Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/MdgbN-RzFOCT0kX3uHZlcmzAHLs.roa
File: MdgbN-RzFOCT0kX3uHZlcmzAHLs.roa (raw, json)
Hash identifier: BoU/ifUtdFbS+LU9BUjJL7RtRRowo/VxaPUKrnQb2HY=
Subject key identifier: 31:D8:1B:37:E4:73:14:E0:93:D2:45:F7:B8:76:65:72:6C:C0:1C:BB
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 018C85E0B8F7B1D0CFBCC73C05443C5667B7
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/MdgbN-RzFOCT0kX3uHZlcmzAHLs.roa
Signing time: Wed 20 Dec 2023 06:19:06 +0000
ROA not before: Wed 20 Dec 2023 06:19:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 91.200.221.0/24 maxlen: 24
109.122.46.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:31:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:85:e0:b8:f7:b1:d0:cf:bc:c7:3c:05:44:3c:56:67:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Dec 20 06:19:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=31d81b37e47314e093d245f7b87665726cc01cbb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:73:83:68:7a:07:f9:0c:ff:fd:65:23:27:11:
d3:08:1f:95:d4:41:62:c7:d4:af:64:8d:e3:0f:cd:
88:ae:e3:48:6c:6d:92:80:31:d7:cf:58:7f:1e:1d:
cd:e6:d3:dd:6c:40:4e:01:8c:bb:3e:e7:bc:3b:82:
e2:f2:a6:92:f3:23:a0:47:34:72:cb:65:7e:79:33:
1f:43:00:cc:71:40:14:13:c0:24:71:d1:b8:84:f1:
dd:70:58:72:ab:2d:c7:9c:0c:de:0c:74:9c:d3:66:
c6:e6:cf:74:40:25:81:cc:a7:13:3d:98:48:b9:c0:
c0:e1:85:44:b3:c8:98:83:8a:90:28:48:b1:bb:67:
f2:f8:3e:02:d5:52:ad:f4:0d:fb:a6:74:f3:1e:37:
4d:54:bb:3b:20:6c:51:50:08:19:8d:9e:7e:2a:63:
39:e4:23:a1:6d:28:86:f1:d1:24:2f:c9:50:8d:4f:
01:4a:da:97:53:da:1e:24:99:cd:60:7b:bd:a9:90:
83:03:c4:4a:11:7a:58:1e:66:f3:e1:92:3c:c3:a6:
02:56:b6:1b:01:0f:c2:69:b9:09:b7:3f:78:d1:1b:
69:11:35:bf:8b:37:2e:36:f3:09:ac:31:69:79:6a:
09:9b:fd:88:8a:08:e0:19:da:f4:d2:ac:70:c3:33:
1d:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:D8:1B:37:E4:73:14:E0:93:D2:45:F7:B8:76:65:72:6C:C0:1C:BB
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/MdgbN-RzFOCT0kX3uHZlcmzAHLs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.200.221.0/24
109.122.46.0/24
Signature Algorithm: sha256WithRSAEncryption
33:4a:64:9f:7a:9d:26:a0:84:5e:92:a3:72:cc:9f:96:61:04:
f7:e4:db:df:ba:a2:32:dd:4a:08:20:c9:46:c6:4c:37:1a:00:
12:e0:77:9a:47:ed:2c:da:45:f6:72:04:19:3d:af:02:c4:b4:
e8:90:b7:ba:4b:fd:e5:3b:9f:dd:20:ba:84:86:09:4d:d4:8c:
68:01:f2:12:c3:d3:a8:b0:6e:71:78:65:f8:2a:e5:a9:8f:5d:
30:d7:1f:a2:d0:4c:e0:57:85:97:7f:0f:1a:1d:37:74:b9:32:
a9:2a:ee:3e:92:83:8f:66:f4:47:72:30:44:46:68:33:c4:4e:
52:8c:9c:82:d8:ba:32:07:e8:58:bd:79:fe:74:eb:7b:20:76:
d4:40:ed:14:72:b4:96:0f:57:3a:e6:71:93:2c:73:b9:71:7b:
29:6a:2b:6f:e4:36:65:dd:fa:ef:5c:ec:af:2e:65:f2:72:61:
54:b5:5b:35:d0:9d:b3:15:7c:42:40:91:30:d2:e5:e0:60:34:
16:b6:07:90:11:38:4b:da:e9:43:4e:00:7d:51:65:54:1f:9b:
42:f1:38:7c:23:8b:0d:a6:a0:70:e2:08:21:3e:79:22:5e:b6:
e5:dc:36:a2:cf:3c:68:77:f9:62:2e:8b:f0:94:a4:d7:8e:c1:
f5:f9:34:fb
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYyF4Lj3sdDPvMc8BUQ8Vme3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjMxMjIwMDYxOTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMWQ4MWIzN2U0NzMxNGUwOTNkMjQ1ZjdiODc2NjU3MjZjYzAxY2JiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnHODaHoH+Qz//WUjJxHTCB+V1EFi
x9SvZI3jD82IruNIbG2SgDHXz1h/Hh3N5tPdbEBOAYy7Pue8O4Li8qaS8yOgRzRy
y2V+eTMfQwDMcUAUE8AkcdG4hPHdcFhyqy3HnAzeDHSc02bG5s90QCWBzKcTPZhI
ucDA4YVEs8iYg4qQKEixu2fy+D4C1VKt9A37pnTzHjdNVLs7IGxRUAgZjZ5+KmM5
5COhbSiG8dEkL8lQjU8BStqXU9oeJJnNYHu9qZCDA8RKEXpYHmbz4ZI8w6YCVrYb
AQ/CabkJtz940RtpETW/izcuNvMJrDFpeWoJm/2IigjgGdr00qxwwzMd2wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDHYGzfkcxTgk9JF97h2ZXJswBy7MB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvTWRnYk4tUnpGT0NUMGtYM3VIWmxjbXpBSExzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW8jdAwQA
bXouMA0GCSqGSIb3DQEBCwUAA4IBAQAzSmSfep0moIRekqNyzJ+WYQT35NvfuqIy
3UoIIMlGxkw3GgAS4HeaR+0s2kX2cgQZPa8CxLTokLe6S/3lO5/dILqEhglN1Ixo
AfISw9OosG5xeGX4KuWpj10w1x+i0EzgV4WXfw8aHTd0uTKpKu4+koOPZvRHcjBE
RmgzxE5SjJyC2LoyB+hYvXn+dOt7IHbUQO0UcrSWD1c65nGTLHO5cXspaitv5DZl
3frvXOyvLmXycmFUtVs10J2zFXxCQJEw0uXgYDQWtgeQEThL2ulDTgB9UWVUH5tC
8Th8I4sNpqBw4gghPnkiXrbl3Daizzxod/liLovwlKTXjsH1+TT7
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:06 2024 by rpki-client on console-ams.rpki-client.org