Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/8RMqESpLMtLTZY3ds9RiTXD6FgI.roa
File: 8RMqESpLMtLTZY3ds9RiTXD6FgI.roa (raw, json)
Hash identifier: CmhX3AFPt8G63CFF+IvVrIawC3sbecEuy7ZZIJg9png=
Subject key identifier: F1:13:2A:11:2A:4B:32:D2:D3:65:8D:DD:B3:D4:62:4D:70:FA:16:02
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 018D3A78301C1DB5FEEEB3467B50504C7BA7
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/8RMqESpLMtLTZY3ds9RiTXD6FgI.roa
Signing time: Wed 24 Jan 2024 07:56:11 +0000
ROA not before: Wed 24 Jan 2024 07:56:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 91.200.220.0/24 maxlen: 24
109.122.40.0/24 maxlen: 24
109.122.46.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 30 Jan 2024 10:36:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:3a:78:30:1c:1d:b5:fe:ee:b3:46:7b:50:50:4c:7b:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Jan 24 07:56:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f1132a112a4b32d2d3658dddb3d4624d70fa1602
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:93:c4:fe:3f:9e:11:b8:62:5e:cb:09:8a:a1:
71:06:39:17:31:58:19:24:ec:75:a5:99:fe:7c:9c:
6e:4b:0f:e4:ba:a0:06:73:60:a2:4f:61:48:ab:b8:
69:c6:28:cd:b6:dd:70:6b:0a:9f:96:32:d1:23:4a:
59:af:d5:0a:db:60:05:9f:9d:ac:6b:47:99:ea:0e:
b4:31:a2:52:94:61:36:b4:b2:b7:2c:cd:90:bf:e7:
b7:b5:cc:88:24:03:c7:b9:01:70:c2:db:7d:d9:bc:
7b:18:ce:cf:d1:4c:1f:21:7f:d2:e3:cd:85:4d:ab:
f1:22:57:63:bc:de:c1:ff:bd:d4:b1:18:ae:ff:a0:
c1:b1:e6:ef:c0:58:0c:7c:fb:79:10:00:e7:58:b7:
12:7f:2a:15:c9:45:b1:bd:29:50:ff:b0:20:4e:0c:
2b:02:b7:ad:2c:62:d9:77:0d:c1:7f:59:39:57:6e:
c1:86:a8:32:7b:6e:a3:c7:0d:26:ce:9a:29:ff:c8:
b9:7e:11:42:9d:fe:b3:77:c2:59:85:53:ab:f9:7e:
10:43:3b:d0:63:90:cf:4e:a5:45:df:13:df:76:63:
bf:03:74:77:2c:4e:5d:ef:63:31:bb:cd:69:10:6e:
0e:b3:1b:02:d1:cc:da:fa:8e:59:57:ac:c2:28:67:
09:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:13:2A:11:2A:4B:32:D2:D3:65:8D:DD:B3:D4:62:4D:70:FA:16:02
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/8RMqESpLMtLTZY3ds9RiTXD6FgI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.200.220.0/24
109.122.40.0/24
109.122.46.0/24
Signature Algorithm: sha256WithRSAEncryption
84:52:5e:1e:22:b2:b2:45:b4:ab:67:95:04:54:77:c7:5e:0e:
a7:67:31:f3:11:2b:c0:5e:d7:c4:63:09:2b:fa:fc:98:ca:b7:
c4:93:4f:df:a7:d1:66:22:eb:46:86:64:97:73:c8:a5:37:e1:
f9:51:86:eb:af:0b:a2:06:53:40:2c:86:9e:0b:3a:0f:96:5a:
f4:a2:1b:9f:46:98:d0:41:3b:56:62:4d:67:a3:3f:04:28:5c:
4e:dd:93:7b:f7:b8:03:36:38:da:47:fb:5e:8d:fe:a4:f2:c7:
a5:dc:99:93:e9:12:9d:84:cf:ea:29:bb:d0:f9:b7:21:af:f4:
04:96:40:a8:6e:29:52:c1:1c:c4:0b:29:b4:c8:62:98:0f:89:
8d:46:89:94:52:4b:44:a1:c0:64:77:64:ff:9a:c4:33:fd:a3:
84:2b:62:d6:69:b3:6c:aa:aa:5c:ea:52:e8:f7:07:5f:10:3b:
f4:30:f5:50:d8:27:61:62:71:4b:f2:42:e3:57:47:12:47:bb:
8b:5f:a2:ca:de:38:de:3e:47:0a:bf:0e:36:20:f1:c6:e5:42:
b3:71:53:f3:0e:b4:2a:e0:12:cd:c8:fe:b8:b8:ad:61:0f:75:
4d:a0:f7:62:0e:2a:7c:99:0d:98:1d:04:f1:6d:05:21:dd:bf:
38:d9:64:2b
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY06eDAcHbX+7rNGe1BQTHunMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjQwMTI0MDc1NjExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMTEzMmExMTJhNGIzMmQyZDM2NThkZGRiM2Q0NjI0ZDcwZmExNjAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnJPE/j+eEbhiXssJiqFxBjkXMVgZ
JOx1pZn+fJxuSw/kuqAGc2CiT2FIq7hpxijNtt1wawqfljLRI0pZr9UK22AFn52s
a0eZ6g60MaJSlGE2tLK3LM2Qv+e3tcyIJAPHuQFwwtt92bx7GM7P0UwfIX/S482F
TavxIldjvN7B/73UsRiu/6DBsebvwFgMfPt5EADnWLcSfyoVyUWxvSlQ/7AgTgwr
AretLGLZdw3Bf1k5V27Bhqgye26jxw0mzpop/8i5fhFCnf6zd8JZhVOr+X4QQzvQ
Y5DPTqVF3xPfdmO/A3R3LE5d72Mxu81pEG4OsxsC0cza+o5ZV6zCKGcJxwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFPETKhEqSzLS02WN3bPUYk1w+hYCMB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvOFJNcUVTcExNdExUWlkzZHM5UmlUWEQ2RmdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAW8jcAwQA
bXooAwQAbXouMA0GCSqGSIb3DQEBCwUAA4IBAQCEUl4eIrKyRbSrZ5UEVHfHXg6n
ZzHzESvAXtfEYwkr+vyYyrfEk0/fp9FmIutGhmSXc8ilN+H5UYbrrwuiBlNALIae
CzoPllr0ohufRpjQQTtWYk1noz8EKFxO3ZN797gDNjjaR/tejf6k8sel3JmT6RKd
hM/qKbvQ+bchr/QElkCobilSwRzECym0yGKYD4mNRomUUktEocBkd2T/msQz/aOE
K2LWabNsqqpc6lLo9wdfEDv0MPVQ2CdhYnFL8kLjV0cSR7uLX6LK3jjePkcKvw42
IPHG5UKzcVPzDrQq4BLNyP64uK1hD3VNoPdiDip8mQ2YHQTxbQUh3b842WQr
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:36 2024 by rpki-client on console-fra.rpki-client.org