Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/213-nf0QnKVUIkTvUdQ3T4-7m0U.roa
File: 213-nf0QnKVUIkTvUdQ3T4-7m0U.roa (raw, json)
Hash identifier: rVcvXDuqSWENwoInTlX1rbQfuznAxDmUoMhxY/U+dIs=
Subject key identifier: DB:5D:FE:9D:FD:10:9C:A5:54:22:44:EF:51:D4:37:4F:8F:BB:9B:45
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 018C482FA07B871EF1E6D93345C35D8A6110
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/213-nf0QnKVUIkTvUdQ3T4-7m0U.roa
Signing time: Fri 08 Dec 2023 06:48:49 +0000
ROA not before: Fri 08 Dec 2023 06:48:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 91.200.220.0/24 maxlen: 24
109.122.46.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 11 Dec 2023 06:16:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:48:2f:a0:7b:87:1e:f1:e6:d9:33:45:c3:5d:8a:61:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Dec 8 06:48:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=db5dfe9dfd109ca5542244ef51d4374f8fbb9b45
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:b5:b1:c3:1f:18:46:ae:e3:bb:4c:c3:77:f6:
ce:6e:e4:ac:4f:66:a9:1e:17:12:d7:33:c4:f5:f5:
26:94:a8:35:45:a9:b2:77:4e:ac:31:98:d1:2b:6b:
98:98:51:e5:d3:65:84:38:84:44:f8:24:38:97:f6:
49:8b:6c:97:33:bd:c4:bb:37:3f:df:f2:bd:0f:a7:
af:47:9c:99:06:d0:36:9f:c4:2c:5b:97:7d:7d:88:
93:d0:5a:7c:b0:ba:f7:3a:db:97:e8:c6:45:17:03:
a4:99:bb:b0:a5:b4:f0:77:4c:aa:a4:68:96:13:3e:
5f:79:f0:15:95:40:12:56:6d:2f:42:c1:ef:b4:7b:
29:0f:e1:6b:5c:96:79:84:a4:5a:1a:22:bd:17:8c:
f9:d1:eb:f1:8b:1d:a9:61:f1:04:29:91:e6:16:48:
a3:bb:ae:47:17:b0:c0:97:e1:ef:cf:5e:1d:20:dc:
f9:98:9f:77:05:35:76:ba:31:95:95:cf:d0:20:63:
35:70:f3:aa:d8:60:40:b7:88:6b:fd:8f:8d:98:bc:
8b:c9:a1:94:02:7b:d0:8d:aa:ef:ee:72:7d:ad:05:
3e:92:98:48:2f:b0:bf:59:c5:d1:e1:d7:cb:d6:b0:
a4:1a:7d:e7:8f:39:60:41:b1:e2:f3:ba:d0:f9:37:
a8:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:5D:FE:9D:FD:10:9C:A5:54:22:44:EF:51:D4:37:4F:8F:BB:9B:45
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/213-nf0QnKVUIkTvUdQ3T4-7m0U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.200.220.0/24
109.122.46.0/24
Signature Algorithm: sha256WithRSAEncryption
29:28:3e:b2:ff:2c:ed:62:e3:78:5a:51:fc:79:fb:9c:76:da:
97:c2:3c:6b:61:06:25:2e:ca:f5:b7:9a:7b:88:de:a2:a8:57:
ac:7a:ac:ac:cd:ba:50:e6:9e:72:ab:60:61:8b:bb:5c:f5:71:
2c:b9:5f:47:df:a4:db:e7:8c:9a:40:7a:4c:a7:e8:0b:84:78:
9b:4b:b3:2f:c0:7d:7d:96:12:17:b3:08:2c:1f:88:53:53:18:
b7:14:ae:0d:b4:82:db:d8:64:b6:ab:40:ca:f0:d8:c6:b4:51:
a1:04:6c:64:9e:dd:47:eb:16:78:a6:c1:be:47:24:e8:d5:d4:
ef:1e:80:89:88:2e:ae:47:4d:f6:6b:f0:33:ff:61:53:4d:ae:
47:4b:24:88:fc:b2:a2:ec:b6:3a:3b:98:73:7d:25:a8:4c:35:
6b:ac:d4:6f:83:47:27:5c:81:ac:2c:0d:bf:e8:59:f0:34:8c:
23:03:dc:ff:6d:58:55:d8:70:67:34:8f:d2:90:31:3b:a2:90:
f4:61:a5:1f:ed:0d:a1:13:41:44:cc:e2:b1:fc:ee:23:1b:3f:
31:d5:06:c2:bc:79:aa:1d:38:e8:1d:45:32:af:06:fc:67:40:
16:5a:a6:30:19:34:a8:60:f2:3c:12:1d:7f:32:ad:0a:c5:e1:
0f:08:f2:d4
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYxIL6B7hx7x5tkzRcNdimEQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjMxMjA4MDY0ODQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjVkZmU5ZGZkMTA5Y2E1NTQyMjQ0ZWY1MWQ0Mzc0ZjhmYmI5YjQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi7Wxwx8YRq7ju0zDd/bObuSsT2ap
HhcS1zPE9fUmlKg1Ramyd06sMZjRK2uYmFHl02WEOIRE+CQ4l/ZJi2yXM73Euzc/
3/K9D6evR5yZBtA2n8QsW5d9fYiT0Fp8sLr3OtuX6MZFFwOkmbuwpbTwd0yqpGiW
Ez5fefAVlUASVm0vQsHvtHspD+FrXJZ5hKRaGiK9F4z50evxix2pYfEEKZHmFkij
u65HF7DAl+Hvz14dINz5mJ93BTV2ujGVlc/QIGM1cPOq2GBAt4hr/Y+NmLyLyaGU
AnvQjarv7nJ9rQU+kphIL7C/WcXR4dfL1rCkGn3njzlgQbHi87rQ+TeoAwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNtd/p39EJylVCJE71HUN0+Pu5tFMB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvMjEzLW5mMFFuS1ZVSWtUdlVkUTNUNC03bTBVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW8jcAwQA
bXouMA0GCSqGSIb3DQEBCwUAA4IBAQApKD6y/yztYuN4WlH8efucdtqXwjxrYQYl
Lsr1t5p7iN6iqFeseqyszbpQ5p5yq2Bhi7tc9XEsuV9H36Tb54yaQHpMp+gLhHib
S7MvwH19lhIXswgsH4hTUxi3FK4NtILb2GS2q0DK8NjGtFGhBGxknt1H6xZ4psG+
RyTo1dTvHoCJiC6uR032a/Az/2FTTa5HSySI/LKi7LY6O5hzfSWoTDVrrNRvg0cn
XIGsLA2/6FnwNIwjA9z/bVhV2HBnNI/SkDE7opD0YaUf7Q2hE0FEzOKx/O4jGz8x
1QbCvHmqHTjoHUUyrwb8Z0AWWqYwGTSoYPI8Eh1/Mq0KxeEPCPLU
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:36 2024 by rpki-client on console-fra.rpki-client.org