Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/T-Dx2WZUPBdsLuodVnENpcojrv4.roa
File: T-Dx2WZUPBdsLuodVnENpcojrv4.roa (raw, json)
Hash identifier: k123u1Q17c62PWTdLjFFwNoD0msZfJ7PGrIb1G0yB+w=
Subject key identifier: 4F:E0:F1:D9:66:54:3C:17:6C:2E:EA:1D:56:71:0D:A5:CA:23:AE:FE
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 018FE7DB6B24EBA6A120D01F12452B50BA52
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/T-Dx2WZUPBdsLuodVnENpcojrv4.roa
Signing time: Wed 05 Jun 2024 10:04:27 +0000
ROA not before: Wed 05 Jun 2024 10:04:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 91.200.222.0/24 maxlen: 24
91.210.145.0/24 maxlen: 24
109.122.46.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 05 Jun 2024 11:08:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:e7:db:6b:24:eb:a6:a1:20:d0:1f:12:45:2b:50:ba:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Jun 5 10:04:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4fe0f1d966543c176c2eea1d56710da5ca23aefe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:ab:a3:1b:cc:36:3d:1a:db:a1:d6:ff:17:24:
4c:7d:79:85:1d:8e:1f:03:14:5f:36:0b:97:6e:1b:
45:ef:b7:22:d8:d0:be:eb:ae:03:fd:98:ca:b2:11:
98:5b:a1:3f:9b:4b:8c:fd:8b:71:2b:35:61:40:e5:
2f:75:e0:9e:b9:10:8e:93:40:36:0c:a0:9a:41:2e:
e0:0a:cc:23:24:6f:1d:4a:f8:82:6b:ef:df:3b:08:
7f:fb:9a:9f:dc:a0:31:d5:c1:4b:bd:4b:cc:72:c3:
cf:cc:37:c1:f0:c8:11:fe:b8:95:80:bb:7f:0a:db:
41:11:c8:a2:a0:6c:71:ea:ef:e9:92:61:4a:82:ad:
24:d8:63:4e:9b:c4:6c:37:2d:05:11:39:d8:e5:f8:
16:e2:27:d3:d5:4f:c9:7f:54:32:05:08:6f:0c:db:
56:ed:8c:3f:3e:43:3a:f4:d9:9c:23:7f:0b:61:5a:
da:6c:b9:7c:15:58:eb:50:2b:13:aa:7b:97:8c:9c:
97:20:24:d0:73:20:66:95:19:8a:ef:09:c1:0a:a3:
b0:b2:74:96:15:4b:02:b4:91:0d:59:10:cb:8b:ff:
e6:0f:24:e2:28:e6:9a:38:a7:2b:4e:8f:73:64:f9:
b9:c7:ad:c9:06:d3:4d:7e:9e:05:1b:28:2f:58:2f:
17:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:E0:F1:D9:66:54:3C:17:6C:2E:EA:1D:56:71:0D:A5:CA:23:AE:FE
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/T-Dx2WZUPBdsLuodVnENpcojrv4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.200.222.0/24
91.210.145.0/24
109.122.46.0/24
Signature Algorithm: sha256WithRSAEncryption
51:e5:30:49:16:ac:79:23:b5:37:5f:62:33:46:95:9c:b9:f2:
4c:27:6a:66:5c:19:e6:13:32:d6:81:25:cf:95:fd:aa:7f:0b:
f3:bc:be:af:d9:90:30:dc:33:5a:57:8e:25:78:4d:37:0e:24:
c9:56:27:a0:f4:f8:6d:0f:ce:3c:10:78:b2:8b:e3:53:eb:9c:
45:11:7a:dc:a8:bb:a9:37:28:25:15:f6:3e:ac:d1:a1:fe:a0:
21:54:27:ea:2d:d9:8f:35:f3:02:b3:53:5d:a2:e8:84:e1:39:
8d:e4:0c:73:e4:1b:90:4f:26:70:86:c7:bf:7a:be:16:a1:ad:
cf:eb:7f:f1:88:8f:dc:a3:18:a6:81:96:4a:ce:12:48:0a:c7:
56:a9:af:d8:63:f3:11:6e:1a:23:52:42:a8:51:04:3b:d5:ba:
e3:26:f2:76:0a:9d:26:b9:e0:ec:bf:22:86:a2:e2:8d:c5:d7:
13:ac:25:1b:85:15:03:97:b0:66:e5:60:53:1a:21:a2:04:64:
ed:7d:1b:a4:16:7a:64:20:bf:5b:10:26:f1:fe:b0:20:8a:e3:
97:75:56:54:c4:7c:0b:78:34:bc:cd:2b:c2:ee:c8:cf:ed:da:
43:db:5a:d9:5a:cc:4d:be:8e:c1:46:56:58:f9:ba:5b:de:96:
96:cd:46:4b
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY/n22sk66ahINAfEkUrULpSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjQwNjA1MTAwNDI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZmUwZjFkOTY2NTQzYzE3NmMyZWVhMWQ1NjcxMGRhNWNhMjNhZWZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA36ujG8w2PRrbodb/FyRMfXmFHY4f
AxRfNguXbhtF77ci2NC+664D/ZjKshGYW6E/m0uM/YtxKzVhQOUvdeCeuRCOk0A2
DKCaQS7gCswjJG8dSviCa+/fOwh/+5qf3KAx1cFLvUvMcsPPzDfB8MgR/riVgLt/
CttBEciioGxx6u/pkmFKgq0k2GNOm8RsNy0FETnY5fgW4ifT1U/Jf1QyBQhvDNtW
7Yw/PkM69NmcI38LYVrabLl8FVjrUCsTqnuXjJyXICTQcyBmlRmK7wnBCqOwsnSW
FUsCtJENWRDLi//mDyTiKOaaOKcrTo9zZPm5x63JBtNNfp4FGygvWC8XWwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFE/g8dlmVDwXbC7qHVZxDaXKI67+MB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvVC1EeDJXWlVQQmRzTHVvZFZuRU5wY29qcnY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAW8jeAwQA
W9KRAwQAbXouMA0GCSqGSIb3DQEBCwUAA4IBAQBR5TBJFqx5I7U3X2IzRpWcufJM
J2pmXBnmEzLWgSXPlf2qfwvzvL6v2ZAw3DNaV44leE03DiTJVieg9PhtD848EHiy
i+NT65xFEXrcqLupNyglFfY+rNGh/qAhVCfqLdmPNfMCs1NdouiE4TmN5Axz5BuQ
TyZwhse/er4Woa3P63/xiI/coximgZZKzhJICsdWqa/YY/MRbhojUkKoUQQ71brj
JvJ2Cp0mueDsvyKGouKNxdcTrCUbhRUDl7Bm5WBTGiGiBGTtfRukFnpkIL9bECbx
/rAgiuOXdVZUxHwLeDS8zSvC7sjP7dpD21rZWsxNvo7BRlZY+bpb3paWzUZL
-----END CERTIFICATE-----
Generated at Thu Apr 17 21:31:26 2025 by rpki-client