Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/D3cvdUj9Y2L4yc9d7szV-nK_8BU.roa
File: D3cvdUj9Y2L4yc9d7szV-nK_8BU.roa (raw, json)
Hash identifier: XYpT6hsBMSjpyOJdubVrErMwQevYkq1YrhDgLnqpkYY=
Subject key identifier: 0F:77:2F:75:48:FD:63:62:F8:C9:CF:5D:EE:CC:D5:FA:72:BF:F0:15
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 0187AC732BF7C34839A3D6C3734565B56FC6
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/D3cvdUj9Y2L4yc9d7szV-nK_8BU.roa
Signing time: Sun 23 Apr 2023 04:50:41 +0000
ROA not before: Sun 23 Apr 2023 04:50:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 109.122.43.0/24 maxlen: 24
193.93.52.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 24 Apr 2023 19:41:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:ac:73:2b:f7:c3:48:39:a3:d6:c3:73:45:65:b5:6f:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Apr 23 04:50:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0f772f7548fd6362f8c9cf5deeccd5fa72bff015
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:70:82:74:85:d3:b5:51:90:41:4a:c7:3c:15:
11:f2:81:f4:76:d7:27:43:54:df:a9:ab:fa:18:47:
8a:58:54:2c:0a:4e:f9:f1:13:90:cb:72:be:24:e4:
f0:31:9f:41:f4:38:5c:f2:41:4d:af:e3:d8:cb:79:
22:c5:06:26:91:75:15:91:14:91:fa:0a:16:2c:77:
4b:b6:b9:d9:49:08:dc:af:90:1b:55:8c:12:b1:39:
b3:1c:b9:cf:d8:49:c0:73:3a:55:a9:36:7a:d9:d1:
64:99:d3:be:e6:89:e5:c8:37:f1:3a:54:e0:2d:44:
fb:75:da:af:b5:7b:28:cc:bb:92:01:15:29:4f:b8:
12:57:c3:9e:d6:b0:bb:e0:84:74:9d:1d:93:28:0d:
cb:5e:97:f5:47:58:fa:d9:6e:ec:41:3d:f5:75:9b:
1a:e9:e5:20:fb:3f:89:79:30:9d:c1:74:0e:a7:24:
18:dd:f0:38:9b:4d:c1:55:81:bc:da:a0:d5:5d:a8:
0e:bf:8a:7d:3d:0e:01:d5:66:08:45:26:09:c1:2e:
22:d9:04:9c:a5:83:29:dc:15:98:a3:d8:73:fd:00:
ed:50:07:be:23:12:93:95:28:05:61:2e:52:46:a4:
35:0b:4c:85:49:f6:e5:d7:5e:12:bd:a4:1b:0c:13:
b8:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:77:2F:75:48:FD:63:62:F8:C9:CF:5D:EE:CC:D5:FA:72:BF:F0:15
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/D3cvdUj9Y2L4yc9d7szV-nK_8BU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.122.43.0/24
193.93.52.0/24
Signature Algorithm: sha256WithRSAEncryption
72:f7:54:96:ef:9f:eb:52:e9:9b:2a:bd:45:ac:0f:2e:31:57:
82:e2:31:fb:06:1a:ec:29:5f:a2:21:4d:e7:18:21:51:ad:4d:
7b:3e:9f:94:72:ef:c8:26:4d:06:c5:18:9b:69:9e:96:03:b6:
11:8f:09:a5:f4:8d:d4:93:c5:c3:e0:bb:6d:f2:47:aa:82:dd:
4b:da:23:c7:95:d4:f0:e6:33:b8:ed:7b:9c:39:ab:68:9d:cd:
f9:ff:0e:e3:7a:07:ef:1e:d0:dc:34:ba:f8:09:3a:ef:1b:31:
b1:e3:b2:da:4a:79:42:48:fe:1e:90:25:94:a1:ee:43:51:61:
8b:10:68:94:7d:d5:f6:39:d6:13:75:78:ad:f5:e3:8e:05:7d:
3b:13:2d:60:6e:d4:06:62:de:14:4c:cb:9e:0e:20:43:d7:d9:
64:ac:b1:db:96:5f:07:d0:39:6d:2e:1b:6e:31:4c:89:ee:be:
60:45:0a:e0:89:04:43:9e:30:f7:6e:7d:fe:85:0b:29:92:9b:
be:ff:27:48:8f:e8:58:d1:85:3e:f8:88:bb:c1:d3:48:17:c8:
72:7f:c4:b4:1e:12:ad:d9:ef:ac:84:53:ee:06:3a:53:f2:10:
1b:fd:b4:9e:00:02:6d:79:d3:70:31:b0:e1:17:8c:6a:00:89:
ea:8d:a1:18
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYescyv3w0g5o9bDc0VltW/GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjMwNDIzMDQ1MDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjc3MmY3NTQ4ZmQ2MzYyZjhjOWNmNWRlZWNjZDVmYTcyYmZmMDE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlHCCdIXTtVGQQUrHPBUR8oH0dtcn
Q1Tfqav6GEeKWFQsCk758ROQy3K+JOTwMZ9B9Dhc8kFNr+PYy3kixQYmkXUVkRSR
+goWLHdLtrnZSQjcr5AbVYwSsTmzHLnP2EnAczpVqTZ62dFkmdO+5onlyDfxOlTg
LUT7ddqvtXsozLuSARUpT7gSV8Oe1rC74IR0nR2TKA3LXpf1R1j62W7sQT31dZsa
6eUg+z+JeTCdwXQOpyQY3fA4m03BVYG82qDVXagOv4p9PQ4B1WYIRSYJwS4i2QSc
pYMp3BWYo9hz/QDtUAe+IxKTlSgFYS5SRqQ1C0yFSfbl114SvaQbDBO4IwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFA93L3VI/WNi+MnPXe7M1fpyv/AVMB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvRDNjdmRVajlZMkw0eWM5ZDdzelYtbktfOEJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAbXorAwQA
wV00MA0GCSqGSIb3DQEBCwUAA4IBAQBy91SW75/rUumbKr1FrA8uMVeC4jH7Bhrs
KV+iIU3nGCFRrU17Pp+Ucu/IJk0GxRibaZ6WA7YRjwml9I3Uk8XD4Ltt8keqgt1L
2iPHldTw5jO47XucOatonc35/w7jegfvHtDcNLr4CTrvGzGx47LaSnlCSP4ekCWU
oe5DUWGLEGiUfdX2OdYTdXit9eOOBX07Ey1gbtQGYt4UTMueDiBD19lkrLHbll8H
0DltLhtuMUyJ7r5gRQrgiQRDnjD3bn3+hQspkpu+/ydIj+hY0YU++Ii7wdNIF8hy
f8S0HhKt2e+shFPuBjpT8hAb/bSeAAJtedNwMbDhF4xqAInqjaEY
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:36 2024 by rpki-client on console-fra.rpki-client.org