Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/aNtCgAFppc6hChXUntsvdbnQhBY.roa
File: aNtCgAFppc6hChXUntsvdbnQhBY.roa (raw, json)
Hash identifier: VzOC3KRMBbewLes7RddzJ2IsFgmNcgc+HgMRUQ/bHcA=
Subject key identifier: 68:DB:42:80:01:69:A5:CE:A1:0A:15:D4:9E:DB:2F:75:B9:D0:84:16
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 01926B4F9AC413D4C90BF03CA42AE401C9B5
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/aNtCgAFppc6hChXUntsvdbnQhBY.roa
Signing time: Tue 08 Oct 2024 08:47:12 +0000
ROA not before: Tue 08 Oct 2024 08:47:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 91.200.221.0/24 maxlen: 24
91.210.145.0/24 maxlen: 24
109.122.41.0/24 maxlen: 24
109.122.42.0/24 maxlen: 24
109.122.45.0/24 maxlen: 24
109.122.46.0/24 maxlen: 24
176.97.205.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 08 Oct 2024 09:22:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:6b:4f:9a:c4:13:d4:c9:0b:f0:3c:a4:2a:e4:01:c9:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Oct 8 08:47:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=68db42800169a5cea10a15d49edb2f75b9d08416
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:fe:72:3d:59:68:a1:80:04:3e:02:25:df:8a:
ec:d2:49:06:85:b1:a9:35:0c:3c:cd:c9:5d:56:4c:
43:24:e6:d4:40:81:ad:d8:99:fb:9b:3c:bb:65:2a:
9e:c3:4d:ac:a6:4a:4e:af:64:65:5d:80:90:3b:2b:
bb:9e:97:84:1b:0b:d3:dc:4f:c1:9b:1e:4a:d5:1d:
58:89:67:f6:89:68:90:79:0c:4b:9a:3e:f5:54:6e:
b2:54:c0:c2:f3:7a:d1:2b:e6:8c:6d:ce:41:a0:fb:
86:6f:4b:da:be:93:b8:dc:56:04:e8:b8:22:6e:bb:
7f:89:1b:8f:23:fa:2c:b5:b4:26:d5:12:e4:4d:0e:
18:69:1d:2d:ef:87:25:de:53:a7:eb:4f:0c:fe:68:
04:bc:2c:fa:7a:95:c9:92:57:eb:43:6b:59:64:c2:
36:88:13:18:d6:dc:5d:5f:4f:d8:5d:65:1d:ab:c5:
d6:4e:f6:86:08:25:82:c5:01:73:99:c9:da:4c:c5:
98:21:39:23:5a:a2:31:07:4a:e3:06:c8:4a:50:f1:
6c:04:85:ab:ad:3c:16:06:ca:f4:79:b9:90:ff:26:
b3:d7:31:62:36:5c:4f:ee:0c:44:13:40:20:82:81:
bf:85:c6:93:ff:67:84:0d:5f:f3:78:0d:f6:1f:53:
d0:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:DB:42:80:01:69:A5:CE:A1:0A:15:D4:9E:DB:2F:75:B9:D0:84:16
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/aNtCgAFppc6hChXUntsvdbnQhBY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.200.221.0/24
91.210.145.0/24
109.122.41.0-109.122.42.255
109.122.45.0-109.122.46.255
176.97.205.0/24
Signature Algorithm: sha256WithRSAEncryption
18:a4:0a:27:32:10:14:49:19:62:81:f0:74:69:a5:87:1b:2c:
05:ee:24:28:02:10:4f:9b:7a:c7:cb:82:5d:4e:05:e5:88:94:
ee:53:87:0a:af:e2:58:f3:92:2c:a7:cb:10:20:c2:6a:5c:60:
eb:f5:03:2c:85:5e:27:36:41:c4:4e:4e:29:35:63:f9:e0:a4:
a3:52:c6:9b:15:e0:06:43:66:c2:e3:9f:6f:d6:e7:b5:f3:d1:
06:a8:54:ed:a8:7a:66:e8:a1:29:b4:bb:20:5e:d5:dc:c8:b9:
fc:3b:84:68:3b:a3:1e:a3:26:c0:ed:05:1d:26:66:af:b0:f9:
b1:ad:ff:d9:c9:c1:b1:0a:1d:2d:d6:3e:58:5c:d4:f9:92:dc:
7c:d0:12:72:a9:ac:32:b7:ff:25:37:da:ab:cf:c4:2c:d4:1b:
42:23:55:82:dc:02:fd:ba:07:c9:ac:05:62:a7:76:b4:f9:e3:
68:d5:b9:aa:c0:86:5e:60:14:73:a6:f9:7e:f0:fa:13:04:95:
e1:1b:25:71:2f:2e:fb:8e:7c:1e:2b:c2:a7:c8:0c:6b:db:aa:
84:01:a4:20:2a:22:4f:cc:44:72:91:5f:c0:96:94:12:0f:1f:
85:e8:f1:af:81:f5:57:58:6e:ff:ea:e3:3a:c8:b3:d0:1f:f2:
e6:c5:04:f6
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAZJrT5rEE9TJC/A8pCrkAcm1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjQxMDA4MDg0NzEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OGRiNDI4MDAxNjlhNWNlYTEwYTE1ZDQ5ZWRiMmY3NWI5ZDA4NDE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApv5yPVlooYAEPgIl34rs0kkGhbGp
NQw8zcldVkxDJObUQIGt2Jn7mzy7ZSqew02spkpOr2RlXYCQOyu7npeEGwvT3E/B
mx5K1R1YiWf2iWiQeQxLmj71VG6yVMDC83rRK+aMbc5BoPuGb0vavpO43FYE6Lgi
brt/iRuPI/ostbQm1RLkTQ4YaR0t74cl3lOn608M/mgEvCz6epXJklfrQ2tZZMI2
iBMY1txdX0/YXWUdq8XWTvaGCCWCxQFzmcnaTMWYITkjWqIxB0rjBshKUPFsBIWr
rTwWBsr0ebmQ/yaz1zFiNlxP7gxEE0AggoG/hcaT/2eEDV/zeA32H1PQ+QIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFGjbQoABaaXOoQoV1J7bL3W50IQWMB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvYU50Q2dBRnBwYzZoQ2hYVW50c3ZkYm5RaEJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjA0BAIAATAuAwQAW8jdAwQA
W9KRMAwDBABteikDBABteiowDAMEAG16LQMEAG16LgMEALBhzTANBgkqhkiG9w0B
AQsFAAOCAQEAGKQKJzIQFEkZYoHwdGmlhxssBe4kKAIQT5t6x8uCXU4F5YiU7lOH
Cq/iWPOSLKfLECDCalxg6/UDLIVeJzZBxE5OKTVj+eCko1LGmxXgBkNmwuOfb9bn
tfPRBqhU7ah6ZuihKbS7IF7V3Mi5/DuEaDujHqMmwO0FHSZmr7D5sa3/2cnBsQod
LdY+WFzU+ZLcfNAScqmsMrf/JTfaq8/ELNQbQiNVgtwC/boHyawFYqd2tPnjaNW5
qsCGXmAUc6b5fvD6EwSV4RslcS8u+458HivCp8gMa9uqhAGkICoiT8xEcpFfwJaU
Eg8fhejxr4H1V1hu/+rjOsiz0B/y5sUE9g==
-----END CERTIFICATE-----
Generated at Tue Oct 8 13:32:52 2024 by rpki-client on console-fra.rpki-client.org