Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/KmZp0ElxQc7P2yeeZ8E0TqN5NiE.roa
File: KmZp0ElxQc7P2yeeZ8E0TqN5NiE.roa (raw, json)
Hash identifier: Zujl+1jIRukVfioGHcMLbg4FBlXdNa0eXFmF0zT1Mos=
Subject key identifier: 2A:66:69:D0:49:71:41:CE:CF:DB:27:9E:67:C1:34:4E:A3:79:36:21
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 018B496BB172A59919CDEC8854D616FE5A87
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/KmZp0ElxQc7P2yeeZ8E0TqN5NiE.roa
Signing time: Thu 19 Oct 2023 19:31:16 +0000
ROA not before: Thu 19 Oct 2023 19:31:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 91.200.221.0/24 maxlen: 24
109.122.43.0/24 maxlen: 24
91.226.59.0/24 maxlen: 24
89.251.18.0/24 maxlen: 24
89.251.23.0/24 maxlen: 24
89.251.22.0/24 maxlen: 24
89.251.24.0/24 maxlen: 24
89.251.29.0/24 maxlen: 24
89.251.31.0/24 maxlen: 24
89.251.25.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 20 Oct 2023 18:53:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:49:6b:b1:72:a5:99:19:cd:ec:88:54:d6:16:fe:5a:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Oct 19 19:31:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2a6669d0497141cecfdb279e67c1344ea3793621
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:97:b4:11:01:b2:65:b7:ca:3a:44:ed:dd:5b:
38:27:db:73:4f:9d:af:7a:ce:84:b6:44:36:f4:a3:
ac:21:24:28:a6:b0:67:5c:1d:66:ac:47:dc:fd:52:
a6:91:b5:a0:46:ce:79:43:cf:18:c0:0e:a1:5d:68:
ac:44:af:bf:d5:7d:b0:70:4b:b4:28:2a:c5:6d:8f:
07:ec:dc:29:a8:db:d1:45:b7:e3:67:67:66:fb:6e:
65:38:a8:6e:a6:c1:a7:be:ea:74:dd:9f:88:0a:f6:
14:23:8c:45:fb:5f:2f:ba:dd:aa:86:08:f1:b9:80:
d7:58:bb:78:a0:76:1d:45:41:2e:35:4f:44:e6:09:
b0:b1:36:1b:35:10:a0:72:18:96:22:72:08:41:d1:
af:9c:b9:a3:f6:8a:ad:a3:7b:a2:b1:f0:da:c6:d4:
75:41:9a:5a:c1:78:65:bb:9f:4d:66:8e:5c:fc:1c:
b2:b2:0b:f8:92:e8:fa:36:1b:03:b9:b5:7d:c7:81:
06:0f:5d:ed:17:e6:3b:e9:7d:32:53:eb:e5:e8:18:
59:73:ee:79:ac:07:5a:86:ca:55:86:7c:ec:48:08:
16:73:6c:57:02:95:19:7a:67:c6:99:e5:a6:41:1f:
f6:73:a0:bd:c7:1e:2f:e3:c9:60:87:af:f5:89:76:
cc:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:66:69:D0:49:71:41:CE:CF:DB:27:9E:67:C1:34:4E:A3:79:36:21
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/KmZp0ElxQc7P2yeeZ8E0TqN5NiE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.251.18.0/24
89.251.22.0-89.251.25.255
89.251.29.0/24
89.251.31.0/24
91.200.221.0/24
91.226.59.0/24
109.122.43.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:32:84:72:24:7e:08:ae:b4:48:bf:f5:0d:1a:2f:b6:7b:dc:
94:c7:6e:da:9a:21:ab:02:c7:c1:94:aa:01:36:0d:e1:45:e7:
62:8f:c4:a7:1e:eb:81:45:61:74:78:a8:ab:75:a4:7b:ba:1f:
17:30:1a:a5:66:50:de:4b:f5:dc:5b:5c:04:26:67:f5:50:a6:
71:d1:58:3d:33:42:43:d3:14:77:69:69:45:24:3f:59:a2:14:
9d:25:bf:a6:28:0d:a5:31:aa:fc:42:52:62:b7:ab:65:21:a8:
75:eb:6d:46:48:19:4f:f6:40:60:ad:e5:4e:94:3d:ae:d3:d9:
6f:db:00:48:85:c5:5f:15:4d:d3:6b:88:87:35:ae:e6:cf:da:
e7:fd:f3:68:eb:35:85:9a:d1:05:7c:ea:21:cc:95:94:ea:57:
78:0b:12:5a:57:92:70:75:f0:27:01:57:ff:e3:af:fa:bd:df:
b4:1d:fb:3a:8f:81:20:19:8f:4e:cd:08:7b:ca:1e:03:01:7f:
c7:3a:8d:4c:3e:13:a6:4d:3d:d5:82:35:a0:df:1d:67:6c:c8:
51:0c:22:06:8e:30:76:fb:ad:88:b1:e6:47:5f:2c:bc:cd:ed:
35:d9:7f:95:b7:ef:94:1b:ef:de:de:ee:85:1f:c3:9d:21:d7:
61:24:d8:17
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAYtJa7FypZkZzeyIVNYW/lqHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjMxMDE5MTkzMTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTY2NjlkMDQ5NzE0MWNlY2ZkYjI3OWU2N2MxMzQ0ZWEzNzkzNjIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqZe0EQGyZbfKOkTt3Vs4J9tzT52v
es6EtkQ29KOsISQoprBnXB1mrEfc/VKmkbWgRs55Q88YwA6hXWisRK+/1X2wcEu0
KCrFbY8H7NwpqNvRRbfjZ2dm+25lOKhupsGnvup03Z+ICvYUI4xF+18vut2qhgjx
uYDXWLt4oHYdRUEuNU9E5gmwsTYbNRCgchiWInIIQdGvnLmj9oqto3uisfDaxtR1
QZpawXhlu59NZo5c/Byysgv4kuj6NhsDubV9x4EGD13tF+Y76X0yU+vl6BhZc+55
rAdahspVhnzsSAgWc2xXApUZemfGmeWmQR/2c6C9xx4v48lgh6/1iXbM8QIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFCpmadBJcUHOz9snnmfBNE6jeTYhMB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvS21acDBFbHhRYzdQMnllZVo4RTBUcU41TmlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQAWfsSMAwD
BAFZ+xYDBAFZ+xgDBABZ+x0DBABZ+x8DBABbyN0DBABb4jsDBABteiswDQYJKoZI
hvcNAQELBQADggEBAF0yhHIkfgiutEi/9Q0aL7Z73JTHbtqaIasCx8GUqgE2DeFF
52KPxKce64FFYXR4qKt1pHu6HxcwGqVmUN5L9dxbXAQmZ/VQpnHRWD0zQkPTFHdp
aUUkP1miFJ0lv6YoDaUxqvxCUmK3q2UhqHXrbUZIGU/2QGCt5U6UPa7T2W/bAEiF
xV8VTdNriIc1rubP2uf982jrNYWa0QV86iHMlZTqV3gLElpXknB18CcBV//jr/q9
37Qd+zqPgSAZj07NCHvKHgMBf8c6jUw+E6ZNPdWCNaDfHWdsyFEMIgaOMHb7rYix
5kdfLLzN7TXZf5W375Qb797e7oUfw50h12Ek2Bc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:06 2024 by rpki-client on console-ams.rpki-client.org