Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/hcoqZk4Q-oKBrNSuu6TvBtX1Q1k.roa
File: hcoqZk4Q-oKBrNSuu6TvBtX1Q1k.roa (raw, json)
Hash identifier: wjECY0Ted9/iPG7GznQRUz3ZSEopNir7eKf92qdTuK8=
Subject key identifier: 85:CA:2A:66:4E:10:FA:82:81:AC:D4:AE:BB:A4:EF:06:D5:F5:43:59
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 018C7BA65114EC0DA81B51AA1C73C9D42E01
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/hcoqZk4Q-oKBrNSuu6TvBtX1Q1k.roa
Signing time: Mon 18 Dec 2023 06:39:06 +0000
ROA not before: Mon 18 Dec 2023 06:39:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25369
IP address blocks: 109.122.43.0/24 maxlen: 24
89.251.24.0/24 maxlen: 24
91.226.59.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:31:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:7b:a6:51:14:ec:0d:a8:1b:51:aa:1c:73:c9:d4:2e:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Dec 18 06:39:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=85ca2a664e10fa8281acd4aebba4ef06d5f54359
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:88:25:40:4c:9b:dd:a2:85:e9:54:fc:a8:c8:
ca:b8:33:94:91:5a:98:1b:62:42:28:17:91:3a:56:
80:06:57:9e:9a:1e:1d:06:ec:b3:7a:29:1b:35:63:
a2:c0:46:58:ac:e8:48:2e:95:4c:63:18:10:24:53:
68:5e:2f:80:66:15:41:27:6f:0b:9c:ae:83:96:53:
e2:a0:be:be:58:92:5b:9f:b2:9c:37:2a:7c:03:7c:
06:85:27:b1:e4:23:69:31:c7:d8:fc:9a:9d:9e:62:
c5:19:d9:d5:d3:e5:fa:76:ea:9b:67:96:e4:8e:bb:
e1:ea:df:64:9c:3a:28:1b:ab:dc:fe:82:96:e1:25:
81:5b:67:4f:c6:18:31:81:7f:20:11:8d:e3:e7:d5:
c1:f1:bd:ad:c7:fd:f8:99:c8:a2:ec:d2:90:3d:84:
83:63:ec:a5:c4:f4:9c:c5:08:4d:46:18:45:1f:59:
c5:f5:33:45:43:16:48:1b:0e:10:45:16:4a:8c:50:
d3:1d:06:82:12:79:8b:b4:91:46:6c:2a:b0:2e:7a:
18:7b:e1:e8:80:c6:ee:ff:72:41:ae:af:b0:33:66:
e8:c0:d8:0c:16:d6:fc:58:c3:55:69:ee:cc:4a:c0:
be:7f:12:59:98:46:c9:a5:f6:61:6c:67:11:b0:d9:
c7:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:CA:2A:66:4E:10:FA:82:81:AC:D4:AE:BB:A4:EF:06:D5:F5:43:59
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/hcoqZk4Q-oKBrNSuu6TvBtX1Q1k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.251.24.0/24
91.226.59.0/24
109.122.43.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:21:d6:cd:01:aa:6d:80:d7:11:00:a3:57:c9:f8:d5:95:01:
5a:41:46:1d:d8:44:45:eb:3e:4c:40:79:34:48:53:1a:4d:4e:
3f:f9:e7:a0:e3:bf:7b:5f:0f:d6:fe:24:3e:5c:10:0a:cf:ac:
ce:ea:27:6f:36:98:fe:40:bf:4c:cc:e7:b4:d5:2b:2b:3b:e8:
a8:05:01:5b:e7:a1:34:1e:70:b7:15:3c:16:7a:3d:39:92:16:
8c:7d:b6:2a:71:15:20:bc:37:58:52:19:66:75:b6:90:37:0a:
85:35:32:1a:ce:9f:80:91:87:48:4a:76:44:b4:33:c4:6f:d7:
ec:2e:ab:67:e9:6e:43:c0:53:3e:ac:9c:7b:7b:ba:65:a6:5c:
7d:2a:da:7c:ad:0d:5a:bf:83:4c:57:7f:42:28:e1:ec:9a:3f:
48:d3:c6:24:94:af:c2:14:8c:1c:98:94:c9:e5:da:17:67:3c:
fb:bc:75:73:ef:71:6a:a9:bf:76:3d:b0:ca:09:3f:be:0d:d2:
b6:f2:ef:d6:8e:6b:54:a2:b6:b1:82:6b:53:ab:52:19:ac:d6:
61:67:58:09:2b:0a:f3:c4:76:29:14:4b:61:25:26:31:7b:be:
3a:c4:27:af:3d:c2:87:4c:90:17:b0:23:b6:f8:21:46:2a:51:
7b:89:63:66
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYx7plEU7A2oG1GqHHPJ1C4BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjMxMjE4MDYzOTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NWNhMmE2NjRlMTBmYTgyODFhY2Q0YWViYmE0ZWYwNmQ1ZjU0MzU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi4glQEyb3aKF6VT8qMjKuDOUkVqY
G2JCKBeROlaABleemh4dBuyzeikbNWOiwEZYrOhILpVMYxgQJFNoXi+AZhVBJ28L
nK6DllPioL6+WJJbn7KcNyp8A3wGhSex5CNpMcfY/JqdnmLFGdnV0+X6duqbZ5bk
jrvh6t9knDooG6vc/oKW4SWBW2dPxhgxgX8gEY3j59XB8b2tx/34mcii7NKQPYSD
Y+ylxPScxQhNRhhFH1nF9TNFQxZIGw4QRRZKjFDTHQaCEnmLtJFGbCqwLnoYe+Ho
gMbu/3JBrq+wM2bowNgMFtb8WMNVae7MSsC+fxJZmEbJpfZhbGcRsNnH1QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIXKKmZOEPqCgazUrruk7wbV9UNZMB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvaGNvcVprNFEtb0tCck5TdXU2VHZCdFgxUTFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAWfsYAwQA
W+I7AwQAbXorMA0GCSqGSIb3DQEBCwUAA4IBAQBdIdbNAaptgNcRAKNXyfjVlQFa
QUYd2ERF6z5MQHk0SFMaTU4/+eeg4797Xw/W/iQ+XBAKz6zO6idvNpj+QL9MzOe0
1SsrO+ioBQFb56E0HnC3FTwWej05khaMfbYqcRUgvDdYUhlmdbaQNwqFNTIazp+A
kYdISnZEtDPEb9fsLqtn6W5DwFM+rJx7e7plplx9Ktp8rQ1av4NMV39CKOHsmj9I
08YklK/CFIwcmJTJ5doXZzz7vHVz73Fqqb92PbDKCT++DdK28u/WjmtUoraxgmtT
q1IZrNZhZ1gJKwrzxHYpFEthJSYxe746xCevPcKHTJAXsCO2+CFGKlF7iWNm
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:37 2024 by rpki-client on console-fra.rpki-client.org