Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/alSDn-Skjfh4zoVZ2btTpuVm92E.roa
File: alSDn-Skjfh4zoVZ2btTpuVm92E.roa (raw, json)
Hash identifier: ui8Nvtl0tZr0Jykp2MxXxtmt1KkuRZicdl9PXiMlSGs=
Subject key identifier: 6A:54:83:9F:E4:A4:8D:F8:78:CE:85:59:D9:BB:53:A6:E5:66:F7:61
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 0189D4912CA84E07656BB28DBC9169988903
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/alSDn-Skjfh4zoVZ2btTpuVm92E.roa
Signing time: Tue 08 Aug 2023 09:53:51 +0000
ROA not before: Tue 08 Aug 2023 09:53:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 91.200.221.0/24 maxlen: 24
109.122.42.0/24 maxlen: 24
109.122.46.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 15 Aug 2023 04:26:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:d4:91:2c:a8:4e:07:65:6b:b2:8d:bc:91:69:98:89:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Aug 8 09:53:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6a54839fe4a48df878ce8559d9bb53a6e566f761
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:e7:17:14:b0:2b:bd:c0:d9:72:e7:01:a5:ef:
a5:19:d2:4d:92:47:cd:d7:48:30:5d:b3:2f:bd:bb:
f3:c3:70:a8:59:1f:a1:c1:fa:ff:71:13:22:c7:f6:
6f:5e:7a:96:0f:a7:97:d4:6c:82:77:b8:b8:5a:f6:
dd:e7:43:2b:94:1a:14:28:f6:f6:09:db:0c:53:8d:
fe:55:7f:7c:b8:3d:d4:6a:78:cc:e5:00:09:70:dc:
2e:65:e3:8d:72:38:99:fa:5b:6b:1c:5c:9a:1c:a3:
89:32:a0:13:9e:08:0e:e6:2a:e8:75:a2:e6:53:61:
8e:f4:f4:1c:f6:52:31:6e:18:d9:2d:c1:ae:25:c6:
82:30:02:49:bb:df:da:20:97:d5:cf:f3:78:6a:d4:
24:b2:c2:37:73:4d:6e:32:64:b3:d7:7b:2b:f5:7b:
22:47:5b:e0:91:8e:92:f3:b5:df:38:8d:9e:f1:7a:
a2:a0:15:84:79:e2:4d:be:b5:bd:0c:82:ce:4f:f3:
1b:c5:88:55:c9:a7:1e:5b:73:41:44:5f:0e:63:1a:
a4:37:3e:3c:d8:06:c3:08:12:fa:3f:c2:a3:ac:e4:
19:09:d9:54:1a:9d:db:8d:39:e0:73:5f:53:f9:c5:
e5:01:22:02:e6:7e:ee:b8:2c:d8:18:a3:98:da:be:
c7:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:54:83:9F:E4:A4:8D:F8:78:CE:85:59:D9:BB:53:A6:E5:66:F7:61
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/alSDn-Skjfh4zoVZ2btTpuVm92E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.200.221.0/24
109.122.42.0/24
109.122.46.0/24
Signature Algorithm: sha256WithRSAEncryption
67:44:66:d6:fc:30:c1:89:27:29:bf:c8:95:6b:e8:ea:2f:8f:
30:84:4c:27:64:ae:1f:90:bb:42:0e:75:c2:77:9e:86:8e:0f:
2b:27:83:27:af:85:49:62:3c:37:33:7a:b0:f6:69:35:3b:89:
7c:7a:ce:5f:f0:ad:44:6a:f5:eb:16:93:6e:ab:a3:7e:4b:7b:
f7:f5:b7:87:2b:f1:dd:ef:91:f3:b1:95:d8:1a:fd:92:76:fd:
db:29:11:fa:fb:e4:81:8d:f2:06:cf:38:f5:9d:da:8d:99:19:
d0:2e:13:81:0b:52:40:94:ea:85:04:df:ce:a7:37:b0:9d:77:
32:a0:13:8d:2b:20:e3:4e:57:1a:77:d0:b5:1b:36:92:a8:c0:
a2:e5:ba:75:e4:1d:6a:25:f7:1f:d1:82:75:c7:a6:2a:c5:d6:
13:2b:f6:2d:93:f4:13:3d:f5:20:a2:2d:0f:66:1e:a7:fe:e1:
38:7a:de:3a:72:a2:74:d9:d2:d8:28:27:4e:72:29:fc:3f:ae:
d4:cf:7d:38:12:59:16:00:32:27:0a:60:8c:6a:07:07:45:02:
bc:43:c4:26:77:4e:f7:5b:6d:79:85:ff:33:fb:da:fd:c5:1a:
95:66:6e:2d:dd:90:e2:ca:7b:d9:a6:ea:bc:5d:f8:74:3b:b0:
bb:cb:c6:9d
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYnUkSyoTgdla7KNvJFpmIkDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjMwODA4MDk1MzUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTU0ODM5ZmU0YTQ4ZGY4NzhjZTg1NTlkOWJiNTNhNmU1NjZmNzYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj+cXFLArvcDZcucBpe+lGdJNkkfN
10gwXbMvvbvzw3CoWR+hwfr/cRMix/ZvXnqWD6eX1GyCd7i4Wvbd50MrlBoUKPb2
CdsMU43+VX98uD3UanjM5QAJcNwuZeONcjiZ+ltrHFyaHKOJMqATnggO5irodaLm
U2GO9PQc9lIxbhjZLcGuJcaCMAJJu9/aIJfVz/N4atQkssI3c01uMmSz13sr9Xsi
R1vgkY6S87XfOI2e8XqioBWEeeJNvrW9DILOT/MbxYhVyaceW3NBRF8OYxqkNz48
2AbDCBL6P8KjrOQZCdlUGp3bjTngc19T+cXlASIC5n7uuCzYGKOY2r7HVQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGpUg5/kpI34eM6FWdm7U6blZvdhMB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvYWxTRG4tU2tqZmg0em9WWjJidFRwdVZtOTJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAW8jdAwQA
bXoqAwQAbXouMA0GCSqGSIb3DQEBCwUAA4IBAQBnRGbW/DDBiScpv8iVa+jqL48w
hEwnZK4fkLtCDnXCd56Gjg8rJ4Mnr4VJYjw3M3qw9mk1O4l8es5f8K1EavXrFpNu
q6N+S3v39beHK/Hd75HzsZXYGv2Sdv3bKRH6++SBjfIGzzj1ndqNmRnQLhOBC1JA
lOqFBN/OpzewnXcyoBONKyDjTlcad9C1GzaSqMCi5bp15B1qJfcf0YJ1x6YqxdYT
K/Ytk/QTPfUgoi0PZh6n/uE4et46cqJ02dLYKCdOcin8P67Uz304ElkWADInCmCM
agcHRQK8Q8Qmd073W215hf8z+9r9xRqVZm4t3ZDiynvZpuq8Xfh0O7C7y8ad
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:36 2024 by rpki-client on console-fra.rpki-client.org