Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/xUKQJQmiLwprvXFH7RFxLbtgVG8.roa
File: xUKQJQmiLwprvXFH7RFxLbtgVG8.roa (raw, json)
Hash identifier: aBo/jjACnlrtKtpNHBOk79qN9rQ2+49NYYJjbM+WZIk=
Subject key identifier: C5:42:90:25:09:A2:2F:0A:6B:BD:71:47:ED:11:71:2D:BB:60:54:6F
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 018DB3D957A0E1D86B881D1BE5C536AEDCB0
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/xUKQJQmiLwprvXFH7RFxLbtgVG8.roa
Signing time: Fri 16 Feb 2024 21:36:21 +0000
ROA not before: Fri 16 Feb 2024 21:36:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 89.251.22.0/24 maxlen: 24
89.251.23.0/24 maxlen: 24
109.122.46.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 20 Feb 2024 03:06:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:b3:d9:57:a0:e1:d8:6b:88:1d:1b:e5:c5:36:ae:dc:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Feb 16 21:36:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c542902509a22f0a6bbd7147ed11712dbb60546f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:9b:2f:08:0e:7f:c5:9c:62:8f:59:c1:b8:3a:
b6:5e:dd:cf:30:03:fb:1c:b6:d2:34:84:ac:5a:f1:
dd:4f:68:0e:eb:ad:0b:ab:87:37:b3:00:14:52:0b:
73:2f:c2:92:8b:07:d5:25:81:c1:59:6f:e5:c3:8e:
64:7d:ae:d0:f6:e6:6d:3a:b7:53:26:54:6f:5f:b5:
7c:cf:e8:14:a0:61:63:b8:46:e8:34:f9:3e:48:ee:
96:14:fa:21:5a:5e:de:2c:09:62:90:d9:73:c8:ae:
c4:ea:63:81:bc:ed:12:ff:a0:ec:60:7a:ab:fe:6e:
49:82:09:0b:37:5c:7d:d0:68:f0:7b:05:c8:30:48:
3b:40:1d:75:99:6f:0d:26:6c:37:36:69:9c:b2:ca:
b1:e8:73:19:31:4c:86:f6:95:a9:a3:e1:c4:0f:34:
6f:c6:ed:57:17:94:7b:c7:1e:4a:25:f3:82:05:2c:
41:5d:7b:62:de:50:07:99:46:64:f0:a0:37:02:f5:
67:86:23:4f:79:eb:3a:44:99:0e:7a:ce:a4:5d:ec:
62:16:10:23:d5:50:ab:2f:a6:98:39:98:aa:be:94:
c0:e7:7b:c9:79:71:43:a0:00:a3:cc:c8:b5:30:df:
c8:ff:a2:2e:91:82:3f:7a:ca:3f:8f:0b:78:b0:c9:
71:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:42:90:25:09:A2:2F:0A:6B:BD:71:47:ED:11:71:2D:BB:60:54:6F
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/xUKQJQmiLwprvXFH7RFxLbtgVG8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.251.22.0/23
109.122.46.0/24
Signature Algorithm: sha256WithRSAEncryption
25:aa:06:78:ec:a7:46:b1:ef:71:3c:2c:4f:c2:1e:e4:fa:83:
ac:30:92:55:af:a5:dd:ea:bf:95:1e:b2:0f:9c:d6:0c:e5:28:
9e:10:fd:ae:03:33:d0:fb:31:35:a5:35:bc:78:cc:da:27:3a:
fb:a9:1b:57:64:80:43:7a:3f:67:8e:54:36:ee:6a:c7:3d:4b:
8f:e3:86:f7:89:68:11:6b:7a:f2:c9:5a:d9:29:b0:4d:7a:69:
39:de:38:a8:61:cb:01:e4:83:6b:fe:ab:ee:a8:d9:e7:bc:86:
b4:5a:8b:4f:ed:54:c5:d3:5f:9d:e2:27:58:79:0a:92:12:63:
e6:d5:40:c0:33:8c:b7:76:60:1c:b9:67:e7:7f:b9:11:b6:c8:
a4:da:d7:6a:04:e4:30:36:6c:c0:ed:cc:5c:74:be:cf:7f:b4:
ef:4e:8e:ea:9e:9d:3d:69:a7:39:8b:bc:cd:68:cc:e0:58:10:
2e:8d:6a:f9:1b:ba:d6:6e:ff:ea:c1:3c:7c:a8:bd:27:e1:91:
3c:b5:88:bf:b1:58:43:6a:0a:2d:48:49:b1:c8:88:76:9a:ef:
ac:75:70:25:6a:86:a7:dd:ab:46:dc:6d:8a:fa:85:b5:a2:9c:
89:a7:e1:60:05:2a:79:60:71:bc:7b:63:5b:86:9e:85:21:fd:
c1:a9:ff:85
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY2z2Veg4dhriB0b5cU2rtywMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjQwMjE2MjEzNjIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTQyOTAyNTA5YTIyZjBhNmJiZDcxNDdlZDExNzEyZGJiNjA1NDZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmJsvCA5/xZxij1nBuDq2Xt3PMAP7
HLbSNISsWvHdT2gO660Lq4c3swAUUgtzL8KSiwfVJYHBWW/lw45kfa7Q9uZtOrdT
JlRvX7V8z+gUoGFjuEboNPk+SO6WFPohWl7eLAlikNlzyK7E6mOBvO0S/6DsYHqr
/m5JggkLN1x90GjwewXIMEg7QB11mW8NJmw3Nmmcssqx6HMZMUyG9pWpo+HEDzRv
xu1XF5R7xx5KJfOCBSxBXXti3lAHmUZk8KA3AvVnhiNPees6RJkOes6kXexiFhAj
1VCrL6aYOZiqvpTA53vJeXFDoACjzMi1MN/I/6IukYI/eso/jwt4sMlxawIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMVCkCUJoi8Ka71xR+0RcS27YFRvMB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEveFVLUUpRbWlMd3BydlhGSDdSRnhMYnRnVkc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBWfsWAwQA
bXouMA0GCSqGSIb3DQEBCwUAA4IBAQAlqgZ47KdGse9xPCxPwh7k+oOsMJJVr6Xd
6r+VHrIPnNYM5SieEP2uAzPQ+zE1pTW8eMzaJzr7qRtXZIBDej9njlQ27mrHPUuP
44b3iWgRa3ryyVrZKbBNemk53jioYcsB5INr/qvuqNnnvIa0WotP7VTF01+d4idY
eQqSEmPm1UDAM4y3dmAcuWfnf7kRtsik2tdqBOQwNmzA7cxcdL7Pf7TvTo7qnp09
aac5i7zNaMzgWBAujWr5G7rWbv/qwTx8qL0n4ZE8tYi/sVhDagotSEmxyIh2mu+s
dXAlaoan3atG3G2K+oW1opyJp+FgBSp5YHG8e2Nbhp6FIf3Bqf+F
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:37 2024 by rpki-client on console-fra.rpki-client.org