Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/Zk09f8SlwYYmIHqNoeUe7Z3NjFE.roa
File: Zk09f8SlwYYmIHqNoeUe7Z3NjFE.roa (raw, json)
Hash identifier: J0GACcqeb7gDQspfaAPdrqUxqzts/yHc2IwfBATcVyQ=
Subject key identifier: 66:4D:3D:7F:C4:A5:C1:86:26:20:7A:8D:A1:E5:1E:ED:9D:CD:8C:51
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 018E861E2023CED08D652B4D38575AD46221
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/Zk09f8SlwYYmIHqNoeUe7Z3NjFE.roa
Signing time: Thu 28 Mar 2024 17:31:44 +0000
ROA not before: Thu 28 Mar 2024 17:31:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 91.210.147.0/24 maxlen: 24
109.122.46.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 29 Mar 2024 21:44:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:86:1e:20:23:ce:d0:8d:65:2b:4d:38:57:5a:d4:62:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Mar 28 17:31:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=664d3d7fc4a5c18626207a8da1e51eed9dcd8c51
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:3c:d5:e9:0c:4d:66:96:41:8f:67:46:77:03:
11:84:b4:11:87:db:d9:25:55:1d:fe:2f:87:11:fc:
34:1a:bf:83:a2:3b:55:03:95:22:bc:5f:fa:9f:5e:
88:05:9c:3b:c9:60:d1:de:a8:a2:f6:ee:45:30:27:
7a:e3:9a:0f:8a:40:b8:73:65:e7:2f:4b:b8:1e:44:
49:b0:50:64:49:90:55:1f:e2:9c:48:77:a4:5d:3e:
af:23:62:69:0a:c7:8b:4a:7b:95:ba:64:71:eb:a9:
43:b7:9d:84:03:e5:70:14:95:90:3a:c2:24:b3:c1:
9e:de:2b:36:00:44:43:76:7d:b2:6a:e9:9c:48:79:
ef:b9:33:b9:e2:1e:54:7e:38:6f:e0:8c:7d:93:2e:
08:0a:f8:bd:e2:25:5a:b1:01:4b:08:59:b4:03:2f:
99:78:6e:eb:2a:f4:3d:79:dc:95:73:f9:1b:19:13:
c9:41:18:b8:08:5a:91:5b:23:e8:7d:e8:9a:e9:63:
0a:0f:1a:d2:f2:d6:9a:61:15:f9:59:73:dc:c2:5a:
df:0e:2a:4e:5a:e7:1b:95:02:c0:22:9d:d2:a1:9a:
31:eb:59:29:7e:19:df:de:dc:68:e2:d2:0d:d6:23:
47:00:c3:b8:0b:5d:e6:68:66:1d:6e:cd:35:c7:aa:
33:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:4D:3D:7F:C4:A5:C1:86:26:20:7A:8D:A1:E5:1E:ED:9D:CD:8C:51
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/Zk09f8SlwYYmIHqNoeUe7Z3NjFE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.210.147.0/24
109.122.46.0/24
Signature Algorithm: sha256WithRSAEncryption
09:6b:ab:17:92:f7:a3:29:31:aa:a6:02:66:a6:45:50:4a:d2:
22:ef:40:19:4a:c0:3e:27:00:1d:c1:b4:60:82:cd:45:06:ea:
cc:31:cc:b3:14:a4:50:f5:a3:fa:9e:b8:a9:e8:d0:d5:6f:85:
78:d9:ed:f3:b3:7d:1a:13:b2:b8:a9:5b:a0:c6:1f:ce:f7:84:
31:4c:03:01:9c:29:1e:4d:eb:df:3b:04:a3:cc:3f:3e:72:b7:
a5:56:5e:64:38:e5:e6:cf:bb:23:e5:1b:96:08:fb:3a:a7:1a:
33:18:51:3a:eb:4f:e7:21:71:58:d4:ae:8d:88:3b:ac:09:3f:
bc:ec:a8:6a:fa:6b:cf:61:b2:07:33:37:ca:da:71:7f:1b:3c:
6a:c9:69:ac:dd:2a:1b:a7:0b:8a:c3:42:38:4f:14:de:81:00:
63:ec:bb:7e:fe:1a:5e:26:c4:e3:f1:4c:56:88:5e:5b:2c:a8:
27:f5:1e:22:51:ae:7d:1d:d5:92:d2:06:a5:55:5d:92:f7:96:
55:11:7c:8c:ee:6f:f0:7d:80:68:2e:36:7a:e6:48:58:e7:5b:
94:ad:e2:e8:d1:81:d4:98:12:07:cc:10:2e:85:9c:ad:be:ab:
6b:df:ab:5e:4a:93:79:7a:38:d5:60:cc:60:0a:ce:d3:19:f6:
18:f6:58:43
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY6GHiAjztCNZStNOFda1GIhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjQwMzI4MTczMTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NjRkM2Q3ZmM0YTVjMTg2MjYyMDdhOGRhMWU1MWVlZDlkY2Q4YzUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAujzV6QxNZpZBj2dGdwMRhLQRh9vZ
JVUd/i+HEfw0Gr+DojtVA5UivF/6n16IBZw7yWDR3qii9u5FMCd645oPikC4c2Xn
L0u4HkRJsFBkSZBVH+KcSHekXT6vI2JpCseLSnuVumRx66lDt52EA+VwFJWQOsIk
s8Ge3is2AERDdn2yaumcSHnvuTO54h5Ufjhv4Ix9ky4ICvi94iVasQFLCFm0Ay+Z
eG7rKvQ9edyVc/kbGRPJQRi4CFqRWyPofeia6WMKDxrS8taaYRX5WXPcwlrfDipO
WucblQLAIp3SoZox61kpfhnf3txo4tIN1iNHAMO4C13maGYdbs01x6ozmwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGZNPX/EpcGGJiB6jaHlHu2dzYxRMB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvWmswOWY4U2x3WVltSUhxTm9lVWU3WjNOakZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW9KTAwQA
bXouMA0GCSqGSIb3DQEBCwUAA4IBAQAJa6sXkvejKTGqpgJmpkVQStIi70AZSsA+
JwAdwbRggs1FBurMMcyzFKRQ9aP6nrip6NDVb4V42e3zs30aE7K4qVugxh/O94Qx
TAMBnCkeTevfOwSjzD8+crelVl5kOOXmz7sj5RuWCPs6pxozGFE660/nIXFY1K6N
iDusCT+87Khq+mvPYbIHMzfK2nF/GzxqyWms3SobpwuKw0I4TxTegQBj7Lt+/hpe
JsTj8UxWiF5bLKgn9R4iUa59HdWS0galVV2S95ZVEXyM7m/wfYBoLjZ65khY51uU
reLo0YHUmBIHzBAuhZytvqtr36teSpN5ejjVYMxgCs7TGfYY9lhD
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:06 2024 by rpki-client on console-ams.rpki-client.org