Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/JXFVeBIMA30I7eJ85OBE22PbpmM.roa
File: JXFVeBIMA30I7eJ85OBE22PbpmM.roa (raw, json)
Hash identifier: nNNDV+B+c7z5pQGIV/AAkugVb6PM4MaRYJ6Dg97kx+w=
Subject key identifier: 25:71:55:78:12:0C:03:7D:08:ED:E2:7C:E4:E0:44:DB:63:DB:A6:63
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 0189F771F538CF337744B4C7ABF5CBC2D652
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/JXFVeBIMA30I7eJ85OBE22PbpmM.roa
Signing time: Tue 15 Aug 2023 04:26:27 +0000
ROA not before: Tue 15 Aug 2023 04:26:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 91.200.221.0/24 maxlen: 24
109.122.42.0/24 maxlen: 24
109.122.46.0/24 maxlen: 24
89.251.16.0/24 maxlen: 24
89.251.19.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 22 Aug 2023 04:03:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:f7:71:f5:38:cf:33:77:44:b4:c7:ab:f5:cb:c2:d6:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Aug 15 04:26:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=25715578120c037d08ede27ce4e044db63dba663
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:3e:62:e2:2f:01:83:9a:ab:1f:03:84:52:27:
c7:b4:8e:11:4b:f5:93:71:28:06:14:37:e3:8d:cf:
89:e6:91:66:ff:4f:d0:47:20:ac:67:36:b7:94:96:
23:44:72:c1:0e:e4:44:b0:a8:8d:33:3c:ab:d9:e1:
e7:f7:47:b9:c5:92:97:6a:c4:9e:bc:82:cd:ec:35:
81:9f:bf:9d:2a:b8:82:5d:6a:d5:f1:1f:af:68:a2:
2a:17:f7:56:c1:51:1e:4b:4e:75:83:9f:2e:eb:c2:
4a:f5:48:47:fd:3e:e5:94:ab:09:28:4c:28:73:9a:
07:83:41:18:0a:06:37:16:bf:f7:8f:b7:86:79:77:
35:b3:23:87:91:44:67:c1:ea:26:5c:3e:33:a8:74:
5c:fc:ae:1e:30:73:9a:60:ca:ba:75:55:a1:66:35:
6e:2a:c1:17:53:f0:5b:10:25:01:fe:18:e1:9f:fe:
e9:7e:ea:ce:e6:4b:20:96:49:bd:15:33:bf:70:e2:
2a:1c:49:91:5d:23:09:32:f1:a8:b9:7a:09:fa:5a:
e3:7b:03:4d:2e:02:81:bb:b2:11:d7:44:5c:b0:80:
62:fe:5c:b0:d3:eb:9f:02:43:5b:cc:d8:39:8a:e5:
32:09:96:c4:c1:8a:b0:e9:6f:b6:2d:cd:a8:67:4a:
ea:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:71:55:78:12:0C:03:7D:08:ED:E2:7C:E4:E0:44:DB:63:DB:A6:63
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/JXFVeBIMA30I7eJ85OBE22PbpmM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.251.16.0/24
89.251.19.0/24
91.200.221.0/24
109.122.42.0/24
109.122.46.0/24
Signature Algorithm: sha256WithRSAEncryption
79:5a:24:d5:5e:0b:a7:a0:67:27:21:5d:8d:55:d4:e7:1b:50:
44:ba:e5:b9:32:f6:0b:fa:b8:73:d8:c1:94:7c:8f:e7:14:ac:
48:59:0c:74:be:ef:ba:ca:e3:8f:21:3d:94:a7:f3:84:62:96:
23:d3:84:25:4d:a2:49:a8:2f:c5:7c:80:5e:d9:39:ad:1e:21:
bb:33:8e:cb:6b:ef:c4:ef:6a:e2:ac:e4:16:46:78:09:6d:9b:
dd:d5:be:c8:07:ff:28:94:a4:4e:d1:2d:62:9f:82:8e:fd:00:
83:c9:8e:e6:8a:06:ac:da:92:5e:07:cd:0c:a7:d6:17:87:2c:
19:3c:8b:14:c5:93:1c:12:1b:01:5f:14:d4:bc:fe:de:f7:ca:
0d:09:7e:a4:8a:73:58:8a:8a:67:b2:0a:7c:c5:ac:56:aa:c0:
ba:46:6e:01:43:88:e2:1f:d7:8d:c3:a9:43:89:b5:a5:17:df:
b1:de:ff:59:6f:f9:ef:41:b8:93:84:40:fe:ae:14:4c:d2:b7:
7a:d8:fc:b8:ef:bc:d4:53:82:63:fb:b6:3a:2a:3f:09:6b:10:
c3:64:70:de:66:07:9e:c2:95:97:26:35:6c:30:2e:0b:c5:70:
70:7b:3f:b7:8d:88:8d:8b:12:5f:bd:f3:7d:cc:03:2b:04:9a:
4a:2f:c8:7c
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYn3cfU4zzN3RLTHq/XLwtZSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjMwODE1MDQyNjI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTcxNTU3ODEyMGMwMzdkMDhlZGUyN2NlNGUwNDRkYjYzZGJhNjYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlT5i4i8Bg5qrHwOEUifHtI4RS/WT
cSgGFDfjjc+J5pFm/0/QRyCsZza3lJYjRHLBDuREsKiNMzyr2eHn90e5xZKXasSe
vILN7DWBn7+dKriCXWrV8R+vaKIqF/dWwVEeS051g58u68JK9UhH/T7llKsJKEwo
c5oHg0EYCgY3Fr/3j7eGeXc1syOHkURnweomXD4zqHRc/K4eMHOaYMq6dVWhZjVu
KsEXU/BbECUB/hjhn/7pfurO5ksglkm9FTO/cOIqHEmRXSMJMvGouXoJ+lrjewNN
LgKBu7IR10RcsIBi/lyw0+ufAkNbzNg5iuUyCZbEwYqw6W+2Lc2oZ0rqIwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFCVxVXgSDAN9CO3ifOTgRNtj26ZjMB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvSlhGVmVCSU1BMzBJN2VKODVPQkUyMlBicG1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAWfsQAwQA
WfsTAwQAW8jdAwQAbXoqAwQAbXouMA0GCSqGSIb3DQEBCwUAA4IBAQB5WiTVXgun
oGcnIV2NVdTnG1BEuuW5MvYL+rhz2MGUfI/nFKxIWQx0vu+6yuOPIT2Up/OEYpYj
04QlTaJJqC/FfIBe2TmtHiG7M47La+/E72rirOQWRngJbZvd1b7IB/8olKRO0S1i
n4KO/QCDyY7migas2pJeB80Mp9YXhywZPIsUxZMcEhsBXxTUvP7e98oNCX6kinNY
iopnsgp8xaxWqsC6Rm4BQ4jiH9eNw6lDibWlF9+x3v9Zb/nvQbiThED+rhRM0rd6
2Py477zUU4Jj+7Y6Kj8JaxDDZHDeZgeewpWXJjVsMC4LxXBwez+3jYiNixJfvfN9
zAMrBJpKL8h8
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:36 2024 by rpki-client on console-fra.rpki-client.org