Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/oR5JUY8Zjo86YYerGQ4R-SxGQCU.roa
File: oR5JUY8Zjo86YYerGQ4R-SxGQCU.roa (raw, json)
Hash identifier: FmYEVt4Gd7ISgyVEffmM9nW3yBcpVq2ygZVzRRA9Qns=
Subject key identifier: A1:1E:49:51:8F:19:8E:8F:3A:61:87:AB:19:0E:11:F9:2C:46:40:25
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 0189595071A0BDB1F9BBFB0361F5E8D5CF70
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/oR5JUY8Zjo86YYerGQ4R-SxGQCU.roa
Signing time: Sat 15 Jul 2023 11:29:51 +0000
ROA not before: Sat 15 Jul 2023 11:29:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 91.200.221.0/24 maxlen: 24
91.200.222.0/24 maxlen: 24
91.200.223.0/24 maxlen: 24
109.122.46.0/24 maxlen: 24
91.226.56.0/24 maxlen: 24
89.251.21.0/24 maxlen: 24
193.93.52.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 26 Jul 2023 04:04:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:59:50:71:a0:bd:b1:f9:bb:fb:03:61:f5:e8:d5:cf:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Jul 15 11:29:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a11e49518f198e8f3a6187ab190e11f92c464025
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:ce:ea:64:b4:96:88:a7:c6:35:35:c1:f4:15:
31:71:d4:44:bc:5e:66:ea:70:66:93:d2:17:de:c3:
66:93:37:36:41:89:22:8a:ef:b3:cc:b7:ca:f9:eb:
f2:88:3e:40:ca:a3:40:c4:c6:f2:9a:4e:68:95:53:
d8:2c:3d:8c:db:f8:16:ad:2d:e3:dc:69:e7:7b:57:
de:e2:48:56:ce:c4:2b:f3:d5:9d:fd:ff:3f:cf:90:
10:e9:d7:f0:62:25:73:ae:8d:3a:f7:bc:6c:73:87:
32:c9:d6:1c:5b:8a:1b:ac:ee:d8:df:9f:82:df:04:
11:9e:24:47:24:15:26:85:69:0e:18:75:bf:69:01:
f8:50:e8:11:86:da:b9:0d:52:70:42:5e:80:6c:8d:
ac:ba:72:ff:e4:5f:08:67:02:a8:4e:18:76:bf:a0:
6b:6b:18:8a:57:13:b8:db:c3:42:1a:e2:e1:60:a2:
5b:17:29:d5:45:e5:a8:2e:c1:35:d4:82:65:e8:3b:
b6:5f:e7:fa:9b:50:4e:c5:ce:43:b4:25:40:7b:de:
b8:e3:2b:a7:a7:64:fd:4b:f6:e2:02:30:99:fa:75:
19:9a:d6:b4:e3:83:56:9a:b7:c8:e2:e0:80:13:1a:
b6:c7:4b:a5:16:5c:8f:7f:ad:7a:66:05:b5:33:2a:
e2:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:1E:49:51:8F:19:8E:8F:3A:61:87:AB:19:0E:11:F9:2C:46:40:25
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/oR5JUY8Zjo86YYerGQ4R-SxGQCU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.251.21.0/24
91.200.221.0-91.200.223.255
91.226.56.0/24
109.122.46.0/24
193.93.52.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:95:f7:79:46:32:6c:ab:71:6b:e9:db:a3:1d:9c:7c:ac:de:
2e:c2:74:e4:37:49:20:14:aa:ec:cd:85:9a:99:a2:c5:9a:2f:
5b:a3:18:49:14:3b:2b:e5:d0:e7:65:89:75:7d:11:f9:17:84:
d3:0b:00:71:9f:b0:17:78:59:ab:7c:57:9a:99:49:c9:4e:8f:
b7:81:fe:e4:e5:08:5a:9e:22:65:cf:10:af:1c:20:49:6e:8e:
f4:d5:f8:f4:c9:84:48:dd:82:c9:89:90:b8:4a:e0:18:92:ac:
fc:5d:8f:14:e4:ea:1a:1a:c0:63:ce:c3:23:7b:8d:10:7b:bd:
37:04:0a:8b:c9:b7:82:b9:61:00:3c:29:f7:db:25:f5:5d:c9:
24:bf:ee:15:64:ef:3d:84:98:71:ee:cb:68:b8:96:0f:89:43:
27:e6:a0:24:22:d3:ba:7e:0a:32:59:34:34:5a:99:3c:31:d0:
86:b3:90:72:e0:af:51:c9:49:4d:81:e1:7a:f6:6e:14:30:c1:
8e:86:3a:1c:c6:86:13:97:31:60:22:77:f4:7e:cc:37:92:4c:
1c:1a:82:fa:c4:3f:7d:8d:5f:e2:21:5f:58:c3:fa:f3:68:87:
e0:9b:6e:a1:40:3f:f5:f0:f3:a9:07:70:48:26:f9:2c:5e:ec:
dc:4f:c0:cb
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYlZUHGgvbH5u/sDYfXo1c9wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjMwNzE1MTEyOTUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTFlNDk1MThmMTk4ZThmM2E2MTg3YWIxOTBlMTFmOTJjNDY0MDI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhM7qZLSWiKfGNTXB9BUxcdREvF5m
6nBmk9IX3sNmkzc2QYkiiu+zzLfK+evyiD5AyqNAxMbymk5olVPYLD2M2/gWrS3j
3Gnne1fe4khWzsQr89Wd/f8/z5AQ6dfwYiVzro0697xsc4cyydYcW4obrO7Y35+C
3wQRniRHJBUmhWkOGHW/aQH4UOgRhtq5DVJwQl6AbI2sunL/5F8IZwKoThh2v6Br
axiKVxO428NCGuLhYKJbFynVReWoLsE11IJl6Du2X+f6m1BOxc5DtCVAe9644yun
p2T9S/biAjCZ+nUZmta044NWmrfI4uCAExq2x0ulFlyPf616ZgW1MyrizwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFKEeSVGPGY6POmGHqxkOEfksRkAlMB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvb1I1SlVZOFpqbzg2WVllckdRNFItU3hHUUNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQAWfsVMAwD
BABbyN0DBAVbyMADBABb4jgDBABtei4DBADBXTQwDQYJKoZIhvcNAQELBQADggEB
AFqV93lGMmyrcWvp26MdnHys3i7CdOQ3SSAUquzNhZqZosWaL1ujGEkUOyvl0Odl
iXV9EfkXhNMLAHGfsBd4Wat8V5qZSclOj7eB/uTlCFqeImXPEK8cIElujvTV+PTJ
hEjdgsmJkLhK4BiSrPxdjxTk6hoawGPOwyN7jRB7vTcECovJt4K5YQA8KffbJfVd
ySS/7hVk7z2EmHHuy2i4lg+JQyfmoCQi07p+CjJZNDRamTwx0IazkHLgr1HJSU2B
4Xr2bhQwwY6GOhzGhhOXMWAid/R+zDeSTBwagvrEP32NX+IhX1jD+vNoh+CbbqFA
P/Xw86kHcEgm+Sxe7NxPwMs=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:37 2024 by rpki-client on console-fra.rpki-client.org