Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/KhhjejuFAdE1iU8LahpsLAi5lY8.roa
File: KhhjejuFAdE1iU8LahpsLAi5lY8.roa (raw, json)
Hash identifier: gcvbNiu9ZpBFGKPhxYqNxHpTlTIrMFnHH6rAcCk5h/A=
Subject key identifier: 2A:18:63:7A:3B:85:01:D1:35:89:4F:0B:6A:1A:6C:2C:08:B9:95:8F
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 018D974285E9C0C6218038F650E911914007
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/KhhjejuFAdE1iU8LahpsLAi5lY8.roa
Signing time: Sun 11 Feb 2024 08:22:15 +0000
ROA not before: Sun 11 Feb 2024 08:22:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16276
IP address blocks: 89.251.21.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 20 Feb 2024 03:06:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:97:42:85:e9:c0:c6:21:80:38:f6:50:e9:11:91:40:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Feb 11 08:22:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2a18637a3b8501d135894f0b6a1a6c2c08b9958f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:e8:35:8b:41:8d:be:34:34:7d:4f:f4:b7:dd:
86:3e:06:2d:2f:42:eb:cc:67:fb:b8:14:7d:72:ab:
ab:0d:15:9b:01:21:16:e2:e3:4e:9d:4f:de:ca:31:
d8:c8:d1:f0:3f:8c:65:8f:c2:17:71:7c:b7:1d:4e:
50:6b:5e:d3:1b:a7:01:9f:33:3f:cd:76:04:3b:52:
a0:35:09:34:7b:1d:df:47:48:d3:c3:ce:ea:69:ce:
77:bb:d1:14:12:04:b4:cf:46:95:f3:c6:f7:22:d5:
16:3f:d4:8d:0d:97:7d:83:ce:64:32:4e:fb:7b:d4:
d5:01:4d:0a:b8:69:a4:7a:67:62:8c:7e:97:02:bd:
b9:16:04:d2:52:f9:65:b6:8b:c1:39:95:e2:ee:37:
ad:09:68:3d:87:8c:94:cd:41:57:ba:99:88:b5:83:
5f:60:25:ec:ab:65:9f:12:bd:90:3c:fd:f9:2e:22:
19:b9:9b:bc:70:4c:fb:8f:ca:83:a9:0c:71:6c:29:
ed:fe:e6:f4:00:ea:a7:49:45:a2:0d:c5:3e:2e:7f:
bb:0a:ec:24:69:b4:7d:31:c6:9b:26:40:08:61:84:
18:94:55:48:1a:2d:b2:ed:b7:7b:b8:08:36:f4:3e:
ec:2e:66:59:9a:b5:4d:fc:9f:77:ad:3d:79:ab:2e:
5e:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:18:63:7A:3B:85:01:D1:35:89:4F:0B:6A:1A:6C:2C:08:B9:95:8F
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/KhhjejuFAdE1iU8LahpsLAi5lY8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.251.21.0/24
Signature Algorithm: sha256WithRSAEncryption
75:b4:53:bc:5d:60:1a:ad:7d:d4:b5:ca:16:9f:8e:73:59:af:
7d:95:17:89:e5:00:26:fc:84:34:a4:2f:99:7c:6c:0b:13:5c:
a5:89:ec:16:a2:9b:8f:4c:5b:f0:4f:5d:7b:1a:6b:91:90:75:
83:7e:1a:42:7a:c4:7a:88:de:d1:20:40:8b:d2:12:4d:67:90:
34:20:6a:d6:d6:3d:9d:12:30:b3:d4:3a:da:7e:66:60:e9:ae:
55:fc:64:b3:a2:35:83:0b:22:f8:f5:51:c5:d3:18:cc:e1:cc:
df:49:23:e0:bc:ad:29:61:f4:36:8b:6d:3f:33:13:c1:da:cf:
22:3e:90:2d:a2:d7:96:ed:af:5b:4e:63:6e:05:4c:f4:be:85:
41:ef:43:c6:40:b7:94:bd:f1:fa:ce:19:63:41:e2:ae:38:9f:
b6:08:3e:ef:f5:e5:ad:cf:9a:a7:a7:f8:9c:cf:88:c7:9a:1b:
6f:c9:6c:a5:da:4d:c0:ee:1c:d5:e5:83:9d:a1:15:67:de:8c:
5a:30:89:d6:61:67:19:32:d0:84:b3:ab:6d:c4:0b:80:6b:84:
9c:c5:1e:17:53:2f:cd:a9:6f:bc:1d:32:f7:69:c5:e4:f4:9e:
68:77:56:0c:17:47:32:fb:fc:04:94:1a:66:19:03:75:39:c7:
b8:4f:0d:3c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY2XQoXpwMYhgDj2UOkRkUAHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjQwMjExMDgyMjE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTE4NjM3YTNiODUwMWQxMzU4OTRmMGI2YTFhNmMyYzA4Yjk5NThmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo+g1i0GNvjQ0fU/0t92GPgYtL0Lr
zGf7uBR9cqurDRWbASEW4uNOnU/eyjHYyNHwP4xlj8IXcXy3HU5Qa17TG6cBnzM/
zXYEO1KgNQk0ex3fR0jTw87qac53u9EUEgS0z0aV88b3ItUWP9SNDZd9g85kMk77
e9TVAU0KuGmkemdijH6XAr25FgTSUvlltovBOZXi7jetCWg9h4yUzUFXupmItYNf
YCXsq2WfEr2QPP35LiIZuZu8cEz7j8qDqQxxbCnt/ub0AOqnSUWiDcU+Ln+7Cuwk
abR9McabJkAIYYQYlFVIGi2y7bd7uAg29D7sLmZZmrVN/J93rT15qy5eYQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCoYY3o7hQHRNYlPC2oabCwIuZWPMB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvS2hoamVqdUZBZEUxaVU4TGFocHNMQWk1bFk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWfsVMA0G
CSqGSIb3DQEBCwUAA4IBAQB1tFO8XWAarX3UtcoWn45zWa99lReJ5QAm/IQ0pC+Z
fGwLE1yliewWopuPTFvwT117GmuRkHWDfhpCesR6iN7RIECL0hJNZ5A0IGrW1j2d
EjCz1DrafmZg6a5V/GSzojWDCyL49VHF0xjM4czfSSPgvK0pYfQ2i20/MxPB2s8i
PpAtoteW7a9bTmNuBUz0voVB70PGQLeUvfH6zhljQeKuOJ+2CD7v9eWtz5qnp/ic
z4jHmhtvyWyl2k3A7hzV5YOdoRVn3oxaMInWYWcZMtCEs6ttxAuAa4ScxR4XUy/N
qW+8HTL3acXk9J5od1YMF0cy+/wElBpmGQN1Oce4Tw08
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:36 2024 by rpki-client on console-fra.rpki-client.org