Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/3grB5SODs19mzo-pxhgFjeS2hco.roa
File: 3grB5SODs19mzo-pxhgFjeS2hco.roa (raw, json)
Hash identifier: Zbv4H+LpUInYwjxrnK/sXtbVtBrOj0GAYCR2YDCy9vE=
Subject key identifier: DE:0A:C1:E5:23:83:B3:5F:66:CE:8F:A9:C6:18:05:8D:E4:B6:85:CA
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 0186C80541F33001B6FB0CF141A2FE4746CF
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/3grB5SODs19mzo-pxhgFjeS2hco.roa
Signing time: Thu 09 Mar 2023 20:17:13 +0000
ROA not before: Thu 09 Mar 2023 20:17:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213305
IP address blocks: 91.200.223.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 13 Jul 2023 03:14:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:c8:05:41:f3:30:01:b6:fb:0c:f1:41:a2:fe:47:46:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Mar 9 20:17:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=de0ac1e52383b35f66ce8fa9c618058de4b685ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:d6:08:15:fa:c4:c3:51:01:47:0f:22:1a:c4:
da:b1:48:0c:99:38:b6:d6:b5:ee:00:c3:a8:cf:51:
72:89:ef:9b:bd:f1:ce:6b:44:b5:94:0d:fc:ac:e8:
ff:ed:8e:3f:15:55:85:1e:2e:57:28:d2:d5:d1:46:
2c:f5:20:8e:99:ad:77:0f:cd:05:df:fd:ab:d6:4f:
fe:97:40:fb:1c:d6:81:50:1e:e4:da:8d:5f:68:c8:
20:b9:f4:52:c0:e9:52:e8:fa:1a:4c:54:c0:6d:c2:
41:1e:48:0a:19:4e:28:5d:e0:c4:1d:34:94:29:58:
f6:ec:5d:96:62:6f:92:63:04:ac:e6:c2:05:87:45:
0b:2e:30:21:42:52:a4:36:7d:31:1a:fe:d6:46:77:
ab:ec:a2:18:23:23:7e:cf:ef:d2:fe:1d:06:df:34:
ba:b0:69:ed:2c:dd:7d:a6:21:4d:a3:c7:cd:5f:9a:
60:f7:46:d4:af:ab:be:71:9b:00:c2:32:47:0b:f2:
90:ad:7d:6f:ea:51:34:34:cc:bd:ae:99:72:a1:80:
91:eb:e7:e5:97:11:ef:e6:61:aa:6d:5c:c8:76:f0:
c6:87:2b:93:f9:9a:d8:06:19:cf:26:a5:3a:ee:9e:
b6:c2:b6:0e:9a:28:4c:d0:3e:df:8d:24:cf:1b:23:
2f:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:0A:C1:E5:23:83:B3:5F:66:CE:8F:A9:C6:18:05:8D:E4:B6:85:CA
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/3grB5SODs19mzo-pxhgFjeS2hco.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.200.223.0/24
Signature Algorithm: sha256WithRSAEncryption
65:65:92:92:fa:56:a4:7b:91:2d:77:06:53:d9:a4:88:80:28:
89:23:49:39:da:52:c8:a6:68:b5:d7:7b:59:33:f1:40:a3:31:
87:d8:40:25:9d:68:ca:bf:36:b5:2a:3a:73:b4:0c:ba:24:9c:
c6:c9:ff:5f:75:bb:12:17:91:40:1a:d8:9c:ed:51:9e:c9:4b:
fa:7e:aa:21:2e:d4:af:6f:46:51:d0:aa:8e:1c:23:1e:97:4c:
3b:ba:6e:86:8b:fb:04:c1:8d:bf:ef:2b:aa:f6:45:10:87:1e:
6a:53:a3:e0:1c:f2:59:b4:2d:94:41:96:34:10:ef:6c:82:f1:
4d:97:bd:dd:f0:2d:0b:94:2c:6b:e6:bc:25:be:d5:e9:1e:6b:
5a:c1:c5:93:e3:b6:78:b6:2e:a5:af:3e:d1:74:d4:7b:ec:e7:
be:42:36:43:d2:15:ca:de:16:49:51:4d:26:ea:4a:45:b4:fc:
b9:6f:b9:71:52:c8:5d:ae:cb:2f:52:b9:25:ab:66:ae:0c:c6:
e5:37:01:80:dc:84:f2:54:c6:5b:63:f2:cb:b4:fa:f1:5d:ea:
7c:41:68:02:96:f0:78:4c:90:a5:78:3b:63:5c:19:63:59:a9:
21:c1:a8:ab:5f:e1:30:54:56:0b:e1:22:4e:d5:a4:7e:7a:7b:
7e:f0:2c:ee
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYbIBUHzMAG2+wzxQaL+R0bPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjMwMzA5MjAxNzEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTBhYzFlNTIzODNiMzVmNjZjZThmYTljNjE4MDU4ZGU0YjY4NWNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjNYIFfrEw1EBRw8iGsTasUgMmTi2
1rXuAMOoz1Fyie+bvfHOa0S1lA38rOj/7Y4/FVWFHi5XKNLV0UYs9SCOma13D80F
3/2r1k/+l0D7HNaBUB7k2o1faMggufRSwOlS6PoaTFTAbcJBHkgKGU4oXeDEHTSU
KVj27F2WYm+SYwSs5sIFh0ULLjAhQlKkNn0xGv7WRner7KIYIyN+z+/S/h0G3zS6
sGntLN19piFNo8fNX5pg90bUr6u+cZsAwjJHC/KQrX1v6lE0NMy9rplyoYCR6+fl
lxHv5mGqbVzIdvDGhyuT+ZrYBhnPJqU67p62wrYOmihM0D7fjSTPGyMvUQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN4KweUjg7NfZs6PqcYYBY3ktoXKMB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvM2dyQjVTT0RzMTltem8tcHhoZ0ZqZVMyaGNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW8jfMA0G
CSqGSIb3DQEBCwUAA4IBAQBlZZKS+lake5EtdwZT2aSIgCiJI0k52lLIpmi113tZ
M/FAozGH2EAlnWjKvza1KjpztAy6JJzGyf9fdbsSF5FAGtic7VGeyUv6fqohLtSv
b0ZR0KqOHCMel0w7um6Gi/sEwY2/7yuq9kUQhx5qU6PgHPJZtC2UQZY0EO9sgvFN
l73d8C0LlCxr5rwlvtXpHmtawcWT47Z4ti6lrz7RdNR77Oe+QjZD0hXK3hZJUU0m
6kpFtPy5b7lxUshdrssvUrklq2auDMblNwGA3ITyVMZbY/LLtPrxXep8QWgClvB4
TJCleDtjXBljWakhwairX+EwVFYL4SJO1aR+ent+8Czu
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:05 2024 by rpki-client on console-ams.rpki-client.org