Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/D8WvLBLr4tZmIW5ZMpTV3JkcLHs.roa
File: D8WvLBLr4tZmIW5ZMpTV3JkcLHs.roa (raw, json)
Hash identifier: FqudTW3HT+ZEDzgStPG3MvtHrF9ULl2rvDNXe0/Neow=
Subject key identifier: 0F:C5:AF:2C:12:EB:E2:D6:66:21:6E:59:32:94:D5:DC:99:1C:2C:7B
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 018A9904BBB818C9D671BF8EF4CF76133A9E
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/D8WvLBLr4tZmIW5ZMpTV3JkcLHs.roa
Signing time: Fri 15 Sep 2023 13:25:38 +0000
ROA not before: Fri 15 Sep 2023 13:25:38 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 174
IP address blocks: 89.251.17.0/24 maxlen: 24
91.226.57.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 21 Sep 2023 19:47:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:99:04:bb:b8:18:c9:d6:71:bf:8e:f4:cf:76:13:3a:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Sep 15 13:25:38 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0fc5af2c12ebe2d666216e593294d5dc991c2c7b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:9e:27:92:eb:fa:4d:c0:88:62:93:30:ca:e8:
ba:c3:cb:ee:9d:84:07:21:41:30:3d:b9:eb:c6:f5:
9e:50:75:44:f1:bc:ef:ba:30:99:ec:fb:c8:77:bc:
e0:11:ad:84:1d:17:16:0b:7b:60:4f:92:f2:f1:1f:
18:ff:79:7c:9a:53:b3:37:1b:e7:4a:de:17:70:d8:
fc:15:87:de:83:bb:62:94:70:94:b0:cb:d9:43:c6:
ca:ae:71:00:d4:5d:a5:e5:f0:91:73:6c:37:92:32:
30:df:43:8e:8c:28:49:c0:8a:e2:38:25:b2:38:4a:
e1:99:29:31:f9:60:11:22:b7:34:10:14:dc:c5:01:
e4:3e:71:ad:e4:50:53:8b:d1:3a:d1:17:01:b6:d3:
0f:84:00:be:97:e2:6e:1f:8b:8f:75:c0:8a:14:0a:
27:0e:37:a5:15:38:8e:ca:20:36:8d:5b:31:7d:29:
7a:a5:de:20:1e:95:0e:9c:51:c2:91:a1:b6:d8:b3:
90:a9:e9:c1:a5:26:01:00:35:94:f7:d3:9a:1e:89:
e1:47:fe:85:01:77:cf:1f:d5:d7:7a:2e:3c:24:e4:
f3:7a:57:ea:55:a3:77:4c:ee:93:e0:99:7a:b2:98:
19:03:bb:b6:33:55:9c:9d:18:80:7a:94:ad:6a:b9:
33:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:C5:AF:2C:12:EB:E2:D6:66:21:6E:59:32:94:D5:DC:99:1C:2C:7B
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/D8WvLBLr4tZmIW5ZMpTV3JkcLHs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.251.17.0/24
91.226.57.0/24
Signature Algorithm: sha256WithRSAEncryption
45:46:a6:74:54:e5:e5:d4:46:5e:72:fc:eb:f6:db:51:5f:00:
19:cf:49:e3:3e:cb:8c:87:fd:08:a5:1f:da:ce:85:e1:b7:8d:
e3:c2:73:bc:2c:28:d3:f6:1f:cf:4c:55:38:bf:81:9a:93:f8:
86:f0:ce:91:0f:39:3f:f5:1c:77:c0:55:8f:24:bf:3f:05:38:
0d:cd:d8:05:ca:be:6b:27:0b:46:ee:f2:a3:38:4a:67:ed:73:
8c:c0:54:a5:3b:79:68:60:6e:06:7f:f9:91:84:4c:c5:90:45:
49:ca:69:1f:f7:7a:d8:93:c1:57:6b:a5:2d:06:7d:1e:b3:28:
6e:80:42:1e:4d:cb:01:98:d5:71:21:ed:7d:a3:f7:3f:d0:97:
6e:2c:90:cc:de:89:fb:e5:8e:55:e1:89:9c:fd:29:46:85:f2:
e3:1c:eb:b8:93:c8:5e:3d:50:0f:ff:03:1f:db:00:8e:0f:13:
ec:3e:02:03:eb:ad:c3:2b:8a:8b:ad:34:02:c5:7b:49:04:31:
ea:a2:9b:7d:32:ea:71:c7:f1:9d:df:01:b2:43:27:40:bf:55:
74:7c:9e:cd:db:6c:27:e8:75:34:11:e4:c4:b4:5c:6a:4c:c6:
34:eb:fe:6a:bb:47:6a:93:46:f8:92:a9:29:51:13:34:cd:d0:
da:8f:53:3d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYqZBLu4GMnWcb+O9M92EzqeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjMwOTE1MTMyNTM4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZmM1YWYyYzEyZWJlMmQ2NjYyMTZlNTkzMjk0ZDVkYzk5MWMyYzdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoJ4nkuv6TcCIYpMwyui6w8vunYQH
IUEwPbnrxvWeUHVE8bzvujCZ7PvId7zgEa2EHRcWC3tgT5Ly8R8Y/3l8mlOzNxvn
St4XcNj8FYfeg7tilHCUsMvZQ8bKrnEA1F2l5fCRc2w3kjIw30OOjChJwIriOCWy
OErhmSkx+WARIrc0EBTcxQHkPnGt5FBTi9E60RcBttMPhAC+l+JuH4uPdcCKFAon
DjelFTiOyiA2jVsxfSl6pd4gHpUOnFHCkaG22LOQqenBpSYBADWU99OaHonhR/6F
AXfPH9XXei48JOTzelfqVaN3TO6T4Jl6spgZA7u2M1WcnRiAepStarkz6wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFA/FrywS6+LWZiFuWTKU1dyZHCx7MB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvRDhXdkxCTHI0dFptSVc1Wk1wVFYzSmtjTEhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWfsRAwQA
W+I5MA0GCSqGSIb3DQEBCwUAA4IBAQBFRqZ0VOXl1EZecvzr9ttRXwAZz0njPsuM
h/0IpR/azoXht43jwnO8LCjT9h/PTFU4v4Gak/iG8M6RDzk/9Rx3wFWPJL8/BTgN
zdgFyr5rJwtG7vKjOEpn7XOMwFSlO3loYG4Gf/mRhEzFkEVJymkf93rYk8FXa6Ut
Bn0esyhugEIeTcsBmNVxIe19o/c/0JduLJDM3on75Y5V4Ymc/SlGhfLjHOu4k8he
PVAP/wMf2wCODxPsPgID663DK4qLrTQCxXtJBDHqopt9Mupxx/Gd3wGyQydAv1V0
fJ7N22wn6HU0EeTEtFxqTMY06/5qu0dqk0b4kqkpURM0zdDaj1M9
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:36 2024 by rpki-client on console-fra.rpki-client.org