Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/_wuv-sG5Y8LbUp5Uf43ycLeO_jQ.roa
File: _wuv-sG5Y8LbUp5Uf43ycLeO_jQ.roa (raw, json)
Hash identifier: O6s6AumCjKVCIouUjPFeymCLT/E3l4wd3PCSQ7nYIB0=
Subject key identifier: FF:0B:AF:FA:C1:B9:63:C2:DB:52:9E:54:7F:8D:F2:70:B7:8E:FE:34
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 018D26245431CD6B9CED1D09D01561F98879
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/_wuv-sG5Y8LbUp5Uf43ycLeO_jQ.roa
Signing time: Sat 20 Jan 2024 09:12:11 +0000
ROA not before: Sat 20 Jan 2024 09:12:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 91.200.221.0/24 maxlen: 24
109.122.46.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 20 Jan 2024 16:32:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:26:24:54:31:cd:6b:9c:ed:1d:09:d0:15:61:f9:88:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Jan 20 09:12:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ff0baffac1b963c2db529e547f8df270b78efe34
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:05:b3:46:1a:01:9e:1c:13:47:6b:25:02:9a:
43:de:e5:c1:64:3a:71:1f:52:65:22:a6:f9:2f:df:
72:23:ac:a6:62:5e:9f:19:42:12:02:ec:af:0b:a4:
2e:35:cf:ff:22:64:d9:54:c2:f8:3a:15:24:d9:bd:
87:a3:94:85:83:04:69:d3:ee:48:3d:92:1c:ef:e6:
74:23:4b:e1:d4:3b:b3:71:68:a9:b4:1e:e0:9c:cf:
7f:af:6a:f1:f6:df:44:6e:e4:0d:b7:81:a8:b5:cc:
76:5e:aa:a8:37:ee:a3:4d:83:0e:c8:fb:c9:dd:3b:
2f:53:aa:de:1d:b7:3e:87:f3:21:89:a0:73:b3:7d:
67:e9:67:7c:db:6d:b4:6a:02:95:8d:c0:27:e8:58:
7b:71:ae:d6:34:5c:de:0a:30:fd:20:f5:9c:1f:5b:
9b:d3:52:f9:a0:11:62:7a:5f:51:3c:65:cb:d1:c6:
e7:c2:d3:85:24:7f:3c:d2:5f:ec:28:26:ea:47:72:
0c:74:d9:50:bf:9b:9c:9e:68:5a:cc:7b:44:ad:1a:
11:dd:cf:54:22:d2:14:6e:cd:11:1e:06:c7:19:30:
8a:9e:27:54:b7:15:5e:25:34:e1:2b:6b:dc:31:c5:
cf:e6:95:76:0b:ac:70:5b:c4:9b:6c:5a:76:4c:d1:
01:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:0B:AF:FA:C1:B9:63:C2:DB:52:9E:54:7F:8D:F2:70:B7:8E:FE:34
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/_wuv-sG5Y8LbUp5Uf43ycLeO_jQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.200.221.0/24
109.122.46.0/24
Signature Algorithm: sha256WithRSAEncryption
18:ac:d7:68:33:85:5b:db:3f:23:e4:e4:f4:65:22:c5:fb:b8:
43:71:e4:a5:4a:bc:3e:5a:55:ab:aa:ad:78:3b:f3:2e:f3:dc:
44:2e:66:f6:e4:4c:23:f1:92:ac:90:71:69:57:09:e2:9e:74:
1a:33:81:52:45:6a:46:76:55:6a:72:6e:26:52:ba:e3:de:1f:
a7:4a:af:0d:7c:6f:cc:37:2d:c4:1f:42:a7:9b:a5:30:b7:e5:
4f:c6:e4:da:94:5c:be:4e:50:16:29:bf:62:c8:03:c4:44:a5:
e8:1d:e4:83:2e:87:a0:cf:28:c3:17:d5:10:96:ca:e2:0e:28:
e0:cb:e8:ce:b3:50:fc:b5:e9:8f:ca:26:ae:ba:09:46:ba:47:
33:6a:9b:c9:49:ba:72:06:5d:3d:58:ce:f8:fd:d4:c9:2e:60:
bf:9c:7d:86:d4:73:19:f3:8a:0a:04:f3:0e:e2:e7:4a:bd:c9:
a8:08:08:db:52:6d:b8:fb:01:29:59:6a:83:51:c2:31:db:b4:
99:97:01:7b:3d:6e:37:76:04:69:7d:50:aa:67:de:fa:33:62:
2c:99:9f:ba:21:63:0f:ae:6a:1f:5e:d2:20:c5:60:f2:ed:c3:
07:83:9e:8b:17:cf:22:fe:aa:a5:2f:f7:da:32:25:da:86:66:
2a:e3:62:0f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY0mJFQxzWuc7R0J0BVh+Yh5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjQwMTIwMDkxMjExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjBiYWZmYWMxYjk2M2MyZGI1MjllNTQ3ZjhkZjI3MGI3OGVmZTM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArQWzRhoBnhwTR2slAppD3uXBZDpx
H1JlIqb5L99yI6ymYl6fGUISAuyvC6QuNc//ImTZVML4OhUk2b2Ho5SFgwRp0+5I
PZIc7+Z0I0vh1DuzcWiptB7gnM9/r2rx9t9EbuQNt4Gotcx2XqqoN+6jTYMOyPvJ
3TsvU6reHbc+h/MhiaBzs31n6Wd82220agKVjcAn6Fh7ca7WNFzeCjD9IPWcH1ub
01L5oBFiel9RPGXL0cbnwtOFJH880l/sKCbqR3IMdNlQv5ucnmhazHtErRoR3c9U
ItIUbs0RHgbHGTCKnidUtxVeJTThK2vcMcXP5pV2C6xwW8SbbFp2TNEBLwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFP8Lr/rBuWPC21KeVH+N8nC3jv40MB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvX3d1di1zRzVZOExiVXA1VWY0M3ljTGVPX2pRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW8jdAwQA
bXouMA0GCSqGSIb3DQEBCwUAA4IBAQAYrNdoM4Vb2z8j5OT0ZSLF+7hDceSlSrw+
WlWrqq14O/Mu89xELmb25Ewj8ZKskHFpVwninnQaM4FSRWpGdlVqcm4mUrrj3h+n
Sq8NfG/MNy3EH0Knm6Uwt+VPxuTalFy+TlAWKb9iyAPERKXoHeSDLoegzyjDF9UQ
lsriDijgy+jOs1D8temPyiauuglGukczapvJSbpyBl09WM74/dTJLmC/nH2G1HMZ
84oKBPMO4udKvcmoCAjbUm24+wEpWWqDUcIx27SZlwF7PW43dgRpfVCqZ976M2Is
mZ+6IWMPrmofXtIgxWDy7cMHg56LF88i/qqlL/faMiXahmYq42IP
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:06 2024 by rpki-client on console-ams.rpki-client.org