EFEDED6CE0C81
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/4_vR0xi2YhPIA7W8ivA0jNbE2NI.roa
Signing time: Thu 19 Oct 2023 19:31:16 +0000
ROA not before: Thu 19 Oct 2023 19:31:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 109.122.44.0/24 maxlen: 24
109.122.46.0/24 maxlen: 24
89.251.20.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 20 Oct 2023 18:53:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:49:6b:b0:b3:de:40:49:27:77:0e:fe:de:d6:ce:0c:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Oct 19 19:31:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e3fbd1d318b66213c803b5bc8af0348cd6c4d8d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:1e:4f:af:d9:57:81:3d:90:7d:75:8f:46:ea:
35:6e:85:ec:bc:02:76:48:7b:3f:65:e3:23:4a:b3:
41:75:b0:78:17:e4:c6:53:41:55:da:5c:12:fc:a9:
0a:df:fc:26:39:e0:f7:cd:3b:ee:59:fb:73:25:8c:
4a:2c:88:29:2e:ab:9f:9e:e4:7a:fe:1f:0b:56:f0:
e3:87:6b:22:13:5d:6c:c4:59:d2:e1:6d:b1:74:a1:
12:80:7b:f4:34:bc:b7:58:73:a4:71:96:a0:5b:16:
5d:c6:2e:59:8a:27:0a:65:0d:0e:92:75:76:6a:c3:
39:35:12:10:c9:c4:a3:0f:db:c0:43:03:36:ea:b4:
bc:f1:c3:cb:5e:86:8d:5a:99:f0:b2:7e:ea:b8:0e:
f0:27:2c:05:0f:7b:46:fa:e9:44:b2:79:af:9f:43:
0c:93:e5:32:cb:6a:7d:30:62:1b:ef:76:78:cb:64:
86:f7:f8:f7:f9:b3:64:b6:31:64:be:a6:21:ce:db:
e9:09:bf:66:b9:d5:24:01:09:93:63:35:54:dc:03:
68:2c:cb:a8:b4:f1:80:2b:03:8d:1c:f5:f7:5e:1e:
cd:5f:3a:1e:2d:99:c0:7f:8e:f7:12:41:2d:77:e7:
bc:ab:a8:e5:a9:15:e1:d6:22:20:bb:5a:a1:af:0a:
0c:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:FB:D1:D3:18:B6:62:13:C8:03:B5:BC:8A:F0:34:8C:D6:C4:D8:D2
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/4_vR0xi2YhPIA7W8ivA0jNbE2NI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.251.20.0/24
109.122.44.0/24
109.122.46.0/24
Signature Algorithm: sha256WithRSAEncryption
00:5b:20:8e:82:6d:b8:f1:bc:6b:ed:d1:1c:af:81:fe:1a:90:
96:2e:6a:03:d9:3e:3e:09:74:d2:b2:14:55:55:78:b0:16:53:
36:f9:6c:82:f8:bf:08:5c:92:4d:8b:2b:c9:3c:3d:e8:f1:18:
d5:15:da:65:66:93:bc:95:ef:23:cc:ed:fc:4b:2a:6d:46:01:
69:b3:5c:8f:cb:e1:fb:60:6b:da:2e:43:ab:17:1b:23:93:c8:
89:c0:21:0f:10:ad:f2:06:d4:fa:fa:b0:71:3f:df:c8:50:d8:
b1:41:c2:c4:af:3c:43:1c:bd:7a:9e:fa:ea:2c:33:45:29:dc:
e4:4b:9e:e2:3d:cb:fd:ca:e6:08:07:a1:c4:5a:68:c8:46:c9:
f2:32:96:13:73:57:e8:2c:ae:a7:35:cb:f8:de:f2:dc:c2:a0:
7c:97:51:ab:0b:6d:bc:8c:5a:a3:44:f1:82:8f:5f:27:d8:16:
51:20:38:cd:27:33:e2:a7:3a:8d:2f:11:5b:43:a0:c0:09:bb:
c4:06:39:ab:bb:b5:ed:7d:c4:3b:a1:89:9f:1c:06:94:d4:7b:
35:9a:8d:c4:96:12:cf:c9:50:87:9b:ff:84:5f:76:52:89:5f:
11:d7:e8:70:a4:64:5a:62:f9:9d:ae:c6:a9:23:5e:86:56:f3:
ef:5a:23:13
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYtJa7Cz3kBJJ3cO/t7WzgyBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjMxMDE5MTkzMTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlM2ZiZDFkMzE4YjY2MjEzYzgwM2I1YmM4YWYwMzQ4Y2Q2YzRkOGQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApx5Pr9lXgT2QfXWPRuo1boXsvAJ2
SHs/ZeMjSrNBdbB4F+TGU0FV2lwS/KkK3/wmOeD3zTvuWftzJYxKLIgpLqufnuR6
/h8LVvDjh2siE11sxFnS4W2xdKESgHv0NLy3WHOkcZagWxZdxi5ZiicKZQ0OknV2
asM5NRIQycSjD9vAQwM26rS88cPLXoaNWpnwsn7quA7wJywFD3tG+ulEsnmvn0MM
k+Uyy2p9MGIb73Z4y2SG9/j3+bNktjFkvqYhztvpCb9mudUkAQmTYzVU3ANoLMuo
tPGAKwONHPX3Xh7NXzoeLZnAf473EkEtd+e8q6jlqRXh1iIgu1qhrwoM+wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFOP70dMYtmITyAO1vIrwNIzWxNjSMB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvNF92UjB4aTJZaFBJQTdXOGl2QTBqTmJFMk5JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAWfsUAwQA
bXosAwQAbXouMA0GCSqGSIb3DQEBCwUAA4IBAQAAWyCOgm248bxr7dEcr4H+GpCW
LmoD2T4+CXTSshRVVXiwFlM2+WyC+L8IXJJNiyvJPD3o8RjVFdplZpO8le8jzO38
SyptRgFps1yPy+H7YGvaLkOrFxsjk8iJwCEPEK3yBtT6+rBxP9/IUNixQcLErzxD
HL16nvrqLDNFKdzkS57iPcv9yuYIB6HEWmjIRsnyMpYTc1foLK6nNcv43vLcwqB8
l1GrC228jFqjRPGCj18n2BZRIDjNJzPipzqNLxFbQ6DACbvEBjmru7XtfcQ7oYmf
HAaU1Hs1mo3ElhLPyVCHm/+EX3ZSiV8R1+hwpGRaYvmdrsapI16GVvPvWiMT
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:36 2024 by rpki-client on console-fra.rpki-client.org