Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/igRbmUDE7mHk1D_iqDp4l9UgVnQ.roa
File: igRbmUDE7mHk1D_iqDp4l9UgVnQ.roa (raw, json)
Hash identifier: K7Ou0sADagarao2FFLVawsZcwBODDMXD9HBopyQkpdg=
Subject key identifier: 8A:04:5B:99:40:C4:EE:61:E4:D4:3F:E2:A8:3A:78:97:D5:20:56:74
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 018F4650944AC3FB15E62B2550F5073A7C04
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/igRbmUDE7mHk1D_iqDp4l9UgVnQ.roa
Signing time: Sun 05 May 2024 01:13:56 +0000
ROA not before: Sun 05 May 2024 01:13:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 91.200.222.0/24 maxlen: 24
91.210.145.0/24 maxlen: 24
109.122.46.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 06 May 2024 07:01:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:46:50:94:4a:c3:fb:15:e6:2b:25:50:f5:07:3a:7c:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: May 5 01:13:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8a045b9940c4ee61e4d43fe2a83a7897d5205674
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:c5:45:03:84:98:08:11:ac:98:bb:23:38:6f:
5b:9b:91:2c:56:e3:27:55:8b:96:58:72:f5:eb:96:
2c:ca:97:31:2e:bd:d5:7f:05:40:dc:a5:ea:58:d9:
1c:10:57:f9:7c:54:1e:ff:74:73:27:e3:d1:a4:e7:
8d:16:66:0a:9c:fc:e4:72:0e:5c:a6:ab:29:c4:85:
6f:7e:d4:47:08:bb:b6:ba:ed:97:2d:cb:f7:ce:d3:
6e:a7:b7:5d:fe:40:7f:76:0e:03:52:e8:ef:44:ba:
50:80:2b:6b:19:0d:ed:ed:ce:36:aa:ac:65:2c:3e:
0b:43:1c:24:c4:3c:81:b0:fc:fa:b3:80:c3:50:74:
e9:e4:e3:5b:bd:1e:f4:bc:de:a8:bf:51:26:46:ce:
e4:65:d0:a3:80:0f:d2:12:91:cb:d3:eb:2c:9b:48:
43:0f:b6:07:1b:06:2c:de:e1:a8:e6:49:59:4f:78:
7e:2a:70:2c:ea:89:c9:1c:cd:89:2b:2d:05:06:27:
a2:20:37:27:b4:93:4f:3d:bb:d4:f9:7d:8c:d7:d0:
82:c0:3a:1b:24:e0:d9:f4:e3:2e:4f:dc:85:81:8b:
40:c2:55:50:85:05:55:08:3b:de:48:fd:a2:de:66:
1d:34:0f:e3:2b:00:77:12:83:91:fc:a2:98:4a:1c:
ca:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:04:5B:99:40:C4:EE:61:E4:D4:3F:E2:A8:3A:78:97:D5:20:56:74
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/igRbmUDE7mHk1D_iqDp4l9UgVnQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.200.222.0/24
91.210.145.0/24
109.122.46.0/24
Signature Algorithm: sha256WithRSAEncryption
97:6b:1c:06:b9:da:0f:cf:87:5e:92:13:6a:1d:cb:55:17:8e:
fb:56:b2:44:8d:7c:76:f1:d9:a6:e5:4b:af:cf:f6:6b:e5:4c:
86:15:fd:5b:10:da:6b:ec:b0:a4:f4:39:01:15:52:5c:bd:b2:
e4:72:54:8d:ba:50:f8:cf:d6:77:6a:82:97:e2:4f:46:e6:4f:
af:16:9a:71:87:3b:cb:f9:b7:ac:7f:57:98:99:92:c1:e3:f0:
86:fa:8a:6e:95:8c:e8:d0:8a:4f:8e:f7:14:04:17:b9:d7:72:
f4:1a:b4:34:bc:be:cd:bd:6d:43:47:14:31:6b:e5:16:72:47:
c2:bc:7c:a4:b5:2d:19:10:2e:25:1e:02:e0:72:54:2b:1e:37:
55:73:7c:4f:83:83:d2:13:26:75:5c:f0:b4:a5:8f:7c:50:30:
fe:22:9a:b6:80:90:49:f6:a9:5e:2f:b9:ae:df:6e:16:d0:e4:
54:0f:64:27:28:96:0d:7b:e9:a5:2e:9e:eb:ca:db:ee:9c:c6:
d0:d2:2b:82:77:c5:59:f4:c9:3b:97:aa:68:a3:cf:65:bc:90:
74:f1:6d:b2:53:4c:19:93:60:2f:0d:b3:c9:db:b8:5d:e4:80:
73:60:be:ec:24:2e:d1:e0:26:a5:73:3d:77:5d:3b:5c:44:d0:
07:29:5a:fd
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY9GUJRKw/sV5islUPUHOnwEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjQwNTA1MDExMzU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YTA0NWI5OTQwYzRlZTYxZTRkNDNmZTJhODNhNzg5N2Q1MjA1Njc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1sVFA4SYCBGsmLsjOG9bm5EsVuMn
VYuWWHL165YsypcxLr3VfwVA3KXqWNkcEFf5fFQe/3RzJ+PRpOeNFmYKnPzkcg5c
pqspxIVvftRHCLu2uu2XLcv3ztNup7dd/kB/dg4DUujvRLpQgCtrGQ3t7c42qqxl
LD4LQxwkxDyBsPz6s4DDUHTp5ONbvR70vN6ov1EmRs7kZdCjgA/SEpHL0+ssm0hD
D7YHGwYs3uGo5klZT3h+KnAs6onJHM2JKy0FBieiIDcntJNPPbvU+X2M19CCwDob
JODZ9OMuT9yFgYtAwlVQhQVVCDveSP2i3mYdNA/jKwB3EoOR/KKYShzKmwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIoEW5lAxO5h5NQ/4qg6eJfVIFZ0MB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvaWdSYm1VREU3bUhrMURfaXFEcDRsOVVnVm5RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAW8jeAwQA
W9KRAwQAbXouMA0GCSqGSIb3DQEBCwUAA4IBAQCXaxwGudoPz4dekhNqHctVF477
VrJEjXx28dmm5Uuvz/Zr5UyGFf1bENpr7LCk9DkBFVJcvbLkclSNulD4z9Z3aoKX
4k9G5k+vFppxhzvL+besf1eYmZLB4/CG+opulYzo0IpPjvcUBBe513L0GrQ0vL7N
vW1DRxQxa+UWckfCvHyktS0ZEC4lHgLgclQrHjdVc3xPg4PSEyZ1XPC0pY98UDD+
Ipq2gJBJ9qleL7mu324W0ORUD2QnKJYNe+mlLp7rytvunMbQ0iuCd8VZ9Mk7l6po
o89lvJB08W2yU0wZk2AvDbPJ27hd5IBzYL7sJC7R4Calcz13XTtcRNAHKVr9
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:37 2024 by rpki-client on console-fra.rpki-client.org