Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/bZdae0wPtECuicM4uXBP3EBeaVM.roa
File: bZdae0wPtECuicM4uXBP3EBeaVM.roa (raw, json)
Hash identifier: aQZzppU4mE/RrQrUaidWCgDg0QLis8jfBS13504J9Zo=
Subject key identifier: 6D:97:5A:7B:4C:0F:B4:40:AE:89:C3:38:B9:70:4F:DC:40:5E:69:53
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 018CC794D7D0267BE67F0FD1DDCD9CC9F280
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/bZdae0wPtECuicM4uXBP3EBeaVM.roa
Signing time: Tue 02 Jan 2024 00:31:09 +0000
ROA not before: Tue 02 Jan 2024 00:31:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197789
IP address blocks: 89.251.16.0/24 maxlen: 24
89.251.19.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:14:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:d7:d0:26:7b:e6:7f:0f:d1:dd:cd:9c:c9:f2:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Jan 2 00:31:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6d975a7b4c0fb440ae89c338b9704fdc405e6953
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:06:40:75:75:30:57:eb:60:64:12:c9:ea:25:
bb:6d:70:fa:d5:08:49:0c:54:53:06:57:af:f5:ea:
a2:05:7f:57:ec:59:c0:35:68:5f:7a:2c:0a:46:d0:
81:6e:b4:4d:c9:b8:ef:c3:73:54:11:d2:bd:d8:66:
bb:cb:2a:37:0d:60:09:4c:09:b4:31:f2:de:34:44:
15:d5:87:5f:ac:c6:1a:df:dd:85:cf:86:41:99:e2:
61:34:ba:c2:ae:7b:eb:1a:d7:01:ad:04:a4:bc:e4:
fe:55:54:2d:15:f2:37:f1:4a:80:e2:ba:3a:cc:62:
c4:77:85:7f:f1:61:b1:b2:7a:48:a8:3b:89:fe:ab:
d4:9b:0f:68:d1:1b:2d:5b:96:53:4a:74:8d:e9:83:
d4:8d:e0:c8:fd:95:fd:c5:c2:a1:74:c0:de:ae:b3:
3a:d8:cd:ce:cd:22:2b:1d:d7:01:df:57:6b:df:7e:
77:d8:d5:83:37:3d:ce:0a:bc:53:cd:c1:46:2c:de:
9b:42:60:90:88:a9:e0:70:4b:01:b6:9d:b3:9b:19:
50:7e:cb:ea:37:2f:1a:37:6b:5a:10:39:1c:7b:8d:
a6:4e:ca:5f:09:2c:2f:03:c0:aa:ea:76:01:67:77:
45:c5:72:af:47:52:72:50:9d:09:8a:3c:0a:82:79:
57:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:97:5A:7B:4C:0F:B4:40:AE:89:C3:38:B9:70:4F:DC:40:5E:69:53
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/bZdae0wPtECuicM4uXBP3EBeaVM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.251.16.0/24
89.251.19.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:2d:91:6e:42:ed:fa:91:2b:d5:b5:38:be:00:87:7c:2a:ec:
27:4f:d6:5c:27:9d:c2:53:f6:e2:96:bc:a0:9b:7a:3c:75:87:
04:ec:45:52:41:b4:ad:92:e7:e6:29:83:e7:ed:a8:2e:f7:27:
62:db:ea:f1:82:e1:5f:9a:9c:68:42:43:cd:4f:07:05:63:22:
96:30:bf:b4:a4:35:14:7c:5f:83:d6:74:e5:5c:71:07:ae:c6:
50:0d:63:48:e1:da:17:3f:44:5b:54:b6:cf:93:6c:09:7f:df:
a5:ef:8e:01:59:6a:3e:2d:9b:3d:32:a8:d1:a0:a1:23:6f:b3:
3a:3f:53:03:ed:a0:80:de:db:72:5b:c2:71:d4:89:b5:af:ac:
11:ca:8d:b5:ce:63:c6:e3:21:e8:ff:8d:03:1e:94:2f:d3:e3:
d3:62:99:85:92:1d:ea:38:f6:6c:4f:d1:ae:73:61:dd:0a:c2:
68:63:57:da:d6:ff:cb:44:6c:08:05:c5:0e:61:a1:14:e3:7d:
32:22:6b:d0:a4:23:c4:cb:35:8a:1b:73:ba:53:88:79:e9:ad:
20:37:ae:da:10:cc:be:57:23:18:3e:6f:bf:3a:72:0b:eb:59:
56:73:27:4a:fd:bb:34:12:11:6c:34:53:c5:91:d3:03:c3:29:
e9:94:32:ce
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzHlNfQJnvmfw/R3c2cyfKAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjQwMTAyMDAzMTA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDk3NWE3YjRjMGZiNDQwYWU4OWMzMzhiOTcwNGZkYzQwNWU2OTUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkgZAdXUwV+tgZBLJ6iW7bXD61QhJ
DFRTBlev9eqiBX9X7FnANWhfeiwKRtCBbrRNybjvw3NUEdK92Ga7yyo3DWAJTAm0
MfLeNEQV1YdfrMYa392Fz4ZBmeJhNLrCrnvrGtcBrQSkvOT+VVQtFfI38UqA4ro6
zGLEd4V/8WGxsnpIqDuJ/qvUmw9o0RstW5ZTSnSN6YPUjeDI/ZX9xcKhdMDerrM6
2M3OzSIrHdcB31dr33532NWDNz3OCrxTzcFGLN6bQmCQiKngcEsBtp2zmxlQfsvq
Ny8aN2taEDkce42mTspfCSwvA8Cq6nYBZ3dFxXKvR1JyUJ0JijwKgnlXOwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFG2XWntMD7RAronDOLlwT9xAXmlTMB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvYlpkYWUwd1B0RUN1aWNNNHVYQlAzRUJlYVZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWfsQAwQA
WfsTMA0GCSqGSIb3DQEBCwUAA4IBAQA+LZFuQu36kSvVtTi+AId8KuwnT9ZcJ53C
U/bilrygm3o8dYcE7EVSQbStkufmKYPn7agu9ydi2+rxguFfmpxoQkPNTwcFYyKW
ML+0pDUUfF+D1nTlXHEHrsZQDWNI4doXP0RbVLbPk2wJf9+l744BWWo+LZs9MqjR
oKEjb7M6P1MD7aCA3ttyW8Jx1Im1r6wRyo21zmPG4yHo/40DHpQv0+PTYpmFkh3q
OPZsT9Guc2HdCsJoY1fa1v/LRGwIBcUOYaEU430yImvQpCPEyzWKG3O6U4h56a0g
N67aEMy+VyMYPm+/OnIL61lWcydK/bs0EhFsNFPFkdMDwynplDLO
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:06 2024 by rpki-client on console-ams.rpki-client.org