Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/Q25rMvG_u4HrFryZjgdbtggNbtk.roa
File: Q25rMvG_u4HrFryZjgdbtggNbtk.roa (raw, json)
Hash identifier: t1kESiVCpdYepGRplMkNZXT67zamEzn52G9ec7xbME4=
Subject key identifier: 43:6E:6B:32:F1:BF:BB:81:EB:16:BC:99:8E:07:5B:B6:08:0D:6E:D9
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 018C5785456CBF230E277CE8403DA066DA80
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/Q25rMvG_u4HrFryZjgdbtggNbtk.roa
Signing time: Mon 11 Dec 2023 06:16:41 +0000
ROA not before: Mon 11 Dec 2023 06:16:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 91.200.220.0/24 maxlen: 24
109.122.46.0/24 maxlen: 24
89.251.25.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 14 Dec 2023 09:37:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:57:85:45:6c:bf:23:0e:27:7c:e8:40:3d:a0:66:da:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Dec 11 06:16:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=436e6b32f1bfbb81eb16bc998e075bb6080d6ed9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:85:7d:b4:06:6c:d3:9c:bb:c6:e7:00:9b:c9:
aa:9c:4d:63:d9:22:0f:23:ad:42:0e:10:0d:3c:e9:
2f:25:5d:fd:5a:54:3c:33:b6:60:32:70:49:85:b9:
21:31:73:24:6b:9e:fd:bb:e5:67:ed:45:5b:82:2a:
09:44:7c:2c:ff:f4:a9:66:6e:65:c4:7e:c3:97:ca:
74:bb:3c:c8:19:ee:8d:fb:50:a1:52:c3:7d:60:07:
ab:d4:46:53:7f:31:b7:81:6b:98:83:8d:e8:9b:1e:
a9:84:c9:33:1d:d9:0d:7f:d9:53:3e:43:81:59:01:
b3:c8:85:21:f1:8d:99:ec:93:3e:07:ce:14:75:a3:
b6:57:e5:99:36:e0:03:b8:f6:c5:1f:f2:96:b7:f9:
52:85:cc:12:86:03:d3:46:da:f9:6c:55:dc:84:ff:
ab:ee:3f:29:6e:f5:36:96:3d:36:f6:8b:63:94:07:
d4:bd:82:ae:91:e6:f5:7a:07:b4:60:cd:05:9e:4b:
30:5f:ac:9d:b0:8b:66:29:8f:57:e1:44:b1:37:f8:
53:08:4b:47:4b:53:4d:38:d1:03:58:b1:83:95:5d:
ef:fc:81:6e:43:09:be:27:08:3d:ca:fb:b6:3b:00:
6c:64:dc:85:18:a6:37:da:56:34:a5:f8:c8:21:7b:
58:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:6E:6B:32:F1:BF:BB:81:EB:16:BC:99:8E:07:5B:B6:08:0D:6E:D9
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/Q25rMvG_u4HrFryZjgdbtggNbtk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.251.25.0/24
91.200.220.0/24
109.122.46.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:5a:13:a0:30:c1:9c:fc:a9:a6:2c:31:27:a2:dc:f6:ec:22:
07:a1:6c:09:fd:55:1b:38:47:ca:84:a5:6f:70:09:81:e3:f5:
c2:20:d1:97:cf:ba:9d:3e:d6:c8:f6:1e:7b:b4:84:f1:63:f2:
4b:b1:c5:7c:99:d0:ae:22:23:b8:75:b1:d5:04:a8:52:73:35:
ae:4a:b9:82:26:3e:bb:39:c9:e8:cf:c2:b3:e7:59:4f:ef:65:
e8:a1:19:31:8f:75:b2:8b:27:23:e9:7b:ce:d3:5c:6a:fb:50:
8e:59:7b:0a:36:c9:92:52:2e:17:de:76:ec:35:41:d6:03:92:
be:65:b2:ef:98:7b:12:c1:47:a2:37:82:fa:79:e8:f6:73:4f:
96:a6:ff:13:aa:9b:83:ff:1f:29:bd:3d:62:69:c9:5e:f5:41:
7b:93:80:39:0b:24:0b:30:41:ab:6b:f2:68:cc:b9:4b:9e:43:
f0:83:82:07:05:e5:78:60:9c:aa:ed:5b:39:16:94:c8:07:89:
07:b9:6b:5b:ea:c5:0b:88:ae:82:e5:eb:2d:e0:ab:f9:4c:ce:
28:4a:cf:04:d3:7b:ca:4b:c4:cd:0e:0c:70:93:76:62:7d:39:
b3:d0:3a:82:99:3e:69:d1:37:a5:eb:fc:86:d5:f5:85:bb:fb:
2e:0c:d1:3d
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYxXhUVsvyMOJ3zoQD2gZtqAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjMxMjExMDYxNjQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MzZlNmIzMmYxYmZiYjgxZWIxNmJjOTk4ZTA3NWJiNjA4MGQ2ZWQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqYV9tAZs05y7xucAm8mqnE1j2SIP
I61CDhANPOkvJV39WlQ8M7ZgMnBJhbkhMXMka579u+Vn7UVbgioJRHws//SpZm5l
xH7Dl8p0uzzIGe6N+1ChUsN9YAer1EZTfzG3gWuYg43omx6phMkzHdkNf9lTPkOB
WQGzyIUh8Y2Z7JM+B84UdaO2V+WZNuADuPbFH/KWt/lShcwShgPTRtr5bFXchP+r
7j8pbvU2lj029otjlAfUvYKukeb1ege0YM0FnkswX6ydsItmKY9X4USxN/hTCEtH
S1NNONEDWLGDlV3v/IFuQwm+Jwg9yvu2OwBsZNyFGKY32lY0pfjIIXtYKwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFENuazLxv7uB6xa8mY4HW7YIDW7ZMB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvUTI1ck12R191NEhyRnJ5WmpnZGJ0Z2dOYnRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAWfsZAwQA
W8jcAwQAbXouMA0GCSqGSIb3DQEBCwUAA4IBAQANWhOgMMGc/KmmLDEnotz27CIH
oWwJ/VUbOEfKhKVvcAmB4/XCINGXz7qdPtbI9h57tITxY/JLscV8mdCuIiO4dbHV
BKhSczWuSrmCJj67Ocnoz8Kz51lP72XooRkxj3Wyiycj6XvO01xq+1COWXsKNsmS
Ui4X3nbsNUHWA5K+ZbLvmHsSwUeiN4L6eej2c0+Wpv8TqpuD/x8pvT1iacle9UF7
k4A5CyQLMEGra/JozLlLnkPwg4IHBeV4YJyq7Vs5FpTIB4kHuWtb6sULiK6C5est
4Kv5TM4oSs8E03vKS8TNDgxwk3ZifTmz0DqCmT5p0Tel6/yG1fWFu/suDNE9
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:06 2024 by rpki-client on console-ams.rpki-client.org