Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/7YUAsaVmyMTk1XzGTpO77sEfjEU.roa
File: 7YUAsaVmyMTk1XzGTpO77sEfjEU.roa (raw, json)
Hash identifier: 2HMOpizygWmw7fJ1M6pEm+j7vddliEyTs38A58BdQ5g=
Subject key identifier: ED:85:00:B1:A5:66:C8:C4:E4:D5:7C:C6:4E:93:BB:EE:C1:1F:8C:45
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 0188DFCAE652012A0A2041CB770EB2D608F4
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/7YUAsaVmyMTk1XzGTpO77sEfjEU.roa
Signing time: Wed 21 Jun 2023 21:09:56 +0000
ROA not before: Wed 21 Jun 2023 21:09:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 109.122.42.0/24 maxlen: 24
109.122.46.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 22 Jun 2023 04:32:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:df:ca:e6:52:01:2a:0a:20:41:cb:77:0e:b2:d6:08:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Jun 21 21:09:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ed8500b1a566c8c4e4d57cc64e93bbeec11f8c45
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:4e:99:65:a9:84:fc:36:01:56:41:83:9e:6e:
ed:03:95:8f:26:cf:8e:33:62:a3:79:17:83:d0:53:
e5:61:8a:20:f5:59:55:54:40:23:0e:67:9a:d8:6e:
11:a1:cb:02:2c:aa:0e:52:f7:09:94:0d:ab:24:26:
58:a4:d6:6d:db:fb:09:46:ae:cc:cc:87:05:09:71:
ac:89:5d:dd:b4:bd:2d:d0:ff:23:00:93:ff:8a:1c:
64:a3:eb:63:9a:34:95:e4:05:a7:24:30:54:f8:3b:
aa:9e:74:6f:c6:d6:11:03:5a:c7:bf:52:0e:e2:e0:
1a:dd:66:1d:62:74:67:62:72:e7:6f:2f:e1:53:47:
a7:8b:cb:d8:40:bc:5f:b6:7d:38:0d:39:5f:37:b9:
d9:63:57:64:ab:c6:0d:df:14:c8:bf:3d:ca:8c:bf:
66:c7:e6:0c:c3:7a:d5:7a:d6:f3:04:f6:a5:67:00:
3f:9b:18:57:ba:1a:29:aa:ff:b3:04:42:bd:a1:2d:
62:5e:96:4b:f3:d3:a8:e8:b3:0c:b3:45:0e:48:be:
d3:58:cd:4e:aa:8e:72:39:1b:c1:25:c8:7c:87:4a:
f4:90:33:2e:87:ff:d9:8e:ad:bc:71:aa:53:58:24:
66:0a:54:49:61:8d:66:a0:84:39:84:20:68:2b:26:
38:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:85:00:B1:A5:66:C8:C4:E4:D5:7C:C6:4E:93:BB:EE:C1:1F:8C:45
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/7YUAsaVmyMTk1XzGTpO77sEfjEU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.122.42.0/24
109.122.46.0/24
Signature Algorithm: sha256WithRSAEncryption
86:0c:87:69:d4:d3:d9:67:6c:e9:7a:5b:ec:5c:22:bf:44:57:
dc:b5:9e:02:fb:93:7e:dc:7d:b5:b1:2a:c9:69:a3:f8:1e:7f:
2b:b3:66:d9:d2:9e:d1:77:bf:91:99:14:69:c6:58:77:33:ec:
45:56:1d:bd:4c:01:49:4c:19:38:c8:92:e5:e4:3e:8b:ae:13:
70:21:6f:81:d8:3b:7f:81:fc:b7:18:cd:00:bc:50:d4:28:b7:
2f:18:39:66:08:7d:02:e8:43:26:33:91:73:91:06:cd:1d:d7:
bd:9d:75:d2:4c:ab:5b:bc:9f:74:08:22:16:7c:4b:bd:0c:68:
1f:f0:b4:93:19:b3:81:62:1c:63:87:0f:ee:e1:98:0d:31:28:
01:15:23:07:34:d8:a4:7f:24:c4:b8:31:d6:b3:5a:c5:c1:d4:
0e:f6:87:3d:0c:4d:10:51:4a:73:ff:9f:15:08:2f:e2:75:35:
0b:78:cb:12:3a:9f:ce:83:d2:6f:02:33:e4:98:95:fb:52:b2:
01:4f:b3:5f:8d:eb:19:e7:31:27:c3:3d:c4:10:bb:50:5b:f3:
1a:9b:7f:a5:d9:8b:6a:64:ac:de:3a:10:5f:f7:02:df:67:6f:
5a:1c:00:4b:ba:70:2e:2f:28:dc:26:39:79:e2:3f:01:8e:78:
b5:47:8c:81
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYjfyuZSASoKIEHLdw6y1gj0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjMwNjIxMjEwOTU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZDg1MDBiMWE1NjZjOGM0ZTRkNTdjYzY0ZTkzYmJlZWMxMWY4YzQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkk6ZZamE/DYBVkGDnm7tA5WPJs+O
M2KjeReD0FPlYYog9VlVVEAjDmea2G4RocsCLKoOUvcJlA2rJCZYpNZt2/sJRq7M
zIcFCXGsiV3dtL0t0P8jAJP/ihxko+tjmjSV5AWnJDBU+DuqnnRvxtYRA1rHv1IO
4uAa3WYdYnRnYnLnby/hU0eni8vYQLxftn04DTlfN7nZY1dkq8YN3xTIvz3KjL9m
x+YMw3rVetbzBPalZwA/mxhXuhopqv+zBEK9oS1iXpZL89Oo6LMMs0UOSL7TWM1O
qo5yORvBJch8h0r0kDMuh//Zjq28capTWCRmClRJYY1moIQ5hCBoKyY4VQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFO2FALGlZsjE5NV8xk6Tu+7BH4xFMB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvN1lVQXNhVm15TVRrMVh6R1RwTzc3c0VmakVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAbXoqAwQA
bXouMA0GCSqGSIb3DQEBCwUAA4IBAQCGDIdp1NPZZ2zpelvsXCK/RFfctZ4C+5N+
3H21sSrJaaP4Hn8rs2bZ0p7Rd7+RmRRpxlh3M+xFVh29TAFJTBk4yJLl5D6LrhNw
IW+B2Dt/gfy3GM0AvFDUKLcvGDlmCH0C6EMmM5FzkQbNHde9nXXSTKtbvJ90CCIW
fEu9DGgf8LSTGbOBYhxjhw/u4ZgNMSgBFSMHNNikfyTEuDHWs1rFwdQO9oc9DE0Q
UUpz/58VCC/idTULeMsSOp/Og9JvAjPkmJX7UrIBT7NfjesZ5zEnwz3EELtQW/Ma
m3+l2YtqZKzeOhBf9wLfZ29aHABLunAuLyjcJjl54j8Bjni1R4yB
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:36 2024 by rpki-client on console-fra.rpki-client.org