Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/x5ifBceGvubtukH0ykFn5fq0d_s.roa
File: x5ifBceGvubtukH0ykFn5fq0d_s.roa (raw, json)
Hash identifier: ZaZHtcEOwF+P4fT2kHWYyVwGDY9C5iGJJQWICv4QkTI=
Subject key identifier: C7:98:9F:05:C7:86:BE:E6:ED:BA:41:F4:CA:41:67:E5:FA:B4:77:FB
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 0188AF2B94FBB1F0C82594C0C0A4257620AA
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/x5ifBceGvubtukH0ykFn5fq0d_s.roa
Signing time: Mon 12 Jun 2023 10:34:08 +0000
ROA not before: Mon 12 Jun 2023 10:34:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 109.122.44.0/24 maxlen: 24
109.122.43.0/24 maxlen: 24
91.226.59.0/24 maxlen: 24
89.251.23.0/24 maxlen: 24
89.251.22.0/24 maxlen: 24
89.251.20.0/24 maxlen: 24
89.251.25.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 02 Jul 2023 19:33:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:af:2b:94:fb:b1:f0:c8:25:94:c0:c0:a4:25:76:20:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Jun 12 10:34:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c7989f05c786bee6edba41f4ca4167e5fab477fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:68:a8:f4:98:c0:c3:c4:c1:32:55:90:a0:74:
fb:8a:bd:a7:02:5a:80:5c:00:2e:d0:6e:1e:29:48:
18:17:d0:0e:33:90:27:45:5d:dd:8c:47:f4:09:0c:
d0:57:e1:0e:0c:9b:9a:a0:1f:6b:5c:0d:6f:b2:80:
16:c8:db:d3:c4:48:58:fb:36:4c:58:ca:c7:a1:d9:
98:b9:26:ce:7f:88:5c:7d:be:9e:8c:11:4a:c0:a5:
95:2f:17:f3:35:3a:f5:bb:60:35:72:f8:03:7c:c1:
68:3c:b7:29:9a:11:2d:0b:75:df:1e:28:7e:68:70:
0b:4b:b1:c9:d7:c2:fc:f9:30:34:e8:c9:b5:42:24:
24:2e:16:6f:13:01:02:f4:39:14:82:37:b2:da:59:
50:1a:64:de:c0:90:77:c0:3b:01:b9:10:78:bd:b6:
14:c7:c9:f2:bd:19:da:6c:5d:8c:40:08:60:eb:61:
75:fa:df:a6:41:a0:23:bf:b9:16:ce:5a:fc:04:97:
81:03:cf:46:07:a1:b0:7d:73:35:b3:ba:02:f1:84:
f1:c5:35:d6:e2:1c:4b:43:0c:fa:ba:f8:1a:32:1f:
61:44:43:80:3a:6b:2b:b2:44:c7:ec:75:26:b3:e4:
9e:70:05:35:e8:69:a6:c2:45:d7:3e:92:9b:97:60:
ce:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:98:9F:05:C7:86:BE:E6:ED:BA:41:F4:CA:41:67:E5:FA:B4:77:FB
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/x5ifBceGvubtukH0ykFn5fq0d_s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.251.20.0/24
89.251.22.0/23
89.251.25.0/24
91.226.59.0/24
109.122.43.0-109.122.44.255
Signature Algorithm: sha256WithRSAEncryption
46:66:3e:b8:28:f1:a2:27:8f:19:d9:02:6b:c4:43:23:50:53:
2d:d3:b8:7e:c3:f7:5a:29:93:77:77:c9:7f:ca:d2:65:21:23:
38:46:d2:17:fd:af:0e:32:42:58:86:84:0b:d6:5b:98:b1:27:
fe:64:72:81:68:a1:d3:12:02:28:55:76:48:83:97:e0:41:b5:
8c:4a:fd:1b:0c:6a:6a:f9:b6:7a:28:91:6f:b8:8d:ce:ac:9c:
1d:9b:a4:bc:46:bb:1e:aa:2c:f9:1e:bd:73:b1:0a:99:23:4c:
69:5c:95:e6:30:93:83:f3:b4:4b:cd:55:a6:f2:76:81:88:62:
73:3e:22:ca:7f:ca:ca:b3:e7:1d:d0:4f:b9:ca:be:36:4d:4a:
ea:d4:af:c9:13:7d:a1:95:d5:9a:52:16:10:a0:dd:28:6d:e0:
6e:78:c6:16:23:0f:0d:1f:25:4c:19:16:78:78:8b:a8:c4:78:
d2:33:a2:ee:63:ed:fd:9c:75:b8:9e:c7:44:f9:87:5c:19:69:
f9:72:68:5f:ec:33:2c:7b:99:3f:af:bc:58:7b:38:83:ec:9f:
e9:c3:1e:54:b7:00:80:bd:a9:ec:89:70:e4:08:01:b0:78:68:
48:52:38:c8:5e:37:bf:79:68:d3:5b:1a:09:89:4e:06:c0:c7:
aa:82:3f:7c
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYivK5T7sfDIJZTAwKQldiCqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjMwNjEyMTAzNDA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzk4OWYwNWM3ODZiZWU2ZWRiYTQxZjRjYTQxNjdlNWZhYjQ3N2ZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApWio9JjAw8TBMlWQoHT7ir2nAlqA
XAAu0G4eKUgYF9AOM5AnRV3djEf0CQzQV+EODJuaoB9rXA1vsoAWyNvTxEhY+zZM
WMrHodmYuSbOf4hcfb6ejBFKwKWVLxfzNTr1u2A1cvgDfMFoPLcpmhEtC3XfHih+
aHALS7HJ18L8+TA06Mm1QiQkLhZvEwEC9DkUgjey2llQGmTewJB3wDsBuRB4vbYU
x8nyvRnabF2MQAhg62F1+t+mQaAjv7kWzlr8BJeBA89GB6GwfXM1s7oC8YTxxTXW
4hxLQwz6uvgaMh9hREOAOmsrskTH7HUms+SecAU16GmmwkXXPpKbl2DO/QIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFMeYnwXHhr7m7bpB9MpBZ+X6tHf7MB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEveDVpZkJjZUd2dWJ0dWtIMHlrRm41ZnEwZF9zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQAWfsUAwQB
WfsWAwQAWfsZAwQAW+I7MAwDBABteisDBABteiwwDQYJKoZIhvcNAQELBQADggEB
AEZmPrgo8aInjxnZAmvEQyNQUy3TuH7D91opk3d3yX/K0mUhIzhG0hf9rw4yQliG
hAvWW5ixJ/5kcoFoodMSAihVdkiDl+BBtYxK/RsMamr5tnookW+4jc6snB2bpLxG
ux6qLPkevXOxCpkjTGlcleYwk4PztEvNVabydoGIYnM+Isp/ysqz5x3QT7nKvjZN
SurUr8kTfaGV1ZpSFhCg3Sht4G54xhYjDw0fJUwZFnh4i6jEeNIzou5j7f2cdbie
x0T5h1wZaflyaF/sMyx7mT+vvFh7OIPsn+nDHlS3AIC9qeyJcOQIAbB4aEhSOMhe
N795aNNbGgmJTgbAx6qCP3w=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:37 2024 by rpki-client on console-fra.rpki-client.org