Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/PaOa9SAtNGoSRW_1nqu5kU7LYpo.roa
File: PaOa9SAtNGoSRW_1nqu5kU7LYpo.roa (raw, json)
Hash identifier: 2vl0fx2x63OB8yWrzxll6vYGcQPc9+JmgcatXRt/oR4=
Subject key identifier: 3D:A3:9A:F5:20:2D:34:6A:12:45:6F:F5:9E:AB:B9:91:4E:CB:62:9A
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 018653A255A77DD2D4192C6F63A42BE9D586
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/PaOa9SAtNGoSRW_1nqu5kU7LYpo.roa
Signing time: Wed 15 Feb 2023 05:53:13 +0000
ROA not before: Wed 15 Feb 2023 05:53:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209260
IP address blocks: 91.200.223.0/24 maxlen: 24
91.200.221.0/24 maxlen: 24
109.122.43.0/24 maxlen: 24
109.122.44.0/24 maxlen: 24
91.226.57.0/24 maxlen: 24
91.226.59.0/24 maxlen: 24
193.93.52.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 21 Apr 2023 10:21:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:53:a2:55:a7:7d:d2:d4:19:2c:6f:63:a4:2b:e9:d5:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Feb 15 05:53:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3da39af5202d346a12456ff59eabb9914ecb629a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:f7:6d:c3:cb:6e:78:fc:b6:d9:7f:44:ef:44:
a1:77:15:29:23:22:7e:6f:d9:76:c9:e9:20:6c:c1:
1b:ce:40:ac:a6:cf:15:83:7b:32:d1:80:49:5f:59:
39:9a:8e:fb:5a:03:43:f1:3a:dc:c5:cf:4d:45:75:
e7:fd:96:5c:78:a4:41:cb:09:aa:ea:91:2b:60:d1:
be:b8:20:18:f3:e6:8f:99:45:64:8c:ca:eb:ef:fa:
89:09:98:f4:96:1d:b6:0b:f1:8f:b0:63:39:8e:41:
ab:97:46:3c:0c:ea:c4:27:4c:cd:92:88:0f:13:32:
f5:26:8f:82:21:86:7a:9e:d6:9f:3d:f0:e5:f2:a7:
c5:08:b7:9d:65:24:4d:d6:77:b0:f8:1f:b5:ae:68:
a0:d4:50:fa:9e:4a:dc:37:2f:b2:80:40:e0:cc:a3:
85:bd:cd:9b:3c:b6:9f:e7:94:39:fa:df:a5:75:0f:
2e:b3:84:d4:08:aa:4c:68:58:c6:fc:91:8a:58:84:
ea:04:be:e1:b5:18:3a:4e:da:82:11:59:cd:e1:19:
58:e3:ec:2c:e5:69:23:91:d1:43:f6:48:35:77:c6:
f0:1f:f1:75:6e:f7:39:a9:ea:f3:5f:91:70:90:a0:
64:8b:68:22:c5:c4:5e:61:22:8a:5c:3b:58:d5:7d:
52:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:A3:9A:F5:20:2D:34:6A:12:45:6F:F5:9E:AB:B9:91:4E:CB:62:9A
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/PaOa9SAtNGoSRW_1nqu5kU7LYpo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.200.221.0/24
91.200.223.0/24
91.226.57.0/24
91.226.59.0/24
109.122.43.0-109.122.44.255
193.93.52.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:17:e5:f8:8b:10:18:c8:d9:0d:fd:0f:eb:05:fb:9e:27:d8:
b4:56:76:19:37:39:20:3d:bf:b4:9e:6a:38:df:ea:81:b2:3e:
09:89:e6:9f:a7:56:aa:7d:5c:f7:23:50:54:78:9f:19:fc:2f:
34:36:a6:54:be:43:2f:06:a1:25:f1:2b:6a:35:cb:93:c8:8b:
3e:b1:73:bf:a0:e1:45:11:2d:57:1a:7e:6a:a3:e2:c6:31:89:
95:f7:cc:80:6e:5e:0c:a7:41:af:31:6f:25:92:ea:ca:e4:57:
e6:48:f0:bd:dc:f9:e8:fa:6c:9c:db:2b:09:08:25:62:55:d1:
ff:2d:46:51:dc:84:c7:12:27:7c:e4:88:4d:46:ab:66:5d:e4:
93:d9:b1:8d:62:d3:23:5d:3a:ef:e2:65:08:fc:6a:6d:f0:3b:
f7:6e:40:67:8d:44:d8:2d:92:b8:26:18:8e:2a:55:79:21:76:
da:20:e5:04:c5:4f:41:cd:4d:86:da:ca:f0:f5:93:1f:df:13:
09:aa:6b:d9:60:73:8a:9e:ef:f9:56:46:10:70:e4:be:ac:0d:
b6:5a:1a:d9:d0:5b:56:19:e4:64:6e:8a:ec:a3:24:83:ff:f0:
73:40:c5:8b:e7:86:bd:11:30:c3:74:9d:1a:4c:17:b2:ee:58:
0e:95:d5:58
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYZTolWnfdLUGSxvY6Qr6dWGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjMwMjE1MDU1MzEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZGEzOWFmNTIwMmQzNDZhMTI0NTZmZjU5ZWFiYjk5MTRlY2I2MjlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqfdtw8tuePy22X9E70ShdxUpIyJ+
b9l2yekgbMEbzkCsps8Vg3sy0YBJX1k5mo77WgND8Trcxc9NRXXn/ZZceKRBywmq
6pErYNG+uCAY8+aPmUVkjMrr7/qJCZj0lh22C/GPsGM5jkGrl0Y8DOrEJ0zNkogP
EzL1Jo+CIYZ6ntafPfDl8qfFCLedZSRN1new+B+1rmig1FD6nkrcNy+ygEDgzKOF
vc2bPLaf55Q5+t+ldQ8us4TUCKpMaFjG/JGKWITqBL7htRg6TtqCEVnN4RlY4+ws
5WkjkdFD9kg1d8bwH/F1bvc5qerzX5FwkKBki2gixcReYSKKXDtY1X1SKwIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFD2jmvUgLTRqEkVv9Z6ruZFOy2KaMB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvUGFPYTlTQXROR29TUldfMW5xdTVrVTdMWXBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQAW8jdAwQA
W8jfAwQAW+I5AwQAW+I7MAwDBABteisDBABteiwDBADBXTQwDQYJKoZIhvcNAQEL
BQADggEBAD4X5fiLEBjI2Q39D+sF+54n2LRWdhk3OSA9v7Seajjf6oGyPgmJ5p+n
Vqp9XPcjUFR4nxn8LzQ2plS+Qy8GoSXxK2o1y5PIiz6xc7+g4UURLVcafmqj4sYx
iZX3zIBuXgynQa8xbyWS6srkV+ZI8L3c+ej6bJzbKwkIJWJV0f8tRlHchMcSJ3zk
iE1Gq2Zd5JPZsY1i0yNdOu/iZQj8am3wO/duQGeNRNgtkrgmGI4qVXkhdtog5QTF
T0HNTYbayvD1kx/fEwmqa9lgc4qe7/lWRhBw5L6sDbZaGtnQW1YZ5GRuiuyjJIP/
8HNAxYvnhr0RMMN0nRpMF7LuWA6V1Vg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:06 2024 by rpki-client on console-ams.rpki-client.org