Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/X4kgYj_T8JoCrXuXjAhGsS34LYs.roa
File: X4kgYj_T8JoCrXuXjAhGsS34LYs.roa (raw, json)
Hash identifier: 7Ccsm07Ds9S7ARG5npZga/GIbw71ASrZr/vlGkDlL40=
Subject key identifier: 5F:89:20:62:3F:D3:F0:9A:02:AD:7B:97:8C:08:46:B1:2D:F8:2D:8B
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 018CC794D401E023A3596C4A003C73EE0888
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/X4kgYj_T8JoCrXuXjAhGsS34LYs.roa
Signing time: Tue 02 Jan 2024 00:31:08 +0000
ROA not before: Tue 02 Jan 2024 00:31:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14445
IP address blocks: 91.200.223.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 26 Mar 2024 05:19:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:d4:01:e0:23:a3:59:6c:4a:00:3c:73:ee:08:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Jan 2 00:31:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5f8920623fd3f09a02ad7b978c0846b12df82d8b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:77:ea:3f:d0:78:a1:5d:82:13:69:9e:bc:1f:
fb:a3:f0:67:9d:63:4e:05:e2:21:57:70:11:1b:26:
c5:57:d9:52:45:7c:ec:fe:d1:52:33:36:8d:bc:a4:
1a:3b:b2:18:27:66:f7:65:8a:3a:2e:64:b7:84:3b:
60:1a:c3:96:f2:08:57:32:9d:73:35:2e:21:e4:fa:
50:7e:54:56:f7:6a:df:88:7a:a1:6b:c3:d5:e3:1f:
fc:1b:9e:59:9f:8f:da:eb:fb:56:cd:6f:b6:da:16:
9c:48:65:27:a9:15:08:c8:06:68:99:25:ee:b7:35:
01:b7:75:df:32:73:1a:8b:0f:7b:41:1e:51:c1:e6:
19:ba:de:47:e7:d2:55:27:9d:90:c4:7f:87:cb:51:
7b:c7:f9:42:7e:ae:e7:5a:e5:23:b5:30:8e:90:99:
17:43:88:c8:f6:86:24:ab:8a:5c:35:e1:25:3f:c7:
7d:49:bc:78:17:5c:96:da:ff:9f:82:1e:02:87:09:
37:47:04:1f:07:22:45:ae:c9:74:73:8d:9f:0b:3d:
54:bc:0e:5f:0b:e3:94:f3:a6:7f:a5:8b:5d:54:b2:
72:19:d3:60:ac:05:d4:77:12:3e:32:f4:98:d3:d0:
3f:0a:b6:aa:db:1d:af:c7:92:58:ad:b7:9b:c0:26:
25:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:89:20:62:3F:D3:F0:9A:02:AD:7B:97:8C:08:46:B1:2D:F8:2D:8B
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/X4kgYj_T8JoCrXuXjAhGsS34LYs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.200.223.0/24
Signature Algorithm: sha256WithRSAEncryption
18:0e:4c:5d:61:2d:06:a4:df:90:24:8d:ed:f9:b6:9e:52:e6:
09:bc:d8:da:17:98:d0:35:9f:1e:0e:49:39:a5:b8:46:80:c0:
0e:59:c0:6e:4b:ad:9f:0b:f1:5d:7e:36:2f:a7:ee:e8:df:e3:
2c:e5:7f:ba:e2:e7:31:bd:f1:5c:ba:d4:36:c9:7b:75:97:4d:
25:36:b7:db:7f:37:21:81:16:16:34:9d:66:68:54:39:a9:d0:
1f:bb:88:eb:b6:f8:3e:ca:c4:d3:2b:80:a7:7b:33:b9:f3:2c:
e2:90:31:ea:01:b4:f8:7a:02:3a:79:84:5a:c1:85:a6:e1:d9:
3d:fa:67:ec:84:63:f8:cf:06:40:5d:e5:1a:11:cc:9a:27:b9:
4d:af:44:e1:89:0b:4a:fe:f2:ad:89:ab:26:e9:15:6b:2b:36:
e6:b0:64:af:9b:c4:b0:25:6b:d9:f2:21:85:72:78:8c:96:e0:
19:de:44:71:1b:95:e6:50:aa:44:97:21:9a:46:df:69:27:ec:
0b:ff:bc:ea:dd:1b:75:de:09:c6:fa:df:82:3d:d9:e8:80:44:
ee:9e:c3:89:d8:d7:9f:2e:f9:56:57:31:73:e0:bf:e9:fc:37:
7d:d6:dd:83:32:63:c5:80:73:0b:90:e7:0b:2d:bf:32:7c:9c:
44:ad:68:66
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHlNQB4COjWWxKADxz7giIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjQwMTAyMDAzMTA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Zjg5MjA2MjNmZDNmMDlhMDJhZDdiOTc4YzA4NDZiMTJkZjgyZDhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3HfqP9B4oV2CE2mevB/7o/BnnWNO
BeIhV3ARGybFV9lSRXzs/tFSMzaNvKQaO7IYJ2b3ZYo6LmS3hDtgGsOW8ghXMp1z
NS4h5PpQflRW92rfiHqha8PV4x/8G55Zn4/a6/tWzW+22hacSGUnqRUIyAZomSXu
tzUBt3XfMnMaiw97QR5RweYZut5H59JVJ52QxH+Hy1F7x/lCfq7nWuUjtTCOkJkX
Q4jI9oYkq4pcNeElP8d9Sbx4F1yW2v+fgh4Chwk3RwQfByJFrsl0c42fCz1UvA5f
C+OU86Z/pYtdVLJyGdNgrAXUdxI+MvSY09A/Craq2x2vx5JYrbebwCYl4QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF+JIGI/0/CaAq17l4wIRrEt+C2LMB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvWDRrZ1lqX1Q4Sm9Dclh1WGpBaEdzUzM0TFlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW8jfMA0G
CSqGSIb3DQEBCwUAA4IBAQAYDkxdYS0GpN+QJI3t+baeUuYJvNjaF5jQNZ8eDkk5
pbhGgMAOWcBuS62fC/FdfjYvp+7o3+Ms5X+64ucxvfFcutQ2yXt1l00lNrfbfzch
gRYWNJ1maFQ5qdAfu4jrtvg+ysTTK4CnezO58yzikDHqAbT4egI6eYRawYWm4dk9
+mfshGP4zwZAXeUaEcyaJ7lNr0ThiQtK/vKtiasm6RVrKzbmsGSvm8SwJWvZ8iGF
cniMluAZ3kRxG5XmUKpElyGaRt9pJ+wL/7zq3Rt13gnG+t+CPdnogETunsOJ2Nef
LvlWVzFz4L/p/Dd91t2DMmPFgHMLkOcLLb8yfJxErWhm
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:36 2024 by rpki-client on console-fra.rpki-client.org