Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/UO7Ee2RmLNZWUnhDL7VOXxhc2x8.roa
File: UO7Ee2RmLNZWUnhDL7VOXxhc2x8.roa (raw, json)
Hash identifier: Z0sN0uYLRTu77tz2nh0yXxWubFFFKGMOIKKTWl63R6g=
Subject key identifier: 50:EE:C4:7B:64:66:2C:D6:56:52:78:43:2F:B5:4E:5F:18:5C:DB:1F
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 018AACFA77B35E422A1408D6AF9DC427C8F7
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/UO7Ee2RmLNZWUnhDL7VOXxhc2x8.roa
Signing time: Tue 19 Sep 2023 10:26:50 +0000
ROA not before: Tue 19 Sep 2023 10:26:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 109.122.44.0/24 maxlen: 24
109.122.43.0/24 maxlen: 24
91.226.59.0/24 maxlen: 24
89.251.18.0/24 maxlen: 24
89.251.23.0/24 maxlen: 24
89.251.22.0/24 maxlen: 24
89.251.24.0/24 maxlen: 24
89.251.20.0/24 maxlen: 24
89.251.29.0/24 maxlen: 24
89.251.31.0/24 maxlen: 24
89.251.25.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 18 Oct 2023 19:57:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:ac:fa:77:b3:5e:42:2a:14:08:d6:af:9d:c4:27:c8:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Sep 19 10:26:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=50eec47b64662cd6565278432fb54e5f185cdb1f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:52:ae:e3:c0:7e:2b:1d:40:29:4b:0f:9d:4d:
bb:f0:98:00:8a:b3:b4:66:c6:5b:d5:a6:0d:8b:f6:
b2:06:56:03:08:b0:81:80:8f:59:58:d8:1a:55:28:
f5:d4:f8:19:7a:66:a3:17:98:4d:44:e2:f7:86:76:
df:85:ee:7a:cb:79:6a:d8:18:a5:3f:b2:63:47:5b:
07:20:7d:cb:3d:39:02:75:8d:81:57:5d:74:da:1a:
cd:83:7b:ac:5d:ab:9a:ab:a4:62:9f:f6:64:7e:30:
0f:8c:90:34:69:5e:fc:91:d4:14:80:47:c9:e4:2b:
a9:d8:5b:70:a0:38:78:ee:7b:e8:15:95:07:46:89:
97:05:44:c2:49:60:92:1d:27:3f:78:72:92:8c:74:
0e:5f:aa:9e:a1:4e:a3:2b:b9:70:ff:a2:15:3c:d3:
59:b7:af:5c:ce:01:19:8e:0d:f8:f5:e8:43:cc:9f:
98:b4:cb:3b:aa:d3:54:9a:4f:8d:df:49:97:58:d5:
89:f9:d6:eb:28:3c:47:3c:21:a3:e0:17:08:2e:53:
ef:4e:9f:ff:b8:14:7b:24:d6:c7:f0:7d:d1:b3:14:
90:9e:04:d6:f8:22:0b:92:e1:11:d3:5c:44:15:bf:
cc:a1:e9:31:46:a9:6e:97:1b:89:db:49:f3:53:11:
9a:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:EE:C4:7B:64:66:2C:D6:56:52:78:43:2F:B5:4E:5F:18:5C:DB:1F
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/UO7Ee2RmLNZWUnhDL7VOXxhc2x8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.251.18.0/24
89.251.20.0/24
89.251.22.0-89.251.25.255
