Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/5rdaAKz4TIztaM2fEY7xyqWhM2k.roa
File: 5rdaAKz4TIztaM2fEY7xyqWhM2k.roa (raw, json)
Hash identifier: 9Os/wT0HRKxqurvEmv4oTIUjz6Z14mAniEdld/SRrwc=
Subject key identifier: E6:B7:5A:00:AC:F8:4C:8C:ED:68:CD:9F:11:8E:F1:CA:A5:A1:33:69
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 019208E3F16B9B54ED97EBB523505C0A37FB
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/5rdaAKz4TIztaM2fEY7xyqWhM2k.roa
Signing time: Thu 19 Sep 2024 06:06:48 +0000
ROA not before: Thu 19 Sep 2024 06:06:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61317
IP address blocks: 89.21.86.0/24 maxlen: 24
89.251.18.0/24 maxlen: 24
89.251.31.0/24 maxlen: 24
146.19.56.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 07 Nov 2024 14:36:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:08:e3:f1:6b:9b:54:ed:97:eb:b5:23:50:5c:0a:37:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Sep 19 06:06:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e6b75a00acf84c8ced68cd9f118ef1caa5a13369
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:27:c2:3b:70:14:eb:c1:1f:54:96:6a:10:ad:
de:07:36:70:22:2e:f5:be:7e:45:9e:f4:48:2c:e9:
73:a8:37:f8:b8:00:6e:dd:6d:e1:d2:10:d6:86:02:
5a:81:44:85:25:3c:81:b2:84:c7:a5:bf:e8:05:5e:
da:1f:8b:56:e4:51:ea:63:67:73:f6:e7:24:24:96:
be:83:c4:a8:a6:3b:52:da:b2:5e:3a:cb:4e:5d:e6:
30:fd:4e:49:cd:f2:3f:77:aa:7d:55:d3:28:32:25:
ed:86:43:58:5c:5f:ce:b0:de:38:6e:14:91:0e:c7:
17:29:8c:b3:b6:16:ce:40:3c:a6:62:e6:67:73:a4:
b1:21:fe:54:6f:e1:77:24:55:fa:55:b3:d3:fa:62:
d8:a1:2a:67:4b:c3:0a:e5:a2:14:71:71:2c:c6:0f:
f6:2d:f0:16:b9:9c:7d:5f:23:81:71:a1:a5:72:a1:
db:9c:e9:4a:9b:f7:83:78:b9:30:eb:1c:bb:b6:45:
fd:ac:8d:d8:5e:3c:82:e4:39:8b:64:05:6f:43:47:
a4:ee:57:08:9d:f7:d0:5e:ad:1d:5f:c7:fb:c3:83:
96:eb:50:23:8f:7c:4b:32:41:55:0a:c5:17:f8:9d:
8f:19:e7:20:24:8e:0e:af:05:20:78:ea:09:69:f1:
a4:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:B7:5A:00:AC:F8:4C:8C:ED:68:CD:9F:11:8E:F1:CA:A5:A1:33:69
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/5rdaAKz4TIztaM2fEY7xyqWhM2k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.21.86.0/24
89.251.18.0/24
89.251.31.0/24
146.19.56.0/24
Signature Algorithm: sha256WithRSAEncryption
59:cf:09:ce:af:75:6e:29:fc:c0:f9:03:fc:b5:3e:7d:09:a5:
b0:ea:05:25:63:9d:72:79:ed:ee:de:73:20:c1:d0:96:5a:6d:
ca:c3:69:a4:9f:c9:af:f9:aa:46:da:09:0f:98:16:b2:ba:40:
fc:3c:74:14:d7:94:96:03:45:da:3c:4e:ca:9d:80:6a:bc:07:
43:1f:12:23:38:b9:d9:fe:1b:61:9f:f9:5d:a7:e2:3b:e1:ca:
ec:21:29:03:ab:cc:27:22:9a:85:ba:85:ec:16:51:50:72:a0:
7d:93:2c:ca:be:97:b4:e4:56:63:51:40:f2:91:78:0b:e6:cc:
0b:b3:90:29:31:21:ee:93:34:1b:55:36:f3:6e:ca:0f:ba:80:
36:e4:5d:3f:46:86:6c:0c:d2:2a:26:1f:b0:b2:0c:29:20:61:
48:2a:60:07:47:00:1a:ce:ee:b7:a1:df:23:4e:e2:b3:8b:e0:
c8:8f:33:f9:3e:eb:ee:f3:d5:46:cd:18:0d:40:73:50:5a:03:
78:01:d2:57:b0:5b:68:0e:6b:f8:c9:29:33:2f:1a:1a:36:24:
b0:bd:c4:e9:cf:64:c5:ac:89:70:9c:6c:15:a0:27:9d:9f:70:
b2:5a:dd:f5:fe:65:63:f6:2f:b2:0d:88:34:ad:ea:43:47:3c:
bd:3a:07:0f
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZII4/Frm1Ttl+u1I1BcCjf7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjQwOTE5MDYwNjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNmI3NWEwMGFjZjg0YzhjZWQ2OGNkOWYxMThlZjFjYWE1YTEzMzY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3yfCO3AU68EfVJZqEK3eBzZwIi71
vn5FnvRILOlzqDf4uABu3W3h0hDWhgJagUSFJTyBsoTHpb/oBV7aH4tW5FHqY2dz
9uckJJa+g8SopjtS2rJeOstOXeYw/U5JzfI/d6p9VdMoMiXthkNYXF/OsN44bhSR
DscXKYyzthbOQDymYuZnc6SxIf5Ub+F3JFX6VbPT+mLYoSpnS8MK5aIUcXEsxg/2
LfAWuZx9XyOBcaGlcqHbnOlKm/eDeLkw6xy7tkX9rI3YXjyC5DmLZAVvQ0ek7lcI
nffQXq0dX8f7w4OW61Ajj3xLMkFVCsUX+J2PGecgJI4OrwUgeOoJafGkBQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFOa3WgCs+EyM7WjNnxGO8cqloTNpMB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvNXJkYUFLejRUSXp0YU0yZkVZN3h5cVdoTTJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAWRVWAwQA
WfsSAwQAWfsfAwQAkhM4MA0GCSqGSIb3DQEBCwUAA4IBAQBZzwnOr3VuKfzA+QP8
tT59CaWw6gUlY51yee3u3nMgwdCWWm3Kw2mkn8mv+apG2gkPmBayukD8PHQU15SW
A0XaPE7KnYBqvAdDHxIjOLnZ/hthn/ldp+I74crsISkDq8wnIpqFuoXsFlFQcqB9
kyzKvpe05FZjUUDykXgL5swLs5ApMSHukzQbVTbzbsoPuoA25F0/RoZsDNIqJh+w
sgwpIGFIKmAHRwAazu63od8jTuKzi+DIjzP5Puvu89VGzRgNQHNQWgN4AdJXsFto
Dmv4ySkzLxoaNiSwvcTpz2TFrIlwnGwVoCedn3CyWt31/mVj9i+yDYg0repDRzy9
OgcP
-----END CERTIFICATE-----
Generated at Thu Nov 7 18:18:44 2024 by rpki-client on console-fra.rpki-client.org