Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/HZbxX3uSNEUI6TIi00Tm1j2FfiE.roa
File: HZbxX3uSNEUI6TIi00Tm1j2FfiE.roa (raw, json)
Hash identifier: L8jAYaoZDOnI3nM9k/Kwab9CS4+pTXwhSNMnZJhFsj0=
Subject key identifier: 1D:96:F1:5F:7B:92:34:45:08:E9:32:22:D3:44:E6:D6:3D:85:7E:21
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 018E2F474A74AE85F5A6459190D7A30BC887
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/HZbxX3uSNEUI6TIi00Tm1j2FfiE.roa
Signing time: Mon 11 Mar 2024 20:49:45 +0000
ROA not before: Mon 11 Mar 2024 20:49:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8100
IP address blocks: 109.122.42.0/24 maxlen: 24
193.93.55.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 07 Oct 2024 11:43:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:2f:47:4a:74:ae:85:f5:a6:45:91:90:d7:a3:0b:c8:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Mar 11 20:49:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1d96f15f7b92344508e93222d344e6d63d857e21
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:66:46:6d:01:ed:5f:59:a0:3e:fb:a7:03:cc:
4e:7d:0c:ad:a2:b5:c3:53:2f:fe:ae:1c:71:fc:62:
37:d0:10:4e:9c:54:e5:ae:f6:55:d6:6e:97:ed:1f:
a8:42:9c:58:42:28:bf:af:6b:f4:72:8c:7c:8f:05:
1f:2d:01:d9:2d:15:41:1c:7b:f1:45:71:9f:e0:dc:
0c:2f:03:38:07:28:ba:ba:aa:c0:b1:07:7a:74:71:
af:a7:3a:d7:16:d7:35:7c:da:15:2d:d1:ea:30:1e:
9e:51:e1:be:20:eb:3a:4f:93:22:22:d1:d8:49:55:
b4:62:7a:16:cb:48:98:8c:d4:70:91:1f:c5:4f:21:
c6:50:78:48:a5:ba:40:63:04:a1:d3:62:32:42:ea:
25:d2:d4:db:cf:fe:a8:54:89:52:ed:e8:74:9e:86:
f7:78:c7:26:be:48:f0:bb:51:b8:bb:a7:e6:ca:e4:
ce:e3:c5:42:d6:bd:4d:7c:55:31:30:be:32:8d:7c:
74:64:1c:1c:35:97:a3:b9:9c:1b:47:69:0a:ab:31:
8f:22:43:4a:ae:7d:df:f2:03:7f:21:a5:55:9c:70:
f5:cf:7c:d4:5a:91:cc:0a:c6:52:a4:e9:a0:b5:a7:
3d:6c:55:aa:4b:9f:68:9e:7a:c6:c0:6b:f3:3a:53:
fe:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:96:F1:5F:7B:92:34:45:08:E9:32:22:D3:44:E6:D6:3D:85:7E:21
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/HZbxX3uSNEUI6TIi00Tm1j2FfiE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.122.42.0/24
193.93.55.0/24
Signature Algorithm: sha256WithRSAEncryption
18:02:35:f2:15:d5:87:0c:cc:57:be:ef:32:9d:47:6d:18:77:
8e:8d:bb:2e:1f:0d:61:a3:62:76:f2:bd:55:c0:3b:68:48:98:
23:5e:2a:f5:76:29:93:a2:de:e0:79:02:87:67:ee:9d:cd:9c:
6f:e7:d9:d8:21:82:c4:f3:02:90:4e:76:fe:d3:e5:bc:f0:b2:
de:9a:93:ca:29:0f:4a:d9:0a:02:62:03:68:e8:0a:bf:42:70:
76:e4:3d:26:43:7c:ca:1a:e3:3c:19:91:1b:07:fe:61:b4:8e:
a7:74:f9:d0:4b:89:fd:c2:67:a9:d2:cd:7c:98:3b:cc:fb:3b:
9a:fe:27:e4:5a:9d:85:be:5a:e8:53:fa:63:86:01:a8:1a:79:
8a:97:ea:aa:b9:79:be:1f:cf:5e:b8:7e:e3:92:26:a6:b4:06:
a3:3d:d8:08:f3:37:57:4c:81:75:31:ef:b1:77:52:de:61:db:
4f:e0:5a:94:41:62:97:f7:6c:16:02:a4:65:ad:38:78:87:92:
d6:7f:93:bb:d2:61:3b:4d:3e:50:30:02:69:f8:45:da:05:ae:
46:8d:8d:21:7a:b5:f7:8a:80:84:29:3c:a7:c2:9f:26:b3:b0:
5c:34:a2:24:68:36:93:01:ef:df:56:e2:c9:53:74:51:c6:8d:
7e:32:8d:85
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY4vR0p0roX1pkWRkNejC8iHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjQwMzExMjA0OTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDk2ZjE1ZjdiOTIzNDQ1MDhlOTMyMjJkMzQ0ZTZkNjNkODU3ZTIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr2ZGbQHtX1mgPvunA8xOfQytorXD
Uy/+rhxx/GI30BBOnFTlrvZV1m6X7R+oQpxYQii/r2v0cox8jwUfLQHZLRVBHHvx
RXGf4NwMLwM4Byi6uqrAsQd6dHGvpzrXFtc1fNoVLdHqMB6eUeG+IOs6T5MiItHY
SVW0YnoWy0iYjNRwkR/FTyHGUHhIpbpAYwSh02IyQuol0tTbz/6oVIlS7eh0nob3
eMcmvkjwu1G4u6fmyuTO48VC1r1NfFUxML4yjXx0ZBwcNZejuZwbR2kKqzGPIkNK
rn3f8gN/IaVVnHD1z3zUWpHMCsZSpOmgtac9bFWqS59onnrGwGvzOlP+QQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFB2W8V97kjRFCOkyItNE5tY9hX4hMB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvSFpieFgzdVNORVVJNlRJaTAwVG0xajJGZmlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAbXoqAwQA
wV03MA0GCSqGSIb3DQEBCwUAA4IBAQAYAjXyFdWHDMxXvu8ynUdtGHeOjbsuHw1h
o2J28r1VwDtoSJgjXir1dimTot7geQKHZ+6dzZxv59nYIYLE8wKQTnb+0+W88LLe
mpPKKQ9K2QoCYgNo6Aq/QnB25D0mQ3zKGuM8GZEbB/5htI6ndPnQS4n9wmep0s18
mDvM+zua/ifkWp2FvlroU/pjhgGoGnmKl+qquXm+H89euH7jkiamtAajPdgI8zdX
TIF1Me+xd1LeYdtP4FqUQWKX92wWAqRlrTh4h5LWf5O70mE7TT5QMAJp+EXaBa5G
jY0herX3ioCEKTynwp8ms7BcNKIkaDaTAe/fVuLJU3RRxo1+Mo2F
-----END CERTIFICATE-----
Generated at Mon Oct 7 19:10:56 2024 by rpki-client on console-ams.rpki-client.org