Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/1ay-D7Uy5xi4Ouge0QuS7CL4AT0.roa
File: 1ay-D7Uy5xi4Ouge0QuS7CL4AT0.roa (raw, json)
Hash identifier: c+Lta5Rd0uXvoPGdEbyW8Sv3oNP/4zMwIT7iHJ7qod4=
Subject key identifier: D5:AC:BE:0F:B5:32:E7:18:B8:3A:E8:1E:D1:0B:92:EC:22:F8:01:3D
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 018B4E7781449236E913BB603D26657C3BFE
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/1ay-D7Uy5xi4Ouge0QuS7CL4AT0.roa
Signing time: Fri 20 Oct 2023 19:02:16 +0000
ROA not before: Fri 20 Oct 2023 19:02:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 109.122.46.0/24 maxlen: 24
89.251.27.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 23 Oct 2023 10:22:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:4e:77:81:44:92:36:e9:13:bb:60:3d:26:65:7c:3b:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Oct 20 19:02:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d5acbe0fb532e718b83ae81ed10b92ec22f8013d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:75:09:aa:a0:21:ed:e2:01:7d:ca:fa:cb:aa:
d9:6c:95:eb:52:5c:ea:c3:b0:a9:89:9b:56:24:7a:
aa:46:eb:6c:4a:c3:59:02:c2:5a:a5:b2:e2:19:be:
52:9f:0d:86:84:49:49:21:96:2e:2f:2c:ea:23:f0:
91:3a:74:8f:57:1f:3b:22:55:c6:84:df:40:00:73:
16:68:f6:98:5e:59:eb:14:2e:90:c8:37:bc:08:09:
48:22:12:32:22:e0:7d:cd:92:3e:b9:99:a4:c7:6c:
a9:94:4a:b9:5f:a6:85:66:f8:6a:9c:5c:d6:93:54:
c2:34:54:30:56:43:c6:6c:e3:67:fd:2b:40:c8:0b:
74:9f:75:80:79:24:5f:a0:fb:23:95:f6:db:27:0c:
e4:50:5c:cd:47:9c:5a:09:33:5a:a5:c6:f0:d5:fc:
a7:92:88:c6:92:c0:df:fb:e9:38:00:23:ab:82:d3:
e1:17:38:c7:65:7d:9f:45:9e:ae:55:a7:1a:61:bb:
f4:0f:38:cc:00:d6:d5:e0:0f:e8:1b:ea:cb:8c:80:
7c:e9:17:3c:b5:28:34:cf:76:60:9c:50:55:e2:4b:
c8:c1:17:90:6b:db:49:da:49:a6:4a:84:33:06:8e:
e6:9c:2f:4a:e7:f8:27:c5:32:c4:1e:7c:e7:2d:55:
84:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:AC:BE:0F:B5:32:E7:18:B8:3A:E8:1E:D1:0B:92:EC:22:F8:01:3D
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/1ay-D7Uy5xi4Ouge0QuS7CL4AT0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.251.27.0/24
109.122.46.0/24
Signature Algorithm: sha256WithRSAEncryption
0c:7f:bb:f5:85:d6:d6:04:32:90:d8:aa:5c:2d:ae:6f:ac:d4:
cb:62:45:b0:d5:5e:1a:15:c4:90:d6:eb:a0:ce:c5:48:dc:25:
11:5a:05:86:5b:6b:6f:04:47:5d:37:7d:e4:03:8e:89:1f:9c:
97:47:dc:d6:42:a1:2c:58:50:46:af:5d:e3:e6:8b:6b:8c:20:
0f:ee:1a:48:59:11:17:cd:3c:e0:b5:ba:46:e5:f8:35:5a:57:
d7:de:eb:c0:09:5e:b5:4e:c1:13:ff:5d:90:8c:1f:4f:8f:6d:
fe:ce:3f:16:a6:d5:89:24:c1:f4:b1:f3:1d:95:0d:e7:62:14:
c0:74:7f:5b:05:da:e5:6a:4b:8c:33:2c:8e:47:34:23:b5:25:
e3:17:ae:07:22:59:1e:af:eb:7a:51:df:13:fc:12:ae:d5:7e:
c6:24:b9:aa:13:0b:ba:e2:05:4c:b5:71:8b:71:ba:e0:fa:c3:
fd:6a:e9:cb:92:d8:11:5c:c5:3d:b9:2b:a0:78:7c:4c:e1:d3:
aa:9b:27:91:08:77:68:bc:7e:2a:04:9c:66:a1:21:34:17:6e:
c8:33:68:5e:43:7f:2c:c2:9c:32:92:58:50:b7:58:58:2f:ef:
8d:f6:6e:31:53:6c:21:31:97:14:10:63:45:b3:7a:05:2e:1e:
c5:63:ec:6b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYtOd4FEkjbpE7tgPSZlfDv+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjMxMDIwMTkwMjE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNWFjYmUwZmI1MzJlNzE4YjgzYWU4MWVkMTBiOTJlYzIyZjgwMTNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArHUJqqAh7eIBfcr6y6rZbJXrUlzq
w7CpiZtWJHqqRutsSsNZAsJapbLiGb5Snw2GhElJIZYuLyzqI/CROnSPVx87IlXG
hN9AAHMWaPaYXlnrFC6QyDe8CAlIIhIyIuB9zZI+uZmkx2yplEq5X6aFZvhqnFzW
k1TCNFQwVkPGbONn/StAyAt0n3WAeSRfoPsjlfbbJwzkUFzNR5xaCTNapcbw1fyn
kojGksDf++k4ACOrgtPhFzjHZX2fRZ6uVacaYbv0DzjMANbV4A/oG+rLjIB86Rc8
tSg0z3ZgnFBV4kvIwReQa9tJ2kmmSoQzBo7mnC9K5/gnxTLEHnznLVWEUQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNWsvg+1MucYuDroHtELkuwi+AE9MB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvMWF5LUQ3VXk1eGk0T3VnZTBRdVM3Q0w0QVQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWfsbAwQA
bXouMA0GCSqGSIb3DQEBCwUAA4IBAQAMf7v1hdbWBDKQ2KpcLa5vrNTLYkWw1V4a
FcSQ1uugzsVI3CURWgWGW2tvBEddN33kA46JH5yXR9zWQqEsWFBGr13j5otrjCAP
7hpIWREXzTzgtbpG5fg1WlfX3uvACV61TsET/12QjB9Pj23+zj8WptWJJMH0sfMd
lQ3nYhTAdH9bBdrlakuMMyyORzQjtSXjF64HIlker+t6Ud8T/BKu1X7GJLmqEwu6
4gVMtXGLcbrg+sP9aunLktgRXMU9uSugeHxM4dOqmyeRCHdovH4qBJxmoSE0F27I
M2heQ38swpwyklhQt1hYL++N9m4xU2whMZcUEGNFs3oFLh7FY+xr
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:36 2024 by rpki-client on console-fra.rpki-client.org