Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/5VcB3sjf78fh59bkSd0eHZ0hs8E.roa
File: 5VcB3sjf78fh59bkSd0eHZ0hs8E.roa (raw, json)
Hash identifier: EbduJ2bcYlTry/BznWKxaaqNS1YeZ53+h5ndTVuWeoQ=
Subject key identifier: E5:57:01:DE:C8:DF:EF:C7:E1:E7:D6:E4:49:DD:1E:1D:9D:21:B3:C1
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 018BE46625C0E0401A17E9404384C7489A25
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/5VcB3sjf78fh59bkSd0eHZ0hs8E.roa
Signing time: Sat 18 Nov 2023 21:46:21 +0000
ROA not before: Sat 18 Nov 2023 21:46:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 109.122.44.0/24 maxlen: 24
109.122.43.0/24 maxlen: 24
89.251.18.0/24 maxlen: 24
89.251.23.0/24 maxlen: 24
89.251.22.0/24 maxlen: 24
89.251.24.0/24 maxlen: 24
89.251.20.0/24 maxlen: 24
89.251.29.0/24 maxlen: 24
89.251.31.0/24 maxlen: 24
89.251.25.0/24 maxlen: 24
146.19.56.0/24 maxlen: 24
91.200.221.0/24 maxlen: 24
91.226.59.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 24 Nov 2023 06:37:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:e4:66:25:c0:e0:40:1a:17:e9:40:43:84:c7:48:9a:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Nov 18 21:46:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e55701dec8dfefc7e1e7d6e449dd1e1d9d21b3c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:59:c3:20:e5:fe:9d:92:58:b1:70:81:7c:87:
30:d4:2e:e6:23:bb:67:46:c8:e0:6f:1c:5a:33:08:
f1:ae:7f:fa:6c:9d:49:d5:2f:15:90:eb:34:fa:be:
22:1c:84:70:83:4f:fe:cc:8d:1d:00:59:51:bf:18:
96:ba:c3:7a:04:2a:95:9a:25:b0:d4:98:a7:9a:e0:
64:3a:c3:b2:bb:a8:fc:c1:e8:0d:f0:58:4f:94:51:
44:3d:d0:15:d0:e3:24:f0:bf:8e:52:e2:8e:1f:fa:
f0:6d:46:a8:17:48:fc:ce:bf:38:bb:a6:7c:48:fc:
6e:ba:e2:12:22:27:fe:2c:45:6c:2c:f8:bd:cd:36:
41:49:43:9d:c9:55:69:d4:14:09:19:40:99:d2:f1:
96:97:bc:83:38:f0:88:dd:75:04:b6:ce:3e:56:be:
be:42:a5:4c:aa:f1:58:eb:c3:f9:9e:9e:5a:24:8f:
73:03:39:68:c7:d4:44:9e:58:07:4a:aa:09:c9:e2:
23:c5:df:e5:e7:55:25:2e:e9:83:97:7f:87:93:6a:
aa:85:5a:95:c3:e6:a7:d2:cb:bb:e4:e4:ef:17:d4:
90:14:0a:12:ab:db:15:fe:db:a6:20:bb:94:f9:9b:
c9:52:85:09:3c:c6:eb:63:64:e7:c3:c9:cd:fc:ec:
36:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:57:01:DE:C8:DF:EF:C7:E1:E7:D6:E4:49:DD:1E:1D:9D:21:B3:C1
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/5VcB3sjf78fh59bkSd0eHZ0hs8E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.251.18.0/24
89.251.20.0/24
89.251.22.0-89.251.25.255
