Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/m0Aht_crffiz8p3SblAXcDQPDSk.roa
File: m0Aht_crffiz8p3SblAXcDQPDSk.roa (raw, json)
Hash identifier: gpXUmyzW8rZLl5RxWt1gCuPcc1GblHi7fizZrIbdcJQ=
Subject key identifier: 9B:40:21:B7:F7:2B:7D:F8:B3:F2:9D:D2:6E:50:17:70:34:0F:0D:29
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 0190BB7F83D13F3172FD3D43D7F6341951F1
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/m0Aht_crffiz8p3SblAXcDQPDSk.roa
Signing time: Tue 16 Jul 2024 12:23:34 +0000
ROA not before: Tue 16 Jul 2024 12:23:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 89.251.26.0/24 maxlen: 24
109.122.46.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 16 Jul 2024 21:24:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:bb:7f:83:d1:3f:31:72:fd:3d:43:d7:f6:34:19:51:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Jul 16 12:23:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9b4021b7f72b7df8b3f29dd26e501770340f0d29
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:c3:f4:3e:2a:dd:bf:c5:d9:19:77:fa:22:9c:
f6:3c:29:59:87:43:86:18:07:5b:f3:55:37:3d:4a:
63:a2:3d:83:37:c5:6f:f4:60:4b:94:93:64:ca:23:
f5:77:a1:0a:df:24:90:e7:08:60:ba:9e:80:3d:fe:
54:7e:ee:b2:19:fb:f2:c8:1f:cd:5c:b9:56:d0:23:
d9:36:59:4c:0b:1c:3c:3f:79:f6:52:62:6f:29:63:
28:98:d5:56:d6:16:e9:79:9d:6d:f8:bd:f6:42:ac:
1a:38:3e:a1:4c:84:4e:c9:f3:90:96:77:bd:3a:29:
87:97:36:00:78:c2:0b:fb:59:11:5b:02:fb:77:d3:
bc:45:ef:7b:79:71:cc:be:2b:39:87:a9:74:d0:79:
5f:b8:39:67:a4:c0:aa:de:4d:b4:48:2d:35:49:7d:
66:3a:75:90:91:de:ac:51:16:e2:9a:ba:b7:c0:01:
c9:d6:cf:44:1e:c5:19:af:51:16:93:a3:8b:72:d6:
54:9a:da:8c:74:13:22:67:d4:11:79:14:ea:3c:53:
23:10:92:0e:a8:db:d9:51:9b:42:7e:20:fd:72:53:
b0:e7:bb:72:84:31:d6:09:f7:e6:d8:1a:85:9e:b0:
bf:37:2c:ec:2e:bc:ca:21:ca:a3:a7:0d:aa:ef:81:
aa:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:40:21:B7:F7:2B:7D:F8:B3:F2:9D:D2:6E:50:17:70:34:0F:0D:29
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/m0Aht_crffiz8p3SblAXcDQPDSk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.251.26.0/24
109.122.46.0/24
Signature Algorithm: sha256WithRSAEncryption
50:ef:9b:c8:74:20:cd:c2:6f:63:fb:82:59:94:22:ad:84:63:
7b:15:e4:26:cc:8f:3a:ad:e1:c6:33:3a:cc:0f:d5:dd:b7:d0:
b0:76:aa:c6:55:b8:00:38:74:6b:53:43:04:a3:55:fe:dd:c3:
a0:5b:e7:14:31:38:c8:ba:eb:ec:bc:72:63:cb:67:6a:8c:2a:
d2:54:2f:26:00:a2:4d:ad:1d:93:7d:4c:d8:0a:9e:ff:ee:30:
a0:26:da:43:4a:ec:97:6e:4a:21:3f:c8:f6:ec:02:22:eb:30:
21:75:48:8e:f8:0d:86:c0:45:61:0f:c4:15:f5:36:1e:eb:74:
ee:52:58:e3:33:54:ce:9e:e1:e6:58:94:05:5e:89:f6:fe:2d:
5f:94:ed:ff:e2:34:d0:2f:34:02:ce:89:9d:5e:02:f0:85:81:
d9:af:05:35:8b:72:11:e9:37:b6:4e:d6:b1:d9:d9:ac:91:d4:
fb:23:0d:67:1e:3a:0b:76:a8:94:39:85:b4:96:6e:0b:91:d4:
60:b8:39:2a:2b:34:8c:d9:30:1e:b9:ee:c9:52:bb:66:61:5c:
fb:a3:f9:a7:ed:82:8e:34:80:d1:3d:de:e5:e9:ae:2d:99:d1:
b2:69:d7:0a:b6:e6:7c:89:f7:1f:74:12:c1:a7:dd:ec:3a:3c:
51:4c:e3:83
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZC7f4PRPzFy/T1D1/Y0GVHxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjQwNzE2MTIyMzM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YjQwMjFiN2Y3MmI3ZGY4YjNmMjlkZDI2ZTUwMTc3MDM0MGYwZDI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqMP0Pirdv8XZGXf6Ipz2PClZh0OG
GAdb81U3PUpjoj2DN8Vv9GBLlJNkyiP1d6EK3ySQ5whgup6APf5Ufu6yGfvyyB/N
XLlW0CPZNllMCxw8P3n2UmJvKWMomNVW1hbpeZ1t+L32QqwaOD6hTIROyfOQlne9
OimHlzYAeMIL+1kRWwL7d9O8Re97eXHMvis5h6l00HlfuDlnpMCq3k20SC01SX1m
OnWQkd6sURbimrq3wAHJ1s9EHsUZr1EWk6OLctZUmtqMdBMiZ9QReRTqPFMjEJIO
qNvZUZtCfiD9clOw57tyhDHWCffm2BqFnrC/NyzsLrzKIcqjpw2q74Gq0QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJtAIbf3K334s/Kd0m5QF3A0Dw0pMB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvbTBBaHRfY3JmZml6OHAzU2JsQVhjRFFQRFNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWfsaAwQA
bXouMA0GCSqGSIb3DQEBCwUAA4IBAQBQ75vIdCDNwm9j+4JZlCKthGN7FeQmzI86
reHGMzrMD9Xdt9CwdqrGVbgAOHRrU0MEo1X+3cOgW+cUMTjIuuvsvHJjy2dqjCrS
VC8mAKJNrR2TfUzYCp7/7jCgJtpDSuyXbkohP8j27AIi6zAhdUiO+A2GwEVhD8QV
9TYe63TuUljjM1TOnuHmWJQFXon2/i1flO3/4jTQLzQCzomdXgLwhYHZrwU1i3IR
6Te2Ttax2dmskdT7Iw1nHjoLdqiUOYW0lm4LkdRguDkqKzSM2TAeue7JUrtmYVz7
o/mn7YKONIDRPd7l6a4tmdGyadcKtuZ8ifcfdBLBp93sOjxRTOOD
-----END CERTIFICATE-----
Generated at Tue Jul 16 23:30:17 2024 by rpki-client on console-ams.rpki-client.org