Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/pokm5quKO-vbetNOS1rSFkEKRqc.roa
File: pokm5quKO-vbetNOS1rSFkEKRqc.roa (raw, json)
Hash identifier: IGQdldfVIgr1uZKAIdAQh2Sr49FlzRxGxSG4me+xOF8=
Subject key identifier: A6:89:26:E6:AB:8A:3B:EB:DB:7A:D3:4E:4B:5A:D2:16:41:0A:46:A7
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 018F959F6F5919BD2440E3EC51F82E9EDF6E
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/pokm5quKO-vbetNOS1rSFkEKRqc.roa
Signing time: Mon 20 May 2024 10:50:04 +0000
ROA not before: Mon 20 May 2024 10:50:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61317
IP address blocks: 89.251.18.0/24 maxlen: 24
89.251.31.0/24 maxlen: 24
146.19.56.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 19 Sep 2024 06:06:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:95:9f:6f:59:19:bd:24:40:e3:ec:51:f8:2e:9e:df:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: May 20 10:50:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a68926e6ab8a3bebdb7ad34e4b5ad216410a46a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:40:dd:4a:09:ba:5d:84:e7:6d:88:59:45:b8:
2d:24:eb:b9:ee:8d:7d:64:b9:bb:fa:25:8b:8f:ff:
5f:3b:e3:60:7f:d1:75:88:f6:ed:8e:f2:bd:5f:37:
e9:e3:40:dc:6f:cc:17:4c:02:98:00:11:df:d2:0e:
4f:e9:be:9b:b3:96:2a:90:3f:9b:75:bc:08:ac:6b:
b2:b0:cc:c9:c8:82:bf:a7:97:90:ee:7b:cf:c2:b2:
28:8e:30:fd:5b:18:c3:db:68:95:e7:92:83:1f:9d:
d2:71:a6:58:93:b3:71:d8:46:f8:c3:b1:69:f9:ff:
22:39:5c:2c:46:11:e5:25:31:90:42:12:a2:95:f8:
66:a8:86:ae:e3:8e:db:79:f8:99:cc:b2:07:32:c8:
2e:86:6b:d9:ab:2f:29:23:c6:2f:5c:03:ce:e6:67:
b8:6b:5b:65:c8:38:93:86:87:a5:c2:e1:5c:5e:85:
8f:7a:89:75:ca:67:3f:4b:ce:20:b2:b8:6d:84:db:
26:82:2c:a5:0a:7a:43:1c:80:b7:16:75:8a:25:03:
91:77:e9:f3:e4:32:10:1b:2e:7a:65:34:bb:be:5c:
16:6e:3b:39:32:44:ee:2c:a8:9d:75:a0:83:48:5c:
8d:27:b0:64:aa:d5:78:12:88:79:a5:b1:fd:aa:6a:
80:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:89:26:E6:AB:8A:3B:EB:DB:7A:D3:4E:4B:5A:D2:16:41:0A:46:A7
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/pokm5quKO-vbetNOS1rSFkEKRqc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.251.18.0/24
89.251.31.0/24
146.19.56.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:6b:6a:ca:31:88:52:e9:26:1c:43:aa:38:7b:a2:74:41:d5:
d3:7e:a9:90:b7:c2:da:24:ca:3d:3c:70:0d:3f:5a:b5:6a:3f:
c6:a3:61:cc:1f:d1:31:c8:d0:32:a0:33:e3:86:45:c0:e8:12:
1b:32:c0:3b:1e:dd:a3:90:f4:f3:a9:d0:3d:48:ea:a5:9f:da:
53:15:09:66:82:8c:dd:4e:36:77:a9:57:76:54:cc:6f:20:f7:
c4:8d:e7:d8:52:cc:85:72:b7:69:bf:f5:4b:f3:2c:72:fa:6f:
69:8a:fe:06:cd:a2:bf:c3:53:f1:a2:10:b6:d6:46:79:d2:ef:
9a:ad:62:9e:65:5b:15:a9:47:fa:27:5f:c9:35:39:1f:91:87:
13:88:26:74:3b:77:63:25:44:d6:6d:2e:6f:89:cc:eb:89:3a:
ab:c6:83:54:72:d9:5f:e4:15:6f:87:e6:9d:58:16:a0:b3:df:
9a:f8:b8:da:f9:b8:f4:c2:2f:87:d9:1c:31:73:40:29:2e:0b:
d3:a5:0e:f3:d9:2a:b3:2f:d6:5f:da:13:17:e7:65:e2:14:07:
a4:48:01:cc:0e:06:80:1b:9c:d7:60:ce:7f:48:09:82:2c:29:
08:6b:9b:26:22:75:7d:cc:68:ef:49:50:41:82:24:b6:e1:c8:
43:cb:57:83
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY+Vn29ZGb0kQOPsUfgunt9uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjQwNTIwMTA1MDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjg5MjZlNmFiOGEzYmViZGI3YWQzNGU0YjVhZDIxNjQxMGE0NmE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAukDdSgm6XYTnbYhZRbgtJOu57o19
ZLm7+iWLj/9fO+Ngf9F1iPbtjvK9Xzfp40Dcb8wXTAKYABHf0g5P6b6bs5YqkD+b
dbwIrGuysMzJyIK/p5eQ7nvPwrIojjD9WxjD22iV55KDH53ScaZYk7Nx2Eb4w7Fp
+f8iOVwsRhHlJTGQQhKilfhmqIau447befiZzLIHMsguhmvZqy8pI8YvXAPO5me4
a1tlyDiThoelwuFcXoWPeol1ymc/S84gsrhthNsmgiylCnpDHIC3FnWKJQORd+nz
5DIQGy56ZTS7vlwWbjs5MkTuLKiddaCDSFyNJ7BkqtV4Eoh5pbH9qmqA5QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKaJJuarijvr23rTTkta0hZBCkanMB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvcG9rbTVxdUtPLXZiZXROT1MxclNGa0VLUnFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAWfsSAwQA
WfsfAwQAkhM4MA0GCSqGSIb3DQEBCwUAA4IBAQA7a2rKMYhS6SYcQ6o4e6J0QdXT
fqmQt8LaJMo9PHANP1q1aj/Go2HMH9ExyNAyoDPjhkXA6BIbMsA7Ht2jkPTzqdA9
SOqln9pTFQlmgozdTjZ3qVd2VMxvIPfEjefYUsyFcrdpv/VL8yxy+m9piv4GzaK/
w1PxohC21kZ50u+arWKeZVsVqUf6J1/JNTkfkYcTiCZ0O3djJUTWbS5viczriTqr
xoNUctlf5BVvh+adWBags9+a+Lja+bj0wi+H2Rwxc0ApLgvTpQ7z2SqzL9Zf2hMX
52XiFAekSAHMDgaAG5zXYM5/SAmCLCkIa5smInV9zGjvSVBBgiS24chDy1eD
-----END CERTIFICATE-----
Generated at Thu Sep 19 07:47:40 2024 by rpki-client on console-fra.rpki-client.org