Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/hpGgzUMp5Gj7L4s0mR10kbNriaU.roa
File: hpGgzUMp5Gj7L4s0mR10kbNriaU.roa (raw, json)
Hash identifier: qPzfIa7ZZ+kmKhohD4gPPU+lKAUXRRmN8K3JuWJUDRU=
Subject key identifier: 86:91:A0:CD:43:29:E4:68:FB:2F:8B:34:99:1D:74:91:B3:6B:89:A5
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 018E861F0AA08FAA9E44C4636F59D772C895
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/hpGgzUMp5Gj7L4s0mR10kbNriaU.roa
Signing time: Thu 28 Mar 2024 17:32:45 +0000
ROA not before: Thu 28 Mar 2024 17:32:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14445
IP address blocks: 109.122.41.0/24 maxlen: 24
193.93.52.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 01 Sep 2024 16:46:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:86:1f:0a:a0:8f:aa:9e:44:c4:63:6f:59:d7:72:c8:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Mar 28 17:32:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8691a0cd4329e468fb2f8b34991d7491b36b89a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:ba:b3:6b:bd:fe:a9:46:44:b6:87:fc:f8:1b:
35:f4:4a:6a:bb:15:3f:a8:63:83:95:0c:7b:9e:5e:
5e:2f:47:af:c0:9e:29:60:f9:49:5a:c8:0b:ea:04:
eb:f5:3f:94:ca:c2:42:2f:bd:11:1c:41:24:ee:18:
8a:05:6b:46:75:1e:a0:60:1b:48:04:80:0b:07:66:
14:c4:11:88:7d:d3:61:5b:c1:1b:c6:d6:0f:f9:20:
6d:f0:1a:1b:92:23:36:eb:49:88:09:89:ba:83:d5:
e4:ae:12:45:02:2d:43:66:20:f0:cf:f1:60:ef:d8:
08:84:4b:e0:9c:b8:c9:67:04:45:6a:e2:b3:e6:53:
54:31:d0:74:48:c1:33:93:70:96:d2:30:86:35:cd:
2d:41:05:ac:95:6e:72:40:85:f8:46:75:d0:cd:d9:
a3:42:59:12:c5:02:d0:ac:32:31:85:19:0d:2d:fe:
b6:0a:02:a7:f5:eb:5e:ec:f8:52:f3:42:bf:6f:b9:
b6:67:1d:3a:62:06:35:70:6c:3e:77:94:fa:df:d0:
a9:32:2a:53:67:9a:fe:1d:f3:8d:26:97:b0:3e:4c:
49:05:df:02:f6:cd:4a:6f:c0:ad:5d:af:aa:d8:07:
9d:67:b6:63:29:33:fc:7d:8d:9b:23:ac:63:0d:20:
7c:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:91:A0:CD:43:29:E4:68:FB:2F:8B:34:99:1D:74:91:B3:6B:89:A5
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/hpGgzUMp5Gj7L4s0mR10kbNriaU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.122.41.0/24
193.93.52.0/24
Signature Algorithm: sha256WithRSAEncryption
27:07:90:f2:de:4c:67:f9:c1:82:38:02:0a:9a:ca:a2:35:df:
4a:8c:08:43:5b:65:51:4f:7a:ff:8e:00:a5:f6:5c:82:e8:00:
95:fb:34:21:3e:4a:bc:93:bd:e0:44:6f:49:1b:93:77:8d:b8:
c7:7f:b7:82:1a:d2:b7:41:f7:ce:41:82:b4:8d:58:18:cd:32:
ff:3d:50:59:77:99:e9:13:57:2d:bb:dc:1b:01:24:44:cc:01:
12:92:b5:e2:47:29:89:68:65:30:6b:6c:41:61:ec:2b:b6:c4:
4e:32:ca:12:70:bf:4b:34:e6:7e:0b:71:fa:6c:09:b1:26:d9:
96:0f:79:14:cd:a7:78:4f:de:a5:65:6a:8a:87:f7:a0:85:a5:
8d:ce:ba:f5:31:cc:2f:01:f4:a8:48:ed:58:ae:f4:79:c6:cf:
9c:83:5b:2c:44:fb:ee:6f:09:23:a4:fc:9a:9f:e1:13:d0:ee:
ad:4a:14:c7:90:4a:7f:d4:94:60:cc:72:34:93:e5:ad:67:ce:
88:c4:47:50:26:79:ec:54:fe:e4:85:1b:b1:40:0a:56:64:21:
e4:8e:65:1e:52:fa:f9:b0:44:32:62:2d:49:41:f3:62:06:69:
dd:0d:34:f2:25:d9:2f:40:ec:6b:c8:bf:b4:71:81:28:f7:a8:
88:87:c9:19
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY6GHwqgj6qeRMRjb1nXcsiVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjQwMzI4MTczMjQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjkxYTBjZDQzMjllNDY4ZmIyZjhiMzQ5OTFkNzQ5MWIzNmI4OWE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhLqza73+qUZEtof8+Bs19EpquxU/
qGODlQx7nl5eL0evwJ4pYPlJWsgL6gTr9T+UysJCL70RHEEk7hiKBWtGdR6gYBtI
BIALB2YUxBGIfdNhW8EbxtYP+SBt8BobkiM260mICYm6g9XkrhJFAi1DZiDwz/Fg
79gIhEvgnLjJZwRFauKz5lNUMdB0SMEzk3CW0jCGNc0tQQWslW5yQIX4RnXQzdmj
QlkSxQLQrDIxhRkNLf62CgKn9ete7PhS80K/b7m2Zx06YgY1cGw+d5T639CpMipT
Z5r+HfONJpewPkxJBd8C9s1Kb8CtXa+q2AedZ7ZjKTP8fY2bI6xjDSB8KwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIaRoM1DKeRo+y+LNJkddJGza4mlMB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvaHBHZ3pVTXA1R2o3TDRzMG1SMTBrYk5yaWFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAbXopAwQA
wV00MA0GCSqGSIb3DQEBCwUAA4IBAQAnB5Dy3kxn+cGCOAIKmsqiNd9KjAhDW2VR
T3r/jgCl9lyC6ACV+zQhPkq8k73gRG9JG5N3jbjHf7eCGtK3QffOQYK0jVgYzTL/
PVBZd5npE1ctu9wbASREzAESkrXiRymJaGUwa2xBYewrtsROMsoScL9LNOZ+C3H6
bAmxJtmWD3kUzad4T96lZWqKh/eghaWNzrr1McwvAfSoSO1YrvR5xs+cg1ssRPvu
bwkjpPyan+ET0O6tShTHkEp/1JRgzHI0k+WtZ86IxEdQJnnsVP7khRuxQApWZCHk
jmUeUvr5sEQyYi1JQfNiBmndDTTyJdkvQOxryL+0cYEo96iIh8kZ
-----END CERTIFICATE-----
Generated at Sun Sep 1 18:04:15 2024 by rpki-client on console-fra.rpki-client.org