Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/itHclJlUYfy03d6cuw8cn6IyDfg.roa
File: itHclJlUYfy03d6cuw8cn6IyDfg.roa (raw, json)
Hash identifier: JrvPjm0xbnbTqDb64EeH3l3WBseniRG4YBPnHu2V5RI=
Subject key identifier: 8A:D1:DC:94:99:54:61:FC:B4:DD:DE:9C:BB:0F:1C:9F:A2:32:0D:F8
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 0189976CF4E2A7613F397E379105D35DE1DB
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/itHclJlUYfy03d6cuw8cn6IyDfg.roa
Signing time: Thu 27 Jul 2023 12:57:27 +0000
ROA not before: Thu 27 Jul 2023 12:57:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 91.200.221.0/24 maxlen: 24
91.200.222.0/24 maxlen: 24
109.122.46.0/24 maxlen: 24
89.251.21.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 29 Jul 2023 11:45:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:97:6c:f4:e2:a7:61:3f:39:7e:37:91:05:d3:5d:e1:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Jul 27 12:57:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8ad1dc94995461fcb4ddde9cbb0f1c9fa2320df8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:09:54:7d:33:83:8b:3b:4d:94:3d:b9:0a:ef:
3f:44:4b:bf:83:3a:3a:c5:e1:55:a9:88:b8:10:fe:
1d:e4:1d:c8:1f:e8:c2:65:44:ad:e7:f2:bd:d1:40:
c8:73:b8:4d:8e:47:b3:15:12:e7:ed:d7:fe:8f:d3:
e6:13:9c:6d:45:35:cc:04:b3:c1:5d:fb:e3:ae:30:
54:f2:bc:c5:a6:6f:b1:20:15:d1:fe:3f:ce:8c:9c:
5c:08:7a:0d:00:a2:75:ce:cc:d6:a8:ee:5c:30:7b:
55:f7:01:d6:97:6f:e3:97:c3:f7:b1:af:58:57:54:
16:f1:24:a2:ed:44:a4:f3:3b:fa:50:53:88:72:7c:
e8:a0:bf:24:74:dd:46:20:22:63:56:e8:12:98:94:
ca:41:b4:77:f0:1f:fe:d9:55:a9:b0:c2:fe:c4:ed:
1b:43:3e:5e:9a:89:20:52:3f:b3:9f:ca:5a:a6:79:
36:6e:c8:95:ed:30:ac:79:fc:9b:46:84:13:0c:6f:
3a:08:ce:b6:45:47:f7:57:d4:66:6b:d6:6c:33:35:
8f:46:36:1c:04:d4:f1:55:8f:13:e8:2f:c9:ac:45:
94:2c:b0:e9:b1:de:d9:34:9b:71:7c:49:63:5d:a0:
1e:bf:61:a7:dd:fe:31:37:bc:b6:93:8e:13:39:04:
65:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:D1:DC:94:99:54:61:FC:B4:DD:DE:9C:BB:0F:1C:9F:A2:32:0D:F8
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/itHclJlUYfy03d6cuw8cn6IyDfg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.251.21.0/24
91.200.221.0-91.200.222.255
109.122.46.0/24
Signature Algorithm: sha256WithRSAEncryption
70:8d:2c:30:00:09:68:44:1c:f0:84:e3:28:37:20:1b:c8:01:
5c:b7:90:b1:d9:18:dd:6c:33:7c:43:4a:e4:4d:4c:5f:94:9f:
7f:83:43:19:30:52:d2:8b:72:aa:74:7e:eb:3e:99:cd:76:e6:
19:84:38:91:6f:0e:c7:92:ee:42:11:ca:51:8b:e5:c3:45:cc:
47:84:c2:05:f2:30:d9:4c:ce:ac:29:d3:e5:12:9b:62:6d:a7:
1b:4f:ff:22:e4:83:78:7a:95:e2:f3:13:4d:65:9f:06:2c:28:
8f:b5:03:c3:39:e0:8a:08:73:45:96:25:ea:c4:16:d4:c4:d2:
c1:a8:02:9b:52:0d:27:b9:a3:4a:df:8f:1e:a8:d0:53:4c:d9:
c9:64:17:10:35:7d:85:7c:3a:b0:79:c4:58:7f:df:e6:32:cf:
e1:58:77:4e:f0:10:e6:8c:25:e5:a2:ab:08:b1:0e:8b:5d:15:
13:fd:55:bf:8b:dc:be:b0:1e:ac:02:5c:a3:4f:b4:3f:6e:df:
ef:2a:1e:29:f7:70:b9:76:00:1a:77:bf:30:0f:ba:07:2f:52:
b0:d4:84:70:16:5e:3f:8e:f0:4b:46:c7:0f:ca:34:7a:b0:f2:
67:5e:83:be:93:3a:5d:b8:8a:fb:53:14:34:17:fd:44:08:87:
22:49:6a:5a
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYmXbPTip2E/OX43kQXTXeHbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjMwNzI3MTI1NzI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YWQxZGM5NDk5NTQ2MWZjYjRkZGRlOWNiYjBmMWM5ZmEyMzIwZGY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4AlUfTODiztNlD25Cu8/REu/gzo6
xeFVqYi4EP4d5B3IH+jCZUSt5/K90UDIc7hNjkezFRLn7df+j9PmE5xtRTXMBLPB
XfvjrjBU8rzFpm+xIBXR/j/OjJxcCHoNAKJ1zszWqO5cMHtV9wHWl2/jl8P3sa9Y
V1QW8SSi7USk8zv6UFOIcnzooL8kdN1GICJjVugSmJTKQbR38B/+2VWpsML+xO0b
Qz5emokgUj+zn8papnk2bsiV7TCsefybRoQTDG86CM62RUf3V9Rma9ZsMzWPRjYc
BNTxVY8T6C/JrEWULLDpsd7ZNJtxfEljXaAev2Gn3f4xN7y2k44TOQRl/QIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFIrR3JSZVGH8tN3enLsPHJ+iMg34MB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvaXRIY2xKbFVZZnkwM2Q2Y3V3OGNuNkl5RGZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAWfsVMAwD
BABbyN0DBABbyN4DBABtei4wDQYJKoZIhvcNAQELBQADggEBAHCNLDAACWhEHPCE
4yg3IBvIAVy3kLHZGN1sM3xDSuRNTF+Un3+DQxkwUtKLcqp0fus+mc125hmEOJFv
DseS7kIRylGL5cNFzEeEwgXyMNlMzqwp0+USm2JtpxtP/yLkg3h6leLzE01lnwYs
KI+1A8M54IoIc0WWJerEFtTE0sGoAptSDSe5o0rfjx6o0FNM2clkFxA1fYV8OrB5
xFh/3+Yyz+FYd07wEOaMJeWiqwixDotdFRP9Vb+L3L6wHqwCXKNPtD9u3+8qHin3
cLl2ABp3vzAPugcvUrDUhHAWXj+O8EtGxw/KNHqw8mdeg76TOl24ivtTFDQX/UQI
hyJJalo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:37 2024 by rpki-client on console-fra.rpki-client.org