Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/BpAO8duKf-ipz_k9lplHuD3E6N0.roa
File: BpAO8duKf-ipz_k9lplHuD3E6N0.roa (raw, json)
Hash identifier: +Yu+iZffHM0k2kvvPYdflI41R2nPLiUer5CmJ6l7PbM=
Subject key identifier: 06:90:0E:F1:DB:8A:7F:E8:A9:CF:F9:3D:96:99:47:B8:3D:C4:E8:DD
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 01886ABE2013139E6EDE6298E15EBD054905
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/BpAO8duKf-ipz_k9lplHuD3E6N0.roa
Signing time: Tue 30 May 2023 03:40:24 +0000
ROA not before: Tue 30 May 2023 03:40:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 109.122.41.0/24 maxlen: 24
109.122.46.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 31 May 2023 03:03:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:6a:be:20:13:13:9e:6e:de:62:98:e1:5e:bd:05:49:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: May 30 03:40:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=06900ef1db8a7fe8a9cff93d969947b83dc4e8dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:bd:9f:4d:32:29:19:7e:ab:66:f3:10:0f:06:
e0:f8:47:56:06:11:a1:83:eb:f8:81:da:fa:dc:3f:
2d:9f:cd:c8:e6:dc:e0:c7:9b:9c:5d:09:37:e2:fd:
52:bb:44:de:08:7a:f6:38:6f:b9:c3:c3:2c:af:32:
9a:4d:87:2a:bb:38:ef:ff:9c:71:cf:ec:b0:c8:a8:
be:6a:a5:a3:bb:c5:77:ae:c1:33:8a:5d:c0:2d:31:
a5:6d:ea:0e:9a:48:87:90:aa:4b:cc:ee:02:a1:9d:
83:5f:da:26:2f:dc:29:56:b5:6f:c3:e9:f0:f2:84:
cf:78:e8:2e:e1:cc:4b:c3:98:b0:84:82:6c:45:6e:
c9:f0:d7:20:48:70:d0:17:1b:b6:d8:af:b6:88:c7:
9d:e2:32:c6:ef:90:2d:6d:1d:7e:30:23:7b:4a:a6:
3e:c1:84:e9:79:df:fc:d7:c7:01:1d:45:67:d1:4e:
1e:d7:d1:8f:06:0b:08:78:72:d0:37:d4:c6:da:e3:
92:68:5f:c8:c6:0b:67:94:81:e9:50:19:5c:c2:1e:
18:40:6d:e0:8b:66:74:ab:4e:89:3c:89:76:d7:2d:
03:55:9a:37:70:60:f3:98:f5:4b:74:c2:3f:dc:e2:
d9:4e:5a:8a:0b:f4:37:9b:50:ab:aa:eb:0d:d9:72:
d1:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:90:0E:F1:DB:8A:7F:E8:A9:CF:F9:3D:96:99:47:B8:3D:C4:E8:DD
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/BpAO8duKf-ipz_k9lplHuD3E6N0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.122.41.0/24
109.122.46.0/24
Signature Algorithm: sha256WithRSAEncryption
65:1d:a5:7c:ff:da:ff:34:90:5c:8f:6d:63:71:86:13:09:6c:
34:33:5c:40:82:08:35:ad:c3:b5:8c:e7:70:f6:ff:9f:9a:d7:
78:57:49:c9:cc:53:09:b7:c9:f5:cd:57:6b:12:e5:8e:ba:68:
cc:10:b7:06:e6:25:c3:be:31:8a:1c:64:22:91:44:66:80:4e:
db:6b:53:05:12:d1:9a:27:16:0b:b7:eb:f5:cb:01:ff:c6:b1:
87:4a:6c:6f:40:79:3a:ef:74:57:7c:22:7e:ed:7b:54:a8:cc:
07:93:70:bf:77:ca:33:19:c6:05:ab:48:4a:ba:84:57:8a:2c:
fa:97:a9:f8:6e:25:44:bc:49:ad:80:8e:37:23:00:61:44:0c:
01:1a:64:a8:9a:00:de:a4:ad:d2:ca:48:b7:dc:a4:41:22:e4:
c4:03:8b:cf:cb:f5:50:ea:84:31:1e:7d:18:ea:8e:d3:16:b6:
e6:1b:4f:54:0e:59:ad:04:0b:d8:e8:c1:58:93:44:a2:46:22:
bd:60:a2:bc:37:5e:b3:21:84:f6:bc:fd:37:8f:70:1d:89:0c:
99:b6:70:96:52:17:e5:10:d5:94:62:1c:fe:71:07:f4:80:62:
41:2c:49:8d:30:86:ab:6a:00:b0:9c:89:6d:33:41:58:30:27:
be:52:9b:64
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYhqviATE55u3mKY4V69BUkFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjMwNTMwMDM0MDI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjkwMGVmMWRiOGE3ZmU4YTljZmY5M2Q5Njk5NDdiODNkYzRlOGRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgL2fTTIpGX6rZvMQDwbg+EdWBhGh
g+v4gdr63D8tn83I5tzgx5ucXQk34v1Su0TeCHr2OG+5w8MsrzKaTYcquzjv/5xx
z+ywyKi+aqWju8V3rsEzil3ALTGlbeoOmkiHkKpLzO4CoZ2DX9omL9wpVrVvw+nw
8oTPeOgu4cxLw5iwhIJsRW7J8NcgSHDQFxu22K+2iMed4jLG75AtbR1+MCN7SqY+
wYTped/818cBHUVn0U4e19GPBgsIeHLQN9TG2uOSaF/IxgtnlIHpUBlcwh4YQG3g
i2Z0q06JPIl21y0DVZo3cGDzmPVLdMI/3OLZTlqKC/Q3m1CrqusN2XLRFQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAaQDvHbin/oqc/5PZaZR7g9xOjdMB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvQnBBTzhkdUtmLWlwel9rOWxwbEh1RDNFNk4wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAbXopAwQA
bXouMA0GCSqGSIb3DQEBCwUAA4IBAQBlHaV8/9r/NJBcj21jcYYTCWw0M1xAggg1
rcO1jOdw9v+fmtd4V0nJzFMJt8n1zVdrEuWOumjMELcG5iXDvjGKHGQikURmgE7b
a1MFEtGaJxYLt+v1ywH/xrGHSmxvQHk673RXfCJ+7XtUqMwHk3C/d8ozGcYFq0hK
uoRXiiz6l6n4biVEvEmtgI43IwBhRAwBGmSomgDepK3Syki33KRBIuTEA4vPy/VQ
6oQxHn0Y6o7TFrbmG09UDlmtBAvY6MFYk0SiRiK9YKK8N16zIYT2vP03j3AdiQyZ
tnCWUhflENWUYhz+cQf0gGJBLEmNMIaragCwnIltM0FYMCe+Uptk
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:36 2024 by rpki-client on console-fra.rpki-client.org