Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/cLr7T3ed_PCR1191wlXj9m0fsxQ.roa
File: cLr7T3ed_PCR1191wlXj9m0fsxQ.roa (raw, json)
Hash identifier: AkPQKObP2sc/J3hGbESyr2oTSGy5iy+EEh8qE20r1gk=
Subject key identifier: 70:BA:FB:4F:77:9D:FC:F0:91:D7:5F:75:C2:55:E3:F6:6D:1F:B3:14
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 0185BE6C89C1E2F34FC5F0661FC688017172
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/cLr7T3ed_PCR1191wlXj9m0fsxQ.roa
Signing time: Tue 17 Jan 2023 06:31:02 +0000
ROA not before: Tue 17 Jan 2023 06:31:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 109.122.40.0/24 maxlen: 24
109.122.41.0/24 maxlen: 24
109.122.47.0/24 maxlen: 24
109.122.45.0/24 maxlen: 24
109.122.46.0/24 maxlen: 24
91.226.57.0/24 maxlen: 24
193.93.52.0/24 maxlen: 24
193.93.53.0/24 maxlen: 24
87.237.167.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 25 Jan 2023 20:12:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:be:6c:89:c1:e2:f3:4f:c5:f0:66:1f:c6:88:01:71:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Jan 17 06:31:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=70bafb4f779dfcf091d75f75c255e3f66d1fb314
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:5d:09:35:16:9c:b0:7d:be:c7:3e:23:35:21:
53:ad:c5:77:50:e2:1d:7b:88:e7:83:a5:33:40:e5:
5b:0d:da:63:21:a2:87:36:43:21:03:e1:35:41:70:
35:06:d9:0d:f2:6f:86:2b:55:8f:cc:5a:bd:72:05:
41:12:ad:d6:6a:1d:64:a3:14:28:7d:2f:39:3c:6d:
df:23:70:89:d6:d8:4a:71:dd:83:38:9c:f6:6c:d4:
78:eb:87:d3:d1:af:ad:3f:40:0e:19:01:b9:8c:b5:
1f:ac:10:41:e8:86:aa:87:e1:b0:42:05:66:cc:55:
6a:28:1f:fd:33:cf:ed:a1:8d:35:63:e5:4e:36:f1:
87:0f:d2:2e:16:05:f2:73:3b:f9:34:35:dd:c8:bf:
ad:2c:c4:31:f9:d4:00:ad:a9:65:1e:3e:eb:03:8b:
5d:de:28:54:51:93:19:19:a1:be:b8:a7:10:88:bf:
36:db:67:e9:0d:e0:29:aa:9f:78:5f:68:b4:a6:eb:
f9:9e:3f:73:4b:18:3e:36:da:fc:8f:66:17:c5:5f:
9e:73:cb:e3:d7:ef:44:48:14:f4:19:89:2c:f9:95:
71:3f:47:97:c7:62:73:87:c6:96:f1:57:61:31:a8:
d7:66:a0:35:5c:45:16:6f:6b:7e:98:d7:12:89:bb:
9e:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:BA:FB:4F:77:9D:FC:F0:91:D7:5F:75:C2:55:E3:F6:6D:1F:B3:14
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/cLr7T3ed_PCR1191wlXj9m0fsxQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.237.167.0/24
91.226.57.0/24
109.122.40.0/23
109.122.45.0-109.122.47.255
193.93.52.0/23
Signature Algorithm: sha256WithRSAEncryption
5a:8e:42:6e:dc:4a:03:f0:c5:fa:2a:aa:eb:1e:44:e8:8e:f0:
a3:77:d5:31:09:7b:95:2d:12:36:28:a5:c1:0d:4a:83:f3:36:
f3:55:d5:ae:df:5e:f9:7f:53:a5:20:7d:82:75:c0:de:51:8c:
7f:30:f2:b3:08:8d:8b:86:86:46:b0:3a:17:24:a2:8e:6a:3a:
9a:42:74:a7:45:ca:bb:06:0a:d2:49:1c:4d:91:5c:83:30:c6:
db:ec:36:3e:b7:6b:0b:0e:5c:d8:46:2d:1c:c0:ba:ca:6f:1a:
fe:5b:bd:26:da:a3:51:59:7c:a8:2b:eb:a4:2b:01:34:bc:17:
d6:a5:bc:94:79:e9:8c:a5:3d:0b:82:20:f6:72:5d:ed:26:3a:
86:05:23:6b:3c:83:3e:c4:0b:88:4f:3e:f0:1c:10:41:f6:03:
a5:8b:bf:60:9f:c7:de:f8:d6:26:2c:e7:87:89:39:e2:db:a8:
43:d9:cd:e6:65:77:06:e5:35:7d:f8:6a:65:d3:1e:41:30:1a:
3a:ef:31:21:2e:d6:e9:5a:73:87:c2:22:f2:fd:12:1c:67:4f:
18:53:1d:2c:7d:66:ba:7a:90:91:bc:17:6b:f5:4e:3c:c9:06:
78:c4:2a:71:36:00:b9:a6:86:ec:9a:d3:7c:ba:3e:f9:03:28:
80:fb:f8:95
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYW+bInB4vNPxfBmH8aIAXFyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjMwMTE3MDYzMTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MGJhZmI0Zjc3OWRmY2YwOTFkNzVmNzVjMjU1ZTNmNjZkMWZiMzE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtF0JNRacsH2+xz4jNSFTrcV3UOId
e4jng6UzQOVbDdpjIaKHNkMhA+E1QXA1BtkN8m+GK1WPzFq9cgVBEq3Wah1koxQo
fS85PG3fI3CJ1thKcd2DOJz2bNR464fT0a+tP0AOGQG5jLUfrBBB6Iaqh+GwQgVm
zFVqKB/9M8/toY01Y+VONvGHD9IuFgXyczv5NDXdyL+tLMQx+dQArallHj7rA4td
3ihUUZMZGaG+uKcQiL8222fpDeApqp94X2i0puv5nj9zSxg+Ntr8j2YXxV+ec8vj
1+9ESBT0GYks+ZVxP0eXx2Jzh8aW8VdhMajXZqA1XEUWb2t+mNcSibueLwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFHC6+093nfzwkddfdcJV4/ZtH7MUMB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvY0xyN1QzZWRfUENSMTE5MXdsWGo5bTBmc3hRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQAV+2nAwQA
W+I5AwQBbXooMAwDBABtei0DBARteiADBAHBXTQwDQYJKoZIhvcNAQELBQADggEB
AFqOQm7cSgPwxfoqquseROiO8KN31TEJe5UtEjYopcENSoPzNvNV1a7fXvl/U6Ug
fYJ1wN5RjH8w8rMIjYuGhkawOhckoo5qOppCdKdFyrsGCtJJHE2RXIMwxtvsNj63
awsOXNhGLRzAuspvGv5bvSbao1FZfKgr66QrATS8F9alvJR56YylPQuCIPZyXe0m
OoYFI2s8gz7EC4hPPvAcEEH2A6WLv2Cfx9741iYs54eJOeLbqEPZzeZldwblNX34
amXTHkEwGjrvMSEu1ulac4fCIvL9EhxnTxhTHSx9Zrp6kJG8F2v1TjzJBnjEKnE2
ALmmhuya03y6PvkDKID7+JU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:06 2024 by rpki-client on console-ams.rpki-client.org