Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/vOeG6TRuozHwNaTXPFG1A-3vCmk.roa
File: vOeG6TRuozHwNaTXPFG1A-3vCmk.roa (raw, json)
Hash identifier: Kr+4kJpOt1MPrHXpKJ3jW1rhf3svLR8hm8e0aPEPips=
Subject key identifier: BC:E7:86:E9:34:6E:A3:31:F0:35:A4:D7:3C:51:B5:03:ED:EF:0A:69
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 018EADA3C2299374F350CCFDCC6EF984B0FA
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/vOeG6TRuozHwNaTXPFG1A-3vCmk.roa
Signing time: Fri 05 Apr 2024 09:42:54 +0000
ROA not before: Fri 05 Apr 2024 09:42:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 109.122.46.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 29 Apr 2024 09:55:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:ad:a3:c2:29:93:74:f3:50:cc:fd:cc:6e:f9:84:b0:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Apr 5 09:42:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bce786e9346ea331f035a4d73c51b503edef0a69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:f3:c6:0f:de:fb:0f:07:9e:c9:ea:da:f1:1b:
34:b4:71:ac:eb:e5:88:1d:d9:ad:94:df:49:d7:8b:
7a:3a:c7:60:73:7d:f5:a6:b5:12:df:af:79:0a:2c:
28:30:6f:a2:80:e6:7d:7b:90:cc:e3:0f:75:40:5a:
13:b0:42:a5:4f:51:e7:05:a8:a9:b6:e8:5f:4f:ba:
ef:1b:a5:18:f4:44:9c:1f:1b:e7:bd:5f:f5:48:bf:
e6:41:a5:05:74:22:63:1a:e1:ba:39:12:24:82:7a:
51:89:4e:01:bc:69:61:61:13:f8:58:36:53:24:b6:
22:9a:56:12:2e:47:c4:19:e3:40:0f:dd:8c:c9:81:
d1:5f:d5:a5:0a:b7:8c:ae:70:09:4a:f7:92:df:0f:
20:fc:bd:21:86:e4:fa:c3:2e:a7:de:a7:07:c1:06:
33:72:06:78:14:50:f0:08:6b:6e:de:8f:14:39:55:
ca:a9:b7:15:84:42:3c:60:b4:1c:b2:da:b6:0d:2c:
5f:cc:02:c2:22:8e:fc:4c:1a:97:47:d6:20:1b:b2:
f1:b3:1a:8e:c3:3f:67:af:25:a6:88:de:9c:7b:a0:
1e:fb:8a:af:c4:b8:a3:5f:c0:a3:25:8c:c8:4a:8a:
2a:ee:b4:40:84:cc:c1:91:d4:3d:99:4d:02:fc:ea:
15:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:E7:86:E9:34:6E:A3:31:F0:35:A4:D7:3C:51:B5:03:ED:EF:0A:69
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/vOeG6TRuozHwNaTXPFG1A-3vCmk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.122.46.0/24
Signature Algorithm: sha256WithRSAEncryption
36:40:e7:39:ef:a8:59:97:77:b2:f3:14:12:37:f9:7d:36:ce:
4f:81:ac:4c:f8:0c:52:80:51:16:91:8b:23:a1:d2:75:17:e3:
96:90:45:e1:dc:b8:a0:16:e8:31:81:9e:e4:db:e7:88:73:b9:
fc:4f:36:53:62:94:e9:06:c5:06:80:be:5f:3e:08:bd:3d:af:
a5:29:d4:c8:1c:db:0a:06:c4:dd:86:25:bf:ea:56:e2:c5:09:
90:7a:86:b0:b6:0d:e7:50:34:05:b4:a5:b5:69:1f:44:48:3f:
10:8a:45:5e:c1:8d:aa:32:66:98:46:9a:c5:96:89:30:df:62:
95:80:76:ca:6a:a5:16:9d:94:1e:63:31:c6:a3:f8:90:25:ff:
8f:8c:29:91:6f:ee:84:9f:aa:1e:24:17:9e:7d:e1:7b:18:e7:
d4:e8:c2:68:e1:03:fb:dc:45:1b:cf:72:0c:14:24:49:89:a6:
d4:55:87:eb:b1:01:73:12:e4:0b:a7:7c:93:81:3d:1b:80:cc:
26:8c:4d:6a:2d:19:88:48:87:d3:99:37:78:90:11:bf:b7:8f:
8b:06:bf:b2:4c:28:56:f0:29:b5:56:bc:52:93:a9:6c:57:0c:
a2:8c:13:2b:9d:51:0e:45:a7:64:91:2d:38:05:57:3e:ce:fb:
f5:29:c6:6f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY6to8Ipk3TzUMz9zG75hLD6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjQwNDA1MDk0MjU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiY2U3ODZlOTM0NmVhMzMxZjAzNWE0ZDczYzUxYjUwM2VkZWYwYTY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkvPGD977Dweeyera8Rs0tHGs6+WI
HdmtlN9J14t6Osdgc331prUS3695CiwoMG+igOZ9e5DM4w91QFoTsEKlT1HnBaip
tuhfT7rvG6UY9EScHxvnvV/1SL/mQaUFdCJjGuG6ORIkgnpRiU4BvGlhYRP4WDZT
JLYimlYSLkfEGeNAD92MyYHRX9WlCreMrnAJSveS3w8g/L0hhuT6wy6n3qcHwQYz
cgZ4FFDwCGtu3o8UOVXKqbcVhEI8YLQcstq2DSxfzALCIo78TBqXR9YgG7LxsxqO
wz9nryWmiN6ce6Ae+4qvxLijX8CjJYzISooq7rRAhMzBkdQ9mU0C/OoVswIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLznhuk0bqMx8DWk1zxRtQPt7wppMB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvdk9lRzZUUnVvekh3TmFUWFBGRzFBLTN2Q21rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbXouMA0G
CSqGSIb3DQEBCwUAA4IBAQA2QOc576hZl3ey8xQSN/l9Ns5PgaxM+AxSgFEWkYsj
odJ1F+OWkEXh3LigFugxgZ7k2+eIc7n8TzZTYpTpBsUGgL5fPgi9Pa+lKdTIHNsK
BsTdhiW/6lbixQmQeoawtg3nUDQFtKW1aR9ESD8QikVewY2qMmaYRprFlokw32KV
gHbKaqUWnZQeYzHGo/iQJf+PjCmRb+6En6oeJBeefeF7GOfU6MJo4QP73EUbz3IM
FCRJiabUVYfrsQFzEuQLp3yTgT0bgMwmjE1qLRmISIfTmTd4kBG/t4+LBr+yTChW
8Cm1VrxSk6lsVwyijBMrnVEORadkkS04BVc+zvv1KcZv
-----END CERTIFICATE-----
Generated at Mon Apr 29 14:03:27 2024 by rpki-client on console-fra.rpki-client.org