Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/n-EWU2ZjUpBMR2rf3fx7fBab2c4.roa
File: n-EWU2ZjUpBMR2rf3fx7fBab2c4.roa (raw, json)
Hash identifier: FvUefhYMDIPSyNf73UD7NZYQPivSN3pnFwWqDmHr19w=
Subject key identifier: 9F:E1:16:53:66:63:52:90:4C:47:6A:DF:DD:FC:7B:7C:16:9B:D9:CE
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 018CC794D76F587A5960580932E0F65FA600
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/n-EWU2ZjUpBMR2rf3fx7fBab2c4.roa
Signing time: Tue 02 Jan 2024 00:31:09 +0000
ROA not before: Tue 02 Jan 2024 00:31:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61317
IP address blocks: 146.19.56.0/24 maxlen: 24
109.122.44.0/24 maxlen: 24
109.122.40.0/24 maxlen: 24
89.251.18.0/24 maxlen: 24
89.251.23.0/24 maxlen: 24
89.251.22.0/24 maxlen: 24
89.251.20.0/24 maxlen: 24
89.251.31.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 16 Jan 2024 10:14:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:d7:6f:58:7a:59:60:58:09:32:e0:f6:5f:a6:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Jan 2 00:31:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9fe11653666352904c476adfddfc7b7c169bd9ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:20:36:74:35:ca:c4:76:4a:26:2f:1d:40:c5:
72:47:08:42:bc:9d:29:62:24:0b:e0:27:f7:b7:06:
2d:b7:a2:11:49:cd:c3:36:5e:9f:e1:e5:f7:23:a8:
82:2c:63:9f:94:35:b0:8d:8b:aa:4b:f8:30:a0:f0:
b2:a0:5e:68:27:c3:1d:ae:d7:99:ee:08:fd:b9:8d:
09:42:e9:62:43:42:82:cf:44:32:ea:76:71:9e:a3:
01:07:9b:fe:13:0e:ff:49:f6:79:80:ee:41:ae:4d:
b3:77:08:0f:a8:cb:53:8e:9f:30:f1:79:e7:ae:77:
3c:ff:26:af:f7:b1:0e:91:0e:26:4e:05:9f:b1:4f:
5d:13:0d:58:14:ab:59:f6:b2:0a:6e:45:7e:80:13:
52:a0:cc:e2:72:e5:2f:f4:fa:c4:01:79:a9:bb:61:
c1:6c:ee:81:f6:db:95:b9:e9:42:32:e8:32:2a:bc:
f5:84:94:64:96:f2:26:57:e0:d8:25:0b:c4:72:b6:
c9:db:91:ff:7a:10:78:e7:88:8f:8f:d9:77:2e:54:
b5:9e:8e:5e:60:90:8e:32:94:00:ff:81:90:d7:b5:
6b:4d:0c:e0:04:37:02:70:51:2c:fa:40:a1:97:53:
bc:62:c1:9e:d3:83:6b:9b:1d:c1:0d:fd:c4:e3:39:
5c:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:E1:16:53:66:63:52:90:4C:47:6A:DF:DD:FC:7B:7C:16:9B:D9:CE
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/n-EWU2ZjUpBMR2rf3fx7fBab2c4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.251.18.0/24
89.251.20.0/24
89.251.22.0/23
89.251.31.0/24
109.122.40.0/24
109.122.44.0/24
146.19.56.0/24
Signature Algorithm: sha256WithRSAEncryption
86:ea:c2:2e:f7:03:73:a6:23:28:88:a5:d4:d9:8c:15:fa:0a:
1e:dc:53:ad:84:57:fe:f4:f6:7e:3d:f0:be:6f:ba:7d:0f:1a:
08:8f:e5:b1:07:83:f6:36:36:2e:04:f6:ac:0d:55:cc:3f:88:
27:b4:31:c6:8d:df:28:51:93:c1:28:0b:d2:5e:ed:b4:05:26:
f1:b4:b3:d4:b3:b3:65:be:85:6d:54:c1:c4:06:e0:0d:67:fd:
7b:b3:07:b2:8b:94:d7:34:41:3d:12:88:64:f9:82:54:10:93:
3e:f0:8c:ef:4d:89:04:51:80:18:38:0e:63:a0:eb:fe:fb:a3:
be:1b:67:43:2f:bd:e8:2b:77:9b:49:77:7b:d6:db:8d:26:d0:
f1:bd:b8:aa:f3:e7:fd:df:5d:85:aa:1f:27:37:ec:3b:86:ad:
75:bc:37:a2:95:f7:66:5c:28:c4:b6:cd:ea:48:3c:7d:0a:89:
77:7d:bc:9f:92:ac:29:ae:81:70:f1:fa:06:e2:69:42:53:a6:
63:2e:2f:b4:1c:e3:0f:b6:47:99:78:26:65:94:f8:e8:f9:bb:
45:f5:6d:11:7d:8f:dd:ee:f1:83:93:93:c8:ae:a2:c0:0d:2d:
61:a0:f1:dd:38:c1:29:e8:41:76:17:6c:4c:34:63:d7:33:0e:
d0:c8:33:32
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYzHlNdvWHpZYFgJMuD2X6YAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjQwMTAyMDAzMTA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZmUxMTY1MzY2NjM1MjkwNGM0NzZhZGZkZGZjN2I3YzE2OWJkOWNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjyA2dDXKxHZKJi8dQMVyRwhCvJ0p
YiQL4Cf3twYtt6IRSc3DNl6f4eX3I6iCLGOflDWwjYuqS/gwoPCyoF5oJ8MdrteZ
7gj9uY0JQuliQ0KCz0Qy6nZxnqMBB5v+Ew7/SfZ5gO5Brk2zdwgPqMtTjp8w8Xnn
rnc8/yav97EOkQ4mTgWfsU9dEw1YFKtZ9rIKbkV+gBNSoMzicuUv9PrEAXmpu2HB
bO6B9tuVuelCMugyKrz1hJRklvImV+DYJQvEcrbJ25H/ehB454iPj9l3LlS1no5e
YJCOMpQA/4GQ17VrTQzgBDcCcFEs+kChl1O8YsGe04Nrmx3BDf3E4zlcEwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFJ/hFlNmY1KQTEdq3938e3wWm9nOMB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvbi1FV1UyWmpVcEJNUjJyZjNmeDdmQmFiMmM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAWfsSAwQA
WfsUAwQBWfsWAwQAWfsfAwQAbXooAwQAbXosAwQAkhM4MA0GCSqGSIb3DQEBCwUA
A4IBAQCG6sIu9wNzpiMoiKXU2YwV+goe3FOthFf+9PZ+PfC+b7p9DxoIj+WxB4P2
NjYuBPasDVXMP4gntDHGjd8oUZPBKAvSXu20BSbxtLPUs7NlvoVtVMHEBuANZ/17
sweyi5TXNEE9Eohk+YJUEJM+8IzvTYkEUYAYOA5joOv++6O+G2dDL73oK3ebSXd7
1tuNJtDxvbiq8+f9312Fqh8nN+w7hq11vDeilfdmXCjEts3qSDx9Col3fbyfkqwp
roFw8foG4mlCU6ZjLi+0HOMPtkeZeCZllPjo+btF9W0RfY/d7vGDk5PIrqLADS1h
oPHdOMEp6EF2F2xMNGPXMw7QyDMy
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:07 2024 by rpki-client on console-ams.rpki-client.org