Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/_P24bFNwatdFjALjlEuty7pK2qM.roa
File: _P24bFNwatdFjALjlEuty7pK2qM.roa (raw, json)
Hash identifier: XLdPi4PxOYZhZMRyjo7VRpErgCc4l2lx4SbuNlrGB5I=
Subject key identifier: FC:FD:B8:6C:53:70:6A:D7:45:8C:02:E3:94:4B:AD:CB:BA:4A:DA:A3
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 018E7F28847783C22C70826F6F06FC6274AE
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/_P24bFNwatdFjALjlEuty7pK2qM.roa
Signing time: Wed 27 Mar 2024 09:05:45 +0000
ROA not before: Wed 27 Mar 2024 09:05:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 109.122.46.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 28 Mar 2024 17:31:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:7f:28:84:77:83:c2:2c:70:82:6f:6f:06:fc:62:74:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Mar 27 09:05:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fcfdb86c53706ad7458c02e3944badcbba4adaa3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:ba:c8:62:4b:bf:ff:a0:43:da:a1:29:15:ad:
1f:3a:68:46:ca:d4:75:ba:72:da:66:ee:78:5c:e1:
86:c1:a0:15:77:1b:5f:b3:f0:e1:9f:b9:cc:00:33:
89:82:61:bd:42:54:2c:5e:c2:94:6a:88:90:26:f1:
db:5f:86:fc:b5:67:d3:11:3b:82:06:48:39:53:97:
7c:4d:a2:be:fe:d8:70:46:dd:c2:ae:81:53:24:38:
0c:14:69:50:7b:0b:31:4c:99:20:74:d9:08:3d:2a:
b0:3c:ff:9c:e0:59:13:80:9e:83:a5:97:91:80:52:
f4:bd:74:ff:22:92:12:d2:73:d6:cd:c4:49:e2:b6:
0a:9b:56:cd:de:fd:2d:2f:d1:8d:01:69:bf:a5:41:
69:ab:3f:02:2e:1d:e8:dd:01:54:91:1e:ef:63:18:
44:5f:3e:35:43:ac:55:5c:9e:4d:a3:1d:c5:5c:bb:
df:33:65:8b:9e:64:6a:7d:61:b8:ac:07:9e:32:df:
5d:71:db:20:51:e6:e6:76:a0:f4:6d:4e:44:f4:1e:
b3:9d:65:5e:3b:3b:4d:c2:cc:4f:99:a5:4b:e7:69:
c8:d9:9a:05:4f:64:9f:5e:07:ba:a3:1e:8c:bf:77:
5d:49:79:e5:cc:b6:8a:a4:8e:8e:12:8a:24:e6:8f:
06:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:FD:B8:6C:53:70:6A:D7:45:8C:02:E3:94:4B:AD:CB:BA:4A:DA:A3
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/_P24bFNwatdFjALjlEuty7pK2qM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.122.46.0/24
Signature Algorithm: sha256WithRSAEncryption
2a:55:5b:fb:f9:f9:7e:73:84:65:e7:f5:dd:2f:f9:f7:0e:25:
86:9c:4a:dd:1e:45:b2:2b:94:d1:93:ea:ee:21:75:8f:65:21:
b9:62:7a:f8:c3:d4:99:b6:0c:90:99:75:d2:c1:6f:2e:fd:43:
74:74:a6:36:9f:2f:5d:17:48:8e:50:19:ef:6d:df:82:6f:98:
0b:51:42:d7:a5:59:da:c9:e0:59:f3:82:1e:7f:7b:52:0b:64:
21:9d:54:9c:6c:f7:64:ce:0b:27:dc:e6:82:b7:95:2d:a4:32:
50:c2:d1:ce:3b:c0:e7:60:d5:d5:af:af:92:b7:ef:e4:a2:0e:
87:be:f0:7a:13:1c:04:ac:e5:70:cd:8b:d4:b7:b1:90:55:fd:
d6:e5:64:0e:a2:8c:20:b4:f2:b1:08:0f:b3:fb:4a:d9:ca:9d:
c3:5c:55:3d:bc:cf:61:cf:40:1f:0b:a4:35:7a:e7:c8:af:10:
da:9f:cd:98:42:33:1d:a1:32:a3:81:97:a3:16:41:8a:b7:3b:
38:0c:74:d8:b8:f8:e1:f1:89:a0:81:b6:31:ee:a3:14:d5:71:
6b:d9:ec:1e:fe:86:67:b7:71:84:cd:c5:5e:0b:2e:19:4f:cd:
91:ef:af:bb:77:49:c5:6f:8e:6d:50:0f:e6:dd:43:2d:c3:66:
37:c3:77:35
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY5/KIR3g8IscIJvbwb8YnSuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjQwMzI3MDkwNTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmY2ZkYjg2YzUzNzA2YWQ3NDU4YzAyZTM5NDRiYWRjYmJhNGFkYWEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn7rIYku//6BD2qEpFa0fOmhGytR1
unLaZu54XOGGwaAVdxtfs/Dhn7nMADOJgmG9QlQsXsKUaoiQJvHbX4b8tWfTETuC
Bkg5U5d8TaK+/thwRt3CroFTJDgMFGlQewsxTJkgdNkIPSqwPP+c4FkTgJ6DpZeR
gFL0vXT/IpIS0nPWzcRJ4rYKm1bN3v0tL9GNAWm/pUFpqz8CLh3o3QFUkR7vYxhE
Xz41Q6xVXJ5Nox3FXLvfM2WLnmRqfWG4rAeeMt9dcdsgUebmdqD0bU5E9B6znWVe
OztNwsxPmaVL52nI2ZoFT2SfXge6ox6Mv3ddSXnlzLaKpI6OEook5o8GEwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPz9uGxTcGrXRYwC45RLrcu6StqjMB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvX1AyNGJGTndhdGRGakFMamxFdXR5N3BLMnFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbXouMA0G
CSqGSIb3DQEBCwUAA4IBAQAqVVv7+fl+c4Rl5/XdL/n3DiWGnErdHkWyK5TRk+ru
IXWPZSG5Ynr4w9SZtgyQmXXSwW8u/UN0dKY2ny9dF0iOUBnvbd+Cb5gLUULXpVna
yeBZ84Ief3tSC2QhnVScbPdkzgsn3OaCt5UtpDJQwtHOO8DnYNXVr6+St+/kog6H
vvB6ExwErOVwzYvUt7GQVf3W5WQOoowgtPKxCA+z+0rZyp3DXFU9vM9hz0AfC6Q1
eufIrxDan82YQjMdoTKjgZejFkGKtzs4DHTYuPjh8YmggbYx7qMU1XFr2ewe/oZn
t3GEzcVeCy4ZT82R76+7d0nFb45tUA/m3UMtw2Y3w3c1
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:06 2024 by rpki-client on console-ams.rpki-client.org