Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/bKfqaS74Qft5UG7ln3b2If_ta2A.roa
File: bKfqaS74Qft5UG7ln3b2If_ta2A.roa (raw, json)
Hash identifier: Eu4mJqVl2HmzRkzOc1Eb40NDxQsgdade42l4vJXCiWo=
Subject key identifier: 6C:A7:EA:69:2E:F8:41:FB:79:50:6E:E5:9F:76:F6:21:FF:ED:6B:60
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 018CC794D59CBA441BC74FFE0C4EA086E12E
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/bKfqaS74Qft5UG7ln3b2If_ta2A.roa
Signing time: Tue 02 Jan 2024 00:31:09 +0000
ROA not before: Tue 02 Jan 2024 00:31:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25369
IP address blocks: 109.122.43.0/24 maxlen: 24
89.251.24.0/24 maxlen: 24
91.226.59.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 21 Aug 2024 09:12:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:d5:9c:ba:44:1b:c7:4f:fe:0c:4e:a0:86:e1:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Jan 2 00:31:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6ca7ea692ef841fb79506ee59f76f621ffed6b60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:fd:a3:b6:4f:cc:13:71:ce:54:24:76:13:25:
75:9d:d0:14:c9:60:02:08:4b:e1:0d:c9:53:c3:20:
b2:33:10:bb:8e:a3:b7:fa:93:a7:52:8a:34:00:06:
e5:66:24:8d:20:67:47:24:d8:22:92:ff:8f:6e:ba:
f8:4a:6d:1a:b5:5d:6b:2d:85:a8:48:17:c7:e2:cb:
b1:af:89:45:9c:74:d6:56:e7:37:ae:bc:ed:9b:17:
00:ab:71:fa:13:7f:70:cb:8f:ec:81:b7:f0:17:ad:
e4:23:df:eb:1f:56:09:00:03:4b:e5:40:a5:fe:41:
37:3d:ff:26:ba:4d:5f:2b:f3:10:d0:86:d5:0c:e6:
26:71:aa:4a:09:78:fd:04:78:66:5b:f2:24:ac:cd:
0b:36:06:85:87:94:4b:62:c4:f6:a7:c8:e0:d7:74:
47:71:db:cd:ee:25:5e:53:b5:ce:b4:6f:f8:1a:42:
54:63:6b:70:b8:65:bf:21:5c:c7:74:96:59:56:1c:
2a:f0:1a:8b:b9:44:fd:a5:d7:f0:44:43:5d:cc:d9:
a9:a1:60:f9:de:f2:eb:b2:f9:a5:ec:4b:06:2d:7e:
b3:81:53:43:02:b9:fd:a9:c0:27:e9:6d:53:0e:eb:
3f:cc:49:d3:3b:12:4d:a2:11:d4:c5:be:84:57:6d:
de:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:A7:EA:69:2E:F8:41:FB:79:50:6E:E5:9F:76:F6:21:FF:ED:6B:60
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/bKfqaS74Qft5UG7ln3b2If_ta2A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.251.24.0/24
91.226.59.0/24
109.122.43.0/24
Signature Algorithm: sha256WithRSAEncryption
35:16:50:8f:f7:30:16:e2:da:2b:f4:37:35:63:a2:e6:a9:79:
6c:c4:0e:35:07:c1:72:f1:d8:d4:49:ed:57:81:b5:49:51:4e:
3c:f9:a3:96:0e:cd:91:39:81:30:56:2a:36:b8:35:45:ca:b2:
77:10:3f:94:dd:4f:27:f6:2d:e8:06:91:36:6d:fb:4c:03:02:
91:97:de:3f:2b:be:95:b7:4c:40:20:2d:5d:2f:4f:2b:e6:cc:
2d:bd:04:ec:a9:f4:0e:88:73:12:09:00:7a:a8:50:92:af:93:
e8:73:e6:55:80:c4:e0:22:ca:af:d2:05:6d:7d:fa:78:aa:11:
c2:4d:d6:20:13:84:e9:64:c8:80:6d:c4:3b:a5:c2:3b:13:25:
7c:ec:a4:82:91:e6:16:8f:1e:5b:89:20:78:79:af:dd:15:66:
a6:e1:f3:c0:5e:d9:1c:83:73:3c:30:fb:4d:48:73:fe:74:b7:
80:fc:d5:d8:76:01:85:25:88:34:cc:85:dd:02:8d:09:b4:f7:
94:07:74:20:9e:72:ae:68:2f:41:4a:1c:35:e6:0e:77:f0:66:
c5:71:4b:af:9d:bd:f2:25:ee:75:0a:48:be:d1:61:aa:26:63:
31:8a:46:69:32:b2:70:6a:0e:57:c5:37:e7:19:30:5b:2c:54:
83:c7:23:3b
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzHlNWcukQbx0/+DE6ghuEuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjQwMTAyMDAzMTA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Y2E3ZWE2OTJlZjg0MWZiNzk1MDZlZTU5Zjc2ZjYyMWZmZWQ2YjYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2P2jtk/ME3HOVCR2EyV1ndAUyWAC
CEvhDclTwyCyMxC7jqO3+pOnUoo0AAblZiSNIGdHJNgikv+Pbrr4Sm0atV1rLYWo
SBfH4suxr4lFnHTWVuc3rrztmxcAq3H6E39wy4/sgbfwF63kI9/rH1YJAANL5UCl
/kE3Pf8muk1fK/MQ0IbVDOYmcapKCXj9BHhmW/IkrM0LNgaFh5RLYsT2p8jg13RH
cdvN7iVeU7XOtG/4GkJUY2twuGW/IVzHdJZZVhwq8BqLuUT9pdfwRENdzNmpoWD5
3vLrsvml7EsGLX6zgVNDArn9qcAn6W1TDus/zEnTOxJNohHUxb6EV23eCwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGyn6mku+EH7eVBu5Z929iH/7WtgMB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvYktmcWFTNzRRZnQ1VUc3bG4zYjJJZl90YTJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAWfsYAwQA
W+I7AwQAbXorMA0GCSqGSIb3DQEBCwUAA4IBAQA1FlCP9zAW4tor9Dc1Y6LmqXls
xA41B8Fy8djUSe1XgbVJUU48+aOWDs2ROYEwVio2uDVFyrJ3ED+U3U8n9i3oBpE2
bftMAwKRl94/K76Vt0xAIC1dL08r5swtvQTsqfQOiHMSCQB6qFCSr5Poc+ZVgMTg
Isqv0gVtffp4qhHCTdYgE4TpZMiAbcQ7pcI7EyV87KSCkeYWjx5biSB4ea/dFWam
4fPAXtkcg3M8MPtNSHP+dLeA/NXYdgGFJYg0zIXdAo0JtPeUB3QgnnKuaC9BShw1
5g538GbFcUuvnb3yJe51Cki+0WGqJmMxikZpMrJwag5XxTfnGTBbLFSDxyM7
-----END CERTIFICATE-----
Generated at Wed Aug 21 13:13:13 2024 by rpki-client on console-fra.rpki-client.org