Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/QdkR8GpI7h8TarjPlVc_JsJZ39o.roa
File: QdkR8GpI7h8TarjPlVc_JsJZ39o.roa (raw, json)
Hash identifier: /EBwJXO7HFubhSTQY5CvFo8q5YShuvu9MgKmFmLomxY=
Subject key identifier: 41:D9:11:F0:6A:48:EE:1F:13:6A:B8:CF:95:57:3F:26:C2:59:DF:DA
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 018D11C41A536A4E3878A74B6E3F68E8E9A7
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/QdkR8GpI7h8TarjPlVc_JsJZ39o.roa
Signing time: Tue 16 Jan 2024 10:14:40 +0000
ROA not before: Tue 16 Jan 2024 10:14:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 109.122.46.0/24 maxlen: 24
89.251.22.0/24 maxlen: 24
89.251.23.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 16 Jan 2024 17:44:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:11:c4:1a:53:6a:4e:38:78:a7:4b:6e:3f:68:e8:e9:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Jan 16 10:14:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=41d911f06a48ee1f136ab8cf95573f26c259dfda
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:e4:6e:1b:85:b7:04:d0:30:39:3f:3e:13:a9:
c3:5f:72:08:65:90:de:c8:e4:1f:3a:b0:ce:d8:e5:
50:32:fe:f3:73:40:9b:9b:f1:e9:bb:d7:ee:69:04:
c6:02:2a:34:bb:e9:65:6d:23:c8:2d:a2:0c:8a:e3:
1e:7d:14:7c:1b:75:7b:5c:07:90:6b:8d:05:1f:fa:
15:69:0b:84:3c:31:4d:96:76:51:e4:28:6d:b7:d7:
bf:bf:1e:df:7e:b3:16:c3:cf:23:9c:98:3a:d6:35:
11:65:81:29:bb:bd:fc:b7:e0:15:b0:83:20:cd:46:
a0:50:e0:a3:a7:0c:4b:9a:74:18:06:45:6a:a3:03:
88:0e:fe:88:64:68:f7:3d:d0:43:f7:36:d8:e5:a9:
4e:de:23:fc:4a:89:27:f2:65:97:86:97:51:ed:f7:
ee:7d:7f:98:78:14:d9:99:f5:f7:9a:05:ed:7d:86:
a4:19:69:53:1b:25:22:c0:46:7f:38:cb:86:08:a7:
dd:ef:7c:8c:ce:eb:3a:73:c1:fd:ef:ee:a0:1b:03:
b0:3c:2c:81:78:7a:43:30:21:cc:33:eb:64:1f:b1:
00:fb:52:7a:4d:16:dc:31:9d:18:e6:7a:ba:18:d5:
94:7e:91:dc:ec:e3:12:d7:a7:43:cc:68:ec:34:ab:
db:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:D9:11:F0:6A:48:EE:1F:13:6A:B8:CF:95:57:3F:26:C2:59:DF:DA
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/QdkR8GpI7h8TarjPlVc_JsJZ39o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.251.22.0/23
109.122.46.0/24
Signature Algorithm: sha256WithRSAEncryption
73:c6:8a:b4:89:3d:71:0f:ed:c9:67:b1:af:67:99:cd:d9:dc:
4a:6b:f6:93:3e:be:b0:77:77:24:30:17:76:21:d1:d0:b1:1b:
28:b6:31:f6:e9:b7:cc:e8:e9:bc:f7:33:3d:81:05:fb:2d:06:
05:f0:8d:cc:65:a7:1c:b8:55:92:0e:30:3d:e1:d0:57:1b:7e:
88:13:c7:0a:d4:dd:58:d1:68:e9:9f:2e:5e:3b:ea:7e:3d:45:
2e:22:cf:3f:0d:f2:e4:84:4c:d7:bd:55:1e:af:46:f7:58:b0:
c8:79:1e:c0:48:1a:88:88:df:28:3b:d1:62:f6:f2:b8:25:39:
32:b8:45:64:d9:c2:1d:a2:8b:13:62:7d:ab:5f:db:7e:ce:ea:
a4:a8:e2:77:a2:10:26:76:fa:8d:1d:3f:bc:59:74:c0:69:72:
e6:63:1f:04:74:ef:0b:af:18:85:10:54:19:e3:39:80:37:aa:
54:e8:39:b6:8e:84:37:58:45:e4:c3:d5:22:f2:fa:19:8c:d8:
4e:b7:15:2c:e0:6b:94:1c:1b:c4:7e:6a:da:75:9e:57:11:cf:
12:44:3c:91:b6:09:90:8d:15:4c:8e:89:76:c0:70:92:98:d1:
b1:01:50:27:52:29:8a:ea:8f:ee:c7:52:14:c2:66:c9:9e:5c:
4f:aa:aa:2f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY0RxBpTak44eKdLbj9o6OmnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjQwMTE2MTAxNDQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MWQ5MTFmMDZhNDhlZTFmMTM2YWI4Y2Y5NTU3M2YyNmMyNTlkZmRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxeRuG4W3BNAwOT8+E6nDX3IIZZDe
yOQfOrDO2OVQMv7zc0Cbm/Hpu9fuaQTGAio0u+llbSPILaIMiuMefRR8G3V7XAeQ
a40FH/oVaQuEPDFNlnZR5Chtt9e/vx7ffrMWw88jnJg61jURZYEpu738t+AVsIMg
zUagUOCjpwxLmnQYBkVqowOIDv6IZGj3PdBD9zbY5alO3iP8Sokn8mWXhpdR7ffu
fX+YeBTZmfX3mgXtfYakGWlTGyUiwEZ/OMuGCKfd73yMzus6c8H97+6gGwOwPCyB
eHpDMCHMM+tkH7EA+1J6TRbcMZ0Y5nq6GNWUfpHc7OMS16dDzGjsNKvbtwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEHZEfBqSO4fE2q4z5VXPybCWd/aMB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvUWRrUjhHcEk3aDhUYXJqUGxWY19Kc0paMzlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBWfsWAwQA
bXouMA0GCSqGSIb3DQEBCwUAA4IBAQBzxoq0iT1xD+3JZ7GvZ5nN2dxKa/aTPr6w
d3ckMBd2IdHQsRsotjH26bfM6Om89zM9gQX7LQYF8I3MZaccuFWSDjA94dBXG36I
E8cK1N1Y0Wjpny5eO+p+PUUuIs8/DfLkhEzXvVUer0b3WLDIeR7ASBqIiN8oO9Fi
9vK4JTkyuEVk2cIdoosTYn2rX9t+zuqkqOJ3ohAmdvqNHT+8WXTAaXLmYx8EdO8L
rxiFEFQZ4zmAN6pU6Dm2joQ3WEXkw9Ui8voZjNhOtxUs4GuUHBvEfmradZ5XEc8S
RDyRtgmQjRVMjol2wHCSmNGxAVAnUimK6o/ux1IUwmbJnlxPqqov
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:36 2024 by rpki-client on console-fra.rpki-client.org