Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/OdUpubJZmQYHg9EfqlKwt6jJqH8.roa
File: OdUpubJZmQYHg9EfqlKwt6jJqH8.roa (raw, json)
Hash identifier: Y1jUVn/aa32E6kt+3hmkBMFWMlsf64F7kNRT4CqdAXs=
Subject key identifier: 39:D5:29:B9:B2:59:99:06:07:83:D1:1F:AA:52:B0:B7:A8:C9:A8:7F
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 018DFA61C7E0D126D1CEE2B8E14D896439DB
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/OdUpubJZmQYHg9EfqlKwt6jJqH8.roa
Signing time: Fri 01 Mar 2024 14:18:48 +0000
ROA not before: Fri 01 Mar 2024 14:18:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47585
IP address blocks: 91.200.220.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Apr 2024 11:45:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:fa:61:c7:e0:d1:26:d1:ce:e2:b8:e1:4d:89:64:39:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Mar 1 14:18:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=39d529b9b25999060783d11faa52b0b7a8c9a87f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:a0:32:7e:8f:37:a2:22:3d:2c:5b:76:f3:3f:
6d:9f:1e:ce:64:51:57:56:18:5a:0b:3e:31:9b:6f:
6c:a5:fe:98:da:94:d3:4d:62:74:00:0e:79:99:7e:
0b:6c:44:19:af:60:fe:9a:f2:d9:83:17:f1:dc:80:
01:2e:12:6a:10:c7:60:3e:ba:71:dd:af:6b:48:32:
c4:b4:5b:cf:bf:cf:af:e4:04:6f:f6:f7:fd:d1:cb:
d1:87:fc:65:03:6e:73:05:ab:84:0a:54:4c:7c:7c:
52:f1:3c:ce:21:b1:07:88:4e:4e:2a:f5:84:b9:ca:
70:d6:c5:ea:cc:a3:f4:ee:9d:c0:8e:84:f9:bc:ea:
6d:fe:33:73:38:9a:47:26:fb:a1:f5:da:59:31:b4:
62:90:35:64:88:80:24:21:06:77:f6:50:31:bb:48:
40:3d:aa:99:44:2c:ec:cc:97:11:b9:d3:62:64:a7:
9a:c3:04:40:80:b3:f4:d2:7a:76:72:6e:c6:dc:74:
14:c4:40:a9:58:c5:af:52:f6:10:c5:63:b2:1c:3d:
08:42:0a:d4:8d:54:bc:73:14:66:72:d2:d1:9f:b0:
ca:2c:4c:e0:00:10:d6:e4:11:a2:e9:aa:91:63:73:
ce:84:3e:ef:a9:ef:d7:5b:07:23:2b:31:e5:b7:f1:
61:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:D5:29:B9:B2:59:99:06:07:83:D1:1F:AA:52:B0:B7:A8:C9:A8:7F
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/OdUpubJZmQYHg9EfqlKwt6jJqH8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.200.220.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:9b:0e:25:7f:f4:27:71:04:17:77:4d:98:4b:fe:98:70:86:
4a:bf:11:74:aa:79:fc:36:0f:24:a6:e4:a0:58:f1:f7:cb:e3:
1a:9d:bf:01:83:f2:cd:dd:ee:5b:3b:17:be:ee:d4:77:0b:fc:
75:16:88:36:f6:12:a1:a4:5c:16:b5:3e:de:ed:d5:54:c5:97:
c9:4f:84:52:82:ec:ab:75:b9:2b:fa:cd:39:9a:5e:e0:63:eb:
93:66:6d:b0:2c:11:d6:c8:43:8d:1b:b7:a2:d0:2b:b1:31:47:
88:79:28:73:5e:e3:8a:e2:8a:41:77:6b:86:d4:3a:85:41:e1:
bf:da:85:8e:90:53:28:eb:d0:d4:96:1a:53:06:fa:de:7a:4f:
54:81:04:41:95:4c:d5:1e:8e:12:0a:66:2c:08:c4:30:3f:fb:
c8:23:85:d2:ec:90:d9:6d:6d:26:f5:0d:9e:70:1b:c2:7e:8c:
76:65:dc:25:8a:0c:1a:cc:12:1c:68:49:2f:2c:49:08:dd:44:
c5:63:27:4f:a3:27:89:dd:15:3c:81:0c:2a:7c:8a:c9:72:1d:
e7:7a:1f:1e:94:18:2b:a3:8a:6b:5b:96:ca:db:6b:41:9b:76:
eb:11:58:95:46:b4:0f:ac:a1:14:33:19:5a:54:9e:d8:a6:bc:
af:a9:1e:42
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY36Ycfg0SbRzuK44U2JZDnbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjQwMzAxMTQxODQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOWQ1MjliOWIyNTk5OTA2MDc4M2QxMWZhYTUyYjBiN2E4YzlhODdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiaAyfo83oiI9LFt28z9tnx7OZFFX
VhhaCz4xm29spf6Y2pTTTWJ0AA55mX4LbEQZr2D+mvLZgxfx3IABLhJqEMdgPrpx
3a9rSDLEtFvPv8+v5ARv9vf90cvRh/xlA25zBauEClRMfHxS8TzOIbEHiE5OKvWE
ucpw1sXqzKP07p3AjoT5vOpt/jNzOJpHJvuh9dpZMbRikDVkiIAkIQZ39lAxu0hA
PaqZRCzszJcRudNiZKeawwRAgLP00np2cm7G3HQUxECpWMWvUvYQxWOyHD0IQgrU
jVS8cxRmctLRn7DKLEzgABDW5BGi6aqRY3POhD7vqe/XWwcjKzHlt/Fh3QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDnVKbmyWZkGB4PRH6pSsLeoyah/MB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvT2RVcHViSlptUVlIZzlFZnFsS3d0NmpKcUg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW8jcMA0G
CSqGSIb3DQEBCwUAA4IBAQAdmw4lf/QncQQXd02YS/6YcIZKvxF0qnn8Ng8kpuSg
WPH3y+Manb8Bg/LN3e5bOxe+7tR3C/x1Fog29hKhpFwWtT7e7dVUxZfJT4RSguyr
dbkr+s05ml7gY+uTZm2wLBHWyEONG7ei0CuxMUeIeShzXuOK4opBd2uG1DqFQeG/
2oWOkFMo69DUlhpTBvreek9UgQRBlUzVHo4SCmYsCMQwP/vII4XS7JDZbW0m9Q2e
cBvCfox2ZdwligwazBIcaEkvLEkI3UTFYydPoyeJ3RU8gQwqfIrJch3neh8elBgr
o4prW5bK22tBm3brEViVRrQPrKEUMxlaVJ7YpryvqR5C
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:06 2024 by rpki-client on console-ams.rpki-client.org