Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/9pzU23kSLEZVWoWzf9pf2WJnuKc.roa
File: 9pzU23kSLEZVWoWzf9pf2WJnuKc.roa (raw, json)
Hash identifier: 191xAzojdLvfw6/bgAWezIOifKasq6jw+bTKfSnL+3A=
Subject key identifier: F6:9C:D4:DB:79:12:2C:46:55:5A:85:B3:7F:DA:5F:D9:62:67:B8:A7
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 01927B5181C465914F2E1607A3100AEB6D06
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/9pzU23kSLEZVWoWzf9pf2WJnuKc.roa
Signing time: Fri 11 Oct 2024 11:23:12 +0000
ROA not before: Fri 11 Oct 2024 11:23:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 91.200.221.0/24 maxlen: 24
109.122.45.0/24 maxlen: 24
109.122.46.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 13 Oct 2024 09:15:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:7b:51:81:c4:65:91:4f:2e:16:07:a3:10:0a:eb:6d:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Oct 11 11:23:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f69cd4db79122c46555a85b37fda5fd96267b8a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:1a:b2:71:a2:86:b1:ee:c4:5b:9a:b4:17:40:
b9:f5:b7:89:c8:c3:27:44:f4:57:24:ce:4c:cb:bc:
4c:37:94:b0:21:e0:d2:01:de:d2:6d:37:76:49:3d:
68:39:f4:ec:21:a7:12:36:0c:bc:f5:44:43:1c:a2:
61:9f:5f:19:00:fe:b9:3b:da:c8:54:48:14:3f:66:
9b:8f:71:bb:93:53:11:e6:52:94:dc:14:75:2d:14:
d5:20:32:e6:cc:3a:70:b9:7f:03:a2:3e:50:e9:b9:
54:ea:6b:45:99:02:c5:d4:7d:85:97:36:29:2f:e7:
60:9b:be:73:76:c1:1c:a2:ce:54:17:4d:f4:f8:4a:
de:12:0f:ef:1d:a0:ac:0b:1d:c4:fc:ed:61:7e:af:
4d:b1:8e:c3:1f:66:55:80:1e:e0:76:79:42:1c:64:
6a:a1:7c:aa:e9:33:e7:51:43:a5:a2:4e:4f:0d:e1:
d7:e9:06:eb:af:3f:77:1a:2b:e3:c8:e9:4f:fd:11:
a6:4e:99:5b:37:f8:56:ef:8c:56:7f:43:84:0a:b2:
a0:c5:e0:15:69:63:70:e3:86:17:69:ef:42:e9:34:
88:15:b2:43:84:24:d3:70:e7:e6:d4:67:91:87:85:
fa:0b:b5:3a:24:38:08:ad:4b:64:96:69:f8:9b:b6:
46:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:9C:D4:DB:79:12:2C:46:55:5A:85:B3:7F:DA:5F:D9:62:67:B8:A7
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/9pzU23kSLEZVWoWzf9pf2WJnuKc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.200.221.0/24
109.122.45.0-109.122.46.255
Signature Algorithm: sha256WithRSAEncryption
51:aa:03:de:76:78:65:94:a0:49:7a:d2:a9:56:25:6e:c2:06:
24:32:f1:91:3c:a4:76:d4:1a:80:e1:40:36:1a:49:57:4f:dd:
c0:fc:0f:04:7b:86:e6:a6:41:6a:41:1f:9b:2b:3d:bf:87:bf:
12:c0:14:11:82:90:ed:79:72:fc:14:11:c7:7d:27:32:43:df:
d5:bd:97:ba:6a:89:97:70:db:c5:95:51:27:da:55:fe:6f:82:
1e:b8:4c:75:17:e6:e7:88:6e:51:32:79:8f:2b:c8:cb:b3:68:
2e:4e:f3:f5:a1:21:3a:79:91:07:2d:bf:2d:0c:30:fb:49:d7:
c6:dc:8c:94:c5:0f:5d:78:43:96:03:a5:c0:e3:b9:0d:20:8e:
b7:8f:23:2b:d6:f6:df:f8:df:66:fb:c0:16:44:01:a7:3c:f4:
bc:e5:28:66:d3:4e:14:24:14:5a:52:6a:a6:c0:96:c7:15:ed:
93:66:9a:f9:20:89:51:b4:29:ce:2a:6c:f8:fc:83:0a:e6:d1:
da:20:ba:bc:f6:4c:31:a2:40:9b:90:a5:b4:73:47:49:36:a3:
36:ca:cd:c7:78:27:82:d5:ce:c4:4e:c4:9d:bb:c6:2d:b2:7a:
35:01:68:b2:b6:bb:77:db:8b:47:dd:04:56:aa:bc:b6:85:6e:
88:2d:78:af
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZJ7UYHEZZFPLhYHoxAK620GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjQxMDExMTEyMzEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNjljZDRkYjc5MTIyYzQ2NTU1YTg1YjM3ZmRhNWZkOTYyNjdiOGE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArxqycaKGse7EW5q0F0C59beJyMMn
RPRXJM5My7xMN5SwIeDSAd7SbTd2ST1oOfTsIacSNgy89URDHKJhn18ZAP65O9rI
VEgUP2abj3G7k1MR5lKU3BR1LRTVIDLmzDpwuX8Doj5Q6blU6mtFmQLF1H2FlzYp
L+dgm75zdsEcos5UF030+EreEg/vHaCsCx3E/O1hfq9NsY7DH2ZVgB7gdnlCHGRq
oXyq6TPnUUOlok5PDeHX6Qbrrz93GivjyOlP/RGmTplbN/hW74xWf0OECrKgxeAV
aWNw44YXae9C6TSIFbJDhCTTcOfm1GeRh4X6C7U6JDgIrUtklmn4m7ZGAQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFPac1Nt5EixGVVqFs3/aX9liZ7inMB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvOXB6VTIza1NMRVpWV29XemY5cGYyV0pudUtjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQAW8jdMAwD
BABtei0DBABtei4wDQYJKoZIhvcNAQELBQADggEBAFGqA952eGWUoEl60qlWJW7C
BiQy8ZE8pHbUGoDhQDYaSVdP3cD8DwR7huamQWpBH5srPb+HvxLAFBGCkO15cvwU
Ecd9JzJD39W9l7pqiZdw28WVUSfaVf5vgh64THUX5ueIblEyeY8ryMuzaC5O8/Wh
ITp5kQctvy0MMPtJ18bcjJTFD114Q5YDpcDjuQ0gjrePIyvW9t/432b7wBZEAac8
9LzlKGbTThQkFFpSaqbAlscV7ZNmmvkgiVG0Kc4qbPj8gwrm0dogurz2TDGiQJuQ
pbRzR0k2ozbKzcd4J4LVzsROxJ27xi2yejUBaLK2u3fbi0fdBFaqvLaFbogteK8=
-----END CERTIFICATE-----
Generated at Sun Oct 13 11:06:04 2024 by rpki-client on console-fra.rpki-client.org