Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/yUZ8M7PTpik5fLzBMMEBptHQjbk.roa
File: yUZ8M7PTpik5fLzBMMEBptHQjbk.roa (raw, json)
Hash identifier: 5upXXFAWhtqyk0ptFL4DaaP9tTnWVC8DSkg0qOs3ss0=
Subject key identifier: C9:46:7C:33:B3:D3:A6:29:39:7C:BC:C1:30:C1:01:A6:D1:D0:8D:B9
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 018F9F6013BB95DEBF530FDFED14927F4D98
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/yUZ8M7PTpik5fLzBMMEBptHQjbk.roa
Signing time: Wed 22 May 2024 08:17:04 +0000
ROA not before: Wed 22 May 2024 08:17:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 400866
IP address blocks: 89.251.20.0/24 maxlen: 24
91.210.145.0/24 maxlen: 24
109.122.44.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 05 Jun 2024 10:04:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:9f:60:13:bb:95:de:bf:53:0f:df:ed:14:92:7f:4d:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: May 22 08:17:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c9467c33b3d3a629397cbcc130c101a6d1d08db9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:e6:29:c3:d7:bc:11:63:aa:f5:cf:b8:61:de:
be:67:fa:9e:1e:29:93:03:f8:8f:08:23:23:22:26:
41:1f:52:01:d5:61:a0:8f:6b:1d:8d:39:39:e5:e1:
c1:39:49:7c:ff:e3:d0:e7:81:60:ac:b6:ed:38:74:
70:71:ec:aa:6f:37:25:d4:c0:8c:ee:13:26:68:da:
da:af:65:39:86:14:cc:d5:9c:03:67:79:ab:78:de:
5a:be:ee:06:48:34:da:c8:5f:04:0e:2e:6c:a0:29:
b9:47:30:e5:3e:7e:f6:54:95:1f:52:36:ef:b8:6e:
1e:41:43:45:3d:a5:3c:1d:5d:02:29:96:f8:ab:9b:
8e:e3:8f:99:0d:5f:e7:2d:a7:5f:01:6e:df:6b:f4:
ae:7a:71:ac:1d:b2:2b:87:cb:c8:29:cd:e2:65:b8:
e1:37:67:88:87:4d:52:b3:df:a9:99:3c:47:7e:aa:
13:6e:7f:44:dc:c4:fe:c5:44:50:4b:65:14:37:67:
ee:66:9e:bf:99:85:d6:d3:c4:97:10:66:66:e1:72:
50:4c:fe:0a:17:0c:25:96:7b:2a:1c:36:1d:e2:d4:
84:7c:68:cd:71:72:46:1d:31:db:b2:43:9e:c4:e7:
75:67:2d:35:5d:c7:44:64:45:1a:51:8c:c9:80:6b:
fd:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:46:7C:33:B3:D3:A6:29:39:7C:BC:C1:30:C1:01:A6:D1:D0:8D:B9
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/yUZ8M7PTpik5fLzBMMEBptHQjbk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.251.20.0/24
91.210.145.0/24
109.122.44.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:48:03:50:37:dc:8c:ec:f7:0f:64:57:bb:a3:de:5f:88:31:
e3:ea:cc:1d:4d:84:56:ea:35:c9:2c:99:1e:4c:89:2a:cc:0c:
9e:31:13:85:28:e9:f9:2f:8f:11:e7:cf:28:2b:55:56:f7:3d:
e4:03:b8:44:1d:b2:6b:00:34:61:90:1f:6c:12:e5:0a:aa:71:
3d:3b:02:59:16:8e:3e:f7:c3:48:c6:f2:3a:10:21:61:57:8c:
cc:44:5e:c3:31:6c:53:7a:27:83:6c:1d:b2:57:d6:0b:ff:ed:
c8:ec:6a:d3:76:64:98:c6:de:ad:0f:52:a3:4b:80:08:0b:65:
38:75:61:22:0d:c2:a5:78:3f:be:6b:d5:04:22:bb:db:b0:ad:
b5:5b:75:a8:3c:ea:b4:2a:62:85:43:68:a7:f0:c4:e1:e5:bc:
fb:56:19:75:4d:74:d4:0e:0a:09:b9:1c:c1:aa:89:e8:85:53:
ee:b5:e0:e6:02:45:95:d9:4a:d4:39:04:9a:be:a9:fe:55:30:
f7:c3:29:d8:dd:b9:ca:2c:af:28:a6:18:f5:92:21:d3:02:aa:
a6:82:de:d1:24:03:99:31:c9:45:38:47:d7:27:1b:ee:f3:ae:
ed:a3:a5:27:ce:80:90:35:6c:d2:f1:57:7f:92:c2:ba:78:cb:
61:01:b7:f4
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY+fYBO7ld6/Uw/f7RSSf02YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjQwNTIyMDgxNzA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTQ2N2MzM2IzZDNhNjI5Mzk3Y2JjYzEzMGMxMDFhNmQxZDA4ZGI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAteYpw9e8EWOq9c+4Yd6+Z/qeHimT
A/iPCCMjIiZBH1IB1WGgj2sdjTk55eHBOUl8/+PQ54FgrLbtOHRwceyqbzcl1MCM
7hMmaNrar2U5hhTM1ZwDZ3mreN5avu4GSDTayF8EDi5soCm5RzDlPn72VJUfUjbv
uG4eQUNFPaU8HV0CKZb4q5uO44+ZDV/nLadfAW7fa/SuenGsHbIrh8vIKc3iZbjh
N2eIh01Ss9+pmTxHfqoTbn9E3MT+xURQS2UUN2fuZp6/mYXW08SXEGZm4XJQTP4K
FwwllnsqHDYd4tSEfGjNcXJGHTHbskOexOd1Zy01XcdEZEUaUYzJgGv9hwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMlGfDOz06YpOXy8wTDBAabR0I25MB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEveVVaOE03UFRwaWs1Zkx6Qk1NRUJwdEhRamJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAWfsUAwQA
W9KRAwQAbXosMA0GCSqGSIb3DQEBCwUAA4IBAQAtSANQN9yM7PcPZFe7o95fiDHj
6swdTYRW6jXJLJkeTIkqzAyeMROFKOn5L48R588oK1VW9z3kA7hEHbJrADRhkB9s
EuUKqnE9OwJZFo4+98NIxvI6ECFhV4zMRF7DMWxTeieDbB2yV9YL/+3I7GrTdmSY
xt6tD1KjS4AIC2U4dWEiDcKleD++a9UEIrvbsK21W3WoPOq0KmKFQ2in8MTh5bz7
Vhl1TXTUDgoJuRzBqonohVPuteDmAkWV2UrUOQSavqn+VTD3wynY3bnKLK8ophj1
kiHTAqqmgt7RJAOZMclFOEfXJxvu867to6UnzoCQNWzS8Vd/ksK6eMthAbf0
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:07 2024 by rpki-client on console-ams.rpki-client.org