Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/XHajB7Ekm1UQtudvdYrkZ4t_8Hs.roa
File: XHajB7Ekm1UQtudvdYrkZ4t_8Hs.roa (raw, json)
Hash identifier: O62nb3+NOlRvdA/SIFXsXY4fIWwt5X3VWUuFECdGjFs=
Subject key identifier: 5C:76:A3:07:B1:24:9B:55:10:B6:E7:6F:75:8A:E4:67:8B:7F:F0:7B
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 018AB94898DFAF3401E0029D4749A6913F99
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/XHajB7Ekm1UQtudvdYrkZ4t_8Hs.roa
Signing time: Thu 21 Sep 2023 19:47:37 +0000
ROA not before: Thu 21 Sep 2023 19:47:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 174
IP address blocks: 89.251.17.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:31:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:b9:48:98:df:af:34:01:e0:02:9d:47:49:a6:91:3f:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Sep 21 19:47:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5c76a307b1249b5510b6e76f758ae4678b7ff07b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:7a:e7:15:84:61:d5:50:a8:64:1b:d6:01:cb:
a6:82:87:bf:06:6e:6e:7b:fd:05:22:c8:4f:d8:53:
bd:6f:15:8e:41:72:ef:c2:5e:d8:c7:35:c3:d7:c9:
55:0f:8e:8e:43:8c:86:81:ef:1b:2c:2b:f5:7a:84:
c0:c0:a6:9b:5c:dd:1d:22:43:bd:34:6c:ba:f6:47:
8e:e7:41:04:f6:6e:59:98:21:11:1a:d9:79:ab:eb:
e3:4f:a3:64:4d:78:b7:0b:5c:bf:83:0a:40:b3:be:
5d:00:74:22:9a:f3:6f:24:73:6a:33:02:2f:6f:9f:
d4:07:28:24:b1:8c:e2:f4:f1:67:5b:a5:6f:87:f9:
fd:2b:8f:ab:fd:1a:37:e0:54:28:43:7e:72:b8:8e:
f7:38:6a:96:b9:26:d7:8e:da:06:62:ec:9b:24:c7:
5c:4c:bd:73:29:a6:22:eb:a2:37:ad:4c:32:c9:39:
ec:ea:65:4e:9d:3a:80:68:5e:01:e5:65:cd:f3:79:
81:2c:26:46:90:63:ed:2c:1b:ee:82:f5:3e:57:32:
4d:2b:52:55:1c:50:2c:b5:1f:96:bf:96:00:ff:5c:
59:29:4e:62:cb:13:f2:db:84:1e:0a:92:bc:bc:7a:
46:1a:ba:eb:82:86:82:d9:bd:af:37:be:90:4b:3b:
1e:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:76:A3:07:B1:24:9B:55:10:B6:E7:6F:75:8A:E4:67:8B:7F:F0:7B
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/XHajB7Ekm1UQtudvdYrkZ4t_8Hs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.251.17.0/24
Signature Algorithm: sha256WithRSAEncryption
27:9f:98:4d:bd:c1:44:b2:25:4c:83:d2:43:fa:23:e4:7d:4e:
1c:ed:a7:08:34:75:c1:29:f1:b8:1f:d5:1c:ba:e7:09:33:a1:
f8:e8:21:38:78:2f:f7:81:f8:c3:8f:94:71:87:b4:ec:06:29:
40:49:44:02:5e:32:09:4f:e8:d5:6b:ea:7a:86:8b:47:5f:6b:
54:4c:36:55:5f:f2:e7:83:55:0a:a7:7c:ab:30:8f:63:2a:e9:
62:83:78:54:f9:e6:db:af:40:8a:da:34:a3:7e:8b:bd:c1:97:
6f:20:58:d4:d8:09:96:3a:ff:8c:4e:06:64:9c:72:21:ef:0b:
c2:98:ea:44:90:7c:ee:87:ba:3b:8b:8c:3c:cf:76:8f:9d:d9:
3a:c0:91:05:a2:30:c4:37:42:d6:cb:e2:0a:74:01:48:1e:5b:
29:f7:a8:c1:1e:74:85:a8:a4:1b:c9:47:99:ef:70:46:fb:77:
2c:34:ca:8b:dd:9a:a4:ba:45:95:ac:ab:87:4a:e2:28:03:a5:
34:99:8e:48:23:11:f9:f4:45:26:56:4e:40:2d:e5:42:90:02:
c4:dd:0d:0a:91:9a:d4:cb:ea:cf:98:cc:2a:ea:b1:a6:b1:51:
c1:cf:8e:eb:c1:5c:78:b3:31:82:bd:5c:81:f4:6b:5d:19:07:
b0:41:fc:1b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYq5SJjfrzQB4AKdR0mmkT+ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjMwOTIxMTk0NzM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Yzc2YTMwN2IxMjQ5YjU1MTBiNmU3NmY3NThhZTQ2NzhiN2ZmMDdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArnrnFYRh1VCoZBvWAcumgoe/Bm5u
e/0FIshP2FO9bxWOQXLvwl7YxzXD18lVD46OQ4yGge8bLCv1eoTAwKabXN0dIkO9
NGy69keO50EE9m5ZmCERGtl5q+vjT6NkTXi3C1y/gwpAs75dAHQimvNvJHNqMwIv
b5/UBygksYzi9PFnW6Vvh/n9K4+r/Ro34FQoQ35yuI73OGqWuSbXjtoGYuybJMdc
TL1zKaYi66I3rUwyyTns6mVOnTqAaF4B5WXN83mBLCZGkGPtLBvugvU+VzJNK1JV
HFAstR+Wv5YA/1xZKU5iyxPy24QeCpK8vHpGGrrrgoaC2b2vN76QSzse3QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFx2owexJJtVELbnb3WK5GeLf/B7MB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvWEhhakI3RWttMVVRdHVkdmRZcmtaNHRfOEhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWfsRMA0G
CSqGSIb3DQEBCwUAA4IBAQAnn5hNvcFEsiVMg9JD+iPkfU4c7acINHXBKfG4H9Uc
uucJM6H46CE4eC/3gfjDj5Rxh7TsBilASUQCXjIJT+jVa+p6hotHX2tUTDZVX/Ln
g1UKp3yrMI9jKulig3hU+ebbr0CK2jSjfou9wZdvIFjU2AmWOv+MTgZknHIh7wvC
mOpEkHzuh7o7i4w8z3aPndk6wJEFojDEN0LWy+IKdAFIHlsp96jBHnSFqKQbyUeZ
73BG+3csNMqL3ZqkukWVrKuHSuIoA6U0mY5IIxH59EUmVk5ALeVCkALE3Q0KkZrU
y+rPmMwq6rGmsVHBz47rwVx4szGCvVyB9GtdGQewQfwb
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:06 2024 by rpki-client on console-ams.rpki-client.org