Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/dGqovgLITWmYJvlBsMUpuLncxnI.roa
File: dGqovgLITWmYJvlBsMUpuLncxnI.roa (raw, json)
Hash identifier: wWsUvYJU+BRnqJij5DSYDC9eLSBrSr34jajQCGd2Bgk=
Subject key identifier: 74:6A:A8:BE:02:C8:4D:69:98:26:F9:41:B0:C5:29:B8:B9:DC:C6:72
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 018E9DF507FAFA956E074172F1624CA5E974
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/dGqovgLITWmYJvlBsMUpuLncxnI.roa
Signing time: Tue 02 Apr 2024 08:37:45 +0000
ROA not before: Tue 02 Apr 2024 08:37:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 91.200.220.0/24 maxlen: 24
91.210.144.0/24 maxlen: 24
91.210.145.0/24 maxlen: 24
91.210.146.0/24 maxlen: 24
109.122.40.0/24 maxlen: 24
109.122.46.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 03 Apr 2024 04:23:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:9d:f5:07:fa:fa:95:6e:07:41:72:f1:62:4c:a5:e9:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Apr 2 08:37:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=746aa8be02c84d699826f941b0c529b8b9dcc672
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:e3:0a:10:9c:3d:94:b8:39:6e:97:0d:48:e5:
0a:e8:4c:80:49:84:07:95:03:ac:90:96:83:9d:a7:
fd:1b:8e:17:49:a8:a9:e1:27:45:68:be:3c:6b:a7:
5f:e4:bc:30:fd:b5:af:ff:9e:5f:29:fe:be:68:de:
f3:32:9d:0c:cd:66:c7:72:a5:e2:e1:7a:b4:78:5c:
c5:9c:57:4b:31:ae:cf:fa:da:6d:bb:51:f4:7f:d1:
ca:16:cd:3a:6c:78:0a:2f:f5:9e:8a:33:18:c2:c8:
74:46:c0:fd:0c:35:09:a9:66:bc:45:de:55:c6:3b:
e1:14:f2:05:c2:57:6b:b8:6d:2b:26:65:7f:6b:73:
8f:7f:1e:6e:b7:da:5d:5e:f2:14:00:85:92:0a:a3:
04:df:bb:d2:6a:cf:0c:b8:f1:3b:24:6b:65:78:03:
23:3b:e3:1a:ed:88:16:cb:46:43:1c:f3:18:f2:90:
89:f0:e8:7a:e6:1d:ad:8a:d8:33:77:63:2b:41:d4:
ee:e3:2e:cc:12:c6:2c:cd:fb:27:7d:df:a5:79:9a:
b8:3d:ec:cf:69:c2:07:82:ed:0a:6c:31:46:38:85:
66:ce:dd:75:17:b9:52:29:aa:29:f7:3d:62:35:0b:
88:3a:5c:1f:4e:da:ac:75:f4:c1:6d:9a:a7:a1:6f:
0c:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:6A:A8:BE:02:C8:4D:69:98:26:F9:41:B0:C5:29:B8:B9:DC:C6:72
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/dGqovgLITWmYJvlBsMUpuLncxnI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.200.220.0/24
91.210.144.0-91.210.146.255
109.122.40.0/24
109.122.46.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:78:62:2d:ef:1b:b4:5c:bd:19:0f:39:73:b3:68:74:1c:2b:
4d:9b:14:c4:c0:2c:25:5a:63:81:77:fb:22:06:67:fb:bb:c2:
98:39:68:82:0a:4d:0d:66:a0:be:83:ad:40:40:6a:5b:15:d8:
e7:ae:a3:ec:12:76:5f:92:8d:51:76:7c:28:4b:46:3d:9f:ac:
a5:c9:dd:0e:44:56:9e:f0:3c:d6:f4:5e:2c:8d:23:21:d4:7e:
7e:62:d5:75:c3:0e:79:c2:2f:a9:1b:6f:76:2d:30:eb:c5:0c:
3b:4d:d2:d7:d4:5b:f4:51:18:2b:66:92:5b:2d:dc:0a:94:fc:
21:88:e1:0a:34:41:96:1b:ba:fc:23:c2:38:0e:01:de:4f:30:
95:7f:59:ca:cd:ad:8f:36:86:42:5a:5c:eb:30:bb:1f:60:ea:
9e:cc:17:4a:50:dd:52:8d:ab:db:a6:7c:70:e1:46:40:98:fc:
a7:94:3e:40:25:6d:9b:88:1d:1f:2f:cb:52:83:4d:71:71:38:
d1:00:ae:67:c6:b6:ce:6c:fd:d6:95:2c:12:13:6d:93:d9:07:
52:fa:ff:3d:df:65:4a:b1:9c:76:eb:26:7e:9c:c0:a4:3a:76:
21:71:a4:87:64:1b:ed:88:e9:f5:91:06:61:59:b9:fa:8f:82:
48:8c:a5:3f
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAY6d9Qf6+pVuB0Fy8WJMpel0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjQwNDAyMDgzNzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDZhYThiZTAyYzg0ZDY5OTgyNmY5NDFiMGM1MjliOGI5ZGNjNjcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk+MKEJw9lLg5bpcNSOUK6EyASYQH
lQOskJaDnaf9G44XSaip4SdFaL48a6df5Lww/bWv/55fKf6+aN7zMp0MzWbHcqXi
4Xq0eFzFnFdLMa7P+tptu1H0f9HKFs06bHgKL/WeijMYwsh0RsD9DDUJqWa8Rd5V
xjvhFPIFwldruG0rJmV/a3OPfx5ut9pdXvIUAIWSCqME37vSas8MuPE7JGtleAMj
O+Ma7YgWy0ZDHPMY8pCJ8Oh65h2titgzd2MrQdTu4y7MEsYszfsnfd+leZq4PezP
acIHgu0KbDFGOIVmzt11F7lSKaop9z1iNQuIOlwfTtqsdfTBbZqnoW8M/wIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFHRqqL4CyE1pmCb5QbDFKbi53MZyMB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvZEdxb3ZnTElUV21ZSnZsQnNNVXB1TG5jeG5JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAW8jcMAwD
BARb0pADBABb0pIDBABteigDBABtei4wDQYJKoZIhvcNAQELBQADggEBAG94Yi3v
G7RcvRkPOXOzaHQcK02bFMTALCVaY4F3+yIGZ/u7wpg5aIIKTQ1moL6DrUBAalsV
2Oeuo+wSdl+SjVF2fChLRj2frKXJ3Q5EVp7wPNb0XiyNIyHUfn5i1XXDDnnCL6kb
b3YtMOvFDDtN0tfUW/RRGCtmklst3AqU/CGI4Qo0QZYbuvwjwjgOAd5PMJV/WcrN
rY82hkJaXOswux9g6p7MF0pQ3VKNq9umfHDhRkCY/KeUPkAlbZuIHR8vy1KDTXFx
ONEArmfGts5s/daVLBITbZPZB1L6/z3fZUqxnHbrJn6cwKQ6diFxpIdkG+2I6fWR
BmFZufqPgkiMpT8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:06 2024 by rpki-client on console-ams.rpki-client.org