Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/KMpz8YJshci_p3UZdCYN-TC4X0w.roa
File: KMpz8YJshci_p3UZdCYN-TC4X0w.roa (raw, json)
Hash identifier: QpSSOzzN29JFbt2o1WV+LCZ/n0HVyHLlY1YqYmYrNW4=
Subject key identifier: 28:CA:73:F1:82:6C:85:C8:BF:A7:75:19:74:26:0D:F9:30:B8:5F:4C
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 018B6DA8BA71225AA375C29DF9F662F091E3
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/KMpz8YJshci_p3UZdCYN-TC4X0w.roa
Signing time: Thu 26 Oct 2023 20:24:16 +0000
ROA not before: Thu 26 Oct 2023 20:24:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210576
IP address blocks: 91.226.57.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:31:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:6d:a8:ba:71:22:5a:a3:75:c2:9d:f9:f6:62:f0:91:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Oct 26 20:24:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=28ca73f1826c85c8bfa7751974260df930b85f4c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:59:34:a6:9d:76:76:89:02:91:43:e9:28:de:
b2:f0:51:a1:96:5a:4e:e3:a7:8c:74:9e:d6:02:69:
b9:40:59:82:c9:96:64:59:3a:48:d9:0a:02:1e:ac:
74:5f:64:67:b4:75:4b:0e:ed:5c:3f:51:23:50:0c:
56:46:94:2f:16:8f:c2:4a:10:fa:df:c1:69:fe:20:
8c:b0:73:f5:be:d7:08:8a:81:9c:b8:20:ba:e0:ac:
96:f2:cc:54:0a:c0:ba:ab:43:dd:13:95:bc:a4:cb:
75:10:8b:d6:4c:3e:9b:7f:f4:8e:55:ce:ee:43:5e:
e3:ed:05:d5:a5:48:4f:16:e5:75:1c:9d:6c:d5:87:
99:e5:8a:41:9c:85:68:35:a2:9f:24:1f:ea:f0:47:
f1:9b:79:4c:a2:ba:69:ce:46:a2:9d:36:6e:cd:92:
68:79:fc:90:c7:04:7a:d3:a4:fb:2a:be:67:4c:07:
b4:3a:df:4d:a5:d5:30:5a:3c:3a:46:2d:d5:a3:62:
7c:8e:df:02:00:84:92:18:86:cc:be:fa:d8:a0:40:
ba:7d:80:f7:dd:24:56:f3:42:4f:29:c5:67:c0:e3:
39:58:1a:0f:4c:c8:01:00:e9:24:51:df:25:38:3e:
19:cd:6d:d0:0a:ab:e2:4b:ab:e8:67:5a:01:f4:3f:
43:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:CA:73:F1:82:6C:85:C8:BF:A7:75:19:74:26:0D:F9:30:B8:5F:4C
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/KMpz8YJshci_p3UZdCYN-TC4X0w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.226.57.0/24
Signature Algorithm: sha256WithRSAEncryption
1b:79:76:68:ff:c3:9f:cb:8b:b4:f6:2a:47:43:cc:31:a4:64:
a1:fb:65:b7:6c:a6:7c:3d:41:cd:fc:5d:15:8d:0e:ff:70:c6:
7f:8e:ba:dd:83:99:e2:a4:43:af:4b:fe:bc:47:de:91:a5:57:
da:bb:a5:77:df:88:ac:53:be:70:97:fa:9a:12:51:9f:cc:e8:
00:88:dc:8a:1e:02:8d:d1:eb:0c:b9:5d:f9:9b:22:46:60:14:
0b:e0:6b:40:b5:66:bc:98:cc:98:d2:32:ea:1b:15:9f:2f:f4:
50:fa:14:e5:66:e4:5d:a4:1d:0a:7a:bc:23:5e:df:91:d3:75:
fe:b5:ad:a2:6f:89:fb:ff:ac:10:af:34:c4:f1:88:92:53:c6:
22:14:20:b9:0a:5e:03:7c:90:ae:9c:1b:6f:11:69:65:65:0c:
80:f5:9f:bd:a7:51:67:ce:80:ac:ba:db:22:ec:4c:0c:59:35:
20:1f:dd:34:b9:c2:52:3e:ae:dd:e8:44:aa:1c:b3:b8:4c:f2:
61:76:9f:55:38:b5:a5:e9:f0:b6:31:ac:79:58:d5:7c:34:1f:
d8:7d:ac:8d:fb:fd:a3:2e:87:c9:55:ed:16:85:ce:83:26:25:
40:7b:7e:e9:53:63:30:ee:73:71:d3:0f:44:59:ec:7e:a2:17:
2b:91:0b:d9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYttqLpxIlqjdcKd+fZi8JHjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjMxMDI2MjAyNDE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOGNhNzNmMTgyNmM4NWM4YmZhNzc1MTk3NDI2MGRmOTMwYjg1ZjRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlVk0pp12dokCkUPpKN6y8FGhllpO
46eMdJ7WAmm5QFmCyZZkWTpI2QoCHqx0X2RntHVLDu1cP1EjUAxWRpQvFo/CShD6
38Fp/iCMsHP1vtcIioGcuCC64KyW8sxUCsC6q0PdE5W8pMt1EIvWTD6bf/SOVc7u
Q17j7QXVpUhPFuV1HJ1s1YeZ5YpBnIVoNaKfJB/q8Efxm3lMorppzkainTZuzZJo
efyQxwR606T7Kr5nTAe0Ot9NpdUwWjw6Ri3Vo2J8jt8CAISSGIbMvvrYoEC6fYD3
3SRW80JPKcVnwOM5WBoPTMgBAOkkUd8lOD4ZzW3QCqviS6voZ1oB9D9D0QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCjKc/GCbIXIv6d1GXQmDfkwuF9MMB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvS01wejhZSnNoY2lfcDNVWmRDWU4tVEM0WDB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+I5MA0G
CSqGSIb3DQEBCwUAA4IBAQAbeXZo/8Ofy4u09ipHQ8wxpGSh+2W3bKZ8PUHN/F0V
jQ7/cMZ/jrrdg5nipEOvS/68R96RpVfau6V334isU75wl/qaElGfzOgAiNyKHgKN
0esMuV35myJGYBQL4GtAtWa8mMyY0jLqGxWfL/RQ+hTlZuRdpB0KerwjXt+R03X+
ta2ib4n7/6wQrzTE8YiSU8YiFCC5Cl4DfJCunBtvEWllZQyA9Z+9p1FnzoCsutsi
7EwMWTUgH900ucJSPq7d6ESqHLO4TPJhdp9VOLWl6fC2Max5WNV8NB/YfayN+/2j
LofJVe0Whc6DJiVAe37pU2Mw7nNx0w9EWex+ohcrkQvZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:06 2024 by rpki-client on console-ams.rpki-client.org