Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/qKwQ-I2YsqH0KLyQqi-9VCKX1PY.roa
File: qKwQ-I2YsqH0KLyQqi-9VCKX1PY.roa (raw, json)
Hash identifier: Zvh/Tv6PacpM87ZHWx4UtbFEEhjlYc8zzhS3z0MQbNo=
Subject key identifier: A8:AC:10:F8:8D:98:B2:A1:F4:28:BC:90:AA:2F:BD:54:22:97:D4:F6
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 0191BFD8CFAF6F23130335A106B92447756C
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/qKwQ-I2YsqH0KLyQqi-9VCKX1PY.roa
Signing time: Thu 05 Sep 2024 01:42:22 +0000
ROA not before: Thu 05 Sep 2024 01:42:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21859
IP address blocks: 89.251.20.0/24 maxlen: 24
109.122.41.0/24 maxlen: 24
109.122.44.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 03 Oct 2024 09:19:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:bf:d8:cf:af:6f:23:13:03:35:a1:06:b9:24:47:75:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Sep 5 01:42:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a8ac10f88d98b2a1f428bc90aa2fbd542297d4f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:2a:dd:f1:19:43:a1:31:70:e2:cd:cf:aa:02:
37:f0:56:1c:8e:f0:1c:bf:d7:95:d2:55:5d:4a:f3:
32:7d:00:5c:4d:ef:fc:6f:2e:b7:e4:a7:87:27:4d:
b4:d0:61:f5:6b:62:0a:c2:4c:9b:a1:1a:e7:4e:b0:
fc:b1:32:ea:6f:3f:c9:83:b6:ec:64:df:49:70:0b:
ea:cc:c1:d1:0d:da:e0:ec:9f:ee:5e:d6:20:50:89:
8a:e7:75:bb:f8:a9:27:e8:f5:f7:f1:4b:b3:89:3f:
b5:0b:34:da:f8:82:0c:64:48:46:d6:e0:24:17:db:
48:70:9b:3a:52:02:cd:09:fe:84:86:98:48:39:7e:
b0:8e:74:3e:d2:9f:38:e8:1f:c6:9f:e3:b3:4a:f7:
45:43:ba:71:1d:36:2c:23:c1:d4:36:bd:cf:1c:fb:
6b:0b:70:f0:71:35:9a:eb:64:20:e8:24:30:b5:27:
7d:c6:ca:ee:c0:ba:21:ba:5b:cc:12:49:bb:7f:8f:
56:58:9a:6c:7a:39:13:67:6e:d6:d0:e9:54:1c:7e:
41:af:5b:2a:bb:a5:28:12:13:52:be:57:24:d0:f3:
ba:d0:8a:46:05:3d:cf:1d:01:64:dc:f4:7c:12:bf:
48:d4:68:50:d1:de:3d:33:6d:ca:ec:04:f5:6b:e5:
bb:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:AC:10:F8:8D:98:B2:A1:F4:28:BC:90:AA:2F:BD:54:22:97:D4:F6
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/qKwQ-I2YsqH0KLyQqi-9VCKX1PY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.251.20.0/24
109.122.41.0/24
109.122.44.0/24
Signature Algorithm: sha256WithRSAEncryption
81:73:9d:8b:53:31:d0:6e:65:02:e9:a5:89:b3:f4:23:e7:09:
22:9a:fe:19:77:49:04:cf:cd:d3:14:aa:32:ea:88:67:96:3f:
da:e8:bc:05:69:2d:b2:3f:98:5a:87:79:82:85:66:6a:6d:93:
5a:1b:c2:1d:2a:36:cc:c0:70:0b:16:87:c1:24:1b:bb:41:0e:
6b:69:33:cb:35:a2:f3:f4:ce:7f:2b:82:b9:e1:44:63:3b:52:
3c:67:6a:1a:cd:86:d1:62:e4:f6:bc:26:7c:86:bf:1c:94:c7:
a1:d1:d1:6b:e0:77:75:84:7a:9b:15:77:1a:5e:eb:9a:fe:d3:
6d:e3:d2:aa:37:49:13:cb:f2:86:f7:e5:ef:2e:8c:23:8f:b1:
5f:8a:be:39:d6:38:9e:09:57:b0:74:6f:cb:68:2f:54:35:9d:
1f:25:d0:b2:9f:9a:14:93:e0:50:06:d7:36:99:f5:12:c5:0f:
80:97:70:ef:24:d0:3a:0c:89:c7:1f:7a:64:8b:f2:fc:f0:0a:
90:ff:1f:63:8c:1f:a9:2b:2d:1d:38:0e:70:c1:46:5d:c8:c2:
d7:a6:38:c9:17:8e:fb:32:6b:69:2b:a2:3c:87:b8:85:3c:f2:
f1:c0:3b:04:c3:93:27:8b:15:a2:fa:f1:0f:5f:cc:d7:1f:eb:
65:fc:1f:08
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZG/2M+vbyMTAzWhBrkkR3VsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjQwOTA1MDE0MjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOGFjMTBmODhkOThiMmExZjQyOGJjOTBhYTJmYmQ1NDIyOTdkNGY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5ird8RlDoTFw4s3PqgI38FYcjvAc
v9eV0lVdSvMyfQBcTe/8by635KeHJ0200GH1a2IKwkyboRrnTrD8sTLqbz/Jg7bs
ZN9JcAvqzMHRDdrg7J/uXtYgUImK53W7+Kkn6PX38UuziT+1CzTa+IIMZEhG1uAk
F9tIcJs6UgLNCf6EhphIOX6wjnQ+0p846B/Gn+OzSvdFQ7pxHTYsI8HUNr3PHPtr
C3DwcTWa62Qg6CQwtSd9xsruwLohulvMEkm7f49WWJpsejkTZ27W0OlUHH5Br1sq
u6UoEhNSvlck0PO60IpGBT3PHQFk3PR8Er9I1GhQ0d49M23K7AT1a+W7oQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKisEPiNmLKh9Ci8kKovvVQil9T2MB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvcUt3US1JMllzcUgwS0x5UXFpLTlWQ0tYMVBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAWfsUAwQA
bXopAwQAbXosMA0GCSqGSIb3DQEBCwUAA4IBAQCBc52LUzHQbmUC6aWJs/Qj5wki
mv4Zd0kEz83TFKoy6ohnlj/a6LwFaS2yP5hah3mChWZqbZNaG8IdKjbMwHALFofB
JBu7QQ5raTPLNaLz9M5/K4K54URjO1I8Z2oazYbRYuT2vCZ8hr8clMeh0dFr4Hd1
hHqbFXcaXuua/tNt49KqN0kTy/KG9+XvLowjj7Ffir451jieCVewdG/LaC9UNZ0f
JdCyn5oUk+BQBtc2mfUSxQ+Al3DvJNA6DInHH3pki/L88AqQ/x9jjB+pKy0dOA5w
wUZdyMLXpjjJF477MmtpK6I8h7iFPPLxwDsEw5MnixWi+vEPX8zXH+tl/B8I
-----END CERTIFICATE-----
Generated at Thu Oct 3 12:20:05 2024 by rpki-client on console-ams.rpki-client.org