Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/rMTZZDLoN-89FyC-qiKMckgZEZE.roa
File: rMTZZDLoN-89FyC-qiKMckgZEZE.roa (raw, json)
Hash identifier: iNcS/uXXQefHlSDVVsuP7VES96W6IJp7gjSqXv7NzH8=
Subject key identifier: AC:C4:D9:64:32:E8:37:EF:3D:17:20:BE:AA:22:8C:72:48:19:11:91
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 018C441C00656A34861188AABE970680DE12
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/rMTZZDLoN-89FyC-qiKMckgZEZE.roa
Signing time: Thu 07 Dec 2023 11:48:54 +0000
ROA not before: Thu 07 Dec 2023 11:48:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60446
IP address blocks: 89.251.16.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:31:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:44:1c:00:65:6a:34:86:11:88:aa:be:97:06:80:de:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Dec 7 11:48:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=acc4d96432e837ef3d1720beaa228c7248191191
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:a4:85:1f:1b:54:b9:ba:74:67:b8:55:0b:af:
97:08:77:0a:a0:ce:0a:eb:9b:e5:2b:a5:15:e4:96:
ed:76:bc:46:99:37:1b:8d:e2:04:11:05:58:1e:15:
49:bd:24:32:2e:6a:9d:c0:15:77:48:dd:a3:11:c4:
ce:c0:0e:58:03:b7:0a:7a:f5:b7:f3:76:12:1c:9d:
7d:ec:9a:b0:5c:ad:25:df:11:e8:9b:64:ba:49:ef:
2a:7d:5f:d0:ee:ea:2d:e6:37:de:86:36:0f:76:7e:
77:df:ad:f0:9d:0a:ac:b4:8b:cc:86:15:7f:d4:db:
dc:c1:ee:a4:24:d3:95:a1:94:30:9e:23:c0:a0:04:
57:71:3e:4d:19:1c:65:99:49:94:79:7a:d3:eb:0b:
d7:e3:cf:ab:78:bf:54:f2:7a:e7:d4:7f:8d:24:4c:
94:44:67:c7:39:e5:af:5f:b7:ea:47:20:29:e5:7c:
4a:08:c0:16:7e:92:64:1e:a1:3e:70:52:57:fe:4f:
e1:71:73:60:e1:15:ed:3c:57:ee:62:30:e7:de:cb:
1b:27:a5:2d:95:97:eb:8c:24:12:fd:74:6f:f0:40:
7e:39:60:4d:9a:9f:3c:b2:24:ea:02:79:81:c1:bf:
b8:c5:64:67:ec:34:2a:86:55:57:89:1f:aa:a4:e4:
90:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:C4:D9:64:32:E8:37:EF:3D:17:20:BE:AA:22:8C:72:48:19:11:91
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/rMTZZDLoN-89FyC-qiKMckgZEZE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.251.16.0/24
Signature Algorithm: sha256WithRSAEncryption
66:c2:bd:a3:ed:da:7b:db:71:46:a0:36:3f:bc:8d:c2:26:67:
1c:9f:f5:b1:6e:6b:42:dd:d5:57:64:d3:1d:cf:31:a2:30:cd:
18:19:67:2a:5a:7b:80:8d:3e:d7:bb:4c:b8:39:6b:3e:e3:6c:
c3:e3:9b:10:b0:28:a2:11:b3:23:08:78:f2:d4:e7:e7:70:75:
ef:c4:58:9d:dd:eb:c2:24:23:b7:36:ce:46:cc:6a:b7:d1:31:
92:eb:56:80:ae:42:b7:4d:fc:0e:38:55:af:67:25:ac:58:2c:
4d:13:27:19:ac:61:f9:24:45:37:24:5b:00:02:bd:f7:c1:d6:
7a:fa:d5:a7:35:fd:03:11:cf:94:c9:65:79:54:1f:1b:0f:19:
79:9e:ae:75:61:ae:42:e2:e6:67:7a:b0:0a:82:6b:88:30:9b:
24:e0:64:e7:d2:b1:98:34:e0:d4:59:81:e0:f1:7f:f2:81:51:
90:ce:ad:a5:9c:58:40:a2:6e:68:c4:4e:46:d0:2e:ac:0e:9e:
ee:3d:f0:45:ac:8b:99:6c:99:9f:6a:05:d9:47:04:d5:23:fc:
22:ec:72:b1:3b:ba:da:7b:6b:76:92:cb:59:2e:74:8a:e5:b3:
ca:a6:80:dd:4c:a3:84:79:fe:6a:09:68:e5:fe:0b:5c:17:db:
99:6d:13:97
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYxEHABlajSGEYiqvpcGgN4SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjMxMjA3MTE0ODU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhY2M0ZDk2NDMyZTgzN2VmM2QxNzIwYmVhYTIyOGM3MjQ4MTkxMTkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0KSFHxtUubp0Z7hVC6+XCHcKoM4K
65vlK6UV5JbtdrxGmTcbjeIEEQVYHhVJvSQyLmqdwBV3SN2jEcTOwA5YA7cKevW3
83YSHJ197JqwXK0l3xHom2S6Se8qfV/Q7uot5jfehjYPdn53363wnQqstIvMhhV/
1Nvcwe6kJNOVoZQwniPAoARXcT5NGRxlmUmUeXrT6wvX48+reL9U8nrn1H+NJEyU
RGfHOeWvX7fqRyAp5XxKCMAWfpJkHqE+cFJX/k/hcXNg4RXtPFfuYjDn3ssbJ6Ut
lZfrjCQS/XRv8EB+OWBNmp88siTqAnmBwb+4xWRn7DQqhlVXiR+qpOSQ+QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKzE2WQy6DfvPRcgvqoijHJIGRGRMB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvck1UWlpETG9OLTg5RnlDLXFpS01ja2daRVpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWfsQMA0G
CSqGSIb3DQEBCwUAA4IBAQBmwr2j7dp723FGoDY/vI3CJmccn/WxbmtC3dVXZNMd
zzGiMM0YGWcqWnuAjT7Xu0y4OWs+42zD45sQsCiiEbMjCHjy1OfncHXvxFid3evC
JCO3Ns5GzGq30TGS61aArkK3TfwOOFWvZyWsWCxNEycZrGH5JEU3JFsAAr33wdZ6
+tWnNf0DEc+UyWV5VB8bDxl5nq51Ya5C4uZnerAKgmuIMJsk4GTn0rGYNODUWYHg
8X/ygVGQzq2lnFhAom5oxE5G0C6sDp7uPfBFrIuZbJmfagXZRwTVI/wi7HKxO7ra
e2t2kstZLnSK5bPKpoDdTKOEef5qCWjl/gtcF9uZbROX
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:37 2024 by rpki-client on console-fra.rpki-client.org