Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/NZf7ctzVwdUCPpzNzZYwg7nVe3g.roa
File: NZf7ctzVwdUCPpzNzZYwg7nVe3g.roa (raw, json)
Hash identifier: 9/zFQ+QoiLb/6ysjLvilFFgBHgnpfVwIwqFAf5SDBnE=
Subject key identifier: 35:97:FB:72:DC:D5:C1:D5:02:3E:9C:CD:CD:96:30:83:B9:D5:7B:78
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 018EA3A94CF43A37160E26C0C61EE68D0D3A
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/NZf7ctzVwdUCPpzNzZYwg7nVe3g.roa
Signing time: Wed 03 Apr 2024 11:12:45 +0000
ROA not before: Wed 03 Apr 2024 11:12:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 91.210.145.0/24 maxlen: 24
109.122.40.0/24 maxlen: 24
109.122.46.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 04 Apr 2024 02:53:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:a3:a9:4c:f4:3a:37:16:0e:26:c0:c6:1e:e6:8d:0d:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Apr 3 11:12:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3597fb72dcd5c1d5023e9ccdcd963083b9d57b78
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:99:23:c1:17:c9:6f:ce:99:c1:b5:52:ba:c6:
56:9a:d6:4d:5d:f3:e6:ab:8e:28:57:f6:c7:f4:18:
35:ec:50:84:ec:b4:ae:82:1e:90:73:4f:68:cb:a8:
ec:4a:d0:5a:f4:4e:35:1f:76:7f:4c:46:a0:ea:40:
39:4d:81:3a:29:b1:cc:66:ae:99:f1:81:a0:61:1c:
ea:63:ae:c1:0b:ca:7a:b1:18:d1:50:e3:69:3e:40:
6a:96:33:b6:52:f6:43:bd:cd:1d:e3:8a:de:85:9f:
ec:45:69:24:eb:fa:56:f3:5a:b5:5b:a6:fd:ed:09:
06:99:f3:ae:f7:f3:dd:12:80:cd:35:52:64:5c:ea:
dc:cd:10:a6:bd:e5:3d:ef:99:a5:ce:a4:e6:cd:a2:
36:41:58:eb:22:c9:0c:3b:7e:14:34:65:c8:fe:b0:
e0:60:ed:32:28:b9:6c:ad:47:c8:d7:8d:25:b0:b9:
1a:e8:51:a0:57:85:8a:58:ec:3c:5e:04:d7:70:85:
05:79:32:c1:1f:31:66:35:8f:59:69:6c:5c:b9:d1:
42:79:d2:6d:48:de:23:2c:d2:1c:a0:f6:7f:d8:4b:
32:03:18:f0:ec:84:73:c0:1f:d0:ff:11:6b:8d:de:
4b:fd:53:d0:14:73:14:be:1c:a8:b8:21:2a:d9:60:
af:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:97:FB:72:DC:D5:C1:D5:02:3E:9C:CD:CD:96:30:83:B9:D5:7B:78
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/NZf7ctzVwdUCPpzNzZYwg7nVe3g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.210.145.0/24
109.122.40.0/24
109.122.46.0/24
Signature Algorithm: sha256WithRSAEncryption
68:58:a6:bc:1a:a4:3c:6e:40:b2:d7:98:40:c4:bf:f6:a7:5c:
35:e8:bc:7e:64:b8:87:86:9b:ae:41:0f:7d:98:49:97:40:c2:
b5:6b:21:3f:d6:21:9b:f4:24:b3:21:33:00:b2:9e:9c:4b:2f:
1f:7f:44:a2:80:0b:c5:a9:39:08:22:ea:0b:90:dd:1c:61:60:
70:28:a3:d3:bd:00:b6:d6:0e:d6:fb:32:e1:ad:8b:74:db:ea:
4f:f7:80:85:aa:db:6b:ff:86:b0:2b:7a:e5:d3:e4:fd:f5:88:
d1:3c:8b:3e:7c:30:fe:b2:3c:b3:cc:77:93:b7:4d:ff:f5:ad:
87:fd:96:16:ce:9d:85:e0:9b:41:00:a1:4c:1f:f0:af:07:27:
de:65:3b:0c:20:46:55:07:4a:ff:03:0f:8e:30:08:d1:20:a0:
f4:b2:bb:bb:c2:8c:d4:b2:35:78:fc:2d:7e:65:90:dc:66:91:
a5:00:4d:3e:d4:fa:bd:df:d3:bb:99:75:8a:cf:fc:e0:b2:69:
10:c8:53:8a:42:2c:a4:21:df:f8:45:30:82:33:dc:25:b6:12:
d6:72:52:b9:f0:0d:17:46:50:f2:bd:16:46:03:a5:16:42:c0:
60:46:80:88:ff:fc:89:ab:f5:08:a9:1f:42:e6:99:49:71:70:
35:fa:61:62
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY6jqUz0OjcWDibAxh7mjQ06MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjQwNDAzMTExMjQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTk3ZmI3MmRjZDVjMWQ1MDIzZTljY2RjZDk2MzA4M2I5ZDU3Yjc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv5kjwRfJb86ZwbVSusZWmtZNXfPm
q44oV/bH9Bg17FCE7LSugh6Qc09oy6jsStBa9E41H3Z/TEag6kA5TYE6KbHMZq6Z
8YGgYRzqY67BC8p6sRjRUONpPkBqljO2UvZDvc0d44rehZ/sRWkk6/pW81q1W6b9
7QkGmfOu9/PdEoDNNVJkXOrczRCmveU975mlzqTmzaI2QVjrIskMO34UNGXI/rDg
YO0yKLlsrUfI140lsLka6FGgV4WKWOw8XgTXcIUFeTLBHzFmNY9ZaWxcudFCedJt
SN4jLNIcoPZ/2EsyAxjw7IRzwB/Q/xFrjd5L/VPQFHMUvhyouCEq2WCvqwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDWX+3Lc1cHVAj6czc2WMIO51Xt4MB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvTlpmN2N0elZ3ZFVDUHB6TnpaWXdnN25WZTNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAW9KRAwQA
bXooAwQAbXouMA0GCSqGSIb3DQEBCwUAA4IBAQBoWKa8GqQ8bkCy15hAxL/2p1w1
6Lx+ZLiHhpuuQQ99mEmXQMK1ayE/1iGb9CSzITMAsp6cSy8ff0SigAvFqTkIIuoL
kN0cYWBwKKPTvQC21g7W+zLhrYt02+pP94CFqttr/4awK3rl0+T99YjRPIs+fDD+
sjyzzHeTt03/9a2H/ZYWzp2F4JtBAKFMH/CvByfeZTsMIEZVB0r/Aw+OMAjRIKD0
sru7wozUsjV4/C1+ZZDcZpGlAE0+1Pq939O7mXWKz/zgsmkQyFOKQiykId/4RTCC
M9wlthLWclK58A0XRlDyvRZGA6UWQsBgRoCI//yJq/UIqR9C5plJcXA1+mFi
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:36 2024 by rpki-client on console-fra.rpki-client.org