Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/ew0lFGMlzogTxUGNYJKzWuIOlMU.roa
File: ew0lFGMlzogTxUGNYJKzWuIOlMU.roa (raw, json)
Hash identifier: Ld9eA90PMD4hZzeXIng+AUo5cxf9FhkU671tiVXofFI=
Subject key identifier: 7B:0D:25:14:63:25:CE:88:13:C5:41:8D:60:92:B3:5A:E2:0E:94:C5
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 01926B70901723392525593B21E06FCD1789
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/ew0lFGMlzogTxUGNYJKzWuIOlMU.roa
Signing time: Tue 08 Oct 2024 09:23:11 +0000
ROA not before: Tue 08 Oct 2024 09:23:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 91.200.221.0/24 maxlen: 24
91.210.145.0/24 maxlen: 24
109.122.41.0/24 maxlen: 24
109.122.45.0/24 maxlen: 24
109.122.46.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 08 Oct 2024 12:17:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:6b:70:90:17:23:39:25:25:59:3b:21:e0:6f:cd:17:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Oct 8 09:23:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7b0d25146325ce8813c5418d6092b35ae20e94c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:88:af:af:75:68:06:0f:41:71:a6:8c:62:b6:
9d:1a:73:c4:60:af:2d:ce:2e:3a:92:6a:2b:47:f4:
36:44:25:cf:01:c5:e8:1b:5f:78:8f:3f:ea:c6:cb:
fc:6c:40:59:b5:72:6e:3c:ab:01:1f:18:c2:c0:ca:
bb:85:f8:d1:da:f7:b6:60:1b:26:19:83:35:4e:bb:
54:7b:a5:f1:88:b7:86:3e:49:f8:ad:97:56:24:1b:
51:28:61:24:9d:df:05:0a:3b:66:4d:e6:e5:65:9a:
6b:7d:5f:d6:aa:f4:4c:36:11:ed:f8:16:28:fd:00:
2f:56:84:c5:9e:39:b6:a0:ae:6a:64:2c:ef:52:08:
44:91:b0:16:b9:58:2b:59:53:1e:47:f0:38:d1:f6:
5f:d9:2d:f5:91:da:78:2a:48:b4:43:66:f0:b9:c5:
74:54:96:32:fc:df:60:38:32:f4:9d:ec:35:6d:12:
ea:d9:51:89:0e:03:47:45:80:a5:6a:f9:27:07:57:
0f:31:dc:cf:4d:3f:ca:39:f8:78:1d:32:d4:b0:c8:
76:19:ae:ae:7e:9a:2b:e4:83:ba:6e:1e:7c:7e:a0:
ad:09:00:5e:1b:65:a6:9b:66:72:54:6b:8c:17:13:
c1:d6:9f:f7:37:07:67:39:8a:cf:f3:82:46:f6:1b:
b7:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:0D:25:14:63:25:CE:88:13:C5:41:8D:60:92:B3:5A:E2:0E:94:C5
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/ew0lFGMlzogTxUGNYJKzWuIOlMU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.200.221.0/24
91.210.145.0/24
109.122.41.0/24
109.122.45.0-109.122.46.255
Signature Algorithm: sha256WithRSAEncryption
85:30:b2:4a:1c:82:55:7e:9d:a7:0a:17:08:4f:ea:62:06:4e:
86:8e:5e:20:5c:14:e3:d7:ca:83:9b:95:f6:11:cc:38:23:e9:
9e:7c:1e:b7:5e:4d:87:da:46:8a:30:cc:7f:c6:c3:f8:47:b9:
20:4a:23:23:9e:74:e6:0d:9a:cd:3f:41:7d:bd:94:ce:c6:31:
ac:71:57:fb:f3:0c:7e:0c:eb:98:79:cc:b1:fe:9c:22:05:e5:
dd:ba:aa:14:2f:c1:64:e2:6e:15:99:83:9a:45:fe:4f:95:a7:
ae:8d:83:eb:ad:72:36:a0:e7:24:3f:24:e0:c1:ba:46:c3:c4:
cc:d2:23:98:b5:62:6c:74:f5:dc:aa:3d:a2:21:b5:6d:13:6c:
b2:d6:8c:c2:7d:07:89:6f:13:7f:67:21:1b:5e:25:a1:60:15:
02:e8:68:b3:b1:45:40:d4:64:ac:85:8a:a9:5a:06:55:ad:d9:
0e:49:46:56:4c:9f:84:6c:68:14:68:2d:60:27:16:3f:a9:c3:
73:96:ab:e5:e4:fa:ec:49:dc:b0:15:0d:27:da:e7:af:74:9f:
10:28:43:05:7a:5b:f3:1d:90:ba:5d:34:12:9c:74:af:85:fb:
b5:48:77:49:38:92:29:97:89:49:12:67:cc:41:d4:10:bd:8f:
d0:5a:9d:6b
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZJrcJAXIzklJVk7IeBvzReJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjQxMDA4MDkyMzExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YjBkMjUxNDYzMjVjZTg4MTNjNTQxOGQ2MDkyYjM1YWUyMGU5NGM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq4ivr3VoBg9BcaaMYradGnPEYK8t
zi46kmorR/Q2RCXPAcXoG194jz/qxsv8bEBZtXJuPKsBHxjCwMq7hfjR2ve2YBsm
GYM1TrtUe6XxiLeGPkn4rZdWJBtRKGEknd8FCjtmTeblZZprfV/WqvRMNhHt+BYo
/QAvVoTFnjm2oK5qZCzvUghEkbAWuVgrWVMeR/A40fZf2S31kdp4Kki0Q2bwucV0
VJYy/N9gODL0new1bRLq2VGJDgNHRYClavknB1cPMdzPTT/KOfh4HTLUsMh2Ga6u
fpor5IO6bh58fqCtCQBeG2Wmm2ZyVGuMFxPB1p/3NwdnOYrP84JG9hu3FwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFHsNJRRjJc6IE8VBjWCSs1riDpTFMB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvZXcwbEZHTWx6b2dUeFVHTllKS3pXdUlPbE1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAW8jdAwQA
W9KRAwQAbXopMAwDBABtei0DBABtei4wDQYJKoZIhvcNAQELBQADggEBAIUwskoc
glV+nacKFwhP6mIGToaOXiBcFOPXyoOblfYRzDgj6Z58HrdeTYfaRoowzH/Gw/hH
uSBKIyOedOYNms0/QX29lM7GMaxxV/vzDH4M65h5zLH+nCIF5d26qhQvwWTibhWZ
g5pF/k+Vp66Ng+utcjag5yQ/JODBukbDxMzSI5i1Ymx09dyqPaIhtW0TbLLWjMJ9
B4lvE39nIRteJaFgFQLoaLOxRUDUZKyFiqlaBlWt2Q5JRlZMn4RsaBRoLWAnFj+p
w3OWq+Xk+uxJ3LAVDSfa5690nxAoQwV6W/MdkLpdNBKcdK+F+7VId0k4kimXiUkS
Z8xB1BC9j9BanWs=
-----END CERTIFICATE-----
Generated at Tue Oct 8 18:03:46 2024 by rpki-client on console-ams.rpki-client.org