Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/giA2KkKdZHr7FTO49zSrqoPOtA0.roa
File: giA2KkKdZHr7FTO49zSrqoPOtA0.roa (raw, json)
Hash identifier: 53pTZ3Bx3szUW1icpjekOdhPpzEyaedAGMlj6ZDgA4k=
Subject key identifier: 82:20:36:2A:42:9D:64:7A:FB:15:33:B8:F7:34:AB:AA:83:CE:B4:0D
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 018DD0D9C2C252DEED121C8486E264CDBD61
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/giA2KkKdZHr7FTO49zSrqoPOtA0.roa
Signing time: Thu 22 Feb 2024 12:45:48 +0000
ROA not before: Thu 22 Feb 2024 12:45:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 91.200.221.0/24 maxlen: 24
109.122.46.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 28 Feb 2024 08:04:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:d0:d9:c2:c2:52:de:ed:12:1c:84:86:e2:64:cd:bd:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Feb 22 12:45:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8220362a429d647afb1533b8f734abaa83ceb40d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:77:4d:e5:8a:c5:1e:23:69:02:f9:f1:9d:1c:
6b:f2:61:b4:8f:ac:0b:fa:86:ba:f1:ab:6e:b7:36:
08:f1:8a:0f:48:43:f3:28:04:99:d3:c2:5f:b5:02:
ee:e6:e0:29:d3:b3:a0:6b:ef:0f:bd:cc:5f:6b:e9:
d6:10:b5:e8:a4:81:7e:05:8e:5f:dd:d1:da:52:5b:
de:06:97:45:94:a8:ae:69:30:91:ba:e4:b0:90:c9:
f5:16:16:b0:80:b0:a6:6b:14:1c:f4:a8:fd:a8:88:
55:9e:36:8e:74:9f:f1:57:cd:44:85:ca:17:83:99:
5b:23:1a:b0:b6:26:7a:cb:f6:09:17:74:3d:54:77:
88:55:fa:6e:cd:16:92:b5:92:44:c4:a0:e7:a5:77:
d1:22:18:d9:d7:b7:03:85:fb:b2:08:87:b1:29:1e:
21:80:6f:bd:f4:42:ef:f6:19:f8:df:74:30:dc:3b:
a9:01:ba:69:69:5a:23:52:69:ca:9c:f6:68:0f:42:
10:29:24:2d:63:a4:21:51:f6:75:dd:9d:0c:f4:43:
88:04:11:8a:21:9b:a0:ee:fb:ec:08:e5:d0:54:9f:
15:0c:c6:e4:21:f4:aa:40:da:59:57:56:4b:90:a3:
ba:7e:25:6f:0f:ce:5b:b9:ab:26:ce:e0:4f:f1:f6:
49:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:20:36:2A:42:9D:64:7A:FB:15:33:B8:F7:34:AB:AA:83:CE:B4:0D
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/giA2KkKdZHr7FTO49zSrqoPOtA0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.200.221.0/24
109.122.46.0/24
Signature Algorithm: sha256WithRSAEncryption
7b:26:9d:c4:68:d8:fe:a7:eb:56:53:92:c6:1e:f8:08:3b:13:
82:10:bb:db:91:16:12:97:ec:ea:2f:05:46:e4:93:42:eb:3b:
58:7f:b5:d3:26:3c:17:1e:79:20:2f:50:6d:af:12:55:c4:15:
ec:1f:f2:da:0a:7e:ff:69:bd:97:0e:a5:03:08:62:58:dd:95:
db:98:bf:18:da:cf:76:03:ab:fb:83:78:bb:30:d7:01:5f:ea:
56:90:57:c5:bc:21:f8:0f:01:47:09:80:f7:a7:5c:61:46:68:
36:b6:a3:5f:92:5c:8d:eb:1d:fd:ec:1f:d3:9f:e5:76:71:f1:
d5:5d:cf:65:aa:70:bc:4c:5f:3c:c9:8b:fa:f1:ee:2e:d3:88:
a1:27:4f:66:df:8e:41:86:d3:5d:8d:92:bb:cb:a3:65:44:ee:
f2:8a:d7:f1:84:b6:47:7c:45:e6:f7:2c:39:a4:31:d8:04:83:
f5:c7:bb:3b:63:cf:aa:8c:5f:ab:3a:af:51:e4:21:65:47:74:
74:1d:8d:79:2c:02:c2:75:66:4a:66:d7:fe:0b:41:04:4e:22:
09:74:4f:30:db:98:f5:72:32:cc:93:09:e6:11:d4:d0:56:d5:
17:74:41:28:d3:6a:fa:4e:2a:c3:2d:5b:95:3e:30:8c:17:52:
df:e6:21:f5
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY3Q2cLCUt7tEhyEhuJkzb1hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjQwMjIyMTI0NTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MjIwMzYyYTQyOWQ2NDdhZmIxNTMzYjhmNzM0YWJhYTgzY2ViNDBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqndN5YrFHiNpAvnxnRxr8mG0j6wL
+oa68atutzYI8YoPSEPzKASZ08JftQLu5uAp07Oga+8Pvcxfa+nWELXopIF+BY5f
3dHaUlveBpdFlKiuaTCRuuSwkMn1FhawgLCmaxQc9Kj9qIhVnjaOdJ/xV81EhcoX
g5lbIxqwtiZ6y/YJF3Q9VHeIVfpuzRaStZJExKDnpXfRIhjZ17cDhfuyCIexKR4h
gG+99ELv9hn433Qw3DupAbppaVojUmnKnPZoD0IQKSQtY6QhUfZ13Z0M9EOIBBGK
IZug7vvsCOXQVJ8VDMbkIfSqQNpZV1ZLkKO6fiVvD85buasmzuBP8fZJgQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIIgNipCnWR6+xUzuPc0q6qDzrQNMB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvZ2lBMktrS2RaSHI3RlRPNDl6U3Jxb1BPdEEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW8jdAwQA
bXouMA0GCSqGSIb3DQEBCwUAA4IBAQB7Jp3EaNj+p+tWU5LGHvgIOxOCELvbkRYS
l+zqLwVG5JNC6ztYf7XTJjwXHnkgL1BtrxJVxBXsH/LaCn7/ab2XDqUDCGJY3ZXb
mL8Y2s92A6v7g3i7MNcBX+pWkFfFvCH4DwFHCYD3p1xhRmg2tqNfklyN6x397B/T
n+V2cfHVXc9lqnC8TF88yYv68e4u04ihJ09m345BhtNdjZK7y6NlRO7yitfxhLZH
fEXm9yw5pDHYBIP1x7s7Y8+qjF+rOq9R5CFlR3R0HY15LALCdWZKZtf+C0EETiIJ
dE8w25j1cjLMkwnmEdTQVtUXdEEo02r6TirDLVuVPjCMF1Lf5iH1
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:37 2024 by rpki-client on console-fra.rpki-client.org