Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/PdMCm5DwbpTLkU4EZFQOxKzqAfI.roa
File: PdMCm5DwbpTLkU4EZFQOxKzqAfI.roa (raw, json)
Hash identifier: hQqay6SOFgSYogYVP8ubCRsAvt6o/Wnj/yyx+9O/cNk=
Subject key identifier: 3D:D3:02:9B:90:F0:6E:94:CB:91:4E:04:64:54:0E:C4:AC:EA:01:F2
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 0188233DC03CF3D5B79BF59388E4EECE5511
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/PdMCm5DwbpTLkU4EZFQOxKzqAfI.roa
Signing time: Tue 16 May 2023 06:27:09 +0000
ROA not before: Tue 16 May 2023 06:27:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 109.122.42.0/24 maxlen: 24
109.122.43.0/24 maxlen: 24
91.226.59.0/24 maxlen: 24
89.251.23.0/24 maxlen: 24
89.251.22.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 18 May 2023 03:29:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:23:3d:c0:3c:f3:d5:b7:9b:f5:93:88:e4:ee:ce:55:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: May 16 06:27:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3dd3029b90f06e94cb914e0464540ec4acea01f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:1c:26:5e:b2:91:61:af:ee:0f:6a:bb:b8:07:
35:8a:a9:62:7b:d7:a6:af:6b:b2:d3:fe:8c:f7:17:
29:07:4f:c5:3b:c0:e0:5f:89:61:32:c5:28:b6:c7:
b2:7e:f4:00:6e:7c:30:83:3c:ff:56:8a:b3:26:8e:
d0:41:dd:e5:af:80:7d:a2:80:d4:08:b4:51:e1:17:
07:50:12:0c:0d:45:80:0e:cb:45:20:59:8f:f9:f1:
23:e4:0f:79:21:f7:50:ab:56:b5:a6:79:63:10:54:
35:78:ca:40:64:ff:5b:e1:35:f3:cf:e0:09:00:94:
86:6f:bc:58:4a:e0:26:cf:2a:90:52:a3:90:32:dc:
46:9f:af:2f:d2:58:2a:4b:fe:b9:0e:3c:04:7c:27:
c5:21:6a:9a:7e:78:c0:33:e7:b2:9f:d4:36:72:4b:
64:b6:be:7a:95:52:a7:4e:b0:9d:9d:6b:fb:8b:38:
e8:22:c0:09:10:d1:1f:a9:85:0c:8e:14:34:4e:7f:
b3:5c:d4:bb:6d:32:b0:b1:3c:ce:6e:f4:d5:c5:43:
2e:51:6c:2a:87:49:aa:58:53:a6:22:d7:00:03:cf:
63:28:79:a8:df:0a:ef:f9:86:48:ea:bd:d3:ff:25:
65:ee:00:90:14:4a:d9:48:4b:99:e9:3c:13:06:9e:
60:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:D3:02:9B:90:F0:6E:94:CB:91:4E:04:64:54:0E:C4:AC:EA:01:F2
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/PdMCm5DwbpTLkU4EZFQOxKzqAfI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.251.22.0/23
91.226.59.0/24
109.122.42.0/23
Signature Algorithm: sha256WithRSAEncryption
09:5f:c7:d6:e7:6b:cf:b2:21:da:a1:ba:ea:42:3c:8f:ed:4d:
b0:57:80:68:af:7f:11:ba:1e:a9:7c:91:78:bd:31:d5:71:c5:
7a:5d:31:30:85:e6:d6:88:ad:db:08:32:b0:01:74:28:f0:bd:
82:b8:18:bc:11:b6:2f:00:0d:53:9f:3f:6f:99:39:46:e1:97:
fc:fc:12:c3:8c:8f:8c:b8:b8:d3:ef:64:9c:15:b1:27:1f:26:
27:c8:a2:92:44:e6:b5:8a:7e:83:ba:aa:34:c8:a3:b8:af:b9:
12:4a:10:7e:2d:b2:af:f5:b0:15:c3:0b:94:1a:42:9d:b3:17:
84:00:e8:88:09:53:fd:60:87:fd:7c:2f:78:93:af:df:21:af:
b9:74:dc:c3:e1:88:ac:ca:36:3c:a9:b2:37:dc:5a:f3:14:20:
83:32:01:84:d2:fb:ba:00:7a:30:5b:70:0c:ba:c0:78:76:08:
63:40:3f:e9:96:08:0b:fa:55:37:57:58:40:6c:4f:1b:6f:25:
e2:16:ba:4f:64:36:d6:2a:81:3e:04:72:b9:20:40:63:b0:f6:
d2:8d:da:a7:d2:66:a8:36:1e:e4:e3:e1:91:83:81:22:a5:f3:
bb:85:39:3e:67:c1:ce:42:00:cc:a8:ff:92:61:d1:9f:a1:aa:
a9:b9:cd:c5
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYgjPcA889W3m/WTiOTuzlURMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjMwNTE2MDYyNzA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZGQzMDI5YjkwZjA2ZTk0Y2I5MTRlMDQ2NDU0MGVjNGFjZWEwMWYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkRwmXrKRYa/uD2q7uAc1iqlie9em
r2uy0/6M9xcpB0/FO8DgX4lhMsUotseyfvQAbnwwgzz/VoqzJo7QQd3lr4B9ooDU
CLRR4RcHUBIMDUWADstFIFmP+fEj5A95IfdQq1a1pnljEFQ1eMpAZP9b4TXzz+AJ
AJSGb7xYSuAmzyqQUqOQMtxGn68v0lgqS/65DjwEfCfFIWqafnjAM+eyn9Q2cktk
tr56lVKnTrCdnWv7izjoIsAJENEfqYUMjhQ0Tn+zXNS7bTKwsTzObvTVxUMuUWwq
h0mqWFOmItcAA89jKHmo3wrv+YZI6r3T/yVl7gCQFErZSEuZ6TwTBp5gSQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFD3TApuQ8G6Uy5FOBGRUDsSs6gHyMB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvUGRNQ201RHdicFRMa1U0RVpGUU94S3pxQWZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBWfsWAwQA
W+I7AwQBbXoqMA0GCSqGSIb3DQEBCwUAA4IBAQAJX8fW52vPsiHaobrqQjyP7U2w
V4Bor38Ruh6pfJF4vTHVccV6XTEwhebWiK3bCDKwAXQo8L2CuBi8EbYvAA1Tnz9v
mTlG4Zf8/BLDjI+MuLjT72ScFbEnHyYnyKKSROa1in6Duqo0yKO4r7kSShB+LbKv
9bAVwwuUGkKdsxeEAOiICVP9YIf9fC94k6/fIa+5dNzD4YisyjY8qbI33FrzFCCD
MgGE0vu6AHowW3AMusB4dghjQD/plggL+lU3V1hAbE8bbyXiFrpPZDbWKoE+BHK5
IEBjsPbSjdqn0maoNh7k4+GRg4EipfO7hTk+Z8HOQgDMqP+SYdGfoaqpuc3F
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:06 2024 by rpki-client on console-ams.rpki-client.org