Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/AclDccmwV_LUrgJWMterQyME6S0.roa
File: AclDccmwV_LUrgJWMterQyME6S0.roa (raw, json)
Hash identifier: bzZ7xZ8pSdNNFcU8jIP60ryY3JleRVzzZdL5L0jFYCk=
Subject key identifier: 01:C9:43:71:C9:B0:57:F2:D4:AE:02:56:32:D7:AB:43:23:04:E9:2D
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 018EA232C8B621BB0BB3B7F3603B63723434
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/AclDccmwV_LUrgJWMterQyME6S0.roa
Signing time: Wed 03 Apr 2024 04:23:40 +0000
ROA not before: Wed 03 Apr 2024 04:23:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 91.200.220.0/24 maxlen: 24
91.210.145.0/24 maxlen: 24
91.210.146.0/24 maxlen: 24
109.122.40.0/24 maxlen: 24
109.122.46.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 03 Apr 2024 11:11:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:a2:32:c8:b6:21:bb:0b:b3:b7:f3:60:3b:63:72:34:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Apr 3 04:23:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=01c94371c9b057f2d4ae025632d7ab432304e92d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:2b:56:37:68:d5:a7:8d:8c:c7:f7:73:12:f1:
4f:df:48:8e:7e:8c:ba:88:82:5d:b8:17:6b:73:52:
16:ab:c9:9e:18:40:4a:ab:a2:ae:a3:eb:df:2d:12:
6d:20:74:0f:87:dc:a5:13:51:65:d7:eb:08:68:ed:
00:ff:b5:9c:43:f9:5a:1c:e1:b1:96:ca:73:99:fe:
66:58:0f:0b:af:08:6e:6e:5d:e6:4b:57:5f:8c:c2:
91:b7:67:37:20:31:11:d2:e1:01:ee:9d:b4:de:f3:
68:13:8a:be:5b:6e:14:b3:01:47:ec:ca:14:fe:72:
39:d8:40:8f:03:68:6f:ee:91:f3:10:e4:9e:ef:29:
79:92:d5:f2:36:ad:e0:05:fc:1f:39:2f:4b:bc:83:
ac:b3:53:7f:26:d9:c3:fb:24:17:e5:55:bd:53:1e:
d6:fb:bb:26:ab:7b:d4:4f:36:66:eb:4e:91:4d:d9:
61:d6:98:13:72:50:5a:8d:b9:c4:31:b0:ae:d4:36:
60:ca:c2:7b:f2:7c:4d:bf:fd:f5:75:71:6e:ce:6d:
86:1e:dd:b1:de:16:dd:74:58:8f:ab:48:e8:57:75:
b3:d8:5d:74:06:9c:fc:9c:25:89:07:01:97:f7:15:
cb:63:0d:c4:fa:e4:2f:35:56:73:08:80:db:99:4d:
d6:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:C9:43:71:C9:B0:57:F2:D4:AE:02:56:32:D7:AB:43:23:04:E9:2D
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/AclDccmwV_LUrgJWMterQyME6S0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.200.220.0/24
91.210.145.0-91.210.146.255
109.122.40.0/24
109.122.46.0/24
Signature Algorithm: sha256WithRSAEncryption
16:0d:0f:93:c1:b4:de:80:ba:da:50:43:78:ac:d3:9e:5e:ac:
7f:f6:6e:5d:87:04:03:a2:cd:36:19:61:f7:69:e5:99:9d:66:
ca:0b:db:e7:be:a5:2f:a1:4f:af:2e:19:eb:b3:1d:1f:a7:05:
37:a3:05:15:03:ed:d7:26:62:20:72:36:13:21:08:73:95:50:
f4:dd:d3:0c:6d:29:48:bd:72:be:5d:d5:dc:05:71:98:8d:89:
09:f1:e4:52:86:39:6b:12:d6:5e:04:52:d0:a2:74:6f:62:7c:
6e:9a:6c:ab:d7:b3:c8:f6:a9:e1:50:2d:ff:c4:a7:5b:bf:ea:
7f:11:cd:de:02:09:37:c2:56:00:95:51:71:26:66:f9:37:58:
e8:12:32:ec:00:9b:c7:a2:b4:28:54:24:f5:82:4e:9b:e3:56:
be:45:1e:c5:75:88:0e:24:df:18:43:e4:0d:7e:0f:ce:18:b3:
70:13:a7:82:4f:58:4c:6b:d3:6f:1c:3e:f2:91:a8:02:88:4d:
dc:ef:74:65:00:02:66:78:69:2a:7a:9b:d1:23:8e:81:ca:e7:
c6:6b:31:f8:46:8c:65:43:bb:2f:7e:d2:bb:6b:7c:52:bc:4d:
b9:87:68:b9:92:bd:23:ca:ca:ee:7a:88:8f:81:78:65:91:ac:
2a:47:5c:35
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAY6iMsi2IbsLs7fzYDtjcjQ0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjQwNDAzMDQyMzQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMWM5NDM3MWM5YjA1N2YyZDRhZTAyNTYzMmQ3YWI0MzIzMDRlOTJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvStWN2jVp42Mx/dzEvFP30iOfoy6
iIJduBdrc1IWq8meGEBKq6Kuo+vfLRJtIHQPh9ylE1Fl1+sIaO0A/7WcQ/laHOGx
lspzmf5mWA8Lrwhubl3mS1dfjMKRt2c3IDER0uEB7p203vNoE4q+W24UswFH7MoU
/nI52ECPA2hv7pHzEOSe7yl5ktXyNq3gBfwfOS9LvIOss1N/JtnD+yQX5VW9Ux7W
+7smq3vUTzZm606RTdlh1pgTclBajbnEMbCu1DZgysJ78nxNv/31dXFuzm2GHt2x
3hbddFiPq0joV3Wz2F10Bpz8nCWJBwGX9xXLYw3E+uQvNVZzCIDbmU3WgQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFAHJQ3HJsFfy1K4CVjLXq0MjBOktMB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvQWNsRGNjbXdWX0xVcmdKV010ZXJReU1FNlMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAW8jcMAwD
BABb0pEDBABb0pIDBABteigDBABtei4wDQYJKoZIhvcNAQELBQADggEBABYND5PB
tN6AutpQQ3is055erH/2bl2HBAOizTYZYfdp5ZmdZsoL2+e+pS+hT68uGeuzHR+n
BTejBRUD7dcmYiByNhMhCHOVUPTd0wxtKUi9cr5d1dwFcZiNiQnx5FKGOWsS1l4E
UtCidG9ifG6abKvXs8j2qeFQLf/Ep1u/6n8Rzd4CCTfCVgCVUXEmZvk3WOgSMuwA
m8eitChUJPWCTpvjVr5FHsV1iA4k3xhD5A1+D84Ys3ATp4JPWExr028cPvKRqAKI
TdzvdGUAAmZ4aSp6m9EjjoHK58ZrMfhGjGVDuy9+0rtrfFK8TbmHaLmSvSPKyu56
iI+BeGWRrCpHXDU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:36 2024 by rpki-client on console-fra.rpki-client.org