Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/SsuZVuxUBmqjfBLinfvVAV6Y7zY.roa
File: SsuZVuxUBmqjfBLinfvVAV6Y7zY.roa (raw, json)
Hash identifier: x+sQhHbvusjz91f1dIcpAdgh7L74eZTor4T2sSrM6mY=
Subject key identifier: 4A:CB:99:56:EC:54:06:6A:A3:7C:12:E2:9D:FB:D5:01:5E:98:EF:36
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 018E997ACA44173B293B2B8E0F6EC7030BB1
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/SsuZVuxUBmqjfBLinfvVAV6Y7zY.roa
Signing time: Mon 01 Apr 2024 11:45:44 +0000
ROA not before: Mon 01 Apr 2024 11:45:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 91.200.220.0/24 maxlen: 24
91.210.144.0/24 maxlen: 24
91.210.145.0/24 maxlen: 24
91.210.146.0/24 maxlen: 24
109.122.46.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Apr 2024 08:37:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:99:7a:ca:44:17:3b:29:3b:2b:8e:0f:6e:c7:03:0b:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Apr 1 11:45:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4acb9956ec54066aa37c12e29dfbd5015e98ef36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:f9:2e:ef:d0:db:d4:fc:99:07:8b:69:b2:22:
bd:5f:5c:2e:d1:a3:55:67:95:e5:35:43:c7:f4:41:
b8:24:80:03:c4:38:8a:fe:6f:13:78:13:36:48:c9:
c3:14:80:a9:df:4f:19:e4:d7:72:4b:63:4e:66:c2:
64:38:83:50:a8:28:3e:48:f9:af:f1:e7:30:fd:fa:
a3:f8:8d:9b:bd:82:10:63:de:c1:bb:6c:aa:27:6b:
22:61:8b:ff:dc:03:7b:6a:5a:8b:5f:22:f0:1d:b5:
c4:2d:f9:f4:b8:bd:8c:d2:86:86:0c:18:e8:63:e3:
26:3a:3f:18:1f:88:5f:dd:66:39:99:f4:86:f0:36:
cc:c4:2c:63:36:bc:73:f0:e8:b6:8f:71:be:66:0a:
d9:09:89:53:ab:0c:3b:79:17:b7:d5:2b:39:1b:86:
71:54:d0:3d:93:9d:f3:5b:93:1f:bf:2a:a7:e6:3a:
59:d8:56:f0:04:50:2c:6f:91:33:f9:f3:48:af:be:
4d:62:f2:fc:9f:ed:4d:5d:ec:a6:3b:aa:1f:2d:52:
3c:64:35:9d:b5:d5:cf:4a:72:88:22:8b:35:98:df:
f9:94:76:3b:83:c4:e8:a0:fb:d1:10:b8:45:44:bc:
25:0d:1f:df:39:55:42:73:7e:d0:e6:3c:88:92:d8:
07:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:CB:99:56:EC:54:06:6A:A3:7C:12:E2:9D:FB:D5:01:5E:98:EF:36
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/SsuZVuxUBmqjfBLinfvVAV6Y7zY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.200.220.0/24
91.210.144.0-91.210.146.255
109.122.46.0/24
Signature Algorithm: sha256WithRSAEncryption
84:f9:25:21:af:5c:9c:7d:59:d1:de:00:b7:b3:e9:ab:d6:09:
28:67:c3:10:22:d0:6d:93:9a:77:28:57:9d:79:df:99:39:5d:
29:37:a6:60:9e:25:cc:b5:5d:53:c9:3b:64:4a:e8:34:68:f6:
c6:19:b9:02:85:3c:bc:6a:f4:be:b5:c6:8a:78:92:27:a9:d1:
c5:2f:cb:68:4c:d4:af:39:a1:4b:79:15:22:be:fe:0a:8c:b5:
a9:3d:b6:5a:e6:6f:1e:f5:c7:13:2a:c2:58:7a:cc:14:e1:b6:
c6:29:31:23:5a:72:6d:cf:45:2b:eb:ea:e8:6b:ae:95:a8:81:
e7:2f:49:db:0c:14:f6:ea:6d:7d:0c:41:77:54:4c:cc:1b:42:
30:7d:27:d9:56:b2:69:f0:35:bf:9d:fe:7f:3e:6b:aa:a2:f1:
09:bb:cb:9d:b0:42:3a:9a:d8:c8:64:98:f7:47:1a:ba:4a:b4:
65:dc:28:38:13:92:45:39:7d:10:a3:7d:83:b0:28:b3:f0:ee:
34:68:ec:c3:6d:89:48:43:e4:75:85:8b:0d:2d:e0:73:50:c9:
26:54:75:6f:f0:25:90:62:83:37:24:84:5c:cb:ad:cb:50:93:
93:95:38:3b:0b:cb:5f:1e:d2:5d:28:5b:42:57:cb:fc:89:c9:
e7:ba:90:7d
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAY6ZespEFzspOyuOD27HAwuxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjQwNDAxMTE0NTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YWNiOTk1NmVjNTQwNjZhYTM3YzEyZTI5ZGZiZDUwMTVlOThlZjM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApvku79Db1PyZB4tpsiK9X1wu0aNV
Z5XlNUPH9EG4JIADxDiK/m8TeBM2SMnDFICp308Z5NdyS2NOZsJkOINQqCg+SPmv
8ecw/fqj+I2bvYIQY97Bu2yqJ2siYYv/3AN7alqLXyLwHbXELfn0uL2M0oaGDBjo
Y+MmOj8YH4hf3WY5mfSG8DbMxCxjNrxz8Oi2j3G+ZgrZCYlTqww7eRe31Ss5G4Zx
VNA9k53zW5Mfvyqn5jpZ2FbwBFAsb5Ez+fNIr75NYvL8n+1NXeymO6ofLVI8ZDWd
tdXPSnKIIos1mN/5lHY7g8TooPvRELhFRLwlDR/fOVVCc37Q5jyIktgHuwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFErLmVbsVAZqo3wS4p371QFemO82MB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvU3N1WlZ1eFVCbXFqZkJMaW5mdlZBVjZZN3pZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAW8jcMAwD
BARb0pADBABb0pIDBABtei4wDQYJKoZIhvcNAQELBQADggEBAIT5JSGvXJx9WdHe
ALez6avWCShnwxAi0G2TmncoV51535k5XSk3pmCeJcy1XVPJO2RK6DRo9sYZuQKF
PLxq9L61xop4kiep0cUvy2hM1K85oUt5FSK+/gqMtak9tlrmbx71xxMqwlh6zBTh
tsYpMSNacm3PRSvr6uhrrpWogecvSdsMFPbqbX0MQXdUTMwbQjB9J9lWsmnwNb+d
/n8+a6qi8Qm7y52wQjqa2MhkmPdHGrpKtGXcKDgTkkU5fRCjfYOwKLPw7jRo7MNt
iUhD5HWFiw0t4HNQySZUdW/wJZBigzckhFzLrctQk5OVODsLy18e0l0oW0JXy/yJ
yee6kH0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:36 2024 by rpki-client on console-fra.rpki-client.org