Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/aKfOF4zgnhpXP-MegcigUSdFfgU.roa
File: aKfOF4zgnhpXP-MegcigUSdFfgU.roa (raw, json)
Hash identifier: 5Vo9ao9djMKeAu2GAxJmtqbTf8IuZmQmO37vibYUASk=
Subject key identifier: 68:A7:CE:17:8C:E0:9E:1A:57:3F:E3:1E:81:C8:A0:51:27:45:7E:05
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 01882CE830162545EE840A8BC48B0A99900F
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/aKfOF4zgnhpXP-MegcigUSdFfgU.roa
Signing time: Thu 18 May 2023 03:29:54 +0000
ROA not before: Thu 18 May 2023 03:29:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 109.122.42.0/24 maxlen: 24
109.122.44.0/24 maxlen: 24
109.122.43.0/24 maxlen: 24
91.226.59.0/24 maxlen: 24
89.251.23.0/24 maxlen: 24
89.251.22.0/24 maxlen: 24
89.251.20.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:2c:e8:30:16:25:45:ee:84:0a:8b:c4:8b:0a:99:90:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: May 18 03:29:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=68a7ce178ce09e1a573fe31e81c8a05127457e05
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:de:26:c8:51:80:f1:2d:0f:7a:06:cd:b8:2e:
b1:4c:9b:8d:a1:f0:5e:f9:be:bf:ee:f9:34:10:2f:
6c:86:32:55:27:d5:35:36:f0:92:bc:73:7c:9e:d2:
ef:64:c1:6d:cb:eb:3a:33:78:31:c5:69:32:a7:29:
4d:64:8f:dd:fb:94:0c:cb:ce:5f:4c:4e:a9:59:96:
bf:f2:9b:fa:20:d9:79:a3:69:bd:18:e7:4b:36:22:
8f:2b:63:ae:12:de:c8:72:fe:14:e1:2e:69:07:cd:
f0:e9:86:29:a9:d1:c4:c1:1e:36:dd:4c:22:89:3a:
ff:89:ee:3a:55:00:28:85:84:8e:5b:41:b7:79:d4:
ab:87:5b:de:46:ee:8e:8c:1f:0f:f2:f7:0e:3e:19:
b1:70:f6:82:9f:dc:45:24:78:c5:76:58:23:66:08:
cc:de:d4:34:99:c3:52:bb:a5:8a:15:a7:19:1c:c4:
d3:bb:3d:5c:e6:24:b2:65:9a:9e:39:fd:a3:e2:0d:
30:2e:39:15:bc:e4:fb:9c:21:b1:4b:f9:35:09:03:
ff:91:a5:bc:3a:68:13:40:49:29:f7:62:eb:3d:b2:
94:be:6e:72:e5:b2:45:01:d1:7e:ea:57:13:e7:2a:
aa:00:70:55:22:da:9c:43:ae:5a:b9:b6:46:34:d6:
b2:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:A7:CE:17:8C:E0:9E:1A:57:3F:E3:1E:81:C8:A0:51:27:45:7E:05
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/aKfOF4zgnhpXP-MegcigUSdFfgU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.251.20.0/24
89.251.22.0/23
91.226.59.0/24
109.122.42.0-109.122.44.255
Signature Algorithm: sha256WithRSAEncryption
60:b6:64:b9:28:7c:08:2b:2a:c2:70:2c:6e:c5:a2:cf:e8:34:
fa:0f:b8:c7:e9:10:b3:f3:d0:f7:ce:40:0a:c9:9a:c4:85:f7:
79:56:3b:48:ed:71:42:db:71:8b:5a:ba:31:6b:c0:1a:fb:e6:
21:3a:cc:a5:79:c7:ce:43:05:5f:c0:c1:97:38:05:b9:2c:81:
2a:70:55:b0:a3:bf:2f:d7:69:76:ab:0f:19:9c:b9:e7:12:c2:
0d:6b:31:e7:29:25:09:da:7a:5b:54:a7:5a:b9:bb:c4:ce:69:
05:fb:0d:cf:cd:93:29:9d:27:83:14:dd:9e:74:0d:27:f4:5e:
ba:77:96:b0:bd:f3:d0:81:9b:d7:c4:ff:c8:62:23:2e:2a:43:
5b:1d:97:9a:ee:bb:e1:10:76:3a:8f:5a:74:bd:af:fa:49:52:
ad:01:f2:4f:a1:1e:3a:e3:e4:75:9b:f5:72:97:28:f4:15:55:
f3:b2:c5:7f:bc:60:99:9d:7e:37:f2:1e:1a:06:7c:04:f9:b9:
9c:dc:dc:2e:b8:3c:88:5a:61:75:1e:db:e3:1e:e3:1b:5d:26:
0b:a7:c5:71:2d:4e:da:73:bf:c5:48:9a:31:9d:8f:4e:47:0a:
39:46:27:ec:35:4c:b7:e7:06:2a:09:11:58:6f:c9:21:87:6d:
0c:52:0e:95
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYgs6DAWJUXuhAqLxIsKmZAPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjMwNTE4MDMyOTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OGE3Y2UxNzhjZTA5ZTFhNTczZmUzMWU4MWM4YTA1MTI3NDU3ZTA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh94myFGA8S0PegbNuC6xTJuNofBe
+b6/7vk0EC9shjJVJ9U1NvCSvHN8ntLvZMFty+s6M3gxxWkypylNZI/d+5QMy85f
TE6pWZa/8pv6INl5o2m9GOdLNiKPK2OuEt7Icv4U4S5pB83w6YYpqdHEwR423Uwi
iTr/ie46VQAohYSOW0G3edSrh1veRu6OjB8P8vcOPhmxcPaCn9xFJHjFdlgjZgjM
3tQ0mcNSu6WKFacZHMTTuz1c5iSyZZqeOf2j4g0wLjkVvOT7nCGxS/k1CQP/kaW8
OmgTQEkp92LrPbKUvm5y5bJFAdF+6lcT5yqqAHBVItqcQ65aubZGNNaySwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFGinzheM4J4aVz/jHoHIoFEnRX4FMB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvYUtmT0Y0emduaHBYUC1NZWdjaWdVU2RGZmdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAWfsUAwQB
WfsWAwQAW+I7MAwDBAFteioDBABteiwwDQYJKoZIhvcNAQELBQADggEBAGC2ZLko
fAgrKsJwLG7Fos/oNPoPuMfpELPz0PfOQArJmsSF93lWO0jtcULbcYtaujFrwBr7
5iE6zKV5x85DBV/AwZc4BbksgSpwVbCjvy/XaXarDxmcuecSwg1rMecpJQnaeltU
p1q5u8TOaQX7Dc/NkymdJ4MU3Z50DSf0Xrp3lrC989CBm9fE/8hiIy4qQ1sdl5ru
u+EQdjqPWnS9r/pJUq0B8k+hHjrj5HWb9XKXKPQVVfOyxX+8YJmdfjfyHhoGfAT5
uZzc3C64PIhaYXUe2+Me4xtdJgunxXEtTtpzv8VImjGdj05HCjlGJ+w1TLfnBioJ
EVhvySGHbQxSDpU=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:59 2023 by rpki-client on console-fra.rpki-client.org