Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/yAPcmj4pFJKqCE4O_1KCR6zGsFE.roa
File: yAPcmj4pFJKqCE4O_1KCR6zGsFE.roa (raw, json)
Hash identifier: rglMHOU915oAtDeZACtunfIfp0pyW04qE/FBK5GIwH0=
Subject key identifier: C8:03:DC:9A:3E:29:14:92:AA:08:4E:0E:FF:52:82:47:AC:C6:B0:51
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 0189594F87F039C2AD60F8C4280B6A951C7B
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/yAPcmj4pFJKqCE4O_1KCR6zGsFE.roa
Signing time: Sat 15 Jul 2023 11:28:51 +0000
ROA not before: Sat 15 Jul 2023 11:28:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1239
IP address blocks: 89.251.17.0/24 maxlen: 24
91.226.57.0/24 maxlen: 24
89.251.24.0/24 maxlen: 24
193.93.53.0/24 maxlen: 24
89.251.27.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 15 Sep 2023 13:25:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:59:4f:87:f0:39:c2:ad:60:f8:c4:28:0b:6a:95:1c:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Jul 15 11:28:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c803dc9a3e291492aa084e0eff528247acc6b051
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:6a:db:63:24:97:f4:92:55:49:4d:72:8a:bc:
31:78:67:fc:34:5e:ae:1a:b2:72:8c:97:50:87:f0:
83:aa:1e:40:58:17:a2:95:d9:57:64:05:46:43:21:
49:ec:27:5e:96:b0:4e:ee:8e:c4:6c:86:1f:91:c7:
97:5c:4d:c0:ed:f7:89:51:86:9e:92:87:4b:9c:43:
78:77:8b:17:3f:53:41:35:55:c9:e6:16:9f:77:ca:
d4:f0:aa:37:b7:81:e2:b6:97:da:f2:fd:bd:0d:33:
2d:33:1b:74:82:1c:6a:8b:78:c6:f1:a1:e0:a7:d8:
41:e5:9a:b2:ed:78:e1:d3:c5:ae:08:de:4b:26:69:
24:62:96:73:93:a1:6d:e1:80:2c:07:88:a7:b6:1c:
8a:9e:4e:9d:88:e7:b6:e6:94:e9:c1:ed:25:4f:e2:
6d:99:32:1b:6c:4f:79:69:6f:ff:d3:a3:1b:a2:5f:
7c:92:65:fb:c2:4b:f7:61:3b:dd:8e:36:7a:d2:a1:
10:7e:f8:48:dd:24:ab:bf:9d:a4:5c:59:1d:bf:93:
18:fb:47:b6:26:c2:8e:3a:3a:41:fe:c0:00:03:56:
5e:de:f9:df:99:e4:7e:71:30:33:e4:0e:34:b6:21:
fd:85:f6:ec:93:55:34:fe:28:0f:e0:01:7c:4d:a7:
9f:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:03:DC:9A:3E:29:14:92:AA:08:4E:0E:FF:52:82:47:AC:C6:B0:51
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/yAPcmj4pFJKqCE4O_1KCR6zGsFE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.251.17.0/24
89.251.24.0/24
89.251.27.0/24
91.226.57.0/24
193.93.53.0/24
Signature Algorithm: sha256WithRSAEncryption
66:b8:da:9f:00:d0:ee:ed:70:bb:cf:62:f3:a5:04:89:26:a7:
d9:4a:bb:e8:86:c2:33:3c:26:a0:61:36:2b:3b:34:c2:0b:77:
40:f6:cf:5e:7d:eb:ed:da:5f:b0:23:7c:fb:67:65:1f:6d:c1:
b1:8d:2f:74:19:47:0d:4d:7c:a8:20:0a:7c:c7:c1:26:d1:ec:
a1:a9:96:ef:fe:4f:da:24:80:50:a0:72:dd:59:75:f8:bd:fe:
30:2c:69:9c:00:fd:c4:ff:83:41:9f:82:ed:9e:29:e6:12:83:
8e:e8:9a:0a:98:6c:b7:94:7d:05:ad:1b:a6:4c:51:be:bd:f2:
23:9c:b7:d9:22:9c:ab:e5:63:59:80:95:75:53:1d:f9:a8:f0:
1b:61:16:92:c4:20:d9:fc:8d:c5:a0:ed:04:17:4b:68:88:5a:
a6:a3:f2:47:91:9a:84:07:b0:91:07:b4:ec:9a:b6:e0:ce:7f:
1d:0b:a3:f7:c4:fb:e7:8d:23:52:af:7f:a3:b5:91:ba:5e:6c:
17:22:3d:43:34:2e:5f:89:d0:b5:9d:4f:a4:91:da:60:f8:af:
51:e6:ce:b2:e1:5a:d2:a0:d9:68:89:bf:4f:6a:8d:0f:8a:5e:
22:92:33:68:bd:57:4b:86:22:38:10:5f:b6:51:9b:96:54:e7:
df:4c:be:ce
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYlZT4fwOcKtYPjEKAtqlRx7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjMwNzE1MTEyODUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODAzZGM5YTNlMjkxNDkyYWEwODRlMGVmZjUyODI0N2FjYzZiMDUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsWrbYySX9JJVSU1yirwxeGf8NF6u
GrJyjJdQh/CDqh5AWBeildlXZAVGQyFJ7CdelrBO7o7EbIYfkceXXE3A7feJUYae
kodLnEN4d4sXP1NBNVXJ5hafd8rU8Ko3t4Hitpfa8v29DTMtMxt0ghxqi3jG8aHg
p9hB5Zqy7Xjh08WuCN5LJmkkYpZzk6Ft4YAsB4inthyKnk6diOe25pTpwe0lT+Jt
mTIbbE95aW//06Mbol98kmX7wkv3YTvdjjZ60qEQfvhI3SSrv52kXFkdv5MY+0e2
JsKOOjpB/sAAA1Ze3vnfmeR+cTAz5A40tiH9hfbsk1U0/igP4AF8TaefbwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFMgD3Jo+KRSSqghODv9SgkesxrBRMB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEveUFQY21qNHBGSktxQ0U0T18xS0NSNnpHc0ZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAWfsRAwQA
WfsYAwQAWfsbAwQAW+I5AwQAwV01MA0GCSqGSIb3DQEBCwUAA4IBAQBmuNqfANDu
7XC7z2LzpQSJJqfZSrvohsIzPCagYTYrOzTCC3dA9s9efevt2l+wI3z7Z2UfbcGx
jS90GUcNTXyoIAp8x8Em0eyhqZbv/k/aJIBQoHLdWXX4vf4wLGmcAP3E/4NBn4Lt
ninmEoOO6JoKmGy3lH0FrRumTFG+vfIjnLfZIpyr5WNZgJV1Ux35qPAbYRaSxCDZ
/I3FoO0EF0toiFqmo/JHkZqEB7CRB7Tsmrbgzn8dC6P3xPvnjSNSr3+jtZG6XmwX
Ij1DNC5fidC1nU+kkdpg+K9R5s6y4VrSoNloib9Pao0Pil4ikjNovVdLhiI4EF+2
UZuWVOffTL7O
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:07 2024 by rpki-client on console-ams.rpki-client.org