Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/OnUIyPz5pICnq329br02gJ0DRIw.roa
File: OnUIyPz5pICnq329br02gJ0DRIw.roa (raw, json)
Hash identifier: AowVh3o4zJ9QJpoRfv0XS90CRLIW+tbpKbl5uNWDsAw=
Subject key identifier: 3A:75:08:C8:FC:F9:A4:80:A7:AB:7D:BD:6E:BD:36:80:9D:03:44:8C
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 018CC794D49F5B10D8490347FD83EE948C25
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/OnUIyPz5pICnq329br02gJ0DRIw.roa
Signing time: Tue 02 Jan 2024 00:31:08 +0000
ROA not before: Tue 02 Jan 2024 00:31:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 19437
IP address blocks: 89.251.21.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 02 Feb 2024 08:50:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:d4:9f:5b:10:d8:49:03:47:fd:83:ee:94:8c:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Jan 2 00:31:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3a7508c8fcf9a480a7ab7dbd6ebd36809d03448c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:8f:86:2d:d0:a8:e8:41:aa:7b:75:e4:e4:41:
64:73:e0:96:5a:5b:27:dc:a6:e8:19:f6:2a:41:1c:
7a:cc:74:65:2e:ca:a5:99:0c:42:67:02:4e:ff:b8:
78:4a:9f:d4:31:40:8b:b3:29:78:95:b5:fd:38:91:
fa:fe:a0:76:8a:ff:90:b0:04:13:2b:b6:38:eb:60:
2d:6c:07:07:47:43:30:58:e7:29:3c:8b:d2:0e:d8:
02:01:b5:dc:4d:15:9c:cd:17:66:18:94:01:89:90:
d8:81:22:92:0f:17:32:04:09:ff:cf:da:ae:69:3f:
69:ea:7c:68:0a:c0:56:67:e4:60:6d:d3:3e:f8:4f:
0b:73:16:00:f4:b5:4a:11:41:e9:71:1f:a0:f0:06:
66:7b:a8:76:53:f2:92:b4:60:94:ca:87:14:60:8e:
27:50:91:0b:58:c2:ca:8b:8b:a5:97:6c:a4:ba:51:
6a:b2:d2:58:23:ca:50:60:d1:45:e2:07:1b:1c:37:
8c:87:a5:d6:1b:d9:f8:f4:80:81:9e:a4:2a:19:1e:
af:58:c5:d3:aa:09:51:ce:e9:02:61:4c:86:44:63:
b6:8f:b5:01:f9:8f:55:9b:77:7d:bb:6d:eb:6e:58:
1b:8a:53:03:7e:31:17:16:63:38:90:a8:54:d1:eb:
d1:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:75:08:C8:FC:F9:A4:80:A7:AB:7D:BD:6E:BD:36:80:9D:03:44:8C
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/OnUIyPz5pICnq329br02gJ0DRIw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.251.21.0/24
Signature Algorithm: sha256WithRSAEncryption
94:27:ae:cd:22:9c:c4:c7:2c:22:02:3e:0e:22:c2:0f:8b:e7:
d4:cb:08:6d:b1:54:0c:83:72:d4:63:71:c8:3c:43:1b:74:c7:
79:3f:a7:41:49:59:9e:e7:88:77:05:8a:37:25:b8:3a:b5:42:
1a:9d:1f:56:23:21:26:8d:19:d0:f4:97:da:4b:13:80:20:f3:
55:3f:b1:0c:db:8c:90:b2:38:fc:e8:b6:8c:71:fb:62:09:13:
de:cc:4b:ba:d6:10:98:58:5f:88:02:be:c2:34:9f:ca:ce:54:
5b:e7:51:8b:fc:86:9b:3f:92:99:cc:a1:25:bb:ff:28:5a:80:
5d:73:ef:6c:88:9c:e5:08:e2:ed:e6:eb:ca:32:89:a9:ba:8e:
64:cd:55:be:40:23:cc:74:22:8c:ed:21:10:bc:e8:d1:d9:f1:
17:40:f0:08:f4:ae:02:da:c8:04:38:57:62:c7:3b:b4:32:93:
a7:12:8f:98:1a:bd:e7:32:3f:07:e8:c9:3b:50:24:16:68:af:
66:3c:53:09:07:b3:52:b1:9c:11:9c:16:d7:2c:d9:50:5d:ed:
d8:db:81:0c:92:f0:be:38:64:a4:48:8d:05:ec:a1:f9:ad:b9:
d2:52:41:85:48:4d:32:c0:95:54:2a:a9:69:66:53:4f:04:a7:
97:ea:d5:87
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHlNSfWxDYSQNH/YPulIwlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjQwMTAyMDAzMTA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTc1MDhjOGZjZjlhNDgwYTdhYjdkYmQ2ZWJkMzY4MDlkMDM0NDhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt4+GLdCo6EGqe3Xk5EFkc+CWWlsn
3KboGfYqQRx6zHRlLsqlmQxCZwJO/7h4Sp/UMUCLsyl4lbX9OJH6/qB2iv+QsAQT
K7Y462AtbAcHR0MwWOcpPIvSDtgCAbXcTRWczRdmGJQBiZDYgSKSDxcyBAn/z9qu
aT9p6nxoCsBWZ+RgbdM++E8LcxYA9LVKEUHpcR+g8AZme6h2U/KStGCUyocUYI4n
UJELWMLKi4ull2ykulFqstJYI8pQYNFF4gcbHDeMh6XWG9n49ICBnqQqGR6vWMXT
qglRzukCYUyGRGO2j7UB+Y9Vm3d9u23rblgbilMDfjEXFmM4kKhU0evRKwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDp1CMj8+aSAp6t9vW69NoCdA0SMMB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvT25VSXlQejVwSUNucTMyOWJyMDJnSjBEUkl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWfsVMA0G
CSqGSIb3DQEBCwUAA4IBAQCUJ67NIpzExywiAj4OIsIPi+fUywhtsVQMg3LUY3HI
PEMbdMd5P6dBSVme54h3BYo3Jbg6tUIanR9WIyEmjRnQ9JfaSxOAIPNVP7EM24yQ
sjj86LaMcftiCRPezEu61hCYWF+IAr7CNJ/KzlRb51GL/IabP5KZzKElu/8oWoBd
c+9siJzlCOLt5uvKMompuo5kzVW+QCPMdCKM7SEQvOjR2fEXQPAI9K4C2sgEOFdi
xzu0MpOnEo+YGr3nMj8H6Mk7UCQWaK9mPFMJB7NSsZwRnBbXLNlQXe3Y24EMkvC+
OGSkSI0F7KH5rbnSUkGFSE0ywJVUKqlpZlNPBKeX6tWH
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:06 2024 by rpki-client on console-ams.rpki-client.org