Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/Ea522lizfcbWr9XadFrm6s9PP-o.roa
File: Ea522lizfcbWr9XadFrm6s9PP-o.roa (raw, json)
Hash identifier: xxFgCcwK2hybhBASoZsasda5DH4HzH5SE9S3V1szz04=
Subject key identifier: 11:AE:76:DA:58:B3:7D:C6:D6:AF:D5:DA:74:5A:E6:EA:CF:4F:3F:EA
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 018D8F9EF3C7B97BF195451524D08AA5A208
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/Ea522lizfcbWr9XadFrm6s9PP-o.roa
Signing time: Fri 09 Feb 2024 20:46:15 +0000
ROA not before: Fri 09 Feb 2024 20:46:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 89.251.21.0/24 maxlen: 24
109.122.46.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 11 Feb 2024 08:22:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:8f:9e:f3:c7:b9:7b:f1:95:45:15:24:d0:8a:a5:a2:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Feb 9 20:46:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=11ae76da58b37dc6d6afd5da745ae6eacf4f3fea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:30:db:09:16:09:10:af:b4:30:bc:a0:d4:88:
06:fd:c3:cb:3c:24:1d:dc:f1:5e:e9:11:47:5a:50:
75:b1:6c:20:c8:5a:5f:9f:96:59:33:4d:6f:e9:f0:
09:38:32:1a:a5:df:76:c2:31:7f:e2:50:8d:e8:2d:
3c:fd:0c:97:dc:19:ce:ab:bd:8d:0b:04:fa:66:53:
06:cd:bf:db:c2:38:93:4f:d4:60:53:bb:c9:74:5c:
e9:e4:8f:dc:13:ce:6d:db:35:b6:19:20:47:24:f7:
f9:67:80:43:6e:c8:0e:05:95:44:d4:30:91:54:2c:
18:d2:85:7f:66:e2:15:d1:0c:b4:08:ae:2c:a2:f2:
ce:51:1f:f6:55:ac:d0:cd:57:d3:c0:90:87:c9:09:
c1:d0:a5:e2:79:5d:11:aa:1b:94:f6:16:b7:f2:d9:
33:8a:29:9c:09:91:b6:2b:cb:f7:89:d1:d5:05:92:
93:76:b7:40:36:02:1b:e8:83:86:24:82:56:4c:75:
62:4a:3b:a5:a5:ff:39:dd:96:9c:32:83:98:b7:fd:
da:78:be:c3:92:45:bb:2e:60:54:f0:ad:8c:86:d6:
51:76:9b:6b:b6:ef:f9:4e:6e:47:d2:9c:d3:c5:5b:
9f:ec:3f:2f:3f:de:cf:f3:f8:e7:0e:09:41:62:f1:
8b:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:AE:76:DA:58:B3:7D:C6:D6:AF:D5:DA:74:5A:E6:EA:CF:4F:3F:EA
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/Ea522lizfcbWr9XadFrm6s9PP-o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.251.21.0/24
109.122.46.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:9b:e2:4d:ac:62:80:eb:eb:58:7a:ee:75:84:45:cf:20:7f:
67:df:de:44:12:ee:74:bd:93:7a:cc:ed:26:f1:f8:1b:40:fa:
24:d6:6e:8a:5c:e5:2f:ff:bc:30:3a:3f:9d:86:c6:dd:23:9c:
82:09:1e:70:4d:5a:d5:1b:5a:c4:c1:2b:b9:d4:f1:26:b7:46:
4b:0a:70:aa:e2:f9:dc:47:c6:ce:e5:c9:7a:71:87:0d:df:b1:
14:fc:7a:3a:55:e4:5e:bc:3a:d1:91:af:a6:a8:b6:44:6c:26:
96:27:4c:21:3a:46:7d:47:6b:35:5f:aa:55:c6:4c:fd:4b:e2:
68:52:ed:d8:d6:c0:93:20:b7:2e:a5:68:1e:8f:66:26:ae:a0:
d5:05:0c:93:3a:74:79:51:af:d9:32:6a:68:e1:2f:fa:fe:4d:
a4:25:14:f5:9f:0e:fc:17:e7:a3:de:67:b3:cf:34:fc:ca:b8:
6a:f4:2c:65:01:4e:d3:47:cb:a6:c4:ee:97:13:9b:9f:8a:3a:
64:e8:45:1f:7e:5a:32:d5:9c:d3:20:6b:22:1d:48:e8:cd:51:
25:ac:02:c0:87:db:c8:2e:35:7b:5f:44:83:70:a7:46:87:54:
2d:1e:01:b0:37:00:66:a5:47:6d:2a:b3:65:f0:6b:01:dd:02:
bc:f6:89:0e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY2PnvPHuXvxlUUVJNCKpaIIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjQwMjA5MjA0NjE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMWFlNzZkYTU4YjM3ZGM2ZDZhZmQ1ZGE3NDVhZTZlYWNmNGYzZmVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkDDbCRYJEK+0MLyg1IgG/cPLPCQd
3PFe6RFHWlB1sWwgyFpfn5ZZM01v6fAJODIapd92wjF/4lCN6C08/QyX3BnOq72N
CwT6ZlMGzb/bwjiTT9RgU7vJdFzp5I/cE85t2zW2GSBHJPf5Z4BDbsgOBZVE1DCR
VCwY0oV/ZuIV0Qy0CK4sovLOUR/2VazQzVfTwJCHyQnB0KXieV0RqhuU9ha38tkz
iimcCZG2K8v3idHVBZKTdrdANgIb6IOGJIJWTHViSjulpf853ZacMoOYt/3aeL7D
kkW7LmBU8K2MhtZRdptrtu/5Tm5H0pzTxVuf7D8vP97P8/jnDglBYvGLDQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBGudtpYs33G1q/V2nRa5urPTz/qMB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvRWE1MjJsaXpmY2JXcjlYYWRGcm02czlQUC1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWfsVAwQA
bXouMA0GCSqGSIb3DQEBCwUAA4IBAQA+m+JNrGKA6+tYeu51hEXPIH9n395EEu50
vZN6zO0m8fgbQPok1m6KXOUv/7wwOj+dhsbdI5yCCR5wTVrVG1rEwSu51PEmt0ZL
CnCq4vncR8bO5cl6cYcN37EU/Ho6VeRevDrRka+mqLZEbCaWJ0whOkZ9R2s1X6pV
xkz9S+JoUu3Y1sCTILcupWgej2YmrqDVBQyTOnR5Ua/ZMmpo4S/6/k2kJRT1nw78
F+ej3mezzzT8yrhq9CxlAU7TR8umxO6XE5ufijpk6EUffloy1ZzTIGsiHUjozVEl
rALAh9vILjV7X0SDcKdGh1QtHgGwNwBmpUdtKrNl8GsB3QK89okO
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:36 2024 by rpki-client on console-fra.rpki-client.org