Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/ciXRKNjEUrsYNUnraAKgyOOXOZs.roa
File: ciXRKNjEUrsYNUnraAKgyOOXOZs.roa (raw, json)
Hash identifier: yaPfSyiX4g7Hf9NbgLG3V+71rmpHdcz+s6SEVB9Cm5o=
Subject key identifier: 72:25:D1:28:D8:C4:52:BB:18:35:49:EB:68:02:A0:C8:E3:97:39:9B
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 018CC794D6541B15FE3B7F3C19ABD8341BE0
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/ciXRKNjEUrsYNUnraAKgyOOXOZs.roa
Signing time: Tue 02 Jan 2024 00:31:09 +0000
ROA not before: Tue 02 Jan 2024 00:31:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60446
IP address blocks: 89.251.16.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:15:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:d6:54:1b:15:fe:3b:7f:3c:19:ab:d8:34:1b:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Jan 2 00:31:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7225d128d8c452bb183549eb6802a0c8e397399b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:9d:a4:ce:c7:1b:d3:c3:f5:5b:c6:0a:e5:7b:
3a:98:33:30:9f:0f:82:03:8a:f7:17:e0:c6:70:73:
62:74:65:56:36:17:cb:e0:f0:29:af:fd:39:ab:26:
95:18:2d:8c:48:10:58:ab:43:90:4c:5f:b4:1d:97:
f2:ea:82:10:d8:d5:61:dd:5f:4a:92:bb:ca:8a:17:
a1:a7:a3:a9:39:2a:a0:23:e0:96:27:95:62:91:cd:
98:a9:97:1b:30:a8:d8:b8:27:da:a3:53:78:a8:f2:
8d:ec:38:1b:1c:94:fd:6f:99:aa:f9:7c:45:1c:df:
60:2e:cb:b9:b1:e9:86:a7:93:68:f1:40:a7:a4:16:
7a:c3:42:23:bd:04:ef:43:54:7e:0a:9e:3b:1c:a3:
d3:a2:34:f1:b9:39:b0:30:f3:3f:8e:a7:24:06:78:
5a:8d:fd:35:65:05:20:9b:b4:6c:11:e4:26:ba:26:
19:22:56:35:cc:01:c2:5c:cb:54:d5:7b:85:bb:57:
9c:75:78:ea:10:df:2b:78:02:45:31:b0:01:d6:07:
f0:26:f1:e4:2b:c7:d9:8e:86:0b:e1:42:2b:21:a0:
13:ca:07:3a:15:76:3e:39:dc:06:97:93:5b:83:3a:
77:24:24:22:2a:91:c3:f4:c7:94:c7:9c:40:cd:6d:
a6:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:25:D1:28:D8:C4:52:BB:18:35:49:EB:68:02:A0:C8:E3:97:39:9B
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/ciXRKNjEUrsYNUnraAKgyOOXOZs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.251.16.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:78:ec:74:ce:8f:d4:df:62:e2:d0:54:10:9e:7e:c5:a3:cf:
16:7d:e1:19:15:a9:71:1c:79:e6:3c:18:3c:49:b9:38:32:cd:
d9:0d:5f:fb:56:a5:cc:1c:89:81:99:a8:fa:17:a2:96:17:6b:
b9:33:bb:95:6d:dc:d0:9e:a5:2f:4e:33:82:72:cf:99:7d:2b:
16:ea:5e:fb:82:8d:a1:63:84:a4:80:43:d5:db:23:b5:c1:4d:
a6:2c:e2:cb:2a:01:50:b3:81:ea:83:44:b5:59:53:1e:69:37:
3f:fa:fb:fb:d0:a5:74:d2:c2:e3:0c:69:61:d0:d0:29:91:7b:
fe:70:98:e1:99:5e:21:ec:58:b0:8a:19:6d:05:da:a3:b8:01:
dc:00:c2:cd:df:56:40:0b:cc:e1:2e:c5:1f:81:0f:2e:36:28:
32:4b:a5:dc:9f:8e:76:32:f2:f2:2e:4a:1c:ca:02:59:1f:13:
aa:32:e6:b1:c7:d8:95:b8:02:37:ef:7a:67:a5:60:95:23:a7:
31:d1:49:fc:e4:57:2d:68:33:ad:76:70:6e:9a:f8:06:d3:13:
bd:23:b6:2e:0a:52:2f:97:60:8f:da:9b:21:90:eb:29:22:2a:
b8:87:17:ed:03:56:66:37:70:78:72:2d:02:04:ba:1a:21:6b:
b3:4c:8b:4d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHlNZUGxX+O388GavYNBvgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjQwMTAyMDAzMTA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjI1ZDEyOGQ4YzQ1MmJiMTgzNTQ5ZWI2ODAyYTBjOGUzOTczOTliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmZ2kzscb08P1W8YK5Xs6mDMwnw+C
A4r3F+DGcHNidGVWNhfL4PApr/05qyaVGC2MSBBYq0OQTF+0HZfy6oIQ2NVh3V9K
krvKihehp6OpOSqgI+CWJ5Vikc2YqZcbMKjYuCfao1N4qPKN7DgbHJT9b5mq+XxF
HN9gLsu5semGp5No8UCnpBZ6w0IjvQTvQ1R+Cp47HKPTojTxuTmwMPM/jqckBnha
jf01ZQUgm7RsEeQmuiYZIlY1zAHCXMtU1XuFu1ecdXjqEN8reAJFMbAB1gfwJvHk
K8fZjoYL4UIrIaATygc6FXY+OdwGl5Nbgzp3JCQiKpHD9MeUx5xAzW2mZwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHIl0SjYxFK7GDVJ62gCoMjjlzmbMB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvY2lYUktOakVVcnNZTlVucmFBS2d5T09YT1pzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWfsQMA0G
CSqGSIb3DQEBCwUAA4IBAQCKeOx0zo/U32Li0FQQnn7Fo88WfeEZFalxHHnmPBg8
Sbk4Ms3ZDV/7VqXMHImBmaj6F6KWF2u5M7uVbdzQnqUvTjOCcs+ZfSsW6l77go2h
Y4SkgEPV2yO1wU2mLOLLKgFQs4Hqg0S1WVMeaTc/+vv70KV00sLjDGlh0NApkXv+
cJjhmV4h7FiwihltBdqjuAHcAMLN31ZAC8zhLsUfgQ8uNigyS6Xcn452MvLyLkoc
ygJZHxOqMuaxx9iVuAI373pnpWCVI6cx0Un85FctaDOtdnBumvgG0xO9I7YuClIv
l2CP2pshkOspIiq4hxftA1ZmN3B4ci0CBLoaIWuzTItN
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:06 2024 by rpki-client on console-ams.rpki-client.org