Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/AWW6ffjqoA70HH-fo9TU6CK3wvM.roa
File: AWW6ffjqoA70HH-fo9TU6CK3wvM.roa (raw, json)
Hash identifier: CrewWW+q8uAPf5KYJloW4CfPnU77LnLHMSrDo9lPtDk=
Subject key identifier: 01:65:BA:7D:F8:EA:A0:0E:F4:1C:7F:9F:A3:D4:D4:E8:22:B7:C2:F3
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 0187DBEE57D82BD9CB4CD41369D5A5EA10D8
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/AWW6ffjqoA70HH-fo9TU6CK3wvM.roa
Signing time: Tue 02 May 2023 10:07:23 +0000
ROA not before: Tue 02 May 2023 10:07:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 109.122.42.0/24 maxlen: 24
109.122.43.0/24 maxlen: 24
91.226.59.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 16 May 2023 06:27:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:db:ee:57:d8:2b:d9:cb:4c:d4:13:69:d5:a5:ea:10:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: May 2 10:07:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0165ba7df8eaa00ef41c7f9fa3d4d4e822b7c2f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:db:91:69:f9:61:47:5b:ba:a6:8f:c2:a1:80:
db:36:1d:8d:13:2f:79:af:5c:9c:84:51:f1:f3:76:
fa:2c:d3:35:b5:13:f6:ec:93:bf:1f:b1:8f:00:32:
1f:86:e9:c2:98:eb:c7:11:21:3c:5c:a2:cc:7f:1d:
4d:c0:29:1f:a6:0d:33:1c:e2:fb:c2:84:a8:f9:ef:
0d:26:8c:a6:b4:8c:ed:92:c4:2c:66:b6:82:89:7b:
59:86:1b:0c:f0:1c:18:b7:5d:31:23:fd:50:64:73:
bb:54:a7:26:e1:d2:39:fe:8d:2f:66:8b:73:0f:7c:
be:b9:a7:93:aa:d8:f4:3e:b8:93:6b:a8:56:20:0c:
31:a3:84:74:65:d3:78:de:3f:b0:0c:91:bc:34:4a:
93:25:6f:bf:27:ce:83:f4:8f:bf:44:c0:38:1a:dc:
a7:92:90:77:77:c6:9c:8f:26:87:25:ac:0f:fb:76:
90:13:10:04:b8:bd:24:d2:d7:7e:c0:a7:45:1b:74:
d3:bc:82:fc:2a:b5:86:3a:75:72:df:c1:7d:f2:8b:
d6:82:ca:37:97:02:a1:81:e7:d4:03:98:c5:14:a0:
fb:8c:aa:e7:7e:d8:83:a9:fb:c4:d0:ba:dd:b4:64:
b0:6e:e1:c2:27:03:d5:16:c5:ec:27:67:32:35:38:
4b:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:65:BA:7D:F8:EA:A0:0E:F4:1C:7F:9F:A3:D4:D4:E8:22:B7:C2:F3
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/AWW6ffjqoA70HH-fo9TU6CK3wvM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.226.59.0/24
109.122.42.0/23
Signature Algorithm: sha256WithRSAEncryption
88:7f:46:cd:a9:39:79:e4:06:2f:82:d2:de:2e:2c:62:4c:41:
85:d2:03:d6:ca:61:b5:0c:71:7c:38:d2:7c:58:df:48:27:4f:
2a:e9:93:c8:5b:91:70:41:4b:28:65:46:c5:63:c1:58:12:f7:
1f:3a:43:4d:76:18:14:13:fc:7d:d1:7b:f1:02:20:84:9d:6a:
f4:58:0e:0a:d3:9e:11:8d:fb:7f:36:b6:03:da:be:9e:17:e8:
78:f5:03:db:dc:ec:83:b4:4b:da:2d:b7:bc:af:88:ae:13:95:
52:c4:24:75:d9:de:3b:60:ae:60:27:47:96:6e:aa:a6:12:44:
da:f0:9d:52:8c:b5:7e:cb:66:e9:1e:10:4d:fb:0a:b1:10:63:
cc:7c:cb:ab:0c:de:9d:a9:8e:17:f6:40:c4:67:e3:38:fd:25:
68:11:c6:dc:24:d7:d8:66:a8:be:e8:25:fc:b5:3b:19:fb:df:
b9:84:ac:86:ef:b7:a0:a5:22:5d:2c:77:7d:98:54:f3:71:91:
4a:33:86:7d:cb:41:cf:e8:59:45:1d:25:b3:d8:5e:3e:0f:40:
d3:ad:42:36:eb:7f:ba:4d:1b:f6:f1:3c:6f:04:97:f8:c6:f6:
80:6c:fc:f5:4d:13:40:28:fe:f8:71:ee:55:f8:c1:15:a7:f0:
a2:15:dd:85
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYfb7lfYK9nLTNQTadWl6hDYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjMwNTAyMTAwNzIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTY1YmE3ZGY4ZWFhMDBlZjQxYzdmOWZhM2Q0ZDRlODIyYjdjMmYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuNuRaflhR1u6po/CoYDbNh2NEy95
r1ychFHx83b6LNM1tRP27JO/H7GPADIfhunCmOvHESE8XKLMfx1NwCkfpg0zHOL7
woSo+e8NJoymtIztksQsZraCiXtZhhsM8BwYt10xI/1QZHO7VKcm4dI5/o0vZotz
D3y+uaeTqtj0PriTa6hWIAwxo4R0ZdN43j+wDJG8NEqTJW+/J86D9I+/RMA4Gtyn
kpB3d8acjyaHJawP+3aQExAEuL0k0td+wKdFG3TTvIL8KrWGOnVy38F98ovWgso3
lwKhgefUA5jFFKD7jKrnftiDqfvE0LrdtGSwbuHCJwPVFsXsJ2cyNThLuQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAFlun346qAO9Bx/n6PU1Ogit8LzMB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvQVdXNmZmanFvQTcwSEgtZm85VFU2Q0szd3ZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW+I7AwQB
bXoqMA0GCSqGSIb3DQEBCwUAA4IBAQCIf0bNqTl55AYvgtLeLixiTEGF0gPWymG1
DHF8ONJ8WN9IJ08q6ZPIW5FwQUsoZUbFY8FYEvcfOkNNdhgUE/x90XvxAiCEnWr0
WA4K054Rjft/NrYD2r6eF+h49QPb3OyDtEvaLbe8r4iuE5VSxCR12d47YK5gJ0eW
bqqmEkTa8J1SjLV+y2bpHhBN+wqxEGPMfMurDN6dqY4X9kDEZ+M4/SVoEcbcJNfY
Zqi+6CX8tTsZ+9+5hKyG77egpSJdLHd9mFTzcZFKM4Z9y0HP6FlFHSWz2F4+D0DT
rUI263+6TRv28TxvBJf4xvaAbPz1TRNAKP74ce5V+MEVp/CiFd2F
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:06 2024 by rpki-client on console-ams.rpki-client.org