Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/F8IiavQ2aYaW3oSwQtVncPfzsLo.roa
File: F8IiavQ2aYaW3oSwQtVncPfzsLo.roa (raw, json)
Hash identifier: s3nWbpbo9U0ZtMj5kjedY++CryDYK78qAc48dblbjTw=
Subject key identifier: 17:C2:22:6A:F4:36:69:86:96:DE:84:B0:42:D5:67:70:F7:F3:B0:BA
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 018BEE8C6AAE2F05F16AD1C536FD67EA3308
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/F8IiavQ2aYaW3oSwQtVncPfzsLo.roa
Signing time: Mon 20 Nov 2023 21:04:21 +0000
ROA not before: Mon 20 Nov 2023 21:04:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20473
IP address blocks: 212.23.206.0/24 maxlen: 24
89.251.30.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:31:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:ee:8c:6a:ae:2f:05:f1:6a:d1:c5:36:fd:67:ea:33:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Nov 20 21:04:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=17c2226af436698696de84b042d56770f7f3b0ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:c7:04:b4:97:54:49:1e:51:6d:96:42:d3:59:
a0:d8:f6:25:eb:c4:fb:23:6f:e5:42:7c:e9:8e:6e:
e3:44:a7:b2:8e:ea:64:e4:ab:4c:9f:bc:1f:80:b1:
6d:f5:f4:f2:cb:69:3b:a0:54:c5:8f:49:ef:46:e5:
0f:e8:93:df:3d:7c:c6:9f:77:bb:0e:22:fb:67:9d:
a2:5a:b5:13:fd:7b:bc:c4:cf:90:c7:ac:4b:99:3e:
ea:c6:f9:f8:ef:de:48:3f:8a:94:00:4c:47:21:d4:
3a:10:10:28:b3:eb:ae:fc:f3:a9:62:79:0c:07:e9:
36:79:ef:86:3c:21:2b:43:03:da:c7:37:f2:ed:f3:
fa:0b:ae:f4:f8:bc:ed:c1:b1:86:d1:e1:c0:d9:aa:
a0:4c:a8:32:cc:ec:58:63:a9:fb:8a:b8:48:01:a4:
b7:ad:dd:b1:70:6d:93:83:29:e9:e2:a7:6c:d3:44:
b7:c1:e7:80:6b:e9:7c:00:e1:f2:99:98:32:ad:a6:
89:5a:d8:d6:54:9e:a0:a9:03:65:dc:5f:5c:1f:d5:
b4:eb:b6:1d:49:66:17:63:d9:cd:d6:6b:7a:a2:99:
9b:c2:f8:3a:9e:5b:5b:ad:05:99:4c:9f:fc:1c:89:
65:4f:f6:d5:d5:1d:24:ea:07:a0:3e:98:1f:53:fe:
ba:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:C2:22:6A:F4:36:69:86:96:DE:84:B0:42:D5:67:70:F7:F3:B0:BA
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/F8IiavQ2aYaW3oSwQtVncPfzsLo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.251.30.0/24
212.23.206.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:59:f8:56:26:ba:5f:88:8a:da:a6:1e:92:1d:98:ba:7c:5b:
60:2c:28:3e:2f:6e:ef:b2:f3:27:93:a9:f3:f0:f4:81:2d:23:
eb:05:55:45:47:c6:eb:b1:73:29:04:f5:58:6c:4e:02:c2:bd:
ba:eb:48:eb:72:05:07:0b:e3:27:d6:cf:1e:90:95:ee:bc:5a:
07:4f:ad:2d:e6:4c:54:66:63:e1:06:d3:05:32:f8:f7:d4:e8:
bf:ff:c6:d8:06:7f:aa:64:8f:bb:0e:e3:65:92:e0:48:aa:9e:
b8:2d:42:c9:07:fe:3d:5a:fd:08:82:86:4e:b6:5b:df:a8:a8:
a5:6c:fa:66:46:ba:cb:ea:91:0d:ff:1e:f9:ba:33:ea:75:dc:
51:27:42:86:7f:12:df:ae:3d:6a:bf:3c:9c:2e:75:40:b5:28:
98:dd:34:54:37:ea:38:02:65:70:9f:3f:61:cb:6e:64:ca:fa:
70:d1:b7:3e:64:0b:ac:cf:35:25:81:3b:24:4b:47:72:c8:bf:
4b:76:e8:c3:32:15:4b:90:7a:19:7b:c5:d8:da:88:b1:fb:e6:
38:8d:05:d8:3f:df:fd:2a:30:a0:b8:43:9d:c4:87:b6:8a:06:
2a:39:ba:ee:14:c8:34:da:d4:a2:bf:c3:68:74:ff:67:8f:52:
d6:e3:9a:e3
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYvujGquLwXxatHFNv1n6jMIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjMxMTIwMjEwNDIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxN2MyMjI2YWY0MzY2OTg2OTZkZTg0YjA0MmQ1Njc3MGY3ZjNiMGJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4scEtJdUSR5RbZZC01mg2PYl68T7
I2/lQnzpjm7jRKeyjupk5KtMn7wfgLFt9fTyy2k7oFTFj0nvRuUP6JPfPXzGn3e7
DiL7Z52iWrUT/Xu8xM+Qx6xLmT7qxvn4795IP4qUAExHIdQ6EBAos+uu/POpYnkM
B+k2ee+GPCErQwPaxzfy7fP6C670+LztwbGG0eHA2aqgTKgyzOxYY6n7irhIAaS3
rd2xcG2Tgynp4qds00S3weeAa+l8AOHymZgyraaJWtjWVJ6gqQNl3F9cH9W067Yd
SWYXY9nN1mt6opmbwvg6nltbrQWZTJ/8HIllT/bV1R0k6gegPpgfU/660wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBfCImr0NmmGlt6EsELVZ3D387C6MB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvRjhJaWF2UTJhWWFXM29Td1F0Vm5jUGZ6c0xvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWfseAwQA
1BfOMA0GCSqGSIb3DQEBCwUAA4IBAQBqWfhWJrpfiIraph6SHZi6fFtgLCg+L27v
svMnk6nz8PSBLSPrBVVFR8brsXMpBPVYbE4Cwr2660jrcgUHC+Mn1s8ekJXuvFoH
T60t5kxUZmPhBtMFMvj31Oi//8bYBn+qZI+7DuNlkuBIqp64LULJB/49Wv0IgoZO
tlvfqKilbPpmRrrL6pEN/x75ujPqddxRJ0KGfxLfrj1qvzycLnVAtSiY3TRUN+o4
AmVwnz9hy25kyvpw0bc+ZAuszzUlgTskS0dyyL9LdujDMhVLkHoZe8XY2oix++Y4
jQXYP9/9KjCguEOdxIe2igYqObruFMg02tSiv8NodP9nj1LW45rj
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:36 2024 by rpki-client on console-fra.rpki-client.org