Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/FH7ziAGIEBmOXwXhU7YWxlBdTA4.roa
File: FH7ziAGIEBmOXwXhU7YWxlBdTA4.roa (raw, json)
Hash identifier: VnYDS9iQip/9dgMuH7vZdelu2ddZ/yaDfSC6JVcHAxE=
Subject key identifier: 14:7E:F3:88:01:88:10:19:8E:5F:05:E1:53:B6:16:C6:50:5D:4C:0E
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 0188194C9916F396990208F5D89239794F95
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/FH7ziAGIEBmOXwXhU7YWxlBdTA4.roa
Signing time: Sun 14 May 2023 08:07:10 +0000
ROA not before: Sun 14 May 2023 08:07:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 91.200.221.0/24 maxlen: 24
89.251.20.0/24 maxlen: 24
89.251.22.0/24 maxlen: 24
89.251.23.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 16 May 2023 06:26:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:19:4c:99:16:f3:96:99:02:08:f5:d8:92:39:79:4f:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: May 14 08:07:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=147ef388018810198e5f05e153b616c6505d4c0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:f1:b2:43:41:5f:56:65:09:0b:80:03:b3:22:
c3:bf:50:11:33:22:07:1b:b9:70:cb:9c:88:fe:8e:
8d:81:d3:c6:3c:60:72:27:10:23:55:97:71:8f:6f:
99:cc:96:2d:37:62:af:2d:ad:75:6a:cc:db:d5:d5:
ba:c6:9d:cb:b5:3c:25:32:70:da:6c:4a:e0:94:16:
f6:ac:f4:9e:05:85:88:eb:e2:48:23:f7:ba:d2:6f:
f6:a1:23:5d:5a:a1:8d:0a:d1:36:87:33:bf:d7:86:
ee:3a:df:f7:12:85:d1:99:d6:43:c7:b6:06:0c:62:
a6:6d:9d:e6:4d:21:d2:fb:1a:88:32:e1:76:8f:d2:
61:e2:8b:e2:c7:ba:9f:d4:77:3f:98:b9:43:fd:6b:
e6:62:25:ea:fc:29:1b:e4:3f:c0:65:59:6c:f8:f8:
e8:bb:60:7d:ae:07:ed:34:08:a8:46:2d:56:6a:96:
a2:a9:a9:c6:ae:f6:a9:68:10:3b:f6:f1:99:bf:ed:
b4:80:45:e3:e7:92:1a:6c:c8:ac:f3:3d:5a:73:03:
35:5e:8b:fc:01:a6:38:ee:42:e4:06:bf:fc:d9:de:
56:09:18:2c:30:64:6e:6d:1a:2c:58:31:98:ec:1b:
68:a7:1b:0b:1e:d8:f4:b5:ce:d3:da:d9:87:1d:0d:
f2:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:7E:F3:88:01:88:10:19:8E:5F:05:E1:53:B6:16:C6:50:5D:4C:0E
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/FH7ziAGIEBmOXwXhU7YWxlBdTA4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.251.20.0/24
89.251.22.0/23
91.200.221.0/24
Signature Algorithm: sha256WithRSAEncryption
95:a5:4c:99:f0:db:7a:fa:95:84:34:24:6f:10:e6:01:0b:37:
f7:5a:d7:fd:32:d8:77:a9:b5:38:d0:34:a0:b9:c0:a5:e0:cc:
ae:7f:56:85:12:b4:15:91:65:4b:5e:44:fa:4d:1b:45:32:ce:
20:77:9f:6f:cd:3a:d5:6d:45:ba:4f:84:9f:3d:14:0d:d9:48:
5f:52:cb:3b:24:ae:f7:5d:dc:7d:b8:b6:dc:ab:55:05:c6:8e:
d8:84:cf:46:a5:dd:74:90:5d:27:1f:b4:35:8a:37:51:3d:cf:
35:b9:51:70:b7:c5:b6:2f:fc:21:ba:6f:4a:64:d0:e3:84:72:
0b:cf:f2:51:7e:da:47:0c:56:b0:46:62:d8:47:89:62:b9:48:
9d:f2:de:39:72:e8:f7:2b:ea:49:db:8e:f5:87:09:ff:f6:1b:
42:e6:79:e6:e7:c8:5d:c7:0e:26:1b:20:c8:59:ec:39:12:c4:
df:9d:11:f5:65:5f:f5:a3:1e:88:08:4a:15:6f:f6:46:ec:7a:
7c:bb:ba:5e:24:1d:a0:fe:e4:1b:53:61:67:21:ea:86:d6:f0:
de:96:80:82:a7:e2:96:bb:13:8d:26:b3:42:36:d5:4d:38:bf:
8f:9b:8a:ff:9e:ea:f0:32:c1:21:38:4f:c9:82:b8:71:de:9a:
c3:03:63:23
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYgZTJkW85aZAgj12JI5eU+VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjMwNTE0MDgwNzEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNDdlZjM4ODAxODgxMDE5OGU1ZjA1ZTE1M2I2MTZjNjUwNWQ0YzBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkfGyQ0FfVmUJC4ADsyLDv1ARMyIH
G7lwy5yI/o6NgdPGPGByJxAjVZdxj2+ZzJYtN2KvLa11aszb1dW6xp3LtTwlMnDa
bErglBb2rPSeBYWI6+JII/e60m/2oSNdWqGNCtE2hzO/14buOt/3EoXRmdZDx7YG
DGKmbZ3mTSHS+xqIMuF2j9Jh4ovix7qf1Hc/mLlD/WvmYiXq/Ckb5D/AZVls+Pjo
u2B9rgftNAioRi1WapaiqanGrvapaBA79vGZv+20gEXj55IabMis8z1acwM1Xov8
AaY47kLkBr/82d5WCRgsMGRubRosWDGY7BtopxsLHtj0tc7T2tmHHQ3y+wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFBR+84gBiBAZjl8F4VO2FsZQXUwOMB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvRkg3emlBR0lFQm1PWHdYaFU3WVd4bEJkVEE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAWfsUAwQB
WfsWAwQAW8jdMA0GCSqGSIb3DQEBCwUAA4IBAQCVpUyZ8Nt6+pWENCRvEOYBCzf3
Wtf9Mth3qbU40DSgucCl4Myuf1aFErQVkWVLXkT6TRtFMs4gd59vzTrVbUW6T4Sf
PRQN2UhfUss7JK73Xdx9uLbcq1UFxo7YhM9Gpd10kF0nH7Q1ijdRPc81uVFwt8W2
L/whum9KZNDjhHILz/JRftpHDFawRmLYR4liuUid8t45cuj3K+pJ2471hwn/9htC
5nnm58hdxw4mGyDIWew5EsTfnRH1ZV/1ox6ICEoVb/ZG7Hp8u7peJB2g/uQbU2Fn
IeqG1vDeloCCp+KWuxONJrNCNtVNOL+Pm4r/nurwMsEhOE/Jgrhx3prDA2Mj
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:36 2024 by rpki-client on console-fra.rpki-client.org