Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/R_lYPnhkN1XlFH_7AmBKeundSOo.roa
File: R_lYPnhkN1XlFH_7AmBKeundSOo.roa (raw, json)
Hash identifier: QWAbsnuNMF/WwpBvOHGLv7EmKy+7mjhT69ghIH7EBZE=
Subject key identifier: 47:F9:58:3E:78:64:37:55:E5:14:7F:FB:02:60:4A:7A:E9:DD:48:EA
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 018F4CB5898B6B7B27ECDD3555B0BA945D67
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/R_lYPnhkN1XlFH_7AmBKeundSOo.roa
Signing time: Mon 06 May 2024 07:01:56 +0000
ROA not before: Mon 06 May 2024 07:01:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 91.200.222.0/24 maxlen: 24
109.122.46.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 09 May 2024 02:45:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:4c:b5:89:8b:6b:7b:27:ec:dd:35:55:b0:ba:94:5d:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: May 6 07:01:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=47f9583e78643755e5147ffb02604a7ae9dd48ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:18:74:6d:1e:04:29:b0:13:43:2a:ce:2f:03:
27:25:62:87:fd:e2:86:33:c7:11:3f:22:ee:9b:11:
b9:6b:d9:05:29:54:cf:41:30:02:0b:1c:56:2c:82:
b3:29:b8:9f:45:27:9f:dd:e5:4d:42:05:33:62:00:
1f:20:44:1f:e4:56:e7:b7:da:7e:a1:48:d6:f6:11:
aa:73:d7:4b:7c:7b:85:f4:47:7c:7a:d9:a2:05:2d:
96:c6:9e:4d:e1:e5:2f:21:b8:05:b0:92:fb:94:02:
7e:4b:38:6c:0a:12:2a:29:6c:99:c3:0d:ad:32:ff:
c3:82:c5:15:cf:1d:e5:07:f8:d2:d8:08:37:7f:43:
5a:be:9f:87:60:a0:1c:e5:ca:39:05:0a:c4:14:21:
c3:a7:3c:74:4f:d2:56:77:08:4c:9f:60:dd:42:b1:
d9:b4:57:77:11:c2:c6:d1:b0:30:43:8e:77:7c:fd:
5a:c7:9b:02:eb:d1:39:71:99:14:dc:b1:3e:ac:bc:
88:7e:91:ef:ed:a3:b5:fb:a0:58:ad:9a:76:16:ae:
e4:6d:d3:e7:d2:19:d1:76:1e:b4:c5:7b:88:0a:13:
67:65:b1:c0:2a:86:d5:f8:62:e1:17:63:b0:23:70:
47:7e:27:dd:ff:fe:e1:ce:a1:93:0b:04:d3:ec:b5:
d9:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:F9:58:3E:78:64:37:55:E5:14:7F:FB:02:60:4A:7A:E9:DD:48:EA
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/R_lYPnhkN1XlFH_7AmBKeundSOo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.200.222.0/24
109.122.46.0/24
Signature Algorithm: sha256WithRSAEncryption
24:a1:10:3b:63:fc:61:d6:d2:94:5a:a9:ae:87:26:0a:06:e6:
0a:f0:f4:65:e2:e2:6d:95:b3:25:e8:2c:d5:45:8c:b7:cd:13:
7f:b1:04:99:29:51:87:03:7a:84:f8:49:a3:9f:19:0e:8f:5b:
00:61:b0:2d:c4:f5:05:8d:02:4c:27:aa:47:e6:75:ae:14:57:
88:52:a3:fc:04:79:9e:6d:87:52:e8:53:03:f8:80:2d:25:07:
29:d9:4e:c0:cf:c7:f7:cd:d7:2e:d2:80:20:98:ec:82:c2:02:
cf:31:67:9e:2b:4c:62:a6:c0:10:d3:36:0a:d2:a2:11:c7:2a:
fd:94:94:04:f7:43:ed:c5:a9:b6:bf:68:ed:94:ff:bb:af:2b:
a7:bb:87:87:bf:ea:47:a1:79:34:dd:b8:56:7c:bb:f1:ca:f1:
c4:60:ea:b9:d9:1f:2a:3b:1d:60:d3:2b:09:96:35:82:81:5e:
97:23:63:fc:74:b3:2d:c0:c0:8a:ba:82:fe:ff:e5:83:95:cb:
0d:eb:07:c6:f4:d3:6e:b5:15:f4:84:39:1f:af:62:7c:e4:ab:
57:70:9a:83:a3:15:7c:f2:ff:f1:c3:0f:b5:6a:84:85:1a:1f:
f3:fe:b0:4c:ea:84:fb:80:ed:ea:8e:02:dc:53:3a:ff:24:70:
6d:14:66:6b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY9MtYmLa3sn7N01VbC6lF1nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjQwNTA2MDcwMTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0N2Y5NTgzZTc4NjQzNzU1ZTUxNDdmZmIwMjYwNGE3YWU5ZGQ0OGVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjBh0bR4EKbATQyrOLwMnJWKH/eKG
M8cRPyLumxG5a9kFKVTPQTACCxxWLIKzKbifRSef3eVNQgUzYgAfIEQf5Fbnt9p+
oUjW9hGqc9dLfHuF9Ed8etmiBS2Wxp5N4eUvIbgFsJL7lAJ+SzhsChIqKWyZww2t
Mv/DgsUVzx3lB/jS2Ag3f0Navp+HYKAc5co5BQrEFCHDpzx0T9JWdwhMn2DdQrHZ
tFd3EcLG0bAwQ453fP1ax5sC69E5cZkU3LE+rLyIfpHv7aO1+6BYrZp2Fq7kbdPn
0hnRdh60xXuIChNnZbHAKobV+GLhF2OwI3BHfifd//7hzqGTCwTT7LXZdwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEf5WD54ZDdV5RR/+wJgSnrp3UjqMB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvUl9sWVBuaGtOMVhsRkhfN0FtQktldW5kU09vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW8jeAwQA
bXouMA0GCSqGSIb3DQEBCwUAA4IBAQAkoRA7Y/xh1tKUWqmuhyYKBuYK8PRl4uJt
lbMl6CzVRYy3zRN/sQSZKVGHA3qE+EmjnxkOj1sAYbAtxPUFjQJMJ6pH5nWuFFeI
UqP8BHmebYdS6FMD+IAtJQcp2U7Az8f3zdcu0oAgmOyCwgLPMWeeK0xipsAQ0zYK
0qIRxyr9lJQE90Ptxam2v2jtlP+7ryunu4eHv+pHoXk03bhWfLvxyvHEYOq52R8q
Ox1g0ysJljWCgV6XI2P8dLMtwMCKuoL+/+WDlcsN6wfG9NNutRX0hDkfr2J85KtX
cJqDoxV88v/xww+1aoSFGh/z/rBM6oT7gO3qjgLcUzr/JHBtFGZr
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:06 2024 by rpki-client on console-ams.rpki-client.org