Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/cdSUuz0e044N62CgO1WRrFeYKCk.roa
File: cdSUuz0e044N62CgO1WRrFeYKCk.roa (raw, json)
Hash identifier: qs2ymWSBI8sUZo1qpJIzkSng3TDqGJ7t9+E/6pl6LrQ=
Subject key identifier: 71:D4:94:BB:3D:1E:D3:8E:0D:EB:60:A0:3B:55:91:AC:57:98:28:29
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 0192C37A2DCAC603350567B275121A530913
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/cdSUuz0e044N62CgO1WRrFeYKCk.roa
Signing time: Fri 25 Oct 2024 11:40:17 +0000
ROA not before: Fri 25 Oct 2024 11:40:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 109.122.46.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 07 Nov 2024 09:13:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:c3:7a:2d:ca:c6:03:35:05:67:b2:75:12:1a:53:09:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Oct 25 11:40:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=71d494bb3d1ed38e0deb60a03b5591ac57982829
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:b7:fb:1a:33:ba:10:80:7b:71:2b:72:4f:de:
26:0b:df:67:6b:c8:81:7c:e4:bc:a8:a9:d4:f8:be:
16:16:ab:53:b8:bf:fd:91:43:ac:07:70:13:6e:56:
cd:b1:0c:c7:bd:69:04:3f:39:ec:d9:a7:b3:4e:5b:
db:57:93:d9:0d:6b:cb:33:ca:47:4b:92:85:6f:99:
c7:39:4d:d3:3e:55:a3:be:c5:13:c8:84:41:ab:ac:
e2:45:9f:08:f1:0d:ce:50:78:8f:1f:5f:28:4a:c3:
a6:b0:44:c0:4f:c3:09:41:2f:c7:df:7b:e5:a0:f5:
66:6a:d3:24:2d:02:75:2b:6e:6e:13:20:ca:1b:8d:
69:cd:7a:92:9d:e1:df:41:aa:e6:ab:1c:14:7c:2b:
4e:e1:4d:2d:4d:61:9d:84:e4:69:14:dc:00:0c:97:
96:a8:4c:42:e3:ab:f6:a0:ef:a3:1f:1c:9b:77:83:
42:7e:25:12:df:ce:cd:f3:ec:4a:bb:dd:c1:78:97:
a7:1d:0a:d9:cc:38:97:00:5c:d2:e2:b6:42:a9:a1:
b3:aa:05:87:bb:e8:7f:bf:6e:18:5c:be:27:37:5c:
40:b0:80:5f:da:1d:da:b5:19:d8:e8:c9:76:1a:bb:
67:a0:02:14:37:ed:ab:98:96:14:4d:d2:e5:6f:e1:
3c:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:D4:94:BB:3D:1E:D3:8E:0D:EB:60:A0:3B:55:91:AC:57:98:28:29
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/cdSUuz0e044N62CgO1WRrFeYKCk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.122.46.0/24
Signature Algorithm: sha256WithRSAEncryption
35:de:0e:bf:42:7b:9b:e0:d8:55:c8:89:2c:db:89:00:3b:6a:
d6:9a:f4:fd:e0:d6:6d:e6:cd:e9:7c:f5:b9:9b:45:e7:58:98:
4b:79:62:36:81:b3:61:7e:23:35:5b:32:92:5b:45:9c:72:61:
97:51:6f:f8:b9:5b:16:6f:97:43:36:43:81:54:27:91:23:f9:
fd:21:23:94:55:73:87:42:6b:a8:e1:02:c5:51:cd:0d:84:bb:
f4:ca:90:7f:a8:3d:a5:c6:38:7c:b2:b8:dc:fa:35:42:d6:af:
74:99:90:e7:9d:16:3a:ec:0b:f0:86:17:a2:15:d9:4b:23:f8:
58:97:48:39:06:9f:72:3a:23:33:78:4e:2d:f9:0a:cf:de:22:
c8:42:0c:df:99:2a:1f:12:c8:3d:3d:f3:e7:b4:f2:bd:d0:12:
a2:48:35:d9:d1:2a:b5:cf:45:21:37:a9:85:b4:cf:fe:8a:f6:
64:23:f4:4f:32:9b:e2:5c:e2:b9:35:74:14:7e:ec:44:70:0e:
32:e6:cf:6f:81:17:a8:e1:48:5c:35:3b:e6:d4:3c:66:e8:23:
b4:7b:00:75:b7:d5:83:82:c2:ca:87:59:00:41:ee:a7:73:14:
c7:2f:cb:bc:f7:d7:ad:df:76:88:9b:6b:c6:fe:61:0d:54:de:
0e:3c:3c:96
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZLDei3KxgM1BWeydRIaUwkTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjQxMDI1MTE0MDE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MWQ0OTRiYjNkMWVkMzhlMGRlYjYwYTAzYjU1OTFhYzU3OTgyODI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvbf7GjO6EIB7cStyT94mC99na8iB
fOS8qKnU+L4WFqtTuL/9kUOsB3ATblbNsQzHvWkEPzns2aezTlvbV5PZDWvLM8pH
S5KFb5nHOU3TPlWjvsUTyIRBq6ziRZ8I8Q3OUHiPH18oSsOmsETAT8MJQS/H33vl
oPVmatMkLQJ1K25uEyDKG41pzXqSneHfQarmqxwUfCtO4U0tTWGdhORpFNwADJeW
qExC46v2oO+jHxybd4NCfiUS387N8+xKu93BeJenHQrZzDiXAFzS4rZCqaGzqgWH
u+h/v24YXL4nN1xAsIBf2h3atRnY6Ml2GrtnoAIUN+2rmJYUTdLlb+E8bQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHHUlLs9HtOODetgoDtVkaxXmCgpMB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvY2RTVXV6MGUwNDRONjJDZ08xV1JyRmVZS0NrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbXouMA0G
CSqGSIb3DQEBCwUAA4IBAQA13g6/Qnub4NhVyIks24kAO2rWmvT94NZt5s3pfPW5
m0XnWJhLeWI2gbNhfiM1WzKSW0WccmGXUW/4uVsWb5dDNkOBVCeRI/n9ISOUVXOH
Qmuo4QLFUc0NhLv0ypB/qD2lxjh8srjc+jVC1q90mZDnnRY67AvwhheiFdlLI/hY
l0g5Bp9yOiMzeE4t+QrP3iLIQgzfmSofEsg9PfPntPK90BKiSDXZ0Sq1z0UhN6mF
tM/+ivZkI/RPMpviXOK5NXQUfuxEcA4y5s9vgReo4UhcNTvm1Dxm6CO0ewB1t9WD
gsLKh1kAQe6ncxTHL8u899et33aIm2vG/mENVN4OPDyW
-----END CERTIFICATE-----
Generated at Thu Nov 7 10:45:01 2024 by rpki-client on console-ams.rpki-client.org