Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/ShdO7ut-jgY1kGXfzUATfp_6F_o.roa
File: ShdO7ut-jgY1kGXfzUATfp_6F_o.roa (raw, json)
Hash identifier: 3rw9GXmxQicbKUqBXfk/bgNBfVZwlRh9PseTuxBBllA=
Subject key identifier: 4A:17:4E:EE:EB:7E:8E:06:35:90:65:DF:CD:40:13:7E:9F:FA:17:FA
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 019416FB0DDE50F7FE8727C5A07C363BD71C
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/ShdO7ut-jgY1kGXfzUATfp_6F_o.roa
Signing time: Mon 30 Dec 2024 09:52:19 +0000
ROA not before: Mon 30 Dec 2024 09:52:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21859
IP address blocks: 89.251.20.0/24 maxlen: 24
109.122.44.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 09:49:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:16:fb:0d:de:50:f7:fe:87:27:c5:a0:7c:36:3b:d7:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Dec 30 09:52:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4a174eeeeb7e8e06359065dfcd40137e9ffa17fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:f3:23:f3:da:9a:6a:6f:94:8f:d3:4b:f2:f7:
b8:bd:cf:2e:e1:81:dd:9c:9d:73:d8:01:6e:02:0d:
77:ab:2c:7a:34:bc:be:29:33:2d:e3:b4:ec:c0:de:
aa:6f:63:65:bd:c6:dd:08:ca:2a:1a:5c:e8:dd:7c:
6a:a8:79:f6:16:a5:2f:3f:a0:f6:12:62:51:29:a5:
d5:90:ac:67:d8:2f:ed:2f:38:be:f0:2d:82:cc:98:
f2:75:7f:1f:ce:2f:c7:69:9b:2c:d7:90:4f:1a:c3:
83:c8:60:27:5b:84:9b:5b:f5:39:d5:82:29:14:3b:
77:6d:58:d4:f0:1f:67:db:2a:46:df:64:9f:5b:fa:
d6:d5:30:fe:02:ed:d0:81:f0:72:23:66:f9:11:a6:
83:c9:5b:67:84:68:e6:53:64:d3:5e:29:62:8f:2d:
f3:ad:7f:a7:1f:5c:b4:3d:06:50:2e:a1:2d:e6:74:
9d:d3:b9:c6:34:89:3b:d8:6a:b7:48:55:a0:fd:2b:
92:43:87:7f:37:db:15:2a:7a:1f:cd:f0:9d:0f:af:
c0:bb:33:d4:5b:b5:9f:42:26:6d:8d:a4:92:12:0b:
d8:da:06:11:d9:34:c6:85:36:19:fc:26:45:0f:72:
e7:b5:a2:f6:81:c2:bb:b6:6f:07:d8:86:39:fd:67:
46:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:17:4E:EE:EB:7E:8E:06:35:90:65:DF:CD:40:13:7E:9F:FA:17:FA
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/ShdO7ut-jgY1kGXfzUATfp_6F_o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.251.20.0/24
109.122.44.0/24
Signature Algorithm: sha256WithRSAEncryption
1b:bf:fa:40:36:87:ca:43:2f:24:1c:71:89:96:eb:48:da:17:
84:d2:da:8b:94:90:84:90:41:71:18:87:89:4a:88:57:3a:75:
f7:00:e6:4c:98:13:c3:f6:00:ef:bc:97:7f:3c:14:d7:a9:7b:
91:d1:61:49:57:83:b0:20:d1:7a:f8:09:79:aa:b6:fe:9a:b8:
20:49:76:06:68:ab:0c:87:b5:70:6f:c6:68:73:9b:b1:0b:b1:
db:50:ab:b2:24:8b:12:de:44:f9:7b:f7:e4:f1:1c:c9:47:43:
aa:49:d2:40:50:fe:d3:f1:7b:27:ef:17:49:c6:3b:d7:75:22:
2c:94:dd:73:9d:81:4e:d7:7d:05:2b:53:11:14:a1:26:eb:ee:
9d:3b:fd:2b:86:a3:06:b9:57:0e:6b:b3:54:f7:c9:5b:7b:56:
2b:a1:3b:95:85:c9:0e:c1:b4:22:65:5d:3a:87:fe:96:f1:7a:
3b:57:26:ae:69:81:d8:7b:be:65:dd:f9:51:50:0c:25:45:a9:
05:48:17:a0:93:d9:02:52:31:74:c7:43:ae:9b:81:ad:b0:9b:
81:e5:3e:2a:48:36:c6:2b:44:c9:72:b0:cf:5a:a4:61:c7:f0:
2f:30:60:1b:07:2a:c1:b5:60:7d:6c:01:8c:24:ec:f9:b5:53:
84:e8:00:ff
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQW+w3eUPf+hyfFoHw2O9ccMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjQxMjMwMDk1MjE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTE3NGVlZWViN2U4ZTA2MzU5MDY1ZGZjZDQwMTM3ZTlmZmExN2ZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAofMj89qaam+Uj9NL8ve4vc8u4YHd
nJ1z2AFuAg13qyx6NLy+KTMt47TswN6qb2NlvcbdCMoqGlzo3XxqqHn2FqUvP6D2
EmJRKaXVkKxn2C/tLzi+8C2CzJjydX8fzi/HaZss15BPGsODyGAnW4SbW/U51YIp
FDt3bVjU8B9n2ypG32SfW/rW1TD+Au3QgfByI2b5EaaDyVtnhGjmU2TTXilijy3z
rX+nH1y0PQZQLqEt5nSd07nGNIk72Gq3SFWg/SuSQ4d/N9sVKnofzfCdD6/AuzPU
W7WfQiZtjaSSEgvY2gYR2TTGhTYZ/CZFD3LntaL2gcK7tm8H2IY5/WdGTQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEoXTu7rfo4GNZBl381AE36f+hf6MB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvU2hkTzd1dC1qZ1kxa0dYZnpVQVRmcF82Rl9vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWfsUAwQA
bXosMA0GCSqGSIb3DQEBCwUAA4IBAQAbv/pANofKQy8kHHGJlutI2heE0tqLlJCE
kEFxGIeJSohXOnX3AOZMmBPD9gDvvJd/PBTXqXuR0WFJV4OwINF6+Al5qrb+mrgg
SXYGaKsMh7Vwb8Zoc5uxC7HbUKuyJIsS3kT5e/fk8RzJR0OqSdJAUP7T8Xsn7xdJ
xjvXdSIslN1znYFO130FK1MRFKEm6+6dO/0rhqMGuVcOa7NU98lbe1YroTuVhckO
wbQiZV06h/6W8Xo7VyauaYHYe75l3flRUAwlRakFSBegk9kCUjF0x0Oum4GtsJuB
5T4qSDbGK0TJcrDPWqRhx/AvMGAbByrBtWB9bAGMJOz5tVOE6AD/
-----END CERTIFICATE-----
Generated at Thu Apr 17 21:21:53 2025 by rpki-client