Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/zgMxcsd1NQV6RKXDe8bDWB9cQrQ.roa
File: zgMxcsd1NQV6RKXDe8bDWB9cQrQ.roa (raw, json)
Hash identifier: l7ug0tAw4MAClM1A8j8ca4WitOufbpZGixW9P9I3pOM=
Subject key identifier: CE:03:31:72:C7:75:35:05:7A:44:A5:C3:7B:C6:C3:58:1F:5C:42:B4
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 0188DFCAE6A75F4A2F046BA1E07AF7EFA2D3
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/zgMxcsd1NQV6RKXDe8bDWB9cQrQ.roa
Signing time: Wed 21 Jun 2023 21:09:56 +0000
ROA not before: Wed 21 Jun 2023 21:09:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1239
IP address blocks: 91.226.57.0/24 maxlen: 24
89.251.24.0/24 maxlen: 24
193.93.53.0/24 maxlen: 24
89.251.27.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 06 Jul 2023 20:33:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:df:ca:e6:a7:5f:4a:2f:04:6b:a1:e0:7a:f7:ef:a2:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Jun 21 21:09:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ce033172c77535057a44a5c37bc6c3581f5c42b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:90:7b:fe:93:7a:31:8f:85:55:67:80:b6:1c:
cf:b5:53:70:35:88:0f:ba:41:7c:73:71:73:cd:d3:
11:8a:8e:75:02:d2:cc:1c:e1:6d:a1:41:14:95:bb:
dc:06:07:62:ee:80:a2:95:7e:98:c6:5e:01:55:c8:
80:67:97:d6:8f:2c:8d:4a:24:fb:2b:f4:4d:8e:1a:
41:7f:8e:36:de:ad:d5:ea:7b:0f:4b:e7:84:eb:14:
e4:d2:25:c4:53:20:25:bf:71:dd:2e:c7:76:1b:31:
ac:5a:65:30:4e:56:d6:c2:9c:54:c5:2d:57:31:7d:
87:25:30:a9:36:1d:63:83:99:89:85:9f:79:db:2e:
03:ac:25:f8:5b:88:a6:02:2b:81:79:e4:ce:fb:ca:
bf:4a:82:9a:e2:de:02:66:97:59:3a:eb:a9:53:a0:
79:4c:9d:52:f0:55:18:86:60:c9:69:d6:f8:fa:c2:
e0:50:d8:ab:a7:38:72:1e:b4:23:ec:a8:a1:b3:83:
0b:9d:5b:b4:77:70:f0:84:75:82:65:0e:e9:ce:79:
82:ad:80:a5:f3:4c:87:7f:76:09:bd:10:4a:05:71:
0b:8e:b7:e4:84:66:bd:a5:2d:46:68:37:3b:4e:be:
50:be:07:9a:27:e7:ac:f2:e7:af:c6:e2:98:07:83:
6e:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:03:31:72:C7:75:35:05:7A:44:A5:C3:7B:C6:C3:58:1F:5C:42:B4
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/zgMxcsd1NQV6RKXDe8bDWB9cQrQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.251.24.0/24
89.251.27.0/24
91.226.57.0/24
193.93.53.0/24
Signature Algorithm: sha256WithRSAEncryption
84:70:ca:d0:6d:3c:10:45:74:f4:c8:62:e9:41:39:45:3e:1b:
06:69:c3:b5:2d:4c:31:ec:e3:14:00:a0:87:66:19:98:2a:0e:
91:b7:0a:1d:31:ce:c4:9f:f6:f9:4c:0c:1e:b1:26:7f:8f:0e:
03:48:f8:b3:8e:54:fb:11:cf:76:79:cc:6c:58:66:33:62:43:
6b:40:79:1c:07:8e:9d:3e:a8:1b:a0:56:fd:df:13:2e:24:97:
8d:0f:2c:33:e3:8f:82:41:39:4c:e6:b8:5d:eb:46:2b:e1:a1:
c4:59:38:29:60:75:32:ab:f5:c9:94:63:44:cd:34:22:06:86:
ff:10:98:87:2d:87:94:80:11:ad:dc:20:ae:ab:23:91:b2:50:
38:71:7e:f5:fe:2e:d7:45:6b:5d:61:9d:fb:a3:0e:a5:1e:59:
69:34:a7:5a:7d:7b:22:72:75:92:a2:56:00:c1:0a:97:c9:db:
30:40:15:b4:ba:24:50:c6:58:45:69:7c:ce:e4:19:39:13:d3:
9e:40:ef:67:a3:6a:74:a8:09:51:d0:1f:0e:4b:11:a8:9d:cc:
6f:fc:dd:b3:ca:53:24:c5:8a:ae:19:2f:c1:77:20:3e:a3:1f:
7e:c0:31:0c:01:fb:e4:34:fe:92:fa:d9:7e:29:be:b1:45:78:
50:2c:1d:29
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYjfyuanX0ovBGuh4Hr376LTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjMwNjIxMjEwOTU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZTAzMzE3MmM3NzUzNTA1N2E0NGE1YzM3YmM2YzM1ODFmNWM0MmI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjpB7/pN6MY+FVWeAthzPtVNwNYgP
ukF8c3FzzdMRio51AtLMHOFtoUEUlbvcBgdi7oCilX6Yxl4BVciAZ5fWjyyNSiT7
K/RNjhpBf4423q3V6nsPS+eE6xTk0iXEUyAlv3HdLsd2GzGsWmUwTlbWwpxUxS1X
MX2HJTCpNh1jg5mJhZ952y4DrCX4W4imAiuBeeTO+8q/SoKa4t4CZpdZOuupU6B5
TJ1S8FUYhmDJadb4+sLgUNirpzhyHrQj7Kihs4MLnVu0d3DwhHWCZQ7pznmCrYCl
80yHf3YJvRBKBXELjrfkhGa9pS1GaDc7Tr5QvgeaJ+es8uevxuKYB4Nu9QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFM4DMXLHdTUFekSlw3vGw1gfXEK0MB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvemdNeGNzZDFOUVY2UktYRGU4YkRXQjljUXJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAWfsYAwQA
WfsbAwQAW+I5AwQAwV01MA0GCSqGSIb3DQEBCwUAA4IBAQCEcMrQbTwQRXT0yGLp
QTlFPhsGacO1LUwx7OMUAKCHZhmYKg6RtwodMc7En/b5TAwesSZ/jw4DSPizjlT7
Ec92ecxsWGYzYkNrQHkcB46dPqgboFb93xMuJJeNDywz44+CQTlM5rhd60Yr4aHE
WTgpYHUyq/XJlGNEzTQiBob/EJiHLYeUgBGt3CCuqyORslA4cX71/i7XRWtdYZ37
ow6lHllpNKdafXsicnWSolYAwQqXydswQBW0uiRQxlhFaXzO5Bk5E9OeQO9no2p0
qAlR0B8OSxGoncxv/N2zylMkxYquGS/BdyA+ox9+wDEMAfvkNP6S+tl+Kb6xRXhQ
LB0p
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:07 2024 by rpki-client on console-ams.rpki-client.org