Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/M32kV2J8ThjAwX0-FjC6PK907IY.roa
File: M32kV2J8ThjAwX0-FjC6PK907IY.roa (raw, json)
Hash identifier: LFmBlVdwO36SRVy6kHSB2SgI44q4J1C7JPk+ZyFgG1Q=
Subject key identifier: 33:7D:A4:57:62:7C:4E:18:C0:C1:7D:3E:16:30:BA:3C:AF:74:EC:86
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 0189B0E64556377C52C4A29172DC8988FBD5
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/M32kV2J8ThjAwX0-FjC6PK907IY.roa
Signing time: Tue 01 Aug 2023 11:40:28 +0000
ROA not before: Tue 01 Aug 2023 11:40:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 91.200.221.0/24 maxlen: 24
109.122.42.0/24 maxlen: 24
109.122.46.0/24 maxlen: 24
89.251.28.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 08 Aug 2023 09:53:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:b0:e6:45:56:37:7c:52:c4:a2:91:72:dc:89:88:fb:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Aug 1 11:40:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=337da457627c4e18c0c17d3e1630ba3caf74ec86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:7c:da:fc:c7:ef:32:e4:19:1e:ca:48:6e:17:
91:a6:c3:2d:ae:31:32:21:af:e6:19:67:9a:06:f7:
24:2e:3f:65:b1:4d:26:e2:b5:4f:65:f2:41:91:b9:
b4:b4:e2:1e:0b:eb:10:d7:cd:45:6a:68:6b:e1:09:
35:01:b0:42:40:bf:d2:10:0e:b0:70:d7:10:35:ad:
92:dc:96:b6:d3:03:15:0b:04:fa:49:0b:7b:56:15:
92:4f:33:62:fc:10:22:04:c8:d1:c1:f5:ac:90:39:
b2:54:14:d4:d8:bb:2e:38:1d:96:2f:fe:90:41:6c:
fb:ad:eb:d3:d1:92:e9:4a:5a:af:a9:c3:5d:24:ac:
13:56:80:89:aa:08:60:69:59:f0:42:12:ac:5a:7b:
27:7e:3f:13:a9:21:5c:3f:9f:8e:af:4b:cf:1e:1b:
98:3e:cb:7f:ed:ba:49:19:b6:4a:92:a3:d3:e8:a2:
72:a6:0a:8f:dc:95:42:5e:81:73:98:7f:cf:d1:83:
ee:41:be:20:42:33:d6:ed:80:77:78:3f:72:14:b2:
6c:8f:2d:78:fd:d9:2b:99:f1:8c:c8:7d:a5:be:43:
2b:e8:1a:a0:b9:0f:59:fc:a1:0f:c1:14:94:19:f8:
63:8e:f1:48:e9:39:aa:f4:46:89:8b:cd:d2:aa:3a:
5b:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:7D:A4:57:62:7C:4E:18:C0:C1:7D:3E:16:30:BA:3C:AF:74:EC:86
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/M32kV2J8ThjAwX0-FjC6PK907IY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.251.28.0/24
91.200.221.0/24
109.122.42.0/24
109.122.46.0/24
Signature Algorithm: sha256WithRSAEncryption
26:43:08:73:54:e8:89:a4:21:b9:7b:42:35:be:7b:55:0e:52:
22:ba:88:43:ad:c4:13:67:e4:17:e3:7f:41:19:c0:5e:ff:8d:
74:ec:29:dd:8a:c7:44:b8:2c:a1:11:54:43:93:e9:cc:f0:86:
f0:88:49:5e:cf:06:2f:1a:40:86:2e:5b:37:1c:96:29:f9:c9:
38:dd:a1:3f:0f:99:13:94:9a:3b:65:68:3f:b2:8c:7f:61:88:
ec:d8:d4:8f:53:87:9e:fb:7f:94:91:e8:cf:e1:72:71:f9:cb:
3d:e2:29:df:fd:e7:72:fd:8e:c2:56:f0:eb:54:7a:6b:40:49:
0f:ca:40:a6:3b:98:0e:83:80:78:bd:f1:24:b9:16:6e:47:35:
eb:50:12:a0:96:1e:67:70:ab:3a:37:41:22:87:87:c9:0b:29:
e2:6e:fc:4c:04:c7:9c:14:65:a8:45:4f:94:88:73:1c:f7:bd:
39:a1:26:27:9e:29:9e:30:b8:ff:cc:22:90:28:58:e9:8e:b3:
f6:bb:b7:d6:65:32:55:67:c4:a9:56:5a:91:53:45:d4:89:81:
a5:87:2c:c3:7f:61:98:a2:17:e7:63:80:bc:02:1b:98:68:5e:
7f:64:16:70:f5:bc:67:3a:c5:94:aa:84:ed:16:35:64:2b:d0:
f0:d3:75:92
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYmw5kVWN3xSxKKRctyJiPvVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjMwODAxMTE0MDI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzdkYTQ1NzYyN2M0ZTE4YzBjMTdkM2UxNjMwYmEzY2FmNzRlYzg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmHza/MfvMuQZHspIbheRpsMtrjEy
Ia/mGWeaBvckLj9lsU0m4rVPZfJBkbm0tOIeC+sQ181Famhr4Qk1AbBCQL/SEA6w
cNcQNa2S3Ja20wMVCwT6SQt7VhWSTzNi/BAiBMjRwfWskDmyVBTU2LsuOB2WL/6Q
QWz7revT0ZLpSlqvqcNdJKwTVoCJqghgaVnwQhKsWnsnfj8TqSFcP5+Or0vPHhuY
Pst/7bpJGbZKkqPT6KJypgqP3JVCXoFzmH/P0YPuQb4gQjPW7YB3eD9yFLJsjy14
/dkrmfGMyH2lvkMr6BqguQ9Z/KEPwRSUGfhjjvFI6Tmq9EaJi83SqjpbTwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFDN9pFdifE4YwMF9PhYwujyvdOyGMB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvTTMya1YySjhUaGpBd1gwLUZqQzZQSzkwN0lZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAWfscAwQA
W8jdAwQAbXoqAwQAbXouMA0GCSqGSIb3DQEBCwUAA4IBAQAmQwhzVOiJpCG5e0I1
vntVDlIiuohDrcQTZ+QX439BGcBe/4107CndisdEuCyhEVRDk+nM8IbwiElezwYv
GkCGLls3HJYp+ck43aE/D5kTlJo7ZWg/sox/YYjs2NSPU4ee+3+UkejP4XJx+cs9
4inf/edy/Y7CVvDrVHprQEkPykCmO5gOg4B4vfEkuRZuRzXrUBKglh5ncKs6N0Ei
h4fJCynibvxMBMecFGWoRU+UiHMc9705oSYnnimeMLj/zCKQKFjpjrP2u7fWZTJV
Z8SpVlqRU0XUiYGlhyzDf2GYohfnY4C8AhuYaF5/ZBZw9bxnOsWUqoTtFjVkK9Dw
03WS
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:36 2024 by rpki-client on console-fra.rpki-client.org