Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/JxOC8bsB80SZhwZQLFKc-bMd1Wo.roa
File: JxOC8bsB80SZhwZQLFKc-bMd1Wo.roa (raw, json)
Hash identifier: YYaThlpEZwLTeAWMn045VHhBxeH6SvtIPRc5uK0IhZ0=
Subject key identifier: 27:13:82:F1:BB:01:F3:44:99:87:06:50:2C:52:9C:F9:B3:1D:D5:6A
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 0188AA3D1E3B351F11DD37AEE3CFEB05C97C
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/JxOC8bsB80SZhwZQLFKc-bMd1Wo.roa
Signing time: Sun 11 Jun 2023 11:35:12 +0000
ROA not before: Sun 11 Jun 2023 11:35:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 109.122.42.0/24 maxlen: 24
109.122.46.0/24 maxlen: 24
89.251.25.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 12 Jun 2023 10:34:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:aa:3d:1e:3b:35:1f:11:dd:37:ae:e3:cf:eb:05:c9:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Jun 11 11:35:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=271382f1bb01f344998706502c529cf9b31dd56a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:17:26:8f:29:ca:34:c9:64:48:1c:6b:e1:42:
4b:16:3d:55:4d:3d:c5:f0:1e:13:15:0d:8f:0f:8c:
d1:6e:72:e3:d0:b6:78:d2:a1:74:5f:fc:04:a3:ed:
54:73:8a:3c:2e:51:86:bf:9c:1c:c4:5c:c6:04:13:
33:cd:83:db:b3:1b:15:b0:f3:cd:93:a1:1c:61:ac:
de:71:9b:bb:79:00:30:c8:60:6f:35:6f:c8:8e:0f:
dd:ee:e8:f2:0d:03:75:80:f3:b5:18:79:a8:29:20:
83:39:0d:6d:44:d7:b3:54:f5:8e:1b:0b:3e:f5:19:
3f:19:76:22:fd:33:7c:f6:33:fa:e2:42:62:75:98:
49:12:f6:d0:a8:ad:2d:00:3f:35:aa:6c:cf:42:fc:
ba:1c:0c:82:61:c6:b0:d0:f7:37:dc:21:70:47:8d:
7e:9b:87:12:f4:c5:35:9b:df:80:40:0e:58:48:b7:
45:3b:ce:b5:35:77:58:02:42:0e:59:19:48:12:80:
b6:d8:c3:3c:27:f2:fa:c7:8c:85:8a:d9:36:c9:66:
65:8a:ef:a9:d0:0f:ad:e5:f0:25:fa:b2:7b:34:02:
79:ae:74:ce:1b:2a:23:0a:14:ad:08:9b:5f:46:3a:
10:d4:81:84:8e:1c:9d:1b:86:2d:5c:2e:25:bb:a7:
bd:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:13:82:F1:BB:01:F3:44:99:87:06:50:2C:52:9C:F9:B3:1D:D5:6A
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/JxOC8bsB80SZhwZQLFKc-bMd1Wo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.251.25.0/24
109.122.42.0/24
109.122.46.0/24
Signature Algorithm: sha256WithRSAEncryption
70:47:9b:54:fc:a6:8d:70:9e:55:c2:f9:c5:52:56:4d:91:5a:
fb:2b:89:0f:a1:85:e0:30:0e:3b:41:a9:ef:da:b1:5d:80:3a:
2a:36:87:a3:98:6b:f6:c3:12:70:15:b9:a0:03:6f:89:37:b7:
c3:d0:ee:15:a4:45:91:2a:87:8e:c7:e3:b4:74:ad:d0:8f:d6:
20:5c:ef:34:a3:ea:73:50:14:7d:2c:30:b3:ce:bc:72:8c:c7:
2d:64:e2:8e:55:2a:b2:af:b1:81:9a:7f:f7:66:ee:2e:e6:eb:
20:cb:e9:70:8c:39:fc:69:e0:6e:48:35:41:6c:6a:10:28:3c:
90:79:a4:ee:25:b2:42:82:d1:56:6b:c4:f7:a2:e8:d3:24:36:
22:b7:24:11:e3:e1:d7:1c:68:20:98:71:a4:37:0c:69:2b:f1:
24:9d:26:46:96:d2:38:50:19:67:b8:d4:3f:79:50:d2:bc:c6:
e3:11:76:70:f5:a1:a5:d9:1a:b2:29:57:d9:09:73:ab:9c:08:
00:f9:91:2c:88:ce:10:d3:52:e6:09:c7:00:c3:79:dc:29:5a:
fe:b2:5b:06:98:ab:ca:77:44:ca:fe:9b:2c:77:c4:e5:a6:bd:
f2:31:cf:a2:e7:6c:52:d5:8d:cf:90:87:77:2e:02:2d:de:82:
79:60:e6:b0
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYiqPR47NR8R3Teu48/rBcl8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjMwNjExMTEzNTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNzEzODJmMWJiMDFmMzQ0OTk4NzA2NTAyYzUyOWNmOWIzMWRkNTZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsRcmjynKNMlkSBxr4UJLFj1VTT3F
8B4TFQ2PD4zRbnLj0LZ40qF0X/wEo+1Uc4o8LlGGv5wcxFzGBBMzzYPbsxsVsPPN
k6EcYazecZu7eQAwyGBvNW/Ijg/d7ujyDQN1gPO1GHmoKSCDOQ1tRNezVPWOGws+
9Rk/GXYi/TN89jP64kJidZhJEvbQqK0tAD81qmzPQvy6HAyCYcaw0Pc33CFwR41+
m4cS9MU1m9+AQA5YSLdFO861NXdYAkIOWRlIEoC22MM8J/L6x4yFitk2yWZliu+p
0A+t5fAl+rJ7NAJ5rnTOGyojChStCJtfRjoQ1IGEjhydG4YtXC4lu6e92QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCcTgvG7AfNEmYcGUCxSnPmzHdVqMB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvSnhPQzhic0I4MFNaaHdaUUxGS2MtYk1kMVdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAWfsZAwQA
bXoqAwQAbXouMA0GCSqGSIb3DQEBCwUAA4IBAQBwR5tU/KaNcJ5VwvnFUlZNkVr7
K4kPoYXgMA47Qanv2rFdgDoqNoejmGv2wxJwFbmgA2+JN7fD0O4VpEWRKoeOx+O0
dK3Qj9YgXO80o+pzUBR9LDCzzrxyjMctZOKOVSqyr7GBmn/3Zu4u5usgy+lwjDn8
aeBuSDVBbGoQKDyQeaTuJbJCgtFWa8T3oujTJDYityQR4+HXHGggmHGkNwxpK/Ek
nSZGltI4UBlnuNQ/eVDSvMbjEXZw9aGl2RqyKVfZCXOrnAgA+ZEsiM4Q01LmCccA
w3ncKVr+slsGmKvKd0TK/pssd8Tlpr3yMc+i52xS1Y3PkId3LgIt3oJ5YOaw
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:36 2024 by rpki-client on console-fra.rpki-client.org