Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/9icarSvjc2qKtmMAI0vby-rL0Vo.roa
File: 9icarSvjc2qKtmMAI0vby-rL0Vo.roa (raw, json)
Hash identifier: CZZOxgLSHpO8Rfq7TG4c4lB/XlVIEWhY96LTsQo1SmM=
Subject key identifier: F6:27:1A:AD:2B:E3:73:6A:8A:B6:63:00:23:4B:DB:CB:EA:CB:D1:5A
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 018A9904BC1EA5B9A717EC38A37EE43A6DF0
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/9icarSvjc2qKtmMAI0vby-rL0Vo.roa
Signing time: Fri 15 Sep 2023 13:25:38 +0000
ROA not before: Fri 15 Sep 2023 13:25:38 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 109.122.42.0/24 maxlen: 24
109.122.46.0/24 maxlen: 24
89.251.24.0/24 maxlen: 24
89.251.27.0/24 maxlen: 24
193.93.55.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 19 Sep 2023 10:26:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:99:04:bc:1e:a5:b9:a7:17:ec:38:a3:7e:e4:3a:6d:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Sep 15 13:25:38 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f6271aad2be3736a8ab66300234bdbcbeacbd15a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:d2:fb:e8:33:86:b7:61:dc:cd:94:2b:ea:c6:
cb:f2:8c:25:8e:52:70:b2:f1:26:00:97:17:0d:1a:
7d:4e:8c:5c:cc:5b:c9:b7:09:7b:3b:40:2a:73:bb:
54:38:71:7f:54:36:02:27:f0:a8:61:40:8d:d0:5b:
f3:1e:e8:a8:65:e1:bb:d5:73:a8:ce:cb:81:65:b0:
27:fe:75:da:82:31:17:66:5b:c1:ad:e8:05:dc:81:
ab:89:8e:47:2e:75:15:8a:89:a2:1a:c7:02:f0:97:
56:d0:7c:2b:d4:a6:57:f9:49:76:71:f8:e5:3f:89:
9c:1b:eb:fb:3b:e3:c3:de:0a:10:45:d0:8a:d5:d1:
c4:01:5f:12:9f:83:83:7c:11:e0:b6:dc:f2:8c:45:
16:3a:98:c1:9f:31:f7:2c:70:40:f4:2d:4f:d8:d0:
c0:79:06:65:fa:9c:37:a6:97:a7:f6:cf:e2:43:21:
e0:45:f2:8a:c3:e5:65:fb:06:1c:65:b4:47:98:b9:
87:2d:96:9b:25:eb:d7:e7:3f:aa:28:b0:f5:ab:5f:
ae:90:e5:01:a3:72:8a:67:89:cc:23:66:f2:82:b0:
4d:93:3e:06:63:df:37:29:c9:16:ab:2c:bb:ac:08:
f5:78:c6:77:1b:f6:e6:3e:d8:25:b2:3c:40:fe:54:
d9:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:27:1A:AD:2B:E3:73:6A:8A:B6:63:00:23:4B:DB:CB:EA:CB:D1:5A
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/9icarSvjc2qKtmMAI0vby-rL0Vo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.251.24.0/24
89.251.27.0/24
109.122.42.0/24
109.122.46.0/24
193.93.55.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:b3:11:e9:02:d2:03:f0:5e:ad:18:d3:99:d8:35:52:d7:ec:
53:ba:ec:f3:fe:bb:20:1c:95:85:de:17:3f:4b:50:a5:55:b2:
4f:20:b8:63:57:40:7b:f0:76:d6:10:fd:2e:24:cc:6a:42:a3:
db:44:1e:23:e4:35:ad:dd:f0:4e:91:2a:aa:cf:93:0d:fb:03:
a0:9e:4a:7a:38:a9:3b:a8:f3:38:8d:29:58:57:e6:1b:2e:cd:
07:3a:b4:8d:e7:2d:27:bc:a3:98:03:1e:46:ed:85:83:6e:23:
81:01:7e:26:72:5c:1d:0c:11:45:6b:a5:88:9b:da:32:a8:ec:
d6:42:fa:98:96:75:cb:41:67:b4:c9:f5:2a:fa:62:0f:e2:21:
ea:e6:c0:80:2c:42:d6:dc:bb:2d:22:79:5a:5f:09:09:c8:09:
e8:3b:b4:9d:9d:3f:a7:14:5a:61:b0:e1:75:c2:b8:64:5e:59:
f4:f9:79:28:27:84:dd:52:65:a5:e1:bf:e0:c2:df:8c:8d:e8:
77:11:37:d4:6f:db:91:63:d1:94:b9:59:8f:2d:8a:b5:c7:c6:
aa:1e:7f:56:ac:05:db:45:57:47:33:99:d9:e2:97:09:50:fb:
b1:c5:e9:fe:c3:d0:ad:ae:67:54:82:94:ab:82:9a:85:bf:98:
ef:ff:c8:d9
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYqZBLwepbmnF+w4o37kOm3wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjMwOTE1MTMyNTM4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNjI3MWFhZDJiZTM3MzZhOGFiNjYzMDAyMzRiZGJjYmVhY2JkMTVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhdL76DOGt2HczZQr6sbL8owljlJw
svEmAJcXDRp9ToxczFvJtwl7O0Aqc7tUOHF/VDYCJ/CoYUCN0FvzHuioZeG71XOo
zsuBZbAn/nXagjEXZlvBregF3IGriY5HLnUViomiGscC8JdW0Hwr1KZX+Ul2cfjl
P4mcG+v7O+PD3goQRdCK1dHEAV8Sn4ODfBHgttzyjEUWOpjBnzH3LHBA9C1P2NDA
eQZl+pw3ppen9s/iQyHgRfKKw+Vl+wYcZbRHmLmHLZabJevX5z+qKLD1q1+ukOUB
o3KKZ4nMI2bygrBNkz4GY983KckWqyy7rAj1eMZ3G/bmPtglsjxA/lTZFwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFPYnGq0r43NqirZjACNL28vqy9FaMB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvOWljYXJTdmpjMnFLdG1NQUkwdmJ5LXJMMFZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAWfsYAwQA
WfsbAwQAbXoqAwQAbXouAwQAwV03MA0GCSqGSIb3DQEBCwUAA4IBAQA7sxHpAtID
8F6tGNOZ2DVS1+xTuuzz/rsgHJWF3hc/S1ClVbJPILhjV0B78HbWEP0uJMxqQqPb
RB4j5DWt3fBOkSqqz5MN+wOgnkp6OKk7qPM4jSlYV+YbLs0HOrSN5y0nvKOYAx5G
7YWDbiOBAX4mclwdDBFFa6WIm9oyqOzWQvqYlnXLQWe0yfUq+mIP4iHq5sCALELW
3LstInlaXwkJyAnoO7SdnT+nFFphsOF1wrhkXln0+XkoJ4TdUmWl4b/gwt+Mjeh3
ETfUb9uRY9GUuVmPLYq1x8aqHn9WrAXbRVdHM5nZ4pcJUPuxxen+w9CtrmdUgpSr
gpqFv5jv/8jZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:36 2024 by rpki-client on console-fra.rpki-client.org