Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/NQ3OgS6T797GleMuVVH-bKFuUhA.roa
File: NQ3OgS6T797GleMuVVH-bKFuUhA.roa (raw, json)
Hash identifier: BfoX345+igikbHI2XiJKe5zsPGZx/KsB/pdgGuzyITc=
Subject key identifier: 35:0D:CE:81:2E:93:EF:DE:C6:95:E3:2E:55:51:FE:6C:A1:6E:52:10
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 01920E3F6583D08274F1E87C105BCF29EFFD
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/NQ3OgS6T797GleMuVVH-bKFuUhA.roa
Signing time: Fri 20 Sep 2024 07:04:48 +0000
ROA not before: Fri 20 Sep 2024 07:04:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 89.251.23.0/24 maxlen: 24
109.122.46.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 25 Sep 2024 19:13:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:0e:3f:65:83:d0:82:74:f1:e8:7c:10:5b:cf:29:ef:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Sep 20 07:04:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=350dce812e93efdec695e32e5551fe6ca16e5210
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:69:a8:9d:9f:02:9e:20:2d:7b:8d:fb:1c:e1:
50:45:88:bc:ab:25:03:4c:03:cd:d7:e7:c5:de:3e:
90:22:76:56:8d:0d:6d:9a:c0:c3:bc:6c:22:f1:bc:
2b:9d:f4:cf:a9:7b:31:8a:42:55:42:45:29:0a:01:
4f:f2:24:77:b3:59:fb:ef:72:6a:fb:d1:01:b3:c8:
ad:96:ce:93:d3:8b:72:e9:71:bc:37:a7:de:1a:a9:
3b:33:21:39:dd:d3:78:b0:d5:55:0f:c7:ed:b2:6b:
f1:8d:ba:8f:33:3a:fb:63:2f:05:2e:ef:3f:3d:c4:
6c:c0:1b:3c:ea:a3:88:6e:1a:64:01:3c:06:43:35:
10:8d:33:07:74:9d:10:7a:85:c7:9f:61:12:de:75:
9c:76:4d:f6:33:6f:fd:e6:29:6e:96:af:47:41:89:
ac:2a:73:02:26:03:ea:8c:52:18:e6:6e:e0:cd:2e:
4b:bc:55:b2:49:59:02:cc:96:f7:c1:df:be:1b:bd:
a6:be:8f:e9:85:e2:a5:8c:9c:ca:ee:26:26:cd:bd:
58:8b:d1:cc:45:2d:9c:d5:e4:af:5d:55:df:f5:4d:
41:f7:75:28:13:fa:36:08:d6:3d:26:b8:58:14:73:
d3:76:bd:54:f3:00:8a:ec:0c:9c:f9:db:96:25:a8:
6a:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:0D:CE:81:2E:93:EF:DE:C6:95:E3:2E:55:51:FE:6C:A1:6E:52:10
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/NQ3OgS6T797GleMuVVH-bKFuUhA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.251.23.0/24
109.122.46.0/24
Signature Algorithm: sha256WithRSAEncryption
08:65:d5:8f:98:02:78:15:a4:a2:98:cb:b1:94:66:43:b5:9f:
8a:bd:e2:e1:9d:ba:6a:2e:c4:1a:47:02:2d:85:e8:ef:8e:0f:
4f:9d:f8:fe:9d:a2:4d:6d:60:6d:d7:f2:1a:31:57:dc:3b:00:
15:f2:5b:5c:fa:48:56:7c:ff:b0:66:5c:33:3a:25:84:73:78:
c2:ec:54:18:54:26:17:ca:54:cb:b5:fb:0b:56:26:6f:6d:35:
f5:b0:ac:5a:e4:d8:c3:02:94:fb:55:33:a1:41:fe:aa:00:70:
71:da:dd:d0:fb:d1:24:0d:90:29:09:06:a5:3d:d6:ae:a9:c9:
bc:b9:3b:1d:f9:28:02:29:f4:b4:41:8b:07:94:2f:74:c7:9e:
a5:fb:7b:7c:16:b9:6a:e8:1e:ae:f8:7a:e7:88:81:fc:a7:5e:
f2:36:7a:44:a8:5f:39:b7:43:12:51:55:17:e6:1a:75:53:0d:
57:f0:30:b1:99:ae:a0:c8:33:2f:f5:2e:ab:32:15:1d:0a:c0:
4a:ed:c0:1b:fb:07:14:70:c0:40:f7:fa:aa:49:59:c3:07:f9:
2e:4a:be:67:de:4f:2c:cc:fb:c7:69:6e:f1:f6:28:87:98:18:
02:46:47:f6:84:49:3e:e8:89:14:36:a4:51:5a:36:e8:64:da:
4f:5a:24:42
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZIOP2WD0IJ08eh8EFvPKe/9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjQwOTIwMDcwNDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTBkY2U4MTJlOTNlZmRlYzY5NWUzMmU1NTUxZmU2Y2ExNmU1MjEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA02monZ8CniAte437HOFQRYi8qyUD
TAPN1+fF3j6QInZWjQ1tmsDDvGwi8bwrnfTPqXsxikJVQkUpCgFP8iR3s1n773Jq
+9EBs8itls6T04ty6XG8N6feGqk7MyE53dN4sNVVD8ftsmvxjbqPMzr7Yy8FLu8/
PcRswBs86qOIbhpkATwGQzUQjTMHdJ0QeoXHn2ES3nWcdk32M2/95ilulq9HQYms
KnMCJgPqjFIY5m7gzS5LvFWySVkCzJb3wd++G72mvo/pheKljJzK7iYmzb1Yi9HM
RS2c1eSvXVXf9U1B93UoE/o2CNY9JrhYFHPTdr1U8wCK7Ayc+duWJahqGwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDUNzoEuk+/expXjLlVR/myhblIQMB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvTlEzT2dTNlQ3OTdHbGVNdVZWSC1iS0Z1VWhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWfsXAwQA
bXouMA0GCSqGSIb3DQEBCwUAA4IBAQAIZdWPmAJ4FaSimMuxlGZDtZ+KveLhnbpq
LsQaRwIthejvjg9Pnfj+naJNbWBt1/IaMVfcOwAV8ltc+khWfP+wZlwzOiWEc3jC
7FQYVCYXylTLtfsLViZvbTX1sKxa5NjDApT7VTOhQf6qAHBx2t3Q+9EkDZApCQal
Pdauqcm8uTsd+SgCKfS0QYsHlC90x56l+3t8Frlq6B6u+HrniIH8p17yNnpEqF85
t0MSUVUX5hp1Uw1X8DCxma6gyDMv9S6rMhUdCsBK7cAb+wcUcMBA9/qqSVnDB/ku
Sr5n3k8szPvHaW7x9iiHmBgCRkf2hEk+6IkUNqRRWjboZNpPWiRC
-----END CERTIFICATE-----
Generated at Wed Sep 25 20:37:39 2024 by rpki-client on console-fra.rpki-client.org