Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/sXtaRu-8fs-B7u5mQhM4lES-i9k.roa
File: sXtaRu-8fs-B7u5mQhM4lES-i9k.roa (raw, json)
Hash identifier: PO9OmIf3i3haXhnOaxterjRKG2QIAnYUenZolfCNcH4=
Subject key identifier: B1:7B:5A:46:EF:BC:7E:CF:81:EE:EE:66:42:13:38:94:44:BE:8B:D9
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 018B13FC23DF41D6C4F14F05266E8E227916
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/sXtaRu-8fs-B7u5mQhM4lES-i9k.roa
Signing time: Mon 09 Oct 2023 10:29:33 +0000
ROA not before: Mon 09 Oct 2023 10:29:33 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 109.122.46.0/24 maxlen: 24
89.251.28.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 11 Oct 2023 10:29:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:13:fc:23:df:41:d6:c4:f1:4f:05:26:6e:8e:22:79:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Oct 9 10:29:33 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b17b5a46efbc7ecf81eeee664213389444be8bd9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:86:48:d1:56:2f:ec:77:d8:11:20:4f:59:46:
d0:fc:3a:0a:bd:e8:32:45:97:50:3d:11:4a:df:ad:
3e:07:d7:8f:78:e8:a4:a8:8c:6f:96:d5:83:ba:de:
64:e7:02:84:72:40:5b:8c:4c:78:b9:72:4a:33:51:
56:a5:e9:f4:3b:b0:ad:21:4b:c4:d6:b8:25:3c:d6:
e6:8a:98:c6:97:96:25:db:2d:93:66:29:a1:ac:0e:
76:06:cb:32:be:f7:de:8c:1f:8e:d2:ae:06:6f:93:
c4:d4:91:0a:1a:53:1c:0f:83:41:e4:6c:48:aa:c7:
77:63:f4:9e:84:9c:27:fd:28:47:d6:af:ab:38:df:
f7:74:97:d5:58:1b:ce:33:3b:43:eb:33:42:28:28:
6a:77:af:07:71:fe:08:61:4c:ec:0e:b0:82:8a:31:
0b:75:5b:c0:c9:26:3b:32:dd:47:8a:a9:72:ae:a7:
03:60:44:e9:8c:f0:71:3a:af:5d:98:74:dc:f7:98:
7f:1e:eb:4a:1a:37:ec:55:97:11:ed:65:2a:86:13:
4a:99:02:0c:0e:fc:06:0c:7c:4c:29:37:4e:e0:f0:
3e:1f:80:9d:82:a7:3c:d7:0a:a6:b8:9a:c8:b6:61:
7e:6f:8b:be:05:3d:48:d4:51:02:f1:1f:ac:18:45:
ad:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:7B:5A:46:EF:BC:7E:CF:81:EE:EE:66:42:13:38:94:44:BE:8B:D9
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/sXtaRu-8fs-B7u5mQhM4lES-i9k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.251.28.0/24
109.122.46.0/24
Signature Algorithm: sha256WithRSAEncryption
60:7e:42:ad:72:bd:9a:8e:e0:bf:83:70:ae:da:b9:64:9c:e2:
6f:6a:c7:45:66:73:57:3e:1a:46:58:d7:31:d4:51:75:82:43:
1d:15:55:ca:9f:b6:8f:fc:01:69:00:30:b9:cd:24:f8:04:ab:
09:c6:54:42:14:0e:17:9d:d8:01:47:d4:69:6c:5a:18:34:5b:
e9:53:a6:ca:96:d7:fe:60:72:04:03:3a:1b:a7:51:58:3b:f7:
0d:e1:a0:43:41:db:e0:bd:63:d0:02:d8:88:68:d9:fe:56:6b:
ad:11:7e:c6:b3:bb:d3:97:cb:83:0c:8f:11:47:19:18:8b:c6:
04:cb:d8:4d:c0:ab:1d:89:d0:48:60:24:c4:15:37:f2:5f:56:
a7:f4:34:92:04:ad:d4:09:12:9c:70:11:9f:bf:8a:2c:01:11:
56:6c:bc:6c:d5:f3:80:1e:3b:37:d7:cc:ee:e5:d4:34:0d:43:
84:67:bd:2a:de:7f:60:90:a4:51:f6:7f:f4:4e:4c:0c:cd:82:
c4:53:23:c1:38:c4:9f:85:b0:fd:bd:5d:e2:d3:d2:64:51:b3:
0c:5b:3d:e1:19:a4:e5:c7:1b:aa:e9:98:e6:d7:41:93:f7:a5:
f6:76:ac:48:e5:45:d2:8f:c5:64:f7:76:30:7b:37:b6:45:85:
d1:88:ad:dd
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYsT/CPfQdbE8U8FJm6OInkWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjMxMDA5MTAyOTMzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTdiNWE0NmVmYmM3ZWNmODFlZWVlNjY0MjEzMzg5NDQ0YmU4YmQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxoZI0VYv7HfYESBPWUbQ/DoKvegy
RZdQPRFK360+B9ePeOikqIxvltWDut5k5wKEckBbjEx4uXJKM1FWpen0O7CtIUvE
1rglPNbmipjGl5Yl2y2TZimhrA52BssyvvfejB+O0q4Gb5PE1JEKGlMcD4NB5GxI
qsd3Y/SehJwn/ShH1q+rON/3dJfVWBvOMztD6zNCKChqd68Hcf4IYUzsDrCCijEL
dVvAySY7Mt1HiqlyrqcDYETpjPBxOq9dmHTc95h/HutKGjfsVZcR7WUqhhNKmQIM
DvwGDHxMKTdO4PA+H4Cdgqc81wqmuJrItmF+b4u+BT1I1FEC8R+sGEWtawIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLF7WkbvvH7Pge7uZkITOJREvovZMB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvc1h0YVJ1LThmcy1CN3U1bVFoTTRsRVMtaTlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWfscAwQA
bXouMA0GCSqGSIb3DQEBCwUAA4IBAQBgfkKtcr2ajuC/g3Cu2rlknOJvasdFZnNX
PhpGWNcx1FF1gkMdFVXKn7aP/AFpADC5zST4BKsJxlRCFA4XndgBR9RpbFoYNFvp
U6bKltf+YHIEAzobp1FYO/cN4aBDQdvgvWPQAtiIaNn+VmutEX7Gs7vTl8uDDI8R
RxkYi8YEy9hNwKsdidBIYCTEFTfyX1an9DSSBK3UCRKccBGfv4osARFWbLxs1fOA
Hjs318zu5dQ0DUOEZ70q3n9gkKRR9n/0TkwMzYLEUyPBOMSfhbD9vV3i09JkUbMM
Wz3hGaTlxxuq6Zjm10GT96X2dqxI5UXSj8Vk93Yweze2RYXRiK3d
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:07 2024 by rpki-client on console-ams.rpki-client.org