Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/qIj9a79-3ZK_1P0KCo-KLyx0h44.roa
File: qIj9a79-3ZK_1P0KCo-KLyx0h44.roa (raw, json)
Hash identifier: kUsl01Jq51ZO2CWNAMNXIiFU+uKpI6KoApPRenPy7wc=
Subject key identifier: A8:88:FD:6B:BF:7E:DD:92:BF:D4:FD:0A:0A:8F:8A:2F:2C:74:87:8E
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 018C81091A170EF75B5159E09F3EAFB67499
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/qIj9a79-3ZK_1P0KCo-KLyx0h44.roa
Signing time: Tue 19 Dec 2023 07:45:06 +0000
ROA not before: Tue 19 Dec 2023 07:45:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 146.19.56.0/24 maxlen: 24
109.122.44.0/24 maxlen: 24
109.122.40.0/24 maxlen: 24
89.251.18.0/24 maxlen: 24
89.251.23.0/24 maxlen: 24
89.251.22.0/24 maxlen: 24
89.251.20.0/24 maxlen: 24
89.251.31.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:31:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:81:09:1a:17:0e:f7:5b:51:59:e0:9f:3e:af:b6:74:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Dec 19 07:45:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a888fd6bbf7edd92bfd4fd0a0a8f8a2f2c74878e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:2a:65:39:39:a5:3f:f5:3f:a3:71:bb:82:29:
76:f5:43:e6:cb:b1:fc:6c:a9:1e:e8:1b:4e:0c:0d:
61:00:c9:a2:cc:1b:cc:ef:8e:60:66:b8:d8:3f:5b:
85:09:e3:50:12:13:dc:c9:10:12:54:87:61:87:eb:
a2:8e:3f:3c:6f:ea:dd:6a:61:6f:f2:3d:7e:b8:07:
3a:9b:22:95:bb:aa:33:f9:fd:c1:a3:3f:87:66:1b:
78:6f:f7:e0:21:8e:e3:93:10:c5:26:29:33:73:db:
5f:54:07:31:d4:11:c9:35:0a:b0:c2:b6:7a:76:28:
01:94:1a:8c:79:4e:87:3a:db:14:e3:36:a9:a5:2e:
e5:8b:2b:2d:5f:72:31:da:99:bf:d4:75:7a:2a:82:
8a:3a:ea:b0:b7:e1:4d:2a:e2:53:7e:0b:16:4d:ad:
33:0a:ae:2c:76:85:e3:6f:52:50:e9:f5:38:42:6a:
d1:cc:e2:43:f9:bf:0a:7a:22:e6:98:2e:56:9b:03:
a0:fe:7a:f1:28:af:25:0d:f1:f7:97:5b:39:69:2e:
80:0c:40:3d:10:bc:6a:73:c4:67:32:f3:79:67:c6:
38:b0:d2:04:a5:42:87:ac:6a:0d:fb:28:cb:f1:5e:
fc:17:34:bf:55:88:d9:93:d6:0e:85:4f:91:80:2f:
59:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:88:FD:6B:BF:7E:DD:92:BF:D4:FD:0A:0A:8F:8A:2F:2C:74:87:8E
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/qIj9a79-3ZK_1P0KCo-KLyx0h44.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.251.18.0/24
89.251.20.0/24
89.251.22.0/23
89.251.31.0/24
109.122.40.0/24
109.122.44.0/24
146.19.56.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:f6:90:d7:e6:aa:aa:cd:df:1d:1f:c9:02:5e:bc:9e:79:a4:
dd:be:9c:87:a1:82:be:84:a0:ba:de:0f:94:49:5a:ff:7a:88:
4f:08:fb:ce:88:06:23:40:87:77:5d:42:f0:ef:5c:b9:29:dc:
c1:7d:8b:5b:44:fc:87:76:61:a9:ab:36:fb:6f:c4:16:c0:b1:
31:26:a1:7d:b0:11:0a:81:e9:a3:0d:ec:61:d0:c4:de:22:63:
70:5d:57:03:4e:cb:18:dd:e2:a7:4b:03:89:ed:f0:f3:cf:31:
66:ff:8e:2d:4a:e6:23:25:02:8d:55:36:c1:e4:36:14:35:9a:
ef:d1:ed:9f:22:b7:88:23:3e:b3:64:e8:67:bb:c7:b4:2d:6f:
d0:8c:aa:7c:50:53:1e:74:b2:4c:3f:04:68:43:f2:61:3c:4c:
60:f8:c0:ac:5e:3c:f3:d1:29:e9:10:88:56:17:d4:c2:1c:56:
85:7a:f0:ec:4b:c1:21:3e:4d:b9:12:f4:38:fe:42:a2:5b:fb:
0d:ee:bf:b1:8c:c2:59:8b:c6:df:a9:16:35:ac:67:18:4e:a6:
37:b4:6f:94:d8:2f:07:42:3f:d8:59:40:d7:3c:fe:0a:bb:a6:
1c:93:ee:e0:60:fa:75:bb:91:99:7f:94:3c:79:f1:f8:21:55:
c1:11:89:16
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYyBCRoXDvdbUVngnz6vtnSZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjMxMjE5MDc0NTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODg4ZmQ2YmJmN2VkZDkyYmZkNGZkMGEwYThmOGEyZjJjNzQ4NzhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiiplOTmlP/U/o3G7gil29UPmy7H8
bKke6BtODA1hAMmizBvM745gZrjYP1uFCeNQEhPcyRASVIdhh+uijj88b+rdamFv
8j1+uAc6myKVu6oz+f3Boz+HZht4b/fgIY7jkxDFJikzc9tfVAcx1BHJNQqwwrZ6
digBlBqMeU6HOtsU4zappS7liystX3Ix2pm/1HV6KoKKOuqwt+FNKuJTfgsWTa0z
Cq4sdoXjb1JQ6fU4QmrRzOJD+b8KeiLmmC5WmwOg/nrxKK8lDfH3l1s5aS6ADEA9
ELxqc8RnMvN5Z8Y4sNIEpUKHrGoN+yjL8V78FzS/VYjZk9YOhU+RgC9Z4wIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFKiI/Wu/ft2Sv9T9CgqPii8sdIeOMB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvcUlqOWE3OS0zWktfMVAwS0NvLUtMeXgwaDQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAWfsSAwQA
WfsUAwQBWfsWAwQAWfsfAwQAbXooAwQAbXosAwQAkhM4MA0GCSqGSIb3DQEBCwUA
A4IBAQBO9pDX5qqqzd8dH8kCXryeeaTdvpyHoYK+hKC63g+USVr/eohPCPvOiAYj
QId3XULw71y5KdzBfYtbRPyHdmGpqzb7b8QWwLExJqF9sBEKgemjDexh0MTeImNw
XVcDTssY3eKnSwOJ7fDzzzFm/44tSuYjJQKNVTbB5DYUNZrv0e2fIreIIz6zZOhn
u8e0LW/QjKp8UFMedLJMPwRoQ/JhPExg+MCsXjzz0SnpEIhWF9TCHFaFevDsS8Eh
Pk25EvQ4/kKiW/sN7r+xjMJZi8bfqRY1rGcYTqY3tG+U2C8HQj/YWUDXPP4Ku6Yc
k+7gYPp1u5GZf5Q8efH4IVXBEYkW
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:37 2024 by rpki-client on console-fra.rpki-client.org