Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/2J9ZRhWegGrHs3xqw1rWHxJe-es.roa
File: 2J9ZRhWegGrHs3xqw1rWHxJe-es.roa (raw, json)
Hash identifier: K9gFIi5jglQ+lei4LinClVYBVPb7C0CaADjqn9cg4fM=
Subject key identifier: D8:9F:59:46:15:9E:80:6A:C7:B3:7C:6A:C3:5A:D6:1F:12:5E:F9:EB
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 0187B4C942D0466AF5F9A5B8CD76FF1F55E0
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/2J9ZRhWegGrHs3xqw1rWHxJe-es.roa
Signing time: Mon 24 Apr 2023 19:41:41 +0000
ROA not before: Mon 24 Apr 2023 19:41:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 109.122.43.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 30 Apr 2023 11:35:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:b4:c9:42:d0:46:6a:f5:f9:a5:b8:cd:76:ff:1f:55:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Apr 24 19:41:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d89f5946159e806ac7b37c6ac35ad61f125ef9eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:00:68:e3:6b:b5:d1:7d:25:4c:da:f6:0f:9e:
a9:1b:7a:34:79:09:8d:37:7b:8b:4a:e3:b6:38:d9:
6d:f5:f2:72:e4:50:61:1d:c4:16:36:aa:ae:b1:1a:
7e:d8:66:f4:0b:62:12:48:ad:5f:6d:e4:9c:a1:6a:
3f:04:53:7f:ab:31:dc:fd:b9:cf:28:79:29:91:e6:
49:37:42:5b:1b:9d:03:6d:a2:ad:31:d4:4b:ed:e8:
70:84:69:6d:53:b8:36:0e:ee:ac:eb:f2:8b:17:ae:
ce:79:45:e2:3a:42:b1:12:7f:c2:a1:07:25:10:73:
53:7f:b7:54:84:bc:c7:6b:d0:22:90:92:d2:24:09:
47:fc:6e:3a:60:4a:b1:e2:33:fd:9a:b1:d5:38:63:
d5:ec:73:4a:23:67:2b:00:0d:2d:64:11:63:e9:ad:
a9:7c:b4:31:30:8d:df:cb:75:ed:cf:74:db:fb:96:
9d:63:09:e5:52:67:a4:20:3d:24:09:10:7b:da:0f:
ec:f5:ac:55:9c:97:31:ec:02:83:bd:c3:25:29:7a:
f6:4c:c6:ae:21:b2:9b:00:ed:5a:42:3c:67:5a:c3:
ba:59:08:b6:b7:66:cb:34:06:59:0b:70:a0:64:7f:
c8:ad:9e:3e:ed:ab:5f:db:ad:44:f5:a7:6b:3c:a0:
33:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:9F:59:46:15:9E:80:6A:C7:B3:7C:6A:C3:5A:D6:1F:12:5E:F9:EB
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/2J9ZRhWegGrHs3xqw1rWHxJe-es.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.122.43.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:5a:22:99:9d:9d:27:b5:0c:ae:b5:8f:10:af:93:78:9a:ae:
ee:60:65:fe:36:7d:60:32:50:7d:2e:dc:47:9d:a5:0b:fc:38:
ec:43:19:1e:64:b6:81:e2:da:13:fd:fd:27:d9:b7:ef:8e:91:
bd:7a:6d:e6:e4:7b:69:e8:dd:03:0b:2c:d4:a5:fa:c4:ec:32:
c0:02:7c:03:d8:1c:1b:5f:d3:f3:41:1a:c1:0d:f6:1f:9f:db:
18:ec:0c:33:ce:df:7e:89:62:bd:1e:04:a9:00:ad:fa:09:5b:
18:40:bd:7b:f3:ab:7e:b8:f2:33:30:8a:d0:44:8d:33:b6:97:
ea:e9:86:65:84:a3:db:d3:91:c7:bd:fc:05:1c:6b:36:2c:6f:
8c:0f:31:d9:1d:92:bc:03:6a:99:d9:cd:50:a2:44:03:f7:7b:
9e:e5:ab:b9:02:16:3e:ed:73:d0:69:09:2c:58:68:ce:47:ca:
98:a0:6a:8b:97:39:85:61:0e:4a:7b:eb:b5:7c:74:d3:b9:84:
e8:62:72:2b:6e:74:d9:ac:27:97:83:0b:ac:12:a3:8b:47:0b:
03:19:4d:a2:f9:ea:d3:7c:e7:b6:d0:4a:f5:fd:87:a8:ae:5b:
82:64:71:19:7d:91:b7:99:60:7e:32:b4:a6:4b:9e:94:b2:24:
38:6b:38:3b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYe0yULQRmr1+aW4zXb/H1XgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjMwNDI0MTk0MTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODlmNTk0NjE1OWU4MDZhYzdiMzdjNmFjMzVhZDYxZjEyNWVmOWViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmQBo42u10X0lTNr2D56pG3o0eQmN
N3uLSuO2ONlt9fJy5FBhHcQWNqqusRp+2Gb0C2ISSK1fbeScoWo/BFN/qzHc/bnP
KHkpkeZJN0JbG50DbaKtMdRL7ehwhGltU7g2Du6s6/KLF67OeUXiOkKxEn/CoQcl
EHNTf7dUhLzHa9AikJLSJAlH/G46YEqx4jP9mrHVOGPV7HNKI2crAA0tZBFj6a2p
fLQxMI3fy3Xtz3Tb+5adYwnlUmekID0kCRB72g/s9axVnJcx7AKDvcMlKXr2TMau
IbKbAO1aQjxnWsO6WQi2t2bLNAZZC3CgZH/IrZ4+7atf261E9adrPKAzlQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNifWUYVnoBqx7N8asNa1h8SXvnrMB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvMko5WlJoV2VnR3JIczN4cXcxcldIeEplLWVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbXorMA0G
CSqGSIb3DQEBCwUAA4IBAQB/WiKZnZ0ntQyutY8Qr5N4mq7uYGX+Nn1gMlB9LtxH
naUL/DjsQxkeZLaB4toT/f0n2bfvjpG9em3m5Htp6N0DCyzUpfrE7DLAAnwD2Bwb
X9PzQRrBDfYfn9sY7Awzzt9+iWK9HgSpAK36CVsYQL1786t+uPIzMIrQRI0ztpfq
6YZlhKPb05HHvfwFHGs2LG+MDzHZHZK8A2qZ2c1QokQD93ue5au5AhY+7XPQaQks
WGjOR8qYoGqLlzmFYQ5Ke+u1fHTTuYToYnIrbnTZrCeXgwusEqOLRwsDGU2i+erT
fOe20Er1/YeorluCZHEZfZG3mWB+MrSmS56UsiQ4azg7
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:05 2024 by rpki-client on console-ams.rpki-client.org