Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/9Xw4AlVxlT-jIneBJOx6Gbo9CmI.roa
File: 9Xw4AlVxlT-jIneBJOx6Gbo9CmI.roa (raw, json)
Hash identifier: 2Bo2HO6D+vOLxOBnHKKVT7xQp+gHhfZQCTlx4qRWhDI=
Subject key identifier: F5:7C:38:02:55:71:95:3F:A3:22:77:81:24:EC:7A:19:BA:3D:0A:62
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 018CE51FB0E6F1AF227D4E99A7F758ED9A0C
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/9Xw4AlVxlT-jIneBJOx6Gbo9CmI.roa
Signing time: Sun 07 Jan 2024 18:11:48 +0000
ROA not before: Sun 07 Jan 2024 18:11:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 91.200.221.0/24 maxlen: 24
109.122.46.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 15 Jan 2024 07:03:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:e5:1f:b0:e6:f1:af:22:7d:4e:99:a7:f7:58:ed:9a:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Jan 7 18:11:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f57c38025571953fa322778124ec7a19ba3d0a62
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:4a:a7:86:5c:7c:61:36:bf:44:72:b6:8d:d9:
67:79:37:dd:2d:77:94:7d:fd:a4:3d:82:8b:0c:c2:
da:29:06:c6:b4:12:08:30:fd:34:cc:c3:80:a9:df:
c9:93:e3:3f:c6:98:47:85:1e:3f:95:e1:ab:cd:0b:
66:a9:fe:3b:6d:57:8d:da:87:b9:39:a4:54:17:cb:
3c:93:f1:d4:4b:dd:a8:32:ee:ad:a6:dc:1b:50:64:
48:b3:02:93:70:6e:c2:d1:5c:6b:3d:56:40:2d:06:
9e:f6:bc:0c:1f:0f:63:d3:17:c9:0f:dc:ec:e1:6d:
1c:3f:a1:88:ef:29:13:a4:c2:4a:4c:c0:0e:53:2a:
5b:78:dc:81:f6:cd:87:b2:e4:61:fc:15:a3:3a:88:
cd:e5:ef:0b:86:74:d8:45:25:f0:ea:45:1a:3d:9c:
1e:81:a7:e1:c6:ad:4b:84:df:0c:64:a6:e9:24:ed:
9a:a4:13:f3:5f:ba:db:dd:cc:84:86:ba:8e:69:68:
fe:b4:7c:c3:8b:aa:23:9c:1e:ce:14:6d:1b:98:71:
c7:98:77:20:f0:0f:73:c2:f3:a2:0e:56:d3:15:95:
3b:f1:b4:ad:55:5c:13:d2:bf:09:bf:cc:47:bf:1d:
3b:8e:80:aa:96:d6:0e:97:80:a3:a8:d6:f2:f2:55:
b2:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:7C:38:02:55:71:95:3F:A3:22:77:81:24:EC:7A:19:BA:3D:0A:62
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/9Xw4AlVxlT-jIneBJOx6Gbo9CmI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.200.221.0/24
109.122.46.0/24
Signature Algorithm: sha256WithRSAEncryption
60:c2:de:89:a7:00:a4:f1:61:8f:d7:67:ee:9a:d6:ee:40:3b:
21:3b:ce:0a:6d:74:fa:c0:37:48:4f:63:ba:71:37:74:63:53:
bc:7e:a0:90:a9:ed:08:58:2a:de:c2:d3:58:a2:67:12:af:8f:
41:fd:b0:6e:fb:c4:28:83:a3:26:a6:e1:ca:6a:50:35:92:25:
4e:b2:de:b6:bc:fe:46:e3:ce:9e:de:6a:01:4f:76:ce:ef:05:
4e:b8:1d:e2:7b:5a:43:b7:8d:89:9f:01:76:30:e5:ad:3b:64:
d1:63:bd:48:35:c3:df:49:f4:73:05:38:e8:98:96:26:44:96:
54:da:0f:87:38:79:45:0b:72:77:98:39:8f:51:f2:b9:24:54:
50:70:93:89:ea:07:0a:61:16:37:2a:21:d8:40:f9:24:79:16:
c4:66:80:6d:c8:72:82:14:0e:06:a1:76:1b:d1:ba:19:ec:48:
ff:a7:9f:a5:d7:50:b1:89:14:8a:f7:63:60:d0:84:ba:fc:5f:
2d:78:2b:12:a3:9e:65:9e:6d:fa:9c:9b:fc:73:d5:1d:c5:47:
db:55:22:f8:3f:43:22:f1:cb:46:0e:b5:9a:c7:00:a0:44:0d:
96:a4:84:bd:48:37:dc:8a:20:18:16:47:33:2f:21:3b:9b:bc:
eb:a6:07:59
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzlH7Dm8a8ifU6Zp/dY7ZoMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjQwMTA3MTgxMTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTdjMzgwMjU1NzE5NTNmYTMyMjc3ODEyNGVjN2ExOWJhM2QwYTYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk0qnhlx8YTa/RHK2jdlneTfdLXeU
ff2kPYKLDMLaKQbGtBIIMP00zMOAqd/Jk+M/xphHhR4/leGrzQtmqf47bVeN2oe5
OaRUF8s8k/HUS92oMu6tptwbUGRIswKTcG7C0VxrPVZALQae9rwMHw9j0xfJD9zs
4W0cP6GI7ykTpMJKTMAOUypbeNyB9s2HsuRh/BWjOojN5e8LhnTYRSXw6kUaPZwe
gafhxq1LhN8MZKbpJO2apBPzX7rb3cyEhrqOaWj+tHzDi6ojnB7OFG0bmHHHmHcg
8A9zwvOiDlbTFZU78bStVVwT0r8Jv8xHvx07joCqltYOl4CjqNby8lWylwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFPV8OAJVcZU/oyJ3gSTsehm6PQpiMB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvOVh3NEFsVnhsVC1qSW5lQkpPeDZHYm85Q21JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW8jdAwQA
bXouMA0GCSqGSIb3DQEBCwUAA4IBAQBgwt6JpwCk8WGP12fumtbuQDshO84KbXT6
wDdIT2O6cTd0Y1O8fqCQqe0IWCrewtNYomcSr49B/bBu+8Qog6MmpuHKalA1kiVO
st62vP5G486e3moBT3bO7wVOuB3ie1pDt42JnwF2MOWtO2TRY71INcPfSfRzBTjo
mJYmRJZU2g+HOHlFC3J3mDmPUfK5JFRQcJOJ6gcKYRY3KiHYQPkkeRbEZoBtyHKC
FA4GoXYb0boZ7Ej/p5+l11CxiRSK92Ng0IS6/F8teCsSo55lnm36nJv8c9UdxUfb
VSL4P0Mi8ctGDrWaxwCgRA2WpIS9SDfciiAYFkczLyE7m7zrpgdZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:36 2024 by rpki-client on console-fra.rpki-client.org