Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/Usvw5-QQy8PjntmXhqv9VWUhqxg.roa
File: Usvw5-QQy8PjntmXhqv9VWUhqxg.roa (raw, json)
Hash identifier: V5YEUbS0SIq6ep7tjdmkMW0zjr9+/9lOhivB+uiGToc=
Subject key identifier: 52:CB:F0:E7:E4:10:CB:C3:E3:9E:D9:97:86:AB:FD:55:65:21:AB:18
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 018E8C30B1D3C5534EC335D6F29911F8E0A5
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/Usvw5-QQy8PjntmXhqv9VWUhqxg.roa
Signing time: Fri 29 Mar 2024 21:49:45 +0000
ROA not before: Fri 29 Mar 2024 21:49:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 91.210.144.0/24 maxlen: 24
91.210.145.0/24 maxlen: 24
91.210.146.0/24 maxlen: 24
109.122.46.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Apr 2024 11:45:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:8c:30:b1:d3:c5:53:4e:c3:35:d6:f2:99:11:f8:e0:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Mar 29 21:49:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=52cbf0e7e410cbc3e39ed99786abfd556521ab18
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:6a:4f:d1:b1:36:ca:0d:a3:74:fd:8d:1f:14:
ba:b1:53:4d:ef:c0:37:48:96:2f:46:99:26:bc:ff:
ed:f8:11:b1:aa:8f:fd:cc:a3:84:87:4e:32:16:68:
46:82:f1:31:40:d1:12:57:32:dd:c4:08:78:63:a1:
a2:06:fa:42:d6:b1:99:43:9a:0a:bc:cb:68:e2:c8:
88:01:90:94:f9:de:61:89:b8:e1:7b:46:6d:f3:6f:
f6:1a:c3:71:c6:40:f8:5b:63:b3:52:2b:21:42:d5:
82:ae:5c:7b:1f:c2:f3:25:ee:0c:1e:a6:9f:0a:bd:
dd:68:9c:97:30:31:57:fa:81:8f:2d:29:f1:23:1f:
7e:38:8e:3e:56:ef:49:b9:9d:e8:f8:2e:d2:93:e7:
ec:f1:52:55:cf:40:93:7b:54:7d:97:41:27:71:e0:
7d:89:d7:33:50:4f:43:af:a5:c7:31:cc:c6:ed:1b:
5f:fe:e8:b8:b8:9f:15:50:6f:f5:18:5b:95:30:b5:
76:53:5a:9f:b4:82:0f:78:a6:4e:79:57:af:30:1e:
6a:e1:b0:7f:e6:0c:bd:9b:14:07:47:2b:95:ae:af:
5d:70:31:09:21:66:d4:1b:7b:ce:1e:e6:67:a4:f4:
77:ba:c6:8c:31:2a:67:be:d7:59:5d:a1:90:cd:9c:
ca:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:CB:F0:E7:E4:10:CB:C3:E3:9E:D9:97:86:AB:FD:55:65:21:AB:18
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/Usvw5-QQy8PjntmXhqv9VWUhqxg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.210.144.0-91.210.146.255
109.122.46.0/24
Signature Algorithm: sha256WithRSAEncryption
39:c4:90:ed:1a:e5:4f:7a:f1:b0:a6:3f:87:e3:94:40:38:eb:
3d:c3:81:ab:f6:c9:cf:b1:6e:4d:a8:d7:09:72:e7:61:64:29:
b2:12:55:cb:8a:f3:c9:33:3f:05:e5:07:2c:34:84:29:7b:ec:
bf:2d:ea:65:66:3b:e6:05:fc:c4:d6:79:5e:80:34:35:1b:c4:
af:47:36:c1:72:d2:9f:6b:4d:61:ef:03:62:7e:7b:ba:c7:23:
ff:68:82:53:d0:68:e5:f9:7a:66:c2:e1:51:82:74:ac:3a:75:
e9:cb:09:53:2d:77:b1:f0:56:bf:44:c8:94:b9:1e:e9:2b:1a:
f0:21:9c:90:29:12:6a:c1:e5:2e:00:6a:9c:76:94:81:c8:c4:
68:01:b1:f9:12:31:4d:34:16:65:4c:70:50:de:54:a6:7e:e0:
51:bb:9c:6b:58:50:f0:c9:7e:2c:2a:68:98:07:5e:ef:b2:78:
60:3c:c0:73:1b:2b:2b:79:23:db:79:3b:10:e8:2b:fa:57:c8:
57:c3:2e:de:3d:b3:21:2b:ee:84:0a:c3:13:9f:3b:42:fc:0f:
3c:5e:6d:1c:21:b5:2b:17:49:b6:03:ae:9f:91:92:69:18:ac:
a8:03:84:ac:70:ff:fb:e0:11:8d:ef:2a:65:a4:83:78:d2:a7:
1f:2f:9d:f7
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAY6MMLHTxVNOwzXW8pkR+OClMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjQwMzI5MjE0OTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MmNiZjBlN2U0MTBjYmMzZTM5ZWQ5OTc4NmFiZmQ1NTY1MjFhYjE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgWpP0bE2yg2jdP2NHxS6sVNN78A3
SJYvRpkmvP/t+BGxqo/9zKOEh04yFmhGgvExQNESVzLdxAh4Y6GiBvpC1rGZQ5oK
vMto4siIAZCU+d5hibjhe0Zt82/2GsNxxkD4W2OzUishQtWCrlx7H8LzJe4MHqaf
Cr3daJyXMDFX+oGPLSnxIx9+OI4+Vu9JuZ3o+C7Sk+fs8VJVz0CTe1R9l0EnceB9
idczUE9Dr6XHMczG7Rtf/ui4uJ8VUG/1GFuVMLV2U1qftIIPeKZOeVevMB5q4bB/
5gy9mxQHRyuVrq9dcDEJIWbUG3vOHuZnpPR3usaMMSpnvtdZXaGQzZzKdQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFFLL8OfkEMvD457Zl4ar/VVlIasYMB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvVXN2dzUtUVF5OFBqbnRtWGhxdjlWV1VocXhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBARb0pAD
BABb0pIDBABtei4wDQYJKoZIhvcNAQELBQADggEBADnEkO0a5U968bCmP4fjlEA4
6z3Dgav2yc+xbk2o1wly52FkKbISVcuK88kzPwXlByw0hCl77L8t6mVmO+YF/MTW
eV6ANDUbxK9HNsFy0p9rTWHvA2J+e7rHI/9oglPQaOX5embC4VGCdKw6denLCVMt
d7HwVr9EyJS5HukrGvAhnJApEmrB5S4Aapx2lIHIxGgBsfkSMU00FmVMcFDeVKZ+
4FG7nGtYUPDJfiwqaJgHXu+yeGA8wHMbKyt5I9t5OxDoK/pXyFfDLt49syEr7oQK
wxOfO0L8DzxebRwhtSsXSbYDrp+RkmkYrKgDhKxw//vgEY3vKmWkg3jSpx8vnfc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:06 2024 by rpki-client on console-ams.rpki-client.org