Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/eArhF9lR8F2myUdrwqzkGXIYMHY.roa
File: eArhF9lR8F2myUdrwqzkGXIYMHY.roa (raw, json)
Hash identifier: x1yQHd0lLPcqg5qUb0qkSDw/LyREyagGgaQJEany7Q0=
Subject key identifier: 78:0A:E1:17:D9:51:F0:5D:A6:C9:47:6B:C2:AC:E4:19:72:18:30:76
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 0187D1F2BFEBEA31F246DA6CDB55695C01B4
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/eArhF9lR8F2myUdrwqzkGXIYMHY.roa
Signing time: Sun 30 Apr 2023 11:35:59 +0000
ROA not before: Sun 30 Apr 2023 11:35:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209260
IP address blocks: 91.200.223.0/24 maxlen: 24
91.200.221.0/24 maxlen: 24
109.122.44.0/24 maxlen: 24
91.226.57.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 14 May 2023 08:07:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:d1:f2:bf:eb:ea:31:f2:46:da:6c:db:55:69:5c:01:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Apr 30 11:35:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=780ae117d951f05da6c9476bc2ace41972183076
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:3b:19:fb:88:f1:de:87:07:36:4a:4a:d6:52:
ab:1d:45:39:e4:ed:75:14:7c:e6:7a:fd:96:2c:0a:
40:d7:77:f4:b1:54:f1:52:2a:10:f1:ca:26:ef:60:
64:cb:b8:2c:1e:a2:f5:2c:60:de:f4:a2:89:db:c1:
0c:86:8b:9d:7f:0d:e3:93:a1:09:5d:84:5a:02:5b:
2e:09:6a:b1:12:e6:62:a8:2f:f2:87:f2:f3:c6:63:
8d:1f:1d:3e:5d:20:02:65:88:c8:b0:c4:d0:01:08:
5b:1b:9b:bc:7e:82:0c:78:24:16:49:93:65:bd:9b:
0d:9b:ed:27:3c:0d:41:60:80:8d:ba:04:b9:3e:49:
75:3f:d8:ce:d1:f4:db:bb:d0:13:f4:18:93:88:d9:
d6:d0:af:ad:e4:64:26:0a:7f:6f:aa:ff:a4:7b:4f:
4c:ff:4e:d3:6d:ff:de:b0:e9:b3:32:42:ec:4a:38:
d4:87:c2:4c:41:45:99:20:64:10:b3:79:4d:f4:9e:
60:85:24:3b:e6:6b:cc:f8:7e:25:7f:1c:88:79:18:
6d:28:da:8c:af:2d:ee:0f:ab:62:d4:c2:b7:d6:54:
42:6a:83:66:32:ff:56:e1:67:dd:14:79:18:e0:0c:
27:70:b0:25:26:52:95:28:fb:79:ce:9c:33:f7:62:
f7:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:0A:E1:17:D9:51:F0:5D:A6:C9:47:6B:C2:AC:E4:19:72:18:30:76
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/eArhF9lR8F2myUdrwqzkGXIYMHY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.200.221.0/24
91.200.223.0/24
91.226.57.0/24
109.122.44.0/24
Signature Algorithm: sha256WithRSAEncryption
83:b1:c9:f2:b2:95:a9:dc:3b:e3:85:a7:94:4e:64:36:3b:1e:
f7:68:f7:80:a3:2f:11:1b:61:8d:58:28:f1:ea:ac:8e:1e:43:
d1:6e:87:d8:75:8e:f8:96:6d:5c:b5:32:99:e9:6f:bf:e6:2b:
a5:ff:5b:01:4b:40:f3:65:72:d2:0f:b6:2a:de:d8:a1:86:a6:
0b:d8:a0:63:1a:00:91:bb:ad:9c:56:ad:9a:73:17:4e:ac:e1:
3e:cd:87:84:ef:d2:61:6e:dd:4b:83:72:2a:ad:ff:da:3e:a2:
9b:4c:c1:a0:54:d8:ea:8e:10:e5:e4:9b:0a:6a:bc:6d:2f:7a:
51:b2:2e:93:d5:be:8b:f7:6a:81:b1:b2:0e:3e:79:3b:76:6e:
2c:7b:66:32:c7:4e:f9:e5:26:2c:dc:56:0e:6e:d2:54:4c:a8:
15:c9:dd:17:b4:84:ed:b4:8b:5f:b4:26:00:00:a7:9f:12:dc:
2e:79:e1:02:14:59:11:f2:6e:a5:b4:c9:ce:0a:9b:6d:29:0e:
9e:96:27:3d:2b:23:98:ea:c5:cc:e6:55:7f:36:58:81:ff:db:
f2:13:56:f7:40:f3:d8:4e:73:c1:c4:0c:bf:78:7e:28:c7:47:
8b:b9:2a:b9:26:56:de:6b:2e:0e:5f:24:71:56:81:03:66:28:
aa:56:5c:91
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYfR8r/r6jHyRtps21VpXAG0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjMwNDMwMTEzNTU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ODBhZTExN2Q5NTFmMDVkYTZjOTQ3NmJjMmFjZTQxOTcyMTgzMDc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApTsZ+4jx3ocHNkpK1lKrHUU55O11
FHzmev2WLApA13f0sVTxUioQ8com72Bky7gsHqL1LGDe9KKJ28EMhoudfw3jk6EJ
XYRaAlsuCWqxEuZiqC/yh/LzxmONHx0+XSACZYjIsMTQAQhbG5u8foIMeCQWSZNl
vZsNm+0nPA1BYICNugS5Pkl1P9jO0fTbu9AT9BiTiNnW0K+t5GQmCn9vqv+ke09M
/07Tbf/esOmzMkLsSjjUh8JMQUWZIGQQs3lN9J5ghSQ75mvM+H4lfxyIeRhtKNqM
ry3uD6ti1MK31lRCaoNmMv9W4WfdFHkY4AwncLAlJlKVKPt5zpwz92L3IQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFHgK4RfZUfBdpslHa8Ks5BlyGDB2MB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvZUFyaEY5bFI4RjJteVVkcndxemtHWElZTUhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAW8jdAwQA
W8jfAwQAW+I5AwQAbXosMA0GCSqGSIb3DQEBCwUAA4IBAQCDscnyspWp3DvjhaeU
TmQ2Ox73aPeAoy8RG2GNWCjx6qyOHkPRbofYdY74lm1ctTKZ6W+/5iul/1sBS0Dz
ZXLSD7Yq3tihhqYL2KBjGgCRu62cVq2acxdOrOE+zYeE79Jhbt1Lg3Iqrf/aPqKb
TMGgVNjqjhDl5JsKarxtL3pRsi6T1b6L92qBsbIOPnk7dm4se2Yyx0755SYs3FYO
btJUTKgVyd0XtITttItftCYAAKefEtwueeECFFkR8m6ltMnOCpttKQ6elic9KyOY
6sXM5lV/NliB/9vyE1b3QPPYTnPBxAy/eH4ox0eLuSq5Jlbeay4OXyRxVoEDZiiq
VlyR
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:37 2024 by rpki-client on console-fra.rpki-client.org