Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/UXcOoVMsQ55pN0d0g-1BgFOYg44.roa
File: UXcOoVMsQ55pN0d0g-1BgFOYg44.roa (raw, json)
Hash identifier: yzaPoal/1HXaYYvzPEFOfY2VRWmXBM7+uIOLdmNZOtc=
Subject key identifier: 51:77:0E:A1:53:2C:43:9E:69:37:47:74:83:ED:41:80:53:98:83:8E
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 018C81091988ACF3022375783526AA073568
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/UXcOoVMsQ55pN0d0g-1BgFOYg44.roa
Signing time: Tue 19 Dec 2023 07:45:06 +0000
ROA not before: Tue 19 Dec 2023 07:45:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 91.200.220.0/24 maxlen: 24
91.200.221.0/24 maxlen: 24
109.122.46.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 20 Dec 2023 06:19:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:81:09:19:88:ac:f3:02:23:75:78:35:26:aa:07:35:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Dec 19 07:45:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=51770ea1532c439e6937477483ed41805398838e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:22:c4:35:73:17:8e:82:74:63:b3:c1:70:ae:
44:c5:ce:79:7a:79:00:91:b8:11:80:f7:8e:b8:81:
91:3c:3e:7f:bb:a8:c2:ab:b7:31:0c:72:7d:c3:5d:
dc:2f:e6:22:82:38:24:98:ec:c2:2a:37:a0:a3:d1:
d4:29:68:d9:cb:89:f7:84:64:d4:21:69:8d:92:d0:
54:b3:8a:80:e6:0a:1c:d7:4d:5e:ea:2e:37:66:87:
c2:7a:c1:f5:ef:32:03:66:fa:4f:40:5a:d1:9e:f6:
64:d8:a9:5d:73:00:11:45:da:b9:28:6a:0f:c7:a4:
3b:b6:58:51:93:5b:8a:ee:d3:77:75:5c:aa:87:51:
1a:15:16:58:a1:6c:80:23:21:c0:38:1c:d1:2c:0f:
00:18:13:98:16:e0:0b:7f:70:f7:8f:f9:09:a2:59:
b6:16:81:48:39:99:22:1c:1e:bb:e5:c8:da:35:b6:
79:85:4b:03:10:84:b0:42:42:12:9c:67:5a:41:03:
d2:9f:f2:aa:63:17:33:b6:bc:b9:dc:7f:a5:71:4d:
19:54:e4:3d:ee:b8:d0:3f:e2:6d:54:60:98:e2:ed:
06:06:05:c8:b9:7d:9f:28:96:1f:c6:f9:8d:64:81:
0d:25:06:b3:99:d8:17:ba:a9:63:cd:0c:ba:d2:cb:
fa:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:77:0E:A1:53:2C:43:9E:69:37:47:74:83:ED:41:80:53:98:83:8E
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/UXcOoVMsQ55pN0d0g-1BgFOYg44.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.200.220.0/23
109.122.46.0/24
Signature Algorithm: sha256WithRSAEncryption
32:70:ea:59:91:34:13:ed:bc:95:69:92:de:cf:2c:f6:ed:ea:
c9:d9:b4:3a:69:45:82:5c:8c:35:85:f0:43:29:8d:de:46:2e:
b7:4c:8d:e8:5b:44:47:6c:fc:e5:a4:f5:0e:ea:5c:45:57:48:
f8:2d:40:d1:e7:a1:2d:77:4a:53:38:ad:1d:65:ee:f3:34:de:
22:33:a4:dd:32:f4:fd:5d:94:8e:1a:6e:a5:12:a6:b2:e2:bd:
ef:89:2b:a5:94:63:d4:24:b5:2e:83:21:37:23:fa:29:c4:e0:
43:c0:c3:1d:a9:ff:d8:bb:00:14:fb:09:52:e4:04:ed:dd:e6:
ac:8f:67:4e:2c:af:25:a0:98:30:37:1c:75:a9:1d:f4:fa:60:
a2:99:16:11:2c:65:f3:a2:96:fc:06:4b:a3:bc:93:28:17:72:
f6:77:d0:f2:d4:93:be:4a:0c:ad:5d:3c:ff:35:f7:47:5b:ec:
37:69:02:58:0b:ba:48:f3:8c:13:c7:95:26:d0:50:61:41:7c:
eb:c2:15:f7:ec:14:55:b4:e4:b7:b1:67:45:27:00:4d:a2:8f:
64:c6:ab:e2:f2:ec:fc:58:62:bb:f5:b1:08:d5:22:83:24:bc:
8b:eb:b9:24:aa:a1:52:d6:ee:b5:d3:28:23:46:ef:ac:b5:b3:
51:03:6d:4e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYyBCRmIrPMCI3V4NSaqBzVoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjMxMjE5MDc0NTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTc3MGVhMTUzMmM0MzllNjkzNzQ3NzQ4M2VkNDE4MDUzOTg4MzhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkiLENXMXjoJ0Y7PBcK5Exc55enkA
kbgRgPeOuIGRPD5/u6jCq7cxDHJ9w13cL+YigjgkmOzCKjego9HUKWjZy4n3hGTU
IWmNktBUs4qA5goc101e6i43ZofCesH17zIDZvpPQFrRnvZk2KldcwARRdq5KGoP
x6Q7tlhRk1uK7tN3dVyqh1EaFRZYoWyAIyHAOBzRLA8AGBOYFuALf3D3j/kJolm2
FoFIOZkiHB675cjaNbZ5hUsDEISwQkISnGdaQQPSn/KqYxcztry53H+lcU0ZVOQ9
7rjQP+JtVGCY4u0GBgXIuX2fKJYfxvmNZIENJQazmdgXuqljzQy60sv6YwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFF3DqFTLEOeaTdHdIPtQYBTmIOOMB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvVVhjT29WTXNRNTVwTjBkMGctMUJnRk9ZZzQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBW8jcAwQA
bXouMA0GCSqGSIb3DQEBCwUAA4IBAQAycOpZkTQT7byVaZLezyz27erJ2bQ6aUWC
XIw1hfBDKY3eRi63TI3oW0RHbPzlpPUO6lxFV0j4LUDR56Etd0pTOK0dZe7zNN4i
M6TdMvT9XZSOGm6lEqay4r3viSullGPUJLUugyE3I/opxOBDwMMdqf/YuwAU+wlS
5ATt3easj2dOLK8loJgwNxx1qR30+mCimRYRLGXzopb8BkujvJMoF3L2d9Dy1JO+
SgytXTz/NfdHW+w3aQJYC7pI84wTx5Um0FBhQXzrwhX37BRVtOS3sWdFJwBNoo9k
xqvi8uz8WGK79bEI1SKDJLyL67kkqqFS1u610ygjRu+stbNRA21O
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:36 2024 by rpki-client on console-fra.rpki-client.org