Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gMZtIRU281Jui1CQ8_mTQF639M8.roa
File: gMZtIRU281Jui1CQ8_mTQF639M8.roa (raw, json)
Hash identifier: 3gsOceB5vw7qE/BR2835Af9iIqJ7pUAefaOQEpouiP0=
Subject key identifier: 80:C6:6D:21:15:36:F3:52:6E:8B:50:90:F3:F9:93:40:5E:B7:F4:CF
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 018CC794D25B954D8CA2FDCA032176AE7CCB
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gMZtIRU281Jui1CQ8_mTQF639M8.roa
Signing time: Tue 02 Jan 2024 00:31:08 +0000
ROA not before: Tue 02 Jan 2024 00:31:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 91.200.221.0/24 maxlen: 24
109.122.46.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:15:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:d2:5b:95:4d:8c:a2:fd:ca:03:21:76:ae:7c:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Jan 2 00:31:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=80c66d211536f3526e8b5090f3f993405eb7f4cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:aa:48:84:23:42:21:ab:09:27:86:9c:42:be:
61:9a:d4:54:0e:2c:15:ff:13:6c:c5:d3:c8:65:bc:
aa:f2:7b:4a:c0:2a:06:99:a6:96:7e:c0:be:8a:db:
7f:71:d1:f0:62:0a:10:3a:d7:02:ae:8a:79:43:17:
dd:f3:d4:5e:f1:de:ae:12:d4:d9:e9:03:46:a4:7e:
dd:f1:63:84:27:f7:aa:ef:b5:58:8c:86:66:54:17:
bb:c2:a3:8e:05:10:c4:11:3a:5e:6b:b1:6f:95:a9:
66:32:ff:27:4a:59:fa:52:da:7f:66:8f:6a:78:ee:
50:4e:a0:0e:63:bc:29:5a:97:8c:ca:ff:ac:bf:e1:
f0:a2:df:32:3c:c9:9d:a3:d5:9a:a6:b9:b5:41:11:
69:6a:4c:ab:9e:dc:b8:d4:d5:62:78:ce:27:1c:f0:
fa:c9:96:7c:24:57:88:c5:7e:03:16:40:7c:0e:58:
87:bd:58:b3:c5:f8:ec:f3:f8:03:96:f7:08:bd:ae:
30:8f:0e:3e:22:4b:35:40:26:12:42:c9:11:5d:ae:
97:75:92:8d:59:c3:a3:c3:10:84:a1:bd:1d:69:63:
b7:9f:5e:df:83:fe:e7:38:08:5b:b9:4a:53:c4:39:
50:a5:15:00:e6:35:1b:af:2f:3a:cf:92:a4:45:4f:
36:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:C6:6D:21:15:36:F3:52:6E:8B:50:90:F3:F9:93:40:5E:B7:F4:CF
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gMZtIRU281Jui1CQ8_mTQF639M8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.200.221.0/24
109.122.46.0/24
Signature Algorithm: sha256WithRSAEncryption
71:ce:6d:56:87:dd:6a:4b:27:37:70:65:e2:fa:14:dc:98:d3:
6e:c5:b5:3d:f3:ac:e7:c5:bd:3d:fd:ff:cb:8e:e2:74:b2:f9:
af:12:75:9e:c3:e2:dd:6d:f0:43:ee:64:f2:5d:d6:33:75:cb:
fb:80:93:db:00:6d:3b:30:6f:05:1b:2a:5d:e2:96:7f:d7:f4:
a4:ac:18:b2:ee:7e:e5:b6:c3:ef:d9:a8:e2:fa:02:ce:fd:92:
37:a8:46:7f:e9:8c:45:fb:32:ba:c3:8c:63:54:68:55:95:cd:
f3:7f:0f:bf:88:fd:b8:c4:ea:df:b4:07:b8:ef:c8:3d:1a:31:
26:eb:08:9f:c2:9f:c6:fc:fd:ba:79:7c:b0:07:06:1d:09:4b:
09:dc:19:8a:3b:1a:ac:22:67:f4:23:6b:06:2a:34:86:b6:e6:
02:5e:26:ce:9f:12:ed:85:55:63:11:a2:ea:d5:f9:1f:2a:ca:
96:71:b1:d1:af:b8:32:30:c6:96:1b:79:03:64:95:2a:d0:c5:
5e:03:84:4d:25:17:c8:64:65:f9:16:1e:b9:7b:85:5a:46:36:
ec:c0:ad:f3:81:09:0a:c8:63:15:06:26:17:45:bf:f2:33:bd:
74:62:5e:34:40:b2:f1:cd:81:2f:3a:6f:e6:6e:b5:cd:73:e9:
20:98:30:ff
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzHlNJblU2Mov3KAyF2rnzLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjQwMTAyMDAzMTA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MGM2NmQyMTE1MzZmMzUyNmU4YjUwOTBmM2Y5OTM0MDVlYjdmNGNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApKpIhCNCIasJJ4acQr5hmtRUDiwV
/xNsxdPIZbyq8ntKwCoGmaaWfsC+itt/cdHwYgoQOtcCrop5Qxfd89Re8d6uEtTZ
6QNGpH7d8WOEJ/eq77VYjIZmVBe7wqOOBRDEETpea7FvlalmMv8nSln6Utp/Zo9q
eO5QTqAOY7wpWpeMyv+sv+Hwot8yPMmdo9Waprm1QRFpakyrnty41NVieM4nHPD6
yZZ8JFeIxX4DFkB8DliHvVizxfjs8/gDlvcIva4wjw4+Iks1QCYSQskRXa6XdZKN
WcOjwxCEob0daWO3n17fg/7nOAhbuUpTxDlQpRUA5jUbry86z5KkRU821wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIDGbSEVNvNSbotQkPP5k0Bet/TPMB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvZ01adElSVTI4MUp1aTFDUThfbVRRRjYzOU04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW8jdAwQA
bXouMA0GCSqGSIb3DQEBCwUAA4IBAQBxzm1Wh91qSyc3cGXi+hTcmNNuxbU986zn
xb09/f/LjuJ0svmvEnWew+LdbfBD7mTyXdYzdcv7gJPbAG07MG8FGypd4pZ/1/Sk
rBiy7n7ltsPv2aji+gLO/ZI3qEZ/6YxF+zK6w4xjVGhVlc3zfw+/iP24xOrftAe4
78g9GjEm6wifwp/G/P26eXywBwYdCUsJ3BmKOxqsImf0I2sGKjSGtuYCXibOnxLt
hVVjEaLq1fkfKsqWcbHRr7gyMMaWG3kDZJUq0MVeA4RNJRfIZGX5Fh65e4VaRjbs
wK3zgQkKyGMVBiYXRb/yM710Yl40QLLxzYEvOm/mbrXNc+kgmDD/
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:37 2024 by rpki-client on console-fra.rpki-client.org