Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/CHT_6haCrxanALLXLcv8gBtIUac.roa
File: CHT_6haCrxanALLXLcv8gBtIUac.roa (raw, json)
Hash identifier: j8jeJrFquaZPiSxtUSHpbYa9K+J+0fm6uiTPjfQA0Ag=
Subject key identifier: 08:74:FF:EA:16:82:AF:16:A7:00:B2:D7:2D:CB:FC:80:1B:48:51:A7
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 0187D8D66C0E7B5DDFC9328FA2E86D8749A1
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/CHT_6haCrxanALLXLcv8gBtIUac.roa
Signing time: Mon 01 May 2023 19:42:23 +0000
ROA not before: Mon 01 May 2023 19:42:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 109.122.42.0/24 maxlen: 24
91.226.59.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 May 2023 10:07:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:d8:d6:6c:0e:7b:5d:df:c9:32:8f:a2:e8:6d:87:49:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: May 1 19:42:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0874ffea1682af16a700b2d72dcbfc801b4851a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:fe:7b:1e:f2:eb:15:bf:c1:22:9f:4b:6d:e4:
97:31:b8:c0:cc:71:44:0e:9a:c8:33:79:28:f1:5e:
0b:cf:52:22:a5:de:e5:eb:f6:ce:92:68:d9:b7:db:
51:c6:20:d0:7b:be:30:24:77:f5:48:6c:67:96:6b:
9f:7e:dd:97:dc:a6:b2:64:10:65:e0:9d:0c:9e:6c:
64:9d:12:cd:fb:16:34:54:71:e1:a0:18:09:60:63:
f8:cc:ac:f4:cd:65:87:80:bb:2e:59:17:e7:1a:55:
8b:6b:7b:4a:28:94:47:ec:9e:1b:da:ab:85:d5:5c:
5f:4c:ce:05:3b:14:d8:95:6b:0b:d5:94:65:1c:29:
d0:78:19:6b:6f:6b:a3:13:e0:e2:f2:e8:fb:1c:14:
60:ff:72:4a:04:4f:ea:cd:9c:2a:bb:b1:e7:c3:f4:
e5:ed:72:e8:bb:62:77:ce:1b:f4:e8:e0:48:bf:73:
dc:91:9a:d3:f3:b4:d4:89:11:32:87:10:03:f5:f7:
fe:64:87:ad:91:02:dd:0d:5a:04:ee:ea:f1:40:29:
8e:b2:78:65:b0:7b:5a:22:5e:af:73:11:55:8c:c1:
0d:e7:39:fe:3d:aa:02:b9:9a:f2:ea:b7:e3:6f:b6:
43:c3:25:c4:ad:70:91:12:e1:4c:3e:ea:b7:35:3e:
99:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:74:FF:EA:16:82:AF:16:A7:00:B2:D7:2D:CB:FC:80:1B:48:51:A7
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/CHT_6haCrxanALLXLcv8gBtIUac.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.226.59.0/24
109.122.42.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:46:67:5c:d5:5f:36:53:70:8f:06:49:9a:b8:c3:e1:4b:ed:
e9:b0:5b:92:dd:8b:14:89:51:4d:06:9e:65:f5:2d:08:c9:c6:
67:54:4f:a8:e1:b4:39:08:7e:68:d3:62:e8:dd:8b:88:63:24:
58:1e:b8:92:f4:e3:d4:2c:b8:f7:ed:7a:f4:33:59:14:87:1a:
fe:ab:99:37:9d:08:28:4b:63:e9:ef:51:8c:88:5a:a2:55:a8:
a2:9d:8c:1d:1b:85:b3:bb:c3:b7:3e:ce:e9:06:1a:c7:c2:fb:
01:b5:ed:de:d9:ae:a6:77:bf:ca:f9:8d:92:d8:69:a7:0a:3f:
67:c4:3b:37:de:48:84:c7:c1:4e:36:cb:c8:a3:d7:19:90:bb:
05:7a:e0:28:ab:85:fe:81:f7:d1:0f:1c:45:67:7b:21:3e:9e:
8a:90:52:e6:59:50:35:87:66:01:59:d7:3a:21:21:d5:e7:1d:
0d:d6:41:b2:b4:b8:da:dc:51:84:ba:f3:76:e0:f6:e5:00:6a:
46:d7:28:67:b5:b3:bc:a6:50:ab:41:31:fb:70:94:00:8c:87:
85:3d:a7:9a:1f:cb:97:fd:40:30:e4:82:93:21:ca:02:9e:36:
32:54:e4:77:87:e5:9e:f9:16:9a:3c:6e:e2:41:59:5f:4f:db:
63:e1:01:5c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYfY1mwOe13fyTKPouhth0mhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjMwNTAxMTk0MjIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODc0ZmZlYTE2ODJhZjE2YTcwMGIyZDcyZGNiZmM4MDFiNDg1MWE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmv57HvLrFb/BIp9LbeSXMbjAzHFE
DprIM3ko8V4Lz1Iipd7l6/bOkmjZt9tRxiDQe74wJHf1SGxnlmufft2X3KayZBBl
4J0MnmxknRLN+xY0VHHhoBgJYGP4zKz0zWWHgLsuWRfnGlWLa3tKKJRH7J4b2quF
1VxfTM4FOxTYlWsL1ZRlHCnQeBlrb2ujE+Di8uj7HBRg/3JKBE/qzZwqu7Hnw/Tl
7XLou2J3zhv06OBIv3PckZrT87TUiREyhxAD9ff+ZIetkQLdDVoE7urxQCmOsnhl
sHtaIl6vcxFVjMEN5zn+PaoCuZry6rfjb7ZDwyXErXCREuFMPuq3NT6ZxQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAh0/+oWgq8WpwCy1y3L/IAbSFGnMB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvQ0hUXzZoYUNyeGFuQUxMWExjdjhnQnRJVWFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW+I7AwQA
bXoqMA0GCSqGSIb3DQEBCwUAA4IBAQANRmdc1V82U3CPBkmauMPhS+3psFuS3YsU
iVFNBp5l9S0IycZnVE+o4bQ5CH5o02Lo3YuIYyRYHriS9OPULLj37Xr0M1kUhxr+
q5k3nQgoS2Pp71GMiFqiVaiinYwdG4Wzu8O3Ps7pBhrHwvsBte3e2a6md7/K+Y2S
2GmnCj9nxDs33kiEx8FONsvIo9cZkLsFeuAoq4X+gffRDxxFZ3shPp6KkFLmWVA1
h2YBWdc6ISHV5x0N1kGytLja3FGEuvN24PblAGpG1yhntbO8plCrQTH7cJQAjIeF
PaeaH8uX/UAw5IKTIcoCnjYyVOR3h+We+RaaPG7iQVlfT9tj4QFc
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:06 2024 by rpki-client on console-ams.rpki-client.org