Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/Ogfh6Z_XnHCxs0rQhIXzThrwfHE.roa
File: Ogfh6Z_XnHCxs0rQhIXzThrwfHE.roa (raw, json)
Hash identifier: XqN1nlWOIrudcZ/t50WqSC+N1KxFoWEkS7my96Y4Gl8=
Subject key identifier: 3A:07:E1:E9:9F:D7:9C:70:B1:B3:4A:D0:84:85:F3:4E:1A:F0:7C:71
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 018CCDF6E2A4FD115990675B46ACC12606C9
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/Ogfh6Z_XnHCxs0rQhIXzThrwfHE.roa
Signing time: Wed 03 Jan 2024 06:15:58 +0000
ROA not before: Wed 03 Jan 2024 06:15:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 91.200.221.0/24 maxlen: 24
109.122.46.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 07 Jan 2024 08:34:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:cd:f6:e2:a4:fd:11:59:90:67:5b:46:ac:c1:26:06:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Jan 3 06:15:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3a07e1e99fd79c70b1b34ad08485f34e1af07c71
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:c4:d7:af:4c:fc:87:77:89:a8:06:91:89:23:
60:ef:ec:b4:14:67:9d:90:51:5b:b4:4f:8b:e3:4c:
a6:10:17:95:df:11:83:3a:8b:20:65:40:2a:1a:e3:
49:38:3d:93:02:57:27:ed:07:08:ec:f2:14:43:60:
9d:70:9e:95:e4:1b:40:17:ed:4e:98:ca:08:ce:12:
af:ec:9d:f4:39:14:a5:73:77:14:c0:7a:4f:5b:02:
94:d7:ad:08:2b:d6:03:8d:7c:3e:ac:67:39:80:d2:
d5:7b:89:34:48:04:e8:5c:01:11:d6:3c:7e:14:fc:
56:9d:94:01:23:05:e7:0d:e4:c5:9b:74:67:1c:cb:
28:e9:ac:7b:2d:c2:c9:3d:73:69:12:ce:fc:9a:e5:
56:5c:6f:5f:bb:3b:df:86:f8:09:cd:d2:d7:82:e4:
cb:bd:83:25:04:9b:b3:14:0d:47:7f:98:c4:5f:cd:
ed:07:4f:47:f9:0f:66:86:5f:8b:fc:7e:85:2d:d3:
ef:30:0d:52:20:11:67:8d:0d:65:03:f2:cc:7c:c2:
53:00:2b:e3:c6:fa:21:6a:88:29:ab:e2:f8:64:c4:
19:86:fb:14:01:46:9b:9e:db:c5:ce:b7:0c:9b:c8:
4a:42:ad:ac:9c:c8:70:8a:a2:ea:3c:d4:13:19:c4:
8b:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:07:E1:E9:9F:D7:9C:70:B1:B3:4A:D0:84:85:F3:4E:1A:F0:7C:71
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/Ogfh6Z_XnHCxs0rQhIXzThrwfHE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.200.221.0/24
109.122.46.0/24
Signature Algorithm: sha256WithRSAEncryption
6e:59:11:e3:01:01:52:bd:33:68:a8:2f:9d:e8:0b:f8:5e:cd:
97:0c:5d:c7:97:f1:84:aa:bb:78:a3:5d:7f:84:7a:f2:45:aa:
95:33:09:51:0f:13:21:69:95:e8:62:12:47:5d:11:9f:6a:3f:
93:99:08:3d:7d:56:f9:0c:5f:b3:70:35:41:d7:8b:19:f1:48:
db:c4:d1:ee:e8:59:66:07:66:87:de:57:d3:05:5d:31:dd:05:
97:29:5b:87:a9:a4:f2:21:6f:83:7a:b1:13:79:d4:02:bc:8b:
72:45:83:6e:b9:c6:b3:f1:5b:46:5c:f7:d2:b4:71:9d:83:e0:
2d:64:15:18:53:0d:95:52:66:96:b4:18:f5:be:73:ce:be:d4:
3b:90:f3:90:a6:7d:ef:8e:7b:f8:35:1d:4a:e2:6a:06:da:ec:
ae:ff:90:e9:88:10:40:84:2f:1d:ec:2f:76:d7:4b:33:bf:e7:
05:70:1c:8a:6a:65:d9:68:2f:f9:2c:3c:ac:ae:a0:82:6d:dd:
f5:ef:b9:1c:76:22:cb:98:70:11:f3:54:21:79:aa:b6:c2:7f:
b4:07:0c:0e:a0:48:90:0c:2e:5b:ed:b2:b5:78:6e:ac:16:57:
e4:a1:f3:49:da:48:8d:19:d9:58:31:84:e4:d8:58:80:30:1c:
35:a3:57:a7
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzN9uKk/RFZkGdbRqzBJgbJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjQwMTAzMDYxNTU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTA3ZTFlOTlmZDc5YzcwYjFiMzRhZDA4NDg1ZjM0ZTFhZjA3YzcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz8TXr0z8h3eJqAaRiSNg7+y0FGed
kFFbtE+L40ymEBeV3xGDOosgZUAqGuNJOD2TAlcn7QcI7PIUQ2CdcJ6V5BtAF+1O
mMoIzhKv7J30ORSlc3cUwHpPWwKU160IK9YDjXw+rGc5gNLVe4k0SAToXAER1jx+
FPxWnZQBIwXnDeTFm3RnHMso6ax7LcLJPXNpEs78muVWXG9fuzvfhvgJzdLXguTL
vYMlBJuzFA1Hf5jEX83tB09H+Q9mhl+L/H6FLdPvMA1SIBFnjQ1lA/LMfMJTACvj
xvohaogpq+L4ZMQZhvsUAUabntvFzrcMm8hKQq2snMhwiqLqPNQTGcSLcwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDoH4emf15xwsbNK0ISF804a8HxxMB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvT2dmaDZaX1huSEN4czByUWhJWHpUaHJ3ZkhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW8jdAwQA
bXouMA0GCSqGSIb3DQEBCwUAA4IBAQBuWRHjAQFSvTNoqC+d6Av4Xs2XDF3Hl/GE
qrt4o11/hHryRaqVMwlRDxMhaZXoYhJHXRGfaj+TmQg9fVb5DF+zcDVB14sZ8Ujb
xNHu6FlmB2aH3lfTBV0x3QWXKVuHqaTyIW+DerETedQCvItyRYNuucaz8VtGXPfS
tHGdg+AtZBUYUw2VUmaWtBj1vnPOvtQ7kPOQpn3vjnv4NR1K4moG2uyu/5DpiBBA
hC8d7C9210szv+cFcByKamXZaC/5LDysrqCCbd3177kcdiLLmHAR81Qheaq2wn+0
BwwOoEiQDC5b7bK1eG6sFlfkofNJ2kiNGdlYMYTk2FiAMBw1o1en
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:06 2024 by rpki-client on console-ams.rpki-client.org