Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/N0WLxM-F4QbOSiy-0FnjSjLd0XQ.roa
File: N0WLxM-F4QbOSiy-0FnjSjLd0XQ.roa (raw, json)
Hash identifier: QtMA43/K1vXi0RL4uaqU4YxvNA0ilTxEW7ZrJHE1b2k=
Subject key identifier: 37:45:8B:C4:CF:85:E1:06:CE:4A:2C:BE:D0:59:E3:4A:32:DD:D1:74
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 0188C3F2B9EF74AC626D610C55464A7ECF53
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/N0WLxM-F4QbOSiy-0FnjSjLd0XQ.roa
Signing time: Fri 16 Jun 2023 11:24:04 +0000
ROA not before: Fri 16 Jun 2023 11:24:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 109.122.42.0/24 maxlen: 24
109.122.46.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 19 Jun 2023 09:38:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:c3:f2:b9:ef:74:ac:62:6d:61:0c:55:46:4a:7e:cf:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Jun 16 11:24:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=37458bc4cf85e106ce4a2cbed059e34a32ddd174
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:6e:5e:30:b1:22:18:fe:3f:c5:6e:01:e6:cd:
7c:ea:80:ee:f4:c8:3c:28:41:d7:22:4e:3a:c9:f6:
42:6b:bc:2c:fc:f3:40:84:5c:6f:fc:8b:50:68:24:
96:3b:1b:98:0a:76:85:c9:73:fa:71:52:15:96:4c:
88:2d:90:80:10:89:ac:9a:f4:24:76:36:43:b5:da:
82:d8:bb:32:d5:05:b4:c9:fd:a8:f4:d1:7f:2c:4d:
99:c0:fe:40:f0:67:58:32:64:fc:d6:98:fe:22:78:
a2:b7:98:32:fa:61:a9:bf:0c:5a:6b:ff:21:8d:c1:
8e:40:18:b9:87:7e:f6:17:f3:a7:8f:ba:e1:e5:c1:
31:70:b8:a3:9f:e3:41:a5:fe:b0:4e:12:f2:04:6c:
8c:2f:29:52:d1:79:df:e6:3d:ea:82:f4:9b:10:0c:
e4:20:01:10:3b:a2:ef:74:10:61:4c:5a:a2:f8:b7:
ee:4a:36:55:39:76:1d:f7:c9:4b:52:f9:80:72:9b:
41:cb:28:57:12:a8:21:41:8c:58:70:f4:5d:2b:23:
6c:92:48:f7:b9:3c:1b:87:f1:72:ec:7c:e6:03:ab:
95:c6:a1:ff:c4:a0:c1:45:ba:fd:46:80:85:53:16:
4c:ff:24:39:8e:fb:04:5e:35:b2:d9:ec:a2:c2:76:
9f:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:45:8B:C4:CF:85:E1:06:CE:4A:2C:BE:D0:59:E3:4A:32:DD:D1:74
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/N0WLxM-F4QbOSiy-0FnjSjLd0XQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.122.42.0/24
109.122.46.0/24
Signature Algorithm: sha256WithRSAEncryption
08:02:c0:1e:ce:2d:97:04:59:26:da:05:49:48:6e:80:4c:2e:
a4:4e:32:3b:f5:bb:77:73:f0:7e:25:db:49:e6:8f:fa:c2:a6:
de:07:fe:dd:03:70:b5:7a:ea:f9:78:e5:df:3b:7c:e2:62:6f:
49:93:e5:26:26:f4:2f:8c:09:49:14:4b:4f:28:36:0b:71:49:
72:75:31:5f:0c:06:ff:b2:21:e7:ee:ca:1d:6e:4a:ff:78:88:
e5:10:ce:98:ae:0f:1a:59:32:46:e7:8b:30:0f:03:95:41:83:
31:a9:a1:10:1c:32:62:39:15:43:f6:b9:8a:e3:29:f7:58:53:
0c:c5:d8:2a:97:0a:ad:e4:c3:ae:68:73:de:e7:28:ea:c2:2f:
bf:ce:9b:77:23:32:93:46:56:c0:ce:bd:7b:b4:c1:68:0b:0f:
53:6f:18:7b:81:ff:c9:e1:ba:00:fd:6f:a5:a6:57:97:9e:e1:
16:d5:55:c7:2b:6b:6d:45:38:07:06:f4:24:e5:47:92:d2:52:
6d:f1:c7:dc:3a:4d:96:fc:e1:b0:04:35:2e:21:c9:48:df:e4:
b4:04:5b:b5:d5:d5:ef:7d:70:ca:7f:1a:17:a1:68:fd:8c:d5:
41:c4:70:73:10:88:5a:4e:31:ec:a8:24:38:3c:64:2a:79:a5:
ad:71:48:cd
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYjD8rnvdKxibWEMVUZKfs9TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjMwNjE2MTEyNDA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNzQ1OGJjNGNmODVlMTA2Y2U0YTJjYmVkMDU5ZTM0YTMyZGRkMTc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnG5eMLEiGP4/xW4B5s186oDu9Mg8
KEHXIk46yfZCa7ws/PNAhFxv/ItQaCSWOxuYCnaFyXP6cVIVlkyILZCAEImsmvQk
djZDtdqC2Lsy1QW0yf2o9NF/LE2ZwP5A8GdYMmT81pj+Iniit5gy+mGpvwxaa/8h
jcGOQBi5h372F/Onj7rh5cExcLijn+NBpf6wThLyBGyMLylS0Xnf5j3qgvSbEAzk
IAEQO6LvdBBhTFqi+LfuSjZVOXYd98lLUvmAcptByyhXEqghQYxYcPRdKyNskkj3
uTwbh/Fy7HzmA6uVxqH/xKDBRbr9RoCFUxZM/yQ5jvsEXjWy2eyiwnafNQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDdFi8TPheEGzkosvtBZ40oy3dF0MB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvTjBXTHhNLUY0UWJPU2l5LTBGbmpTakxkMFhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAbXoqAwQA
bXouMA0GCSqGSIb3DQEBCwUAA4IBAQAIAsAezi2XBFkm2gVJSG6ATC6kTjI79bt3
c/B+JdtJ5o/6wqbeB/7dA3C1eur5eOXfO3ziYm9Jk+UmJvQvjAlJFEtPKDYLcUly
dTFfDAb/siHn7sodbkr/eIjlEM6Yrg8aWTJG54swDwOVQYMxqaEQHDJiORVD9rmK
4yn3WFMMxdgqlwqt5MOuaHPe5yjqwi+/zpt3IzKTRlbAzr17tMFoCw9Tbxh7gf/J
4boA/W+lpleXnuEW1VXHK2ttRTgHBvQk5UeS0lJt8cfcOk2W/OGwBDUuIclI3+S0
BFu11dXvfXDKfxoXoWj9jNVBxHBzEIhaTjHsqCQ4PGQqeaWtcUjN
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:06 2024 by rpki-client on console-ams.rpki-client.org