89.251.29.0/24
89.251.31.0/24
91.200.221.0/24
91.226.59.0/24
109.122.43.0-109.122.44.255
146.19.56.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:81:be:a6:2c:33:9e:e0:8a:b0:4d:cb:86:50:f4:b8:38:9e:
76:84:17:ce:f0:c2:ed:0d:23:13:c4:bb:7d:31:ab:66:72:e9:
33:4b:5c:4f:1f:e3:b1:e3:06:c2:52:12:bb:f2:f3:0d:35:1a:
2b:94:5d:0a:4f:70:2b:0b:1e:0f:b9:03:9e:23:22:c9:61:01:
3a:5d:bb:a9:02:ae:d6:8a:12:13:c2:83:94:a2:c9:3d:e3:7e:
a9:10:13:9f:3f:11:fa:81:b1:80:61:b2:fe:c3:fd:a3:44:a4:
e0:48:9d:32:c4:10:c6:10:3c:92:10:d3:93:37:4c:5f:70:59:
21:78:90:2a:c8:34:0d:4d:69:9e:67:68:23:9f:f7:ce:e7:57:
54:43:53:a9:1e:d9:fa:8c:61:d4:68:81:9c:a8:99:ed:bc:62:
64:fc:62:33:6a:b5:42:1a:35:ce:b2:c9:f5:33:a9:d8:a2:99:
91:36:18:32:75:8c:2b:e1:ba:b8:d4:90:02:5a:6d:2e:b3:e8:
2c:48:06:35:1b:df:c0:dc:37:6b:d3:8f:a9:b2:41:66:52:c6:
f9:53:64:73:5d:6d:2d:f8:57:b4:3c:12:05:a8:c5:d3:9f:e6:
13:79:c4:50:5d:c5:0a:6d:c2:62:d5:29:ee:d9:4d:9d:b9:0d:
11:ed:93:cb
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAYvkZiXA4EAaF+lAQ4THSJolMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjMxMTE4MjE0NjIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNTU3MDFkZWM4ZGZlZmM3ZTFlN2Q2ZTQ0OWRkMWUxZDlkMjFiM2MxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoFnDIOX+nZJYsXCBfIcw1C7mI7tn
RsjgbxxaMwjxrn/6bJ1J1S8VkOs0+r4iHIRwg0/+zI0dAFlRvxiWusN6BCqVmiWw
1JinmuBkOsOyu6j8wegN8FhPlFFEPdAV0OMk8L+OUuKOH/rwbUaoF0j8zr84u6Z8
SPxuuuISIif+LEVsLPi9zTZBSUOdyVVp1BQJGUCZ0vGWl7yDOPCI3XUEts4+Vr6+
QqVMqvFY68P5np5aJI9zAzlox9REnlgHSqoJyeIjxd/l51UlLumDl3+Hk2qqhVqV
w+an0su75OTvF9SQFAoSq9sV/tumILuU+ZvJUoUJPMbrY2Tnw8nN/Ow2jQIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFOVXAd7I3+/H4efW5EndHh2dIbPBMB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvNVZjQjNzamY3OGZoNTlia1NkMGVIWjBoczhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjBMBAIAATBGAwQAWfsSAwQA
WfsUMAwDBAFZ+xYDBAFZ+xgDBABZ+x0DBABZ+x8DBABbyN0DBABb4jswDAMEAG16
KwMEAG16LAMEAJITODANBgkqhkiG9w0BAQsFAAOCAQEAbIG+piwznuCKsE3LhlD0
uDiedoQXzvDC7Q0jE8S7fTGrZnLpM0tcTx/jseMGwlISu/LzDTUaK5RdCk9wKwse
D7kDniMiyWEBOl27qQKu1ooSE8KDlKLJPeN+qRATnz8R+oGxgGGy/sP9o0Sk4Eid
MsQQxhA8khDTkzdMX3BZIXiQKsg0DU1pnmdoI5/3zudXVENTqR7Z+oxh1GiBnKiZ
7bxiZPxiM2q1Qho1zrLJ9TOp2KKZkTYYMnWMK+G6uNSQAlptLrPoLEgGNRvfwNw3
a9OPqbJBZlLG+VNkc11tLfhXtDwSBajF05/mE3nEUF3FCm3CYtUp7tlNnbkNEe2T
yw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:06 2024 by rpki-client on console-ams.rpki-client.org