89.251.29.0/24
89.251.31.0/24
91.226.59.0/24
109.122.43.0-109.122.44.255
Signature Algorithm: sha256WithRSAEncryption
1d:40:a3:71:a7:88:13:3e:7b:69:18:0a:a4:84:7e:4d:4f:b7:
5b:ec:7c:e9:5b:5f:68:cb:f8:e0:fc:f7:6d:62:c9:c1:63:7d:
9c:3b:aa:20:b6:1c:11:f8:b1:31:a8:28:53:6b:8b:2a:da:93:
c5:44:d0:4c:22:87:0a:49:49:ff:56:2c:a7:60:1f:6d:79:d1:
63:33:6b:ae:7b:0d:22:85:2e:96:72:78:13:20:4c:87:16:fc:
82:10:28:a3:60:f7:19:11:9d:c0:b0:16:46:0d:a1:13:63:4f:
4e:5e:44:e1:26:88:38:70:26:54:30:7b:28:59:e7:f0:25:67:
bd:56:ef:42:74:71:c7:7e:41:e7:0f:ce:a2:dc:24:1a:b4:59:
a5:5b:bf:6e:d1:b5:9d:5e:d7:54:0e:9e:19:a5:7f:2b:67:46:
dc:fd:85:62:6d:e8:dd:6a:34:bb:63:60:2a:d6:af:bf:43:a2:
54:3d:45:40:b0:58:e1:72:d3:87:18:c0:04:ca:19:9d:ad:0c:
15:5e:65:3f:48:41:b2:0d:c1:65:44:79:c1:b5:d5:b3:b3:d5:
bc:1b:74:e8:be:c1:3c:a9:cf:46:ab:dc:a3:17:2b:ec:e8:a8:
be:08:ae:c1:b8:5d:61:58:05:6c:3d:82:a0:ed:7e:b5:ea:40:
64:94:19:52
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAYqs+nezXkIqFAjWr53EJ8j3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjMwOTE5MTAyNjUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MGVlYzQ3YjY0NjYyY2Q2NTY1Mjc4NDMyZmI1NGU1ZjE4NWNkYjFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0FKu48B+Kx1AKUsPnU278JgAirO0
ZsZb1aYNi/ayBlYDCLCBgI9ZWNgaVSj11PgZemajF5hNROL3hnbfhe56y3lq2Bil
P7JjR1sHIH3LPTkCdY2BV1102hrNg3usXauaq6Rin/ZkfjAPjJA0aV78kdQUgEfJ
5Cup2FtwoDh47nvoFZUHRomXBUTCSWCSHSc/eHKSjHQOX6qeoU6jK7lw/6IVPNNZ
t69czgEZjg349ehDzJ+YtMs7qtNUmk+N30mXWNWJ+dbrKDxHPCGj4BcILlPvTp//
uBR7JNbH8H3RsxSQngTW+CILkuER01xEFb/MoekxRqlulxuJ20nzUxGaMwIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFFDuxHtkZizWVlJ4Qy+1Tl8YXNsfMB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvVU83RWUyUm1MTlpXVW5oREw3Vk9YeGhjMng4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjBABAIAATA6AwQAWfsSAwQA
WfsUMAwDBAFZ+xYDBAFZ+xgDBABZ+x0DBABZ+x8DBABb4jswDAMEAG16KwMEAG16
LDANBgkqhkiG9w0BAQsFAAOCAQEAHUCjcaeIEz57aRgKpIR+TU+3W+x86VtfaMv4
4Pz3bWLJwWN9nDuqILYcEfixMagoU2uLKtqTxUTQTCKHCklJ/1Ysp2AfbXnRYzNr
rnsNIoUulnJ4EyBMhxb8ghAoo2D3GRGdwLAWRg2hE2NPTl5E4SaIOHAmVDB7KFnn
8CVnvVbvQnRxx35B5w/OotwkGrRZpVu/btG1nV7XVA6eGaV/K2dG3P2FYm3o3Wo0
u2NgKtavv0OiVD1FQLBY4XLThxjABMoZna0MFV5lP0hBsg3BZUR5wbXVs7PVvBt0
6L7BPKnPRqvcoxcr7OiovgiuwbhdYVgFbD2CoO1+tepAZJQZUg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:06 2024 by rpki-client on console-ams.rpki-client.org