Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/HNiUfL4yiOUkyoVPuo_BmaR_Qvo.roa
File: HNiUfL4yiOUkyoVPuo_BmaR_Qvo.roa (raw, json)
Hash identifier: APWcy65Yeke63faNOxXYw9nywerB/ERj0+mK10VODcI=
Subject key identifier: 1C:D8:94:7C:BE:32:88:E5:24:CA:85:4F:BA:8F:C1:99:A4:7F:42:FA
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 018801DB4E22623937127757EBF1742AFA0F
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/HNiUfL4yiOUkyoVPuo_BmaR_Qvo.roa
Signing time: Tue 09 May 2023 18:52:09 +0000
ROA not before: Tue 09 May 2023 18:52:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43260
IP address blocks: 109.122.45.0/24 maxlen: 24
193.93.55.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 22 Jun 2023 04:32:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:01:db:4e:22:62:39:37:12:77:57:eb:f1:74:2a:fa:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: May 9 18:52:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1cd8947cbe3288e524ca854fba8fc199a47f42fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:2d:76:78:4b:8e:cc:ad:22:86:f1:4d:df:ca:
18:4a:02:99:ab:a3:af:68:a3:4f:c6:5b:a7:c5:ca:
24:fb:10:81:b3:5d:89:7d:26:39:e7:de:10:bb:ec:
b0:b1:ef:12:aa:59:ad:72:76:f5:4e:d6:e2:9d:6f:
de:7d:07:c7:4d:ec:2c:2f:bd:6b:23:5d:3c:bb:ea:
b9:04:a6:24:24:b1:50:2a:40:64:7e:74:c7:ee:53:
ca:a7:f7:af:53:68:72:36:12:9c:ec:f6:67:dd:e0:
ac:52:43:be:57:4d:45:b8:88:c2:d3:22:c7:eb:c8:
ca:55:f6:dc:13:24:e2:dd:60:3b:48:a2:16:08:8d:
30:14:04:45:a0:b2:a3:9e:cf:2c:b8:40:99:60:ea:
f3:98:1d:0d:1a:a1:5e:28:e3:50:88:9b:90:65:bd:
f4:75:d9:c0:58:93:9e:ae:d8:69:d6:df:eb:6e:81:
e0:00:3b:87:57:07:2d:7d:19:95:b0:82:4d:a5:1f:
4f:6b:c9:ca:c4:42:51:b8:e7:23:cb:64:5c:d3:b8:
10:91:88:4d:39:b6:5c:a5:e9:9b:8c:a0:84:98:e8:
fd:29:ac:33:6b:b2:93:a4:56:e2:87:a6:e3:c8:9d:
b0:7c:c2:c5:55:02:85:6f:56:a1:f6:f5:0d:ec:b2:
d4:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:D8:94:7C:BE:32:88:E5:24:CA:85:4F:BA:8F:C1:99:A4:7F:42:FA
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/HNiUfL4yiOUkyoVPuo_BmaR_Qvo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.122.45.0/24
193.93.55.0/24
Signature Algorithm: sha256WithRSAEncryption
22:af:65:58:6f:ff:f5:9b:36:a7:35:21:35:55:37:61:65:c8:
a6:38:7e:36:ec:c5:c1:d1:1d:3b:95:0b:d7:f0:7b:5e:72:6e:
93:90:02:be:3c:49:ee:5e:8b:61:5e:97:02:f5:45:72:fa:f8:
3b:4d:3b:24:d2:d6:c8:aa:90:68:68:3f:1a:ca:0c:06:b3:6d:
be:2d:e8:03:c2:1f:e8:7b:be:80:26:90:47:7d:00:f6:17:7c:
f3:a3:9a:51:9a:47:95:8f:7a:55:01:65:a7:19:10:a5:fd:a7:
10:b4:65:22:4f:94:77:c1:95:9c:58:9b:21:bd:a2:4f:46:9e:
01:78:95:a4:d6:0c:a2:df:bb:19:f7:81:f8:6c:a1:5f:33:4c:
b3:fc:b4:c8:14:65:f0:04:bc:5c:aa:58:4e:98:23:d8:3e:2e:
c9:88:e2:87:e2:ec:a8:2f:d1:56:da:ca:78:65:e4:f4:f2:8b:
af:b3:12:cd:52:58:45:af:b3:4e:71:1c:50:93:12:7f:91:20:
b8:52:20:5e:ce:94:55:5f:9a:14:94:84:77:09:cf:d4:3f:93:
34:f5:6f:12:6f:df:c6:96:6d:c8:b9:cb:2e:a7:1a:69:f8:30:
9e:a3:6a:92:ae:92:8f:cd:f7:43:be:3d:ee:41:93:58:42:1c:
b1:06:bb:3f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYgB204iYjk3EndX6/F0KvoPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjMwNTA5MTg1MjA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxY2Q4OTQ3Y2JlMzI4OGU1MjRjYTg1NGZiYThmYzE5OWE0N2Y0MmZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApi12eEuOzK0ihvFN38oYSgKZq6Ov
aKNPxlunxcok+xCBs12JfSY5594Qu+ywse8Sqlmtcnb1TtbinW/efQfHTewsL71r
I108u+q5BKYkJLFQKkBkfnTH7lPKp/evU2hyNhKc7PZn3eCsUkO+V01FuIjC0yLH
68jKVfbcEyTi3WA7SKIWCI0wFARFoLKjns8suECZYOrzmB0NGqFeKONQiJuQZb30
ddnAWJOerthp1t/rboHgADuHVwctfRmVsIJNpR9Pa8nKxEJRuOcjy2Rc07gQkYhN
ObZcpembjKCEmOj9Kawza7KTpFbih6bjyJ2wfMLFVQKFb1ah9vUN7LLUqwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBzYlHy+MojlJMqFT7qPwZmkf0L6MB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvSE5pVWZMNHlpT1VreW9WUHVvX0JtYVJfUXZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAbXotAwQA
wV03MA0GCSqGSIb3DQEBCwUAA4IBAQAir2VYb//1mzanNSE1VTdhZcimOH427MXB
0R07lQvX8Htecm6TkAK+PEnuXothXpcC9UVy+vg7TTsk0tbIqpBoaD8aygwGs22+
LegDwh/oe76AJpBHfQD2F3zzo5pRmkeVj3pVAWWnGRCl/acQtGUiT5R3wZWcWJsh
vaJPRp4BeJWk1gyi37sZ94H4bKFfM0yz/LTIFGXwBLxcqlhOmCPYPi7JiOKH4uyo
L9FW2sp4ZeT08ouvsxLNUlhFr7NOcRxQkxJ/kSC4UiBezpRVX5oUlIR3Cc/UP5M0
9W8Sb9/Glm3Iucsupxpp+DCeo2qSrpKPzfdDvj3uQZNYQhyxBrs/
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:06 2024 by rpki-client on console-ams.rpki-client.org