Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/D9QVs5sXbONaefJXYMz39y_8YaY.roa
File: D9QVs5sXbONaefJXYMz39y_8YaY.roa (raw, json)
Hash identifier: LyP30YDmMpkkM4eJOqO2nSsRK1k6nsw1TQX+TC+PmtU=
Subject key identifier: 0F:D4:15:B3:9B:17:6C:E3:5A:79:F2:57:60:CC:F7:F7:2F:FC:61:A6
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 018ED368D6D07F50E857A1E98895AECEA602
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/D9QVs5sXbONaefJXYMz39y_8YaY.roa
Signing time: Fri 12 Apr 2024 17:44:07 +0000
ROA not before: Fri 12 Apr 2024 17:44:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212238
IP address blocks: 146.19.56.0/24 maxlen: 24
176.97.205.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 07 Oct 2024 11:40:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:d3:68:d6:d0:7f:50:e8:57:a1:e9:88:95:ae:ce:a6:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Apr 12 17:44:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0fd415b39b176ce35a79f25760ccf7f72ffc61a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:a0:5e:64:04:7c:bd:77:3f:3e:d5:d6:6b:3d:
a5:62:4a:1b:5b:22:a2:b1:52:6b:33:e0:75:7c:a0:
f2:12:d3:d8:22:ad:7b:f1:5c:51:40:d1:83:aa:4d:
36:3b:d3:7b:5f:1f:d4:61:0a:c8:1b:c5:78:9c:10:
1a:67:28:0c:90:07:6b:98:b3:68:5b:b9:f6:14:80:
28:c0:37:9c:e6:a4:27:5d:7c:0b:34:e2:54:ce:45:
d2:0c:fe:f5:32:5c:3b:14:f5:dc:b6:ac:e6:92:24:
7b:c0:a9:70:06:81:00:3e:f1:75:73:1b:7b:0c:1f:
72:a0:77:9c:46:b7:e5:41:47:d2:99:46:65:d7:5d:
be:a8:2c:ff:1d:54:18:62:12:5d:dd:fd:fb:1f:43:
68:26:3f:79:72:32:af:de:5e:16:45:ae:d7:a8:bd:
ec:39:68:a5:64:0c:36:a5:96:ff:9a:6a:ce:43:1f:
40:65:14:d5:42:43:e8:c1:19:f2:43:d0:02:78:75:
d1:a7:6c:2d:0c:73:db:78:e5:04:c8:1a:a1:c9:ee:
e5:e9:04:c2:5e:b3:1c:5d:b0:9c:70:74:5b:6d:25:
33:c0:05:54:33:61:a4:01:5f:bd:ce:5b:2c:4a:53:
39:a7:a7:39:e3:06:e9:f9:f8:25:02:f3:4c:84:78:
57:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:D4:15:B3:9B:17:6C:E3:5A:79:F2:57:60:CC:F7:F7:2F:FC:61:A6
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/D9QVs5sXbONaefJXYMz39y_8YaY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.19.56.0/24
176.97.205.0/24
Signature Algorithm: sha256WithRSAEncryption
73:6a:c2:ed:05:a2:65:df:73:09:39:a3:be:55:7f:d6:a5:da:
cf:9d:10:91:47:bf:5c:35:20:6b:4c:bb:23:19:e0:a9:2d:1e:
50:cf:61:51:1b:94:57:04:c2:9e:0e:f6:77:fa:b3:97:a2:84:
4c:db:7e:47:c7:a9:ba:1e:2d:8d:38:76:4a:64:fa:50:1f:07:
9f:07:c6:04:97:3d:03:3d:10:40:84:f0:70:18:ec:8d:d0:62:
8e:3d:65:5a:9c:61:5d:e9:37:02:36:df:e7:f0:31:6a:40:ea:
7d:ef:8a:a8:7f:df:55:87:e3:b7:36:52:65:37:b4:94:fe:68:
fe:3d:b9:ab:de:0c:d5:4c:52:96:79:0a:99:8c:38:df:87:80:
51:d7:63:da:68:4f:8d:5f:e9:ad:65:1b:5c:25:dd:cd:c0:60:
9b:eb:b3:96:96:07:73:c4:c9:d4:ba:0f:54:0a:f4:eb:71:30:
c0:2e:54:c3:d2:f5:aa:ff:f5:33:60:09:12:42:47:b8:d9:35:
8f:3a:a7:dd:38:6e:7e:bf:7c:5b:ef:17:8f:d9:0e:92:0f:19:
2d:49:b4:37:4e:a1:b2:c5:6d:30:34:78:27:d3:18:cd:d2:5a:
b6:95:e5:40:51:ad:28:6a:8e:b6:8f:52:13:eb:bf:08:0b:b0:
1b:40:ce:a4
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY7TaNbQf1DoV6HpiJWuzqYCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjQwNDEyMTc0NDA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZmQ0MTViMzliMTc2Y2UzNWE3OWYyNTc2MGNjZjdmNzJmZmM2MWE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjaBeZAR8vXc/PtXWaz2lYkobWyKi
sVJrM+B1fKDyEtPYIq178VxRQNGDqk02O9N7Xx/UYQrIG8V4nBAaZygMkAdrmLNo
W7n2FIAowDec5qQnXXwLNOJUzkXSDP71Mlw7FPXctqzmkiR7wKlwBoEAPvF1cxt7
DB9yoHecRrflQUfSmUZl112+qCz/HVQYYhJd3f37H0NoJj95cjKv3l4WRa7XqL3s
OWilZAw2pZb/mmrOQx9AZRTVQkPowRnyQ9ACeHXRp2wtDHPbeOUEyBqhye7l6QTC
XrMcXbCccHRbbSUzwAVUM2GkAV+9zlssSlM5p6c54wbp+fglAvNMhHhXVQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFA/UFbObF2zjWnnyV2DM9/cv/GGmMB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvRDlRVnM1c1hiT05hZWZKWFlNejM5eV84WWFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAkhM4AwQA
sGHNMA0GCSqGSIb3DQEBCwUAA4IBAQBzasLtBaJl33MJOaO+VX/WpdrPnRCRR79c
NSBrTLsjGeCpLR5Qz2FRG5RXBMKeDvZ3+rOXooRM235Hx6m6Hi2NOHZKZPpQHwef
B8YElz0DPRBAhPBwGOyN0GKOPWVanGFd6TcCNt/n8DFqQOp974qof99Vh+O3NlJl
N7SU/mj+Pbmr3gzVTFKWeQqZjDjfh4BR12PaaE+NX+mtZRtcJd3NwGCb67OWlgdz
xMnUug9UCvTrcTDALlTD0vWq//UzYAkSQke42TWPOqfdOG5+v3xb7xeP2Q6SDxkt
SbQ3TqGyxW0wNHgn0xjN0lq2leVAUa0oao62j1IT678IC7AbQM6k
-----END CERTIFICATE-----
Generated at Mon Oct 7 19:10:56 2024 by rpki-client on console-ams.rpki-client.org