Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/75mwCr4YAuleu72-XJ2f_uBz26w.roa
File: 75mwCr4YAuleu72-XJ2f_uBz26w.roa (raw, json)
Hash identifier: wlePX+xSyOvSjHTVumM0v/sEKOikTgGrnRkWKXk01aY=
Subject key identifier: EF:99:B0:0A:BE:18:02:E9:5E:BB:BD:BE:5C:9D:9F:FE:E0:73:DB:AC
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 018B445DE7087F80970D8F6DB3A32916C475
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/75mwCr4YAuleu72-XJ2f_uBz26w.roa
Signing time: Wed 18 Oct 2023 19:58:06 +0000
ROA not before: Wed 18 Oct 2023 19:58:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 109.122.43.0/24 maxlen: 24
91.226.59.0/24 maxlen: 24
89.251.18.0/24 maxlen: 24
89.251.23.0/24 maxlen: 24
89.251.22.0/24 maxlen: 24
89.251.24.0/24 maxlen: 24
89.251.29.0/24 maxlen: 24
89.251.31.0/24 maxlen: 24
89.251.25.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 19 Oct 2023 19:31:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:44:5d:e7:08:7f:80:97:0d:8f:6d:b3:a3:29:16:c4:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Oct 18 19:58:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ef99b00abe1802e95ebbbdbe5c9d9ffee073dbac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:f7:26:f1:a2:8e:1c:22:1c:e2:15:1f:d2:43:
e5:97:28:2a:d8:35:c7:93:18:ed:27:24:c4:62:82:
67:ea:75:7d:b7:36:55:96:97:8f:1f:1c:d6:03:d2:
a1:44:8c:0d:f2:7f:10:97:2e:a8:30:35:db:58:f0:
c7:7e:9e:71:4d:8b:13:45:ea:ff:41:af:3e:51:4a:
e5:62:61:80:4a:3c:01:b5:9c:f3:ce:97:b2:f5:49:
2e:36:b6:94:f6:5a:c2:e8:25:18:03:8c:3e:5a:c5:
12:8f:6d:c2:48:62:36:4b:90:c4:cd:f8:79:fd:ba:
24:64:e0:83:05:92:06:6d:f1:6b:97:e4:84:2c:d7:
7a:c8:d6:e0:13:08:71:c1:13:89:15:64:c7:35:9d:
9e:f1:33:52:5a:4d:4d:f4:57:ef:aa:e6:7b:22:c5:
79:09:84:5a:68:a3:04:82:1f:a5:2d:39:62:82:9d:
0e:e5:a1:f1:3b:a7:51:8c:92:20:48:35:94:73:6e:
26:d7:2b:74:dd:f0:bd:ae:f0:8e:26:a8:8e:61:62:
d9:ba:d4:d9:9c:fe:48:a7:39:db:8b:1a:30:5b:bd:
e2:e3:d0:78:98:3a:05:ea:3b:0c:dd:85:2d:44:33:
e9:86:a2:b7:e8:e0:65:41:d7:bf:41:dd:01:a9:a4:
f5:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:99:B0:0A:BE:18:02:E9:5E:BB:BD:BE:5C:9D:9F:FE:E0:73:DB:AC
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/75mwCr4YAuleu72-XJ2f_uBz26w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.251.18.0/24
89.251.22.0-89.251.25.255
89.251.29.0/24
89.251.31.0/24
91.226.59.0/24
109.122.43.0/24
Signature Algorithm: sha256WithRSAEncryption
73:8c:c5:31:05:ee:a7:47:1c:c5:d9:0a:6f:09:2c:1d:9e:75:
c7:0a:9d:84:71:41:9a:76:c9:92:7f:1a:07:79:3b:3f:3c:15:
c3:0c:68:f8:8e:15:8e:f1:eb:36:3e:ce:73:b1:d2:84:f8:b4:
2e:68:3c:bb:4c:5f:55:da:22:cb:b4:b4:c0:9c:bb:8a:d5:b4:
7a:8f:a9:77:1f:ad:91:3a:0c:8e:fc:91:4f:ef:fc:1b:83:92:
3b:d1:6c:e6:6b:9e:7e:2c:bc:6f:ee:cd:fd:68:4e:8f:bd:92:
07:ba:ee:81:81:2f:f5:b4:5a:12:52:37:fb:5c:f0:7c:dc:23:
70:b6:fb:29:c7:09:10:b6:a2:a5:84:b2:b4:b0:11:84:43:45:
99:62:b1:5d:0e:e6:ab:86:de:cc:ad:dd:d9:5c:54:d2:67:39:
4c:98:04:de:2f:f0:77:7a:2c:3e:05:cd:45:a1:ba:f6:c0:5e:
e7:8c:23:bf:d3:8e:9d:f2:e1:48:bb:7d:1e:88:04:f8:ed:cc:
aa:f7:b5:6c:77:be:8d:aa:97:35:5f:4c:49:ca:d7:79:f1:5b:
31:93:9e:dc:11:a4:ed:d2:e9:13:31:83:21:8d:69:67:c7:d4:
bc:7b:4e:24:8a:ad:2d:2e:8a:14:53:e4:29:1f:60:3d:a7:3b:
a8:06:3d:1e
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYtEXecIf4CXDY9ts6MpFsR1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjMxMDE4MTk1ODA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZjk5YjAwYWJlMTgwMmU5NWViYmJkYmU1YzlkOWZmZWUwNzNkYmFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz/cm8aKOHCIc4hUf0kPllygq2DXH
kxjtJyTEYoJn6nV9tzZVlpePHxzWA9KhRIwN8n8Qly6oMDXbWPDHfp5xTYsTRer/
Qa8+UUrlYmGASjwBtZzzzpey9UkuNraU9lrC6CUYA4w+WsUSj23CSGI2S5DEzfh5
/bokZOCDBZIGbfFrl+SELNd6yNbgEwhxwROJFWTHNZ2e8TNSWk1N9FfvquZ7IsV5
CYRaaKMEgh+lLTligp0O5aHxO6dRjJIgSDWUc24m1yt03fC9rvCOJqiOYWLZutTZ
nP5IpznbixowW73i49B4mDoF6jsM3YUtRDPphqK36OBlQde/Qd0BqaT1CwIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFO+ZsAq+GALpXru9vlydn/7gc9usMB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvNzVtd0NyNFlBdWxldTcyLVhKMmZfdUJ6MjZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQAWfsSMAwD
BAFZ+xYDBAFZ+xgDBABZ+x0DBABZ+x8DBABb4jsDBABteiswDQYJKoZIhvcNAQEL
BQADggEBAHOMxTEF7qdHHMXZCm8JLB2edccKnYRxQZp2yZJ/Ggd5Oz88FcMMaPiO
FY7x6zY+znOx0oT4tC5oPLtMX1XaIsu0tMCcu4rVtHqPqXcfrZE6DI78kU/v/BuD
kjvRbOZrnn4svG/uzf1oTo+9kge67oGBL/W0WhJSN/tc8HzcI3C2+ynHCRC2oqWE
srSwEYRDRZlisV0O5quG3syt3dlcVNJnOUyYBN4v8Hd6LD4FzUWhuvbAXueMI7/T
jp3y4Ui7fR6IBPjtzKr3tWx3vo2qlzVfTEnK13nxWzGTntwRpO3S6RMxgyGNaWfH
1Lx7TiSKrS0uihRT5CkfYD2nO6gGPR4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:06 2024 by rpki-client on console-ams.rpki-client.org