Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/G6zChOx_khcwjVyaXkJ0ym8U9gM.roa
File: G6zChOx_khcwjVyaXkJ0ym8U9gM.roa (raw, json)
Hash identifier: 7O/T/TADIhPcYkYhhnvpKqAvhXXA6Oe0bHi932tR5Nk=
Subject key identifier: 1B:AC:C2:84:EC:7F:92:17:30:8D:5C:9A:5E:42:74:CA:6F:14:F6:03
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 0189594E9E9693F8CA0636F9B6167EEEF170
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/G6zChOx_khcwjVyaXkJ0ym8U9gM.roa
Signing time: Sat 15 Jul 2023 11:27:51 +0000
ROA not before: Sat 15 Jul 2023 11:27:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 174
IP address blocks: 89.251.17.0/24 maxlen: 24
91.226.57.0/24 maxlen: 24
89.251.24.0/24 maxlen: 24
89.251.27.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 15 Sep 2023 13:25:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:59:4e:9e:96:93:f8:ca:06:36:f9:b6:16:7e:ee:f1:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Jul 15 11:27:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1bacc284ec7f9217308d5c9a5e4274ca6f14f603
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:5f:ad:fa:01:2f:71:3a:b8:b9:6e:c3:b0:45:
94:30:76:0f:c1:65:fe:c0:70:4f:ff:17:62:ea:a2:
14:f9:d0:70:63:fc:07:6c:e9:7c:d5:4a:cb:3c:bd:
3f:ae:93:16:79:f9:92:e5:2c:33:4f:da:41:0c:4c:
39:bc:71:61:b3:e6:80:ec:4d:c0:8f:f0:2b:b6:85:
2f:c8:79:6c:f2:6e:25:e1:a3:26:83:c5:1e:23:4e:
51:09:57:5f:e2:62:8d:aa:c0:a2:92:08:14:e5:e5:
08:19:88:06:2a:99:34:ab:c8:d6:fb:d5:f6:bf:06:
7d:e0:2f:24:f5:a5:a7:a2:28:24:8d:b7:8c:2f:80:
32:6b:83:e7:45:b7:c8:43:17:4f:ed:c7:76:94:65:
1d:d7:94:4e:ca:79:d1:b7:71:ad:ce:f8:54:9f:ca:
89:3c:99:75:82:1f:14:34:a5:0f:09:df:f6:37:5a:
83:6a:6b:e5:0b:63:7a:37:25:4c:26:13:2f:94:39:
41:48:00:64:71:c7:b7:4b:b6:c2:86:cb:fe:eb:1c:
02:b2:98:46:0e:04:fa:a8:36:ed:72:eb:64:6e:9d:
fc:8a:79:f9:26:26:c4:26:bb:29:0a:04:75:e6:af:
44:be:a0:31:fe:3d:7f:9c:d3:5d:d6:a8:d4:4d:23:
25:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:AC:C2:84:EC:7F:92:17:30:8D:5C:9A:5E:42:74:CA:6F:14:F6:03
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/G6zChOx_khcwjVyaXkJ0ym8U9gM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.251.17.0/24
89.251.24.0/24
89.251.27.0/24
91.226.57.0/24
Signature Algorithm: sha256WithRSAEncryption
23:8f:b4:ef:f2:6e:a4:70:14:15:c8:ce:56:31:07:1e:76:3b:
b9:0d:4a:40:9d:8e:b8:d0:9a:32:37:f3:27:24:9b:15:cc:95:
e1:c0:a3:05:f2:cb:14:5d:0b:38:cd:b8:5f:2b:0f:0a:d7:b6:
0b:2c:9c:1b:5e:f6:d2:56:1f:d6:f4:a9:1b:51:cf:ff:41:b4:
70:ec:b0:fa:46:10:09:5f:46:74:92:9d:5f:46:04:3c:34:06:
ad:8a:dd:01:b9:51:2e:e1:fd:e6:d4:cb:f9:23:7e:a8:ed:f9:
62:33:89:da:02:86:f9:2d:b2:b6:cc:4d:77:95:26:4a:fa:a5:
1a:99:75:0a:27:7d:be:33:0e:49:d3:88:10:85:1c:f4:69:cd:
88:f6:8a:1b:86:d3:63:52:35:ea:8d:c6:d7:8e:e8:45:bc:ee:
27:4a:7c:b4:81:97:0e:9d:72:e2:81:94:3b:25:1f:dd:07:cf:
81:8b:3a:d6:2d:e1:85:b5:dc:f6:76:ac:92:31:de:78:9a:c0:
c4:19:f6:16:32:a0:b0:1e:d9:9d:7e:56:ef:d3:12:e3:07:72:
02:10:f2:71:ec:70:73:b4:dc:5c:88:c0:4d:3a:3f:fc:fb:a1:
4a:c7:3b:eb:ab:81:79:06:94:03:9a:23:d0:88:f5:ba:1e:f5:
2c:56:80:e0
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYlZTp6Wk/jKBjb5thZ+7vFwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjMwNzE1MTEyNzUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYmFjYzI4NGVjN2Y5MjE3MzA4ZDVjOWE1ZTQyNzRjYTZmMTRmNjAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApF+t+gEvcTq4uW7DsEWUMHYPwWX+
wHBP/xdi6qIU+dBwY/wHbOl81UrLPL0/rpMWefmS5SwzT9pBDEw5vHFhs+aA7E3A
j/ArtoUvyHls8m4l4aMmg8UeI05RCVdf4mKNqsCikggU5eUIGYgGKpk0q8jW+9X2
vwZ94C8k9aWnoigkjbeML4Aya4PnRbfIQxdP7cd2lGUd15ROynnRt3GtzvhUn8qJ
PJl1gh8UNKUPCd/2N1qDamvlC2N6NyVMJhMvlDlBSABkcce3S7bChsv+6xwCsphG
DgT6qDbtcutkbp38inn5JibEJrspCgR15q9EvqAx/j1/nNNd1qjUTSMlpQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFBuswoTsf5IXMI1cml5CdMpvFPYDMB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvRzZ6Q2hPeF9raGN3alZ5YVhrSjB5bThVOWdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAWfsRAwQA
WfsYAwQAWfsbAwQAW+I5MA0GCSqGSIb3DQEBCwUAA4IBAQAjj7Tv8m6kcBQVyM5W
MQcedju5DUpAnY640JoyN/MnJJsVzJXhwKMF8ssUXQs4zbhfKw8K17YLLJwbXvbS
Vh/W9KkbUc//QbRw7LD6RhAJX0Z0kp1fRgQ8NAatit0BuVEu4f3m1Mv5I36o7fli
M4naAob5LbK2zE13lSZK+qUamXUKJ32+Mw5J04gQhRz0ac2I9oobhtNjUjXqjcbX
juhFvO4nSny0gZcOnXLigZQ7JR/dB8+BizrWLeGFtdz2dqySMd54msDEGfYWMqCw
Htmdflbv0xLjB3ICEPJx7HBztNxciMBNOj/8+6FKxzvrq4F5BpQDmiPQiPW6HvUs
VoDg
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:36 2024 by rpki-client on console-fra.rpki-client.org