Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/v-vq4NoWBZGp55p1ejdhJL-PLVs.roa
File: v-vq4NoWBZGp55p1ejdhJL-PLVs.roa (raw, json)
Hash identifier: ohWifF6pz2sJ64+s06ze9gk264wULtm9ohKzL+Ub2Bo=
Subject key identifier: BF:EB:EA:E0:DA:16:05:91:A9:E7:9A:75:7A:37:61:24:BF:8F:2D:5B
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 0189181860D2AB1AC37584F14659537955A9
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/v-vq4NoWBZGp55p1ejdhJL-PLVs.roa
Signing time: Sun 02 Jul 2023 19:33:18 +0000
ROA not before: Sun 02 Jul 2023 19:33:18 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 109.122.44.0/24 maxlen: 24
109.122.43.0/24 maxlen: 24
91.226.59.0/24 maxlen: 24
89.251.23.0/24 maxlen: 24
89.251.22.0/24 maxlen: 24
89.251.20.0/24 maxlen: 24
89.251.29.0/24 maxlen: 24
89.251.31.0/24 maxlen: 24
89.251.25.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:18:18:60:d2:ab:1a:c3:75:84:f1:46:59:53:79:55:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Jul 2 19:33:18 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bfebeae0da160591a9e79a757a376124bf8f2d5b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:45:04:85:c5:54:69:dd:9f:06:f4:7d:30:21:
f4:84:9d:28:4c:ca:d2:ef:81:e5:b1:64:ba:39:d2:
27:4d:7b:61:72:6c:c6:ab:1a:d5:28:69:d5:d1:7d:
8a:9d:ba:3a:38:5b:e1:95:9a:dc:9a:3d:0a:51:f7:
b0:38:9e:d9:0d:61:8b:d2:87:ef:b0:a9:37:30:84:
65:99:41:d3:33:c1:08:3f:a9:c3:5f:b0:f3:05:5e:
90:38:76:d9:2c:84:df:28:15:dd:18:4e:17:3b:7e:
26:ad:63:7d:ab:0b:9e:d5:8d:15:ea:f7:0a:cb:4f:
d2:92:e7:f8:e8:a9:81:6d:2a:b2:fa:a3:6c:5c:cd:
37:1b:31:0e:6c:a9:fa:fb:0a:e5:42:ed:bf:d9:c8:
8b:06:74:e2:ac:ca:18:61:2d:df:bf:2f:f1:c9:6e:
9c:ca:34:eb:18:e1:12:63:f9:aa:b8:18:c9:1d:7d:
b4:92:66:ce:98:d8:4c:3b:bd:f0:73:b5:59:3c:b9:
c2:84:0b:de:4e:96:05:36:55:0d:03:17:82:5d:26:
1d:3d:75:6f:20:10:7e:a3:3e:19:1d:6e:fe:05:4a:
62:e4:e7:6f:e5:e6:c2:d9:7c:cd:d3:af:48:ee:c0:
0d:a2:ce:a9:0e:8c:4e:74:f9:57:bf:df:67:5a:48:
8b:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:EB:EA:E0:DA:16:05:91:A9:E7:9A:75:7A:37:61:24:BF:8F:2D:5B
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/v-vq4NoWBZGp55p1ejdhJL-PLVs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.251.20.0/24
89.251.22.0/23
89.251.25.0/24
89.251.29.0/24
89.251.31.0/24
91.226.59.0/24
109.122.43.0-109.122.44.255
Signature Algorithm: sha256WithRSAEncryption
0a:72:45:e9:60:75:8b:99:83:2b:2a:9d:74:ff:3f:23:61:69:
e7:8b:18:ee:5f:18:14:d0:d3:e8:3b:35:a2:d0:22:33:0c:5c:
03:53:de:26:52:f5:42:be:95:18:16:ac:9d:3d:1c:8c:f7:b0:
d0:61:6a:99:0f:6d:21:02:2a:d4:16:2f:fe:f3:af:e3:a5:a0:
a3:5f:1d:5f:52:aa:42:09:25:6a:ed:9f:e1:ff:c6:82:46:b3:
75:3d:ce:a7:45:cd:43:b2:cd:b8:7a:f7:8b:b5:8c:83:e1:39:
d5:d5:9f:0d:97:f9:35:74:8b:51:09:6c:45:38:63:8e:3b:77:
8a:c0:07:e3:03:df:7a:1d:76:fd:a5:f0:5f:20:96:72:b8:d6:
3e:50:f3:68:46:36:6a:07:0a:98:f1:36:7f:39:ad:ee:6d:8a:
ee:12:5d:f2:45:a5:cd:d3:bc:5b:1b:96:b8:0d:15:20:4c:a3:
3e:83:9f:3c:a4:4b:61:c0:be:03:b2:e0:8f:78:28:8c:72:6d:
f6:a1:40:66:9e:10:b9:f8:2a:27:cf:56:c3:07:66:a9:5a:18:
60:bd:5d:53:0f:a5:c8:6e:cf:7e:a7:01:ba:d6:4d:7f:f0:f5:
17:33:5a:e0:bc:a9:36:c4:dc:71:73:ae:df:36:e7:6c:84:8a:
ba:71:45:3c
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAYkYGGDSqxrDdYTxRllTeVWpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjMwNzAyMTkzMzE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZmViZWFlMGRhMTYwNTkxYTllNzlhNzU3YTM3NjEyNGJmOGYyZDViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo0UEhcVUad2fBvR9MCH0hJ0oTMrS
74HlsWS6OdInTXthcmzGqxrVKGnV0X2Knbo6OFvhlZrcmj0KUfewOJ7ZDWGL0ofv
sKk3MIRlmUHTM8EIP6nDX7DzBV6QOHbZLITfKBXdGE4XO34mrWN9qwue1Y0V6vcK
y0/Skuf46KmBbSqy+qNsXM03GzEObKn6+wrlQu2/2ciLBnTirMoYYS3fvy/xyW6c
yjTrGOESY/mquBjJHX20kmbOmNhMO73wc7VZPLnChAveTpYFNlUNAxeCXSYdPXVv
IBB+oz4ZHW7+BUpi5Odv5ebC2XzN069I7sANos6pDoxOdPlXv99nWkiLyQIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFL/r6uDaFgWRqeeadXo3YSS/jy1bMB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvdi12cTROb1dCWkdwNTVwMWVqZGhKTC1QTFZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQAWfsUAwQB
WfsWAwQAWfsZAwQAWfsdAwQAWfsfAwQAW+I7MAwDBABteisDBABteiwwDQYJKoZI
hvcNAQELBQADggEBAApyRelgdYuZgysqnXT/PyNhaeeLGO5fGBTQ0+g7NaLQIjMM
XANT3iZS9UK+lRgWrJ09HIz3sNBhapkPbSECKtQWL/7zr+OloKNfHV9SqkIJJWrt
n+H/xoJGs3U9zqdFzUOyzbh694u1jIPhOdXVnw2X+TV0i1EJbEU4Y447d4rAB+MD
33oddv2l8F8glnK41j5Q82hGNmoHCpjxNn85re5tiu4SXfJFpc3TvFsblrgNFSBM
oz6DnzykS2HAvgOy4I94KIxybfahQGaeELn4KifPVsMHZqlaGGC9XVMPpchuz36n
AbrWTX/w9RczWuC8qTbE3HFzrt8252yEirpxRTw=
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:40:47 2023 by rpki-client on console.sobornost.net