Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/0xsRPAKsO-wxTdrI8puKNLSj_0I.roa
File: 0xsRPAKsO-wxTdrI8puKNLSj_0I.roa (raw, json)
Hash identifier: 4Asn0DU4VcrbFmHyqnMuKOqZU3Ah1MERZWDnqGiVQn0=
Subject key identifier: D3:1B:11:3C:02:AC:3B:EC:31:4D:DA:C8:F2:9B:8A:34:B4:A3:FF:42
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 0188D304C0DBFDDDFE8B532127103F0A8826
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/0xsRPAKsO-wxTdrI8puKNLSj_0I.roa
Signing time: Mon 19 Jun 2023 09:38:03 +0000
ROA not before: Mon 19 Jun 2023 09:38:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209260
IP address blocks: 91.200.223.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 13 Jul 2023 03:14:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:d3:04:c0:db:fd:dd:fe:8b:53:21:27:10:3f:0a:88:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Jun 19 09:38:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d31b113c02ac3bec314ddac8f29b8a34b4a3ff42
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:4b:ac:5c:0e:d5:de:15:33:31:36:4e:c9:9d:
c5:d0:ba:87:87:6f:da:e2:d1:1f:e4:52:e4:50:8e:
f5:3d:b6:a9:50:46:da:cf:3f:3b:7f:8a:2c:2d:f2:
60:e2:ac:ba:ac:52:0a:4f:c7:79:9b:63:fc:f7:f8:
12:6a:dd:5d:50:c2:df:02:eb:cb:74:34:4c:2f:21:
ae:8f:05:a5:7e:9c:67:71:66:85:5b:df:6f:96:39:
03:db:f4:60:36:45:d5:ae:b7:52:29:f9:74:c9:91:
5b:d6:6a:f9:46:a4:48:98:b6:26:1c:3c:c9:94:c2:
a9:91:4e:7b:fc:52:a4:d5:b2:af:3c:80:71:7e:18:
2e:48:63:28:c2:cf:a7:44:ae:d6:94:04:db:b7:28:
8a:34:6c:a2:bc:9b:4a:32:ba:b7:c5:ab:7f:96:16:
e4:5d:72:e9:fb:25:f5:ef:b3:cf:fb:30:bd:79:9f:
0d:dc:b8:ed:14:97:14:1b:fb:db:4b:6d:ee:67:f0:
67:f6:24:cc:72:9e:48:6a:85:1c:f3:02:3c:26:f8:
86:60:71:2a:d0:70:d5:92:37:b9:80:e9:45:59:52:
7d:26:70:ca:9b:d1:57:f1:9c:0d:30:37:ea:a2:aa:
f4:4e:fa:da:19:00:d1:d8:c8:45:e9:83:bb:28:4a:
31:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:1B:11:3C:02:AC:3B:EC:31:4D:DA:C8:F2:9B:8A:34:B4:A3:FF:42
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/0xsRPAKsO-wxTdrI8puKNLSj_0I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.200.223.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:49:d3:8a:a7:70:35:81:69:e2:f9:a0:b1:32:0a:df:72:df:
ea:9b:8d:78:26:59:7f:fd:3d:2b:59:50:73:23:50:49:b3:98:
62:d4:00:d8:50:22:8e:f7:d7:14:a1:38:a5:87:86:36:71:e2:
91:9e:ab:c4:ec:39:04:8d:c8:7b:54:40:d1:75:1b:61:ea:47:
86:3c:5d:70:36:68:22:7b:79:36:cf:ac:3e:a3:53:cf:1c:83:
46:1f:08:62:f0:10:15:15:e4:54:b6:79:87:4d:2c:92:94:03:
51:df:a5:9a:cf:21:02:d0:ca:d3:10:91:88:6a:4a:25:1d:8b:
27:18:c9:a1:b6:b9:1d:b2:74:e8:c5:70:d7:55:92:e2:1f:32:
57:d8:75:1d:51:94:44:fb:31:f0:0c:49:d4:5c:cb:67:d7:88:
8d:73:f3:40:41:8f:c2:76:48:29:0a:7a:ed:17:6e:61:5f:fa:
d4:35:01:e2:5d:7f:ac:52:0c:25:5d:79:d3:e7:90:b9:1b:a2:
09:6f:2a:fb:37:2b:03:c7:bc:49:e2:44:fd:05:53:53:8c:45:
ec:bc:61:cd:17:8f:e3:3a:ad:5c:6b:dd:3a:e7:7a:c1:97:e9:
c6:de:a7:e2:35:79:76:a6:43:6a:f6:18:0b:ba:71:c4:6c:9b:
e5:a2:a8:36
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYjTBMDb/d3+i1MhJxA/CogmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjMwNjE5MDkzODAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzFiMTEzYzAyYWMzYmVjMzE0ZGRhYzhmMjliOGEzNGI0YTNmZjQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkUusXA7V3hUzMTZOyZ3F0LqHh2/a
4tEf5FLkUI71PbapUEbazz87f4osLfJg4qy6rFIKT8d5m2P89/gSat1dUMLfAuvL
dDRMLyGujwWlfpxncWaFW99vljkD2/RgNkXVrrdSKfl0yZFb1mr5RqRImLYmHDzJ
lMKpkU57/FKk1bKvPIBxfhguSGMows+nRK7WlATbtyiKNGyivJtKMrq3xat/lhbk
XXLp+yX177PP+zC9eZ8N3LjtFJcUG/vbS23uZ/Bn9iTMcp5IaoUc8wI8JviGYHEq
0HDVkje5gOlFWVJ9JnDKm9FX8ZwNMDfqoqr0TvraGQDR2MhF6YO7KEoxmwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNMbETwCrDvsMU3ayPKbijS0o/9CMB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvMHhzUlBBS3NPLXd4VGRySThwdUtOTFNqXzBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW8jfMA0G
CSqGSIb3DQEBCwUAA4IBAQB+SdOKp3A1gWni+aCxMgrfct/qm414Jll//T0rWVBz
I1BJs5hi1ADYUCKO99cUoTilh4Y2ceKRnqvE7DkEjch7VEDRdRth6keGPF1wNmgi
e3k2z6w+o1PPHINGHwhi8BAVFeRUtnmHTSySlANR36WazyEC0MrTEJGIakolHYsn
GMmhtrkdsnToxXDXVZLiHzJX2HUdUZRE+zHwDEnUXMtn14iNc/NAQY/CdkgpCnrt
F25hX/rUNQHiXX+sUgwlXXnT55C5G6IJbyr7NysDx7xJ4kT9BVNTjEXsvGHNF4/j
Oq1ca90653rBl+nG3qfiNXl2pkNq9hgLunHEbJvloqg2
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:36 2024 by rpki-client on console-fra.rpki-client.org