Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/iZgcs2r6PaUb_HRmZEUANrJHp8o.roa
File: iZgcs2r6PaUb_HRmZEUANrJHp8o.roa (raw, json)
Hash identifier: cOhWV7SUjEEgaZqeJ5ZVYXKzJoZEAi/bKkccr5aIKv0=
Subject key identifier: 89:98:1C:B3:6A:FA:3D:A5:1B:FC:74:66:64:45:00:36:B2:47:A7:CA
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 0192620B1E60D62CBED0963636E7A0D5269B
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/iZgcs2r6PaUb_HRmZEUANrJHp8o.roa
Signing time: Sun 06 Oct 2024 13:35:48 +0000
ROA not before: Sun 06 Oct 2024 13:35:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 91.210.145.0/24 maxlen: 24
109.122.41.0/24 maxlen: 24
109.122.46.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 07 Oct 2024 11:40:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:62:0b:1e:60:d6:2c:be:d0:96:36:36:e7:a0:d5:26:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Oct 6 13:35:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=89981cb36afa3da51bfc746664450036b247a7ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:02:f7:15:1c:4b:71:ab:42:2e:87:d2:1b:6d:
49:c0:bb:78:8f:c9:04:f4:70:e2:54:a8:47:8b:fd:
75:66:66:6c:a9:f1:d8:59:dd:24:28:89:57:ab:f2:
86:54:91:3c:71:48:81:bd:b4:6e:2a:23:3c:c9:ba:
fe:69:f9:5c:cf:89:02:14:eb:ec:3e:19:0e:5d:dd:
47:f7:ae:fa:89:51:fc:b7:e4:9e:66:d0:9d:76:6d:
7e:7e:97:d0:13:88:a9:e4:37:0e:46:21:03:fe:0b:
2f:e6:32:d0:c4:16:9d:2e:ff:75:4a:ab:7d:91:18:
bd:1f:f8:2c:0e:95:be:41:e9:69:78:ef:95:fd:54:
da:81:4f:3a:18:9b:a5:f7:9f:68:db:6d:b6:da:76:
a2:47:f9:25:d5:26:06:a4:f8:84:35:35:b5:62:4c:
e3:bf:7f:df:23:ed:43:61:df:a3:f3:91:2b:23:fd:
9a:d6:54:9b:93:36:67:a5:9b:47:24:39:c4:35:81:
ea:8a:1e:ca:d1:af:70:4f:4d:ee:2c:7a:8e:7f:9a:
40:e6:b1:1b:31:4c:c5:b2:c9:ad:91:52:82:4a:ec:
3d:b7:fa:83:b6:d3:58:ad:46:10:79:bc:1a:fb:fe:
db:0a:16:8d:dd:46:28:47:e2:79:29:47:e4:b2:b0:
08:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:98:1C:B3:6A:FA:3D:A5:1B:FC:74:66:64:45:00:36:B2:47:A7:CA
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/iZgcs2r6PaUb_HRmZEUANrJHp8o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.210.145.0/24
109.122.41.0/24
109.122.46.0/24
Signature Algorithm: sha256WithRSAEncryption
2c:b4:13:3f:66:c0:36:03:79:ac:0a:31:c3:f2:d1:06:87:84:
e1:88:b3:8e:00:cf:ed:56:6a:89:6a:02:69:4a:1b:4a:6f:68:
d2:1c:8e:cd:e3:66:f7:e7:80:ab:e1:e2:b8:19:ac:33:48:46:
d7:f8:3a:3b:fa:b4:58:60:bf:54:ae:93:b8:0a:47:38:09:fe:
28:8d:51:d0:7e:5b:cb:24:bb:2f:a7:83:ec:ce:f0:9f:f5:6e:
33:79:e6:f7:9b:ff:c2:ab:73:7d:1a:f9:c3:1c:9f:37:51:a3:
49:c3:3e:9e:ee:28:c0:90:ae:12:3f:9c:87:be:d3:4d:04:c4:
8b:5a:1e:03:96:92:8a:88:5a:65:35:b2:96:ce:c2:4d:6b:43:
89:a3:2b:08:4a:96:b1:3f:44:d1:63:58:a1:93:34:07:10:39:
2a:74:e3:e0:36:99:a1:1f:74:3f:0a:6d:ab:03:6a:8d:55:de:
94:83:f4:23:34:f4:3e:3a:74:f4:11:31:7d:c7:19:09:5d:58:
28:a0:46:62:c3:a4:f9:0d:f9:c2:92:e7:75:53:68:d1:5b:6d:
82:57:06:a1:71:47:66:31:99:3c:5b:90:bd:bd:05:2c:87:d4:
ea:ba:b8:83:cb:f5:dc:14:66:a3:ff:01:d8:c5:de:6b:c1:99:
5b:08:7c:5d
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZJiCx5g1iy+0JY2Nueg1SabMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjQxMDA2MTMzNTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTk4MWNiMzZhZmEzZGE1MWJmYzc0NjY2NDQ1MDAzNmIyNDdhN2NhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtQL3FRxLcatCLofSG21JwLt4j8kE
9HDiVKhHi/11ZmZsqfHYWd0kKIlXq/KGVJE8cUiBvbRuKiM8ybr+aflcz4kCFOvs
PhkOXd1H9676iVH8t+SeZtCddm1+fpfQE4ip5DcORiED/gsv5jLQxBadLv91Sqt9
kRi9H/gsDpW+QelpeO+V/VTagU86GJul959o22222naiR/kl1SYGpPiENTW1Ykzj
v3/fI+1DYd+j85ErI/2a1lSbkzZnpZtHJDnENYHqih7K0a9wT03uLHqOf5pA5rEb
MUzFssmtkVKCSuw9t/qDttNYrUYQebwa+/7bChaN3UYoR+J5KUfksrAINQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFImYHLNq+j2lG/x0ZmRFADayR6fKMB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvaVpnY3MycjZQYVViX0hSbVpFVUFOckpIcDhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAW9KRAwQA
bXopAwQAbXouMA0GCSqGSIb3DQEBCwUAA4IBAQAstBM/ZsA2A3msCjHD8tEGh4Th
iLOOAM/tVmqJagJpShtKb2jSHI7N42b354Cr4eK4GawzSEbX+Do7+rRYYL9UrpO4
Ckc4Cf4ojVHQflvLJLsvp4PszvCf9W4zeeb3m//Cq3N9GvnDHJ83UaNJwz6e7ijA
kK4SP5yHvtNNBMSLWh4DlpKKiFplNbKWzsJNa0OJoysISpaxP0TRY1ihkzQHEDkq
dOPgNpmhH3Q/Cm2rA2qNVd6Ug/QjNPQ+OnT0ETF9xxkJXVgooEZiw6T5DfnCkud1
U2jRW22CVwahcUdmMZk8W5C9vQUsh9TquriDy/XcFGaj/wHYxd5rwZlbCHxd
-----END CERTIFICATE-----
Generated at Mon Oct 7 16:59:06 2024 by rpki-client on console-fra.rpki-client.org