Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/XynF6QylJ4ZSVKe2nFctFxA58Dk.roa
File: XynF6QylJ4ZSVKe2nFctFxA58Dk.roa (raw, json)
Hash identifier: Cjn8uUOg01KmQdhxO9ZDiqGuSk6faBtslO1rz4mcKYk=
Subject key identifier: 5F:29:C5:E9:0C:A5:27:86:52:54:A7:B6:9C:57:2D:17:10:39:F0:39
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 018E05B36BB41434E6A6EAB74129864CBD67
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/XynF6QylJ4ZSVKe2nFctFxA58Dk.roa
Signing time: Sun 03 Mar 2024 19:03:48 +0000
ROA not before: Sun 03 Mar 2024 19:03:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 109.122.46.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 26 Mar 2024 05:19:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:05:b3:6b:b4:14:34:e6:a6:ea:b7:41:29:86:4c:bd:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Mar 3 19:03:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5f29c5e90ca527865254a7b69c572d171039f039
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:30:b6:37:31:da:be:09:f1:c7:f4:0d:93:62:
69:c6:e5:d7:fc:f6:17:c3:79:5f:fc:53:6b:6a:72:
99:e3:96:f2:9a:e2:a0:41:f0:76:f9:d8:b8:73:93:
a8:89:72:c0:92:29:19:0b:c9:fa:70:6e:d6:24:ef:
f8:e2:93:08:56:fe:e6:ea:0a:b8:38:33:d9:60:cf:
db:6d:92:a8:95:a1:66:21:96:ab:6f:c3:1c:38:d7:
29:31:20:82:98:17:d0:35:eb:19:75:d4:3d:ce:ec:
2a:8f:ff:97:11:56:28:2e:85:f2:64:74:4e:32:ed:
d0:b3:98:43:bb:34:65:3f:4c:5c:c7:8e:2f:a7:62:
e1:dd:b1:79:6c:6d:c0:a9:6a:8a:7b:d9:ce:1b:5e:
e3:82:12:02:13:3f:0f:e5:95:1b:51:c7:6e:e7:56:
0f:3e:fe:e2:4f:22:ca:99:12:33:31:1e:fe:f8:a9:
cf:85:9f:59:89:c3:6f:32:86:3a:81:07:ff:b9:8b:
d9:6a:0e:af:0c:af:c9:a8:62:b4:3b:e1:b9:c7:d6:
6b:20:b5:08:12:b7:c7:53:fa:31:e3:a3:a2:1e:86:
57:9c:46:e3:11:5a:1a:5e:c0:d6:53:d5:11:5e:99:
6c:34:be:ed:27:95:54:fb:7c:69:24:e2:c7:15:9f:
4c:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:29:C5:E9:0C:A5:27:86:52:54:A7:B6:9C:57:2D:17:10:39:F0:39
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/XynF6QylJ4ZSVKe2nFctFxA58Dk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.122.46.0/24
Signature Algorithm: sha256WithRSAEncryption
64:f5:ed:83:cf:11:e0:7a:eb:a5:17:d2:5a:ed:70:4b:2a:4d:
a5:7f:12:1b:35:73:e2:23:c8:50:ab:b3:3a:85:55:3f:3d:04:
ae:07:13:24:9f:61:e1:36:4d:49:a0:0e:29:2e:06:bb:15:3a:
55:d6:b9:64:10:cf:41:ad:29:bf:d2:e0:c3:0f:b6:24:fe:86:
23:0c:9d:6b:74:62:51:1e:87:3b:01:5f:c7:d3:cb:6f:a2:70:
2c:2a:76:b5:28:73:62:43:53:a1:51:b2:b5:4e:59:47:78:17:
48:03:85:22:86:c9:61:ce:eb:f0:9c:42:84:38:2b:bf:08:38:
83:31:a4:a0:9c:2c:c0:0a:39:8f:38:84:4b:71:3b:8a:da:74:
8b:76:ae:f0:cb:34:36:d2:b9:08:5a:74:00:2e:71:a9:d4:d6:
e8:66:2f:49:b6:56:76:a9:22:df:e7:9b:f6:5a:b8:a1:30:07:
88:fd:0b:82:43:fa:a9:58:c9:e9:d2:90:e1:78:2f:7d:8f:cb:
73:db:c0:ea:2a:a8:c7:0d:d4:ac:21:d6:67:d1:6f:e0:f4:cb:
fe:2a:28:27:cf:ea:ed:0e:16:7f:f0:9a:25:ae:57:8f:75:39:
7d:85:25:31:73:1e:51:8d:96:4f:78:cf:60:16:bd:79:e7:32:
fe:aa:7a:a1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY4Fs2u0FDTmpuq3QSmGTL1nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjQwMzAzMTkwMzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjI5YzVlOTBjYTUyNzg2NTI1NGE3YjY5YzU3MmQxNzEwMzlmMDM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvTC2NzHavgnxx/QNk2JpxuXX/PYX
w3lf/FNranKZ45bymuKgQfB2+di4c5OoiXLAkikZC8n6cG7WJO/44pMIVv7m6gq4
ODPZYM/bbZKolaFmIZarb8McONcpMSCCmBfQNesZddQ9zuwqj/+XEVYoLoXyZHRO
Mu3Qs5hDuzRlP0xcx44vp2Lh3bF5bG3AqWqKe9nOG17jghICEz8P5ZUbUcdu51YP
Pv7iTyLKmRIzMR7++KnPhZ9ZicNvMoY6gQf/uYvZag6vDK/JqGK0O+G5x9ZrILUI
ErfHU/ox46OiHoZXnEbjEVoaXsDWU9URXplsNL7tJ5VU+3xpJOLHFZ9MXwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF8pxekMpSeGUlSntpxXLRcQOfA5MB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvWHluRjZReWxKNFpTVktlMm5GY3RGeEE1OERrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbXouMA0G
CSqGSIb3DQEBCwUAA4IBAQBk9e2DzxHgeuulF9Ja7XBLKk2lfxIbNXPiI8hQq7M6
hVU/PQSuBxMkn2HhNk1JoA4pLga7FTpV1rlkEM9BrSm/0uDDD7Yk/oYjDJ1rdGJR
Hoc7AV/H08tvonAsKna1KHNiQ1OhUbK1TllHeBdIA4UihslhzuvwnEKEOCu/CDiD
MaSgnCzACjmPOIRLcTuK2nSLdq7wyzQ20rkIWnQALnGp1NboZi9JtlZ2qSLf55v2
WrihMAeI/QuCQ/qpWMnp0pDheC99j8tz28DqKqjHDdSsIdZn0W/g9Mv+Kignz+rt
DhZ/8JolrlePdTl9hSUxcx5RjZZPeM9gFr155zL+qnqh
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:36 2024 by rpki-client on console-fra.rpki-client.org