Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/rQdKGoib5H0G7wBCkhr3krb4wFA.roa
File: rQdKGoib5H0G7wBCkhr3krb4wFA.roa (raw, json)
Hash identifier: sWPTYGfjZ8l3x61jWNaW31VBQKhh0hEMwli9OGydcBA=
Subject key identifier: AD:07:4A:1A:88:9B:E4:7D:06:EF:00:42:92:1A:F7:92:B6:F8:C0:50
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 01889F54C306800FB5BBE7FAD86A64C9E5A5
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/rQdKGoib5H0G7wBCkhr3krb4wFA.roa
Signing time: Fri 09 Jun 2023 08:45:12 +0000
ROA not before: Fri 09 Jun 2023 08:45:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 135752
IP address blocks: 89.251.21.0/24 maxlen: 24
89.251.24.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 14 Jun 2023 03:58:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:9f:54:c3:06:80:0f:b5:bb:e7:fa:d8:6a:64:c9:e5:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Jun 9 08:45:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ad074a1a889be47d06ef0042921af792b6f8c050
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:63:72:53:fc:5b:f0:e3:43:f7:00:da:a9:1b:
9e:d7:1e:d3:2d:63:10:3d:d0:08:de:5c:3b:be:d9:
ee:9f:d3:1a:b7:f9:84:02:a8:10:46:f1:f7:43:b6:
9a:4f:74:eb:54:db:42:f0:41:ae:8e:d3:94:50:d8:
7f:3d:5c:ed:cc:e6:19:96:17:16:30:b9:fb:60:0b:
66:5b:9d:b1:57:f7:22:aa:57:b3:a1:96:df:12:0c:
58:38:84:4c:be:8a:2a:2f:79:8b:ad:78:66:a7:7f:
9a:cf:99:9f:d9:bd:3b:3a:ff:4e:39:41:f6:61:9b:
33:57:b5:33:43:58:e4:43:c4:43:52:4e:54:92:d9:
0a:69:94:ad:00:8c:16:85:42:00:6b:9d:a0:71:cb:
a3:9f:91:bf:95:0d:a4:05:e8:2b:5c:5f:d7:19:a0:
24:54:82:80:07:06:5a:4f:01:1d:2c:9a:8c:e2:a0:
4c:51:fc:b8:fc:9a:87:0a:a0:3c:18:99:40:9b:56:
e7:cc:15:6c:cd:f6:aa:3e:cd:29:22:33:00:ba:5b:
a1:1e:0c:76:9f:1a:ac:85:f7:a3:ab:fb:96:da:27:
39:c3:32:77:26:75:9f:d1:1a:a2:4d:01:71:de:d2:
d1:8f:4c:d3:ef:2e:e8:a2:34:f4:2c:02:8f:67:c3:
0b:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:07:4A:1A:88:9B:E4:7D:06:EF:00:42:92:1A:F7:92:B6:F8:C0:50
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/rQdKGoib5H0G7wBCkhr3krb4wFA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.251.21.0/24
89.251.24.0/24
Signature Algorithm: sha256WithRSAEncryption
44:a9:db:85:dd:af:67:0c:6d:39:a5:ef:8b:fa:56:b2:b4:88:
be:6b:c4:3a:c4:62:27:e1:ea:bc:b2:96:c3:d3:74:38:a8:aa:
ed:14:dc:0a:58:b4:ba:88:97:0d:28:11:96:d6:65:c9:ad:46:
b7:cd:56:c1:00:6c:e5:50:58:0f:bd:86:52:18:d1:34:c7:e7:
47:b8:bc:1b:31:26:da:92:db:65:c4:95:b1:6a:c0:94:fb:83:
0b:cf:46:35:9e:39:2f:59:4b:24:08:32:e3:d2:85:9e:47:cf:
08:4a:32:e2:79:93:af:6a:77:09:ca:b6:b8:3c:1f:70:d3:0a:
6b:1a:6a:df:5b:92:f7:12:4e:49:28:ac:24:c7:eb:fd:b2:43:
33:7e:7f:f0:62:db:7c:f3:b3:cb:ae:98:2b:58:c2:d9:c3:7a:
65:0c:e3:c6:45:d8:6e:9d:58:68:44:1c:62:1a:a7:ca:9b:c9:
d9:4f:57:a2:88:24:c2:b7:20:52:d2:93:2c:b5:5e:36:e5:6f:
33:03:08:a5:44:c8:22:99:8b:de:73:de:23:26:c1:03:51:51:
d5:52:fb:e7:9e:0c:65:64:da:2c:44:64:69:7a:70:64:12:05:
13:9c:c8:3d:a8:6e:05:2a:e0:f3:5e:93:63:5c:62:8f:b2:00:
81:b6:bd:22
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYifVMMGgA+1u+f62GpkyeWlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjMwNjA5MDg0NTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDA3NGExYTg4OWJlNDdkMDZlZjAwNDI5MjFhZjc5MmI2ZjhjMDUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAimNyU/xb8OND9wDaqRue1x7TLWMQ
PdAI3lw7vtnun9Mat/mEAqgQRvH3Q7aaT3TrVNtC8EGujtOUUNh/PVztzOYZlhcW
MLn7YAtmW52xV/ciqlezoZbfEgxYOIRMvooqL3mLrXhmp3+az5mf2b07Ov9OOUH2
YZszV7UzQ1jkQ8RDUk5UktkKaZStAIwWhUIAa52gccujn5G/lQ2kBegrXF/XGaAk
VIKABwZaTwEdLJqM4qBMUfy4/JqHCqA8GJlAm1bnzBVszfaqPs0pIjMAuluhHgx2
nxqshfejq/uW2ic5wzJ3JnWf0RqiTQFx3tLRj0zT7y7oojT0LAKPZ8MLGwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFK0HShqIm+R9Bu8AQpIa95K2+MBQMB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvclFkS0dvaWI1SDBHN3dCQ2tocjNrcmI0d0ZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWfsVAwQA
WfsYMA0GCSqGSIb3DQEBCwUAA4IBAQBEqduF3a9nDG05pe+L+laytIi+a8Q6xGIn
4eq8spbD03Q4qKrtFNwKWLS6iJcNKBGW1mXJrUa3zVbBAGzlUFgPvYZSGNE0x+dH
uLwbMSbakttlxJWxasCU+4MLz0Y1njkvWUskCDLj0oWeR88ISjLieZOvancJyra4
PB9w0wprGmrfW5L3Ek5JKKwkx+v9skMzfn/wYtt887PLrpgrWMLZw3plDOPGRdhu
nVhoRBxiGqfKm8nZT1eiiCTCtyBS0pMstV425W8zAwilRMgimYvec94jJsEDUVHV
UvvnngxlZNosRGRpenBkEgUTnMg9qG4FKuDzXpNjXGKPsgCBtr0i
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:07 2024 by rpki-client on console-ams.rpki-client.org