Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/ex_pYuo-1ewFhxt9JFqyUFvHhXY.roa
File: ex_pYuo-1ewFhxt9JFqyUFvHhXY.roa (raw, json)
Hash identifier: 6whU7xUYRT+3z76+tIPMMykS8IV20kLkzLxw7EyX3Fg=
Subject key identifier: 7B:1F:E9:62:EA:3E:D5:EC:05:87:1B:7D:24:5A:B2:50:5B:C7:85:76
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 0189A178A98656B7EC7B9CEB4C0918128A85
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/ex_pYuo-1ewFhxt9JFqyUFvHhXY.roa
Signing time: Sat 29 Jul 2023 11:46:26 +0000
ROA not before: Sat 29 Jul 2023 11:46:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 91.200.221.0/24 maxlen: 24
91.200.222.0/24 maxlen: 24
109.122.42.0/24 maxlen: 24
109.122.46.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 01 Aug 2023 11:39:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:a1:78:a9:86:56:b7:ec:7b:9c:eb:4c:09:18:12:8a:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Jul 29 11:46:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7b1fe962ea3ed5ec05871b7d245ab2505bc78576
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:9e:87:7d:3d:aa:b8:39:50:eb:00:90:52:d6:
b1:95:c2:16:d8:8c:ee:3d:78:02:85:ba:91:bd:22:
85:71:c7:5f:8b:72:a0:ac:a9:8d:5a:d5:f7:94:c0:
3e:53:3b:31:43:87:3d:d7:49:66:f1:b3:d2:d5:d0:
b4:b3:98:f1:84:8a:b8:63:a9:85:98:88:84:61:72:
f0:df:08:6d:4b:79:2b:a7:46:fd:ae:9a:90:f6:5d:
04:c5:6d:66:2f:0b:58:06:9a:c1:84:56:d2:43:4e:
c3:de:ff:a1:f8:48:c7:a6:b2:42:85:72:fe:b8:6d:
12:0f:eb:1a:88:5a:95:e8:9b:89:23:dc:a3:c2:f8:
36:b4:ef:d1:fa:3d:b4:91:ec:80:d9:ff:e8:03:7b:
bc:d6:fd:ce:1e:20:f3:8e:d9:1e:72:2e:4f:a9:15:
d8:9b:9b:9d:f3:c9:3c:7b:12:12:19:5a:4e:10:84:
b5:ba:ff:d0:b9:a5:0b:ff:0b:89:d4:ac:40:84:8b:
2e:0c:17:6c:0e:57:8f:74:ae:4f:4d:4a:b3:03:66:
2f:bc:c5:ae:df:07:c5:eb:0a:5b:35:44:df:48:6d:
e5:0f:f5:ed:86:02:45:14:0f:3d:05:8d:9d:d7:27:
90:7a:71:30:99:b6:7f:23:fa:3e:db:a1:3a:b4:fc:
16:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:1F:E9:62:EA:3E:D5:EC:05:87:1B:7D:24:5A:B2:50:5B:C7:85:76
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/ex_pYuo-1ewFhxt9JFqyUFvHhXY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.200.221.0-91.200.222.255
109.122.42.0/24
109.122.46.0/24
Signature Algorithm: sha256WithRSAEncryption
58:70:3c:3b:2a:62:ec:95:27:a9:e6:37:5c:d2:6e:13:04:16:
1e:f2:c7:9e:52:24:f4:b2:c3:09:1b:58:7b:6f:2b:e3:88:96:
ab:72:02:1f:1d:2c:94:9b:0d:56:35:70:82:1e:bf:b0:ac:28:
01:b7:38:18:ea:b4:41:f3:fa:e2:47:0c:5a:0d:ec:de:b4:40:
22:8f:69:95:d0:3d:f1:ec:56:50:b3:1d:70:54:e2:0b:80:6b:
74:a6:45:e9:b1:54:58:cb:da:46:7b:db:6a:b3:4b:d1:80:5b:
41:1c:9e:38:e1:74:2f:e0:bd:e2:db:6e:41:65:76:4d:ed:8d:
45:83:cd:b5:84:2f:1b:dc:01:30:81:fe:6a:b1:20:4d:75:bc:
9b:30:86:03:9e:74:8e:b3:a9:38:9b:5d:00:d0:3d:37:85:0f:
6f:ba:85:4e:50:87:9a:d4:86:da:e1:a3:e5:16:f6:31:44:82:
d1:42:81:87:dd:c6:23:05:a5:8d:a3:49:01:86:cd:e8:b3:be:
32:3c:bf:a9:01:06:cd:9a:e1:1d:1c:0d:94:ed:0e:7c:7c:9a:
eb:1f:ea:b5:0e:1e:f5:76:ab:be:ca:13:5c:27:79:d1:85:bd:
c4:be:9a:6b:47:0f:8e:cd:86:38:45:6b:6c:3b:a6:46:fa:b3:
82:16:e2:33
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYmheKmGVrfse5zrTAkYEoqFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjMwNzI5MTE0NjI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YjFmZTk2MmVhM2VkNWVjMDU4NzFiN2QyNDVhYjI1MDViYzc4NTc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoZ6HfT2quDlQ6wCQUtaxlcIW2Izu
PXgChbqRvSKFccdfi3KgrKmNWtX3lMA+UzsxQ4c910lm8bPS1dC0s5jxhIq4Y6mF
mIiEYXLw3whtS3krp0b9rpqQ9l0ExW1mLwtYBprBhFbSQ07D3v+h+EjHprJChXL+
uG0SD+saiFqV6JuJI9yjwvg2tO/R+j20keyA2f/oA3u81v3OHiDzjtkeci5PqRXY
m5ud88k8exISGVpOEIS1uv/QuaUL/wuJ1KxAhIsuDBdsDlePdK5PTUqzA2YvvMWu
3wfF6wpbNUTfSG3lD/XthgJFFA89BY2d1yeQenEwmbZ/I/o+26E6tPwWxQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFHsf6WLqPtXsBYcbfSRaslBbx4V2MB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvZXhfcFl1by0xZXdGaHh0OUpGcXlVRnZIaFhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBABbyN0D
BABbyN4DBABteioDBABtei4wDQYJKoZIhvcNAQELBQADggEBAFhwPDsqYuyVJ6nm
N1zSbhMEFh7yx55SJPSywwkbWHtvK+OIlqtyAh8dLJSbDVY1cIIev7CsKAG3OBjq
tEHz+uJHDFoN7N60QCKPaZXQPfHsVlCzHXBU4guAa3SmRemxVFjL2kZ722qzS9GA
W0EcnjjhdC/gveLbbkFldk3tjUWDzbWELxvcATCB/mqxIE11vJswhgOedI6zqTib
XQDQPTeFD2+6hU5Qh5rUhtrho+UW9jFEgtFCgYfdxiMFpY2jSQGGzeizvjI8v6kB
Bs2a4R0cDZTtDnx8musf6rUOHvV2q77KE1wnedGFvcS+mmtHD47NhjhFa2w7pkb6
s4IW4jM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:06 2024 by rpki-client on console-ams.rpki-client.org