Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/DZvGTbm-Lhf9UfxRG6-E1Va2DIo.roa
File: DZvGTbm-Lhf9UfxRG6-E1Va2DIo.roa (raw, json)
Hash identifier: 2YbjHos2a87iKZPyHopyITC4h6tF9Wu57v0LfM76h7E=
Subject key identifier: 0D:9B:C6:4D:B9:BE:2E:17:FD:51:FC:51:1B:AF:84:D5:56:B6:0C:8A
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 018FF839C9453CE4AB2E1E51E71C82E94B9A
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/DZvGTbm-Lhf9UfxRG6-E1Va2DIo.roa
Signing time: Sat 08 Jun 2024 14:21:27 +0000
ROA not before: Sat 08 Jun 2024 14:21:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29491
IP address blocks: 91.200.221.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 08 Oct 2024 08:47:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:f8:39:c9:45:3c:e4:ab:2e:1e:51:e7:1c:82:e9:4b:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Jun 8 14:21:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0d9bc64db9be2e17fd51fc511baf84d556b60c8a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:69:39:c8:28:80:ad:78:70:55:22:51:82:08:
37:ed:6d:ee:ba:17:cb:6d:69:b1:8a:06:af:0d:3c:
de:4f:61:fe:ce:15:9d:8d:76:12:7e:de:21:89:4e:
4e:3f:9d:5b:c6:c2:b4:a4:84:05:f6:83:8f:3b:25:
0f:02:05:2e:97:31:dc:cb:4c:d4:93:74:6e:fb:d8:
6b:73:15:c9:d9:33:d7:03:52:48:52:1c:f5:cf:36:
34:98:bb:e1:4d:ab:25:a9:1d:7f:0c:23:5f:8e:10:
3f:b4:9b:9c:f1:d3:47:a1:77:c0:33:b6:ed:4b:e2:
4d:c0:37:b7:07:1b:de:71:36:7e:1f:53:de:0e:9c:
d1:18:d6:a5:28:f1:59:8d:17:c5:ce:5a:03:5c:30:
7b:da:68:75:4b:f8:cd:c9:94:ea:43:11:57:ec:5a:
b7:3e:6b:71:bd:0b:3b:80:37:49:22:04:6e:2a:28:
27:cd:f7:68:b9:f9:00:56:99:44:6d:28:94:b0:7c:
76:0f:68:a7:6b:2e:14:c7:ba:64:6e:51:02:51:58:
8e:10:b9:14:e5:47:f9:42:5a:23:3a:a5:83:d4:88:
20:2e:26:72:f4:fe:e9:01:02:83:89:39:c5:d8:4f:
7b:8a:f5:c3:9d:a2:cf:1a:8f:5a:da:cc:55:18:22:
d8:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:9B:C6:4D:B9:BE:2E:17:FD:51:FC:51:1B:AF:84:D5:56:B6:0C:8A
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/DZvGTbm-Lhf9UfxRG6-E1Va2DIo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.200.221.0/24
Signature Algorithm: sha256WithRSAEncryption
27:87:70:5c:a4:bc:ba:bc:e2:68:ff:1d:09:c4:13:e0:a4:25:
8b:f0:40:fb:9c:8f:5f:a3:0a:ec:9b:1a:f5:a8:c4:52:66:9b:
4b:16:3b:d9:b6:a8:4e:ef:3d:e5:b9:cd:b3:94:a0:86:ec:cb:
b1:4c:88:94:2a:e9:c6:2e:29:45:8d:c5:db:ee:92:d7:18:61:
e1:4e:e8:ee:21:70:83:03:43:58:e7:f5:53:f1:8e:76:03:81:
3f:b0:3b:2a:51:2c:65:9d:d5:6b:56:81:3f:9e:3f:4a:ed:79:
72:36:6f:ad:1f:1d:1f:59:17:86:82:93:78:68:33:39:73:68:
6f:e0:f3:57:8f:b8:0b:c6:a0:c7:80:74:f5:20:cc:40:41:ea:
00:d3:e6:42:51:ee:76:d9:3f:38:08:46:ab:4b:01:6a:4a:ff:
fa:6c:67:4c:c7:01:b3:82:23:88:83:3d:0e:53:94:28:4c:f2:
95:33:84:97:22:2e:77:54:02:50:ef:8f:da:6c:12:48:36:b4:
c0:e5:46:a6:97:1e:26:26:0d:44:55:5e:3b:e6:fa:89:c9:06:
8f:8b:80:a1:67:25:0c:fd:7d:ee:84:b2:7b:f9:95:62:58:1e:
b3:16:60:96:26:e5:e0:b7:a2:c5:32:7e:82:14:7d:56:d4:6b:
5d:59:d4:f9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY/4OclFPOSrLh5R5xyC6UuaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjQwNjA4MTQyMTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDliYzY0ZGI5YmUyZTE3ZmQ1MWZjNTExYmFmODRkNTU2YjYwYzhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwmk5yCiArXhwVSJRggg37W3uuhfL
bWmxigavDTzeT2H+zhWdjXYSft4hiU5OP51bxsK0pIQF9oOPOyUPAgUulzHcy0zU
k3Ru+9hrcxXJ2TPXA1JIUhz1zzY0mLvhTaslqR1/DCNfjhA/tJuc8dNHoXfAM7bt
S+JNwDe3BxvecTZ+H1PeDpzRGNalKPFZjRfFzloDXDB72mh1S/jNyZTqQxFX7Fq3
PmtxvQs7gDdJIgRuKignzfdoufkAVplEbSiUsHx2D2inay4Ux7pkblECUViOELkU
5Uf5QlojOqWD1IggLiZy9P7pAQKDiTnF2E97ivXDnaLPGo9a2sxVGCLY4wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA2bxk25vi4X/VH8URuvhNVWtgyKMB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvRFp2R1RibS1MaGY5VWZ4Ukc2LUUxVmEyRElvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW8jdMA0G
CSqGSIb3DQEBCwUAA4IBAQAnh3BcpLy6vOJo/x0JxBPgpCWL8ED7nI9fowrsmxr1
qMRSZptLFjvZtqhO7z3luc2zlKCG7MuxTIiUKunGLilFjcXb7pLXGGHhTujuIXCD
A0NY5/VT8Y52A4E/sDsqUSxlndVrVoE/nj9K7XlyNm+tHx0fWReGgpN4aDM5c2hv
4PNXj7gLxqDHgHT1IMxAQeoA0+ZCUe522T84CEarSwFqSv/6bGdMxwGzgiOIgz0O
U5QoTPKVM4SXIi53VAJQ74/abBJINrTA5Uamlx4mJg1EVV475vqJyQaPi4ChZyUM
/X3uhLJ7+ZViWB6zFmCWJuXgt6LFMn6CFH1W1GtdWdT5
-----END CERTIFICATE-----
Generated at Tue Oct 8 13:43:45 2024 by rpki-client on console-ams.rpki-client.org