Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/jtXYZ2OnVrvKiTRakbRMwUrGG4Y.roa
File: jtXYZ2OnVrvKiTRakbRMwUrGG4Y.roa (raw, json)
Hash identifier: 5yewhx4xFiiBV1u9gYhukDrRfWNHMnSEq8IDLCkX7oY=
Subject key identifier: 8E:D5:D8:67:63:A7:56:BB:CA:89:34:5A:91:B4:4C:C1:4A:C6:1B:86
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 0191AE7B02629D45C2F1D10DF9B863CB635C
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/jtXYZ2OnVrvKiTRakbRMwUrGG4Y.roa
Signing time: Sun 01 Sep 2024 16:46:22 +0000
ROA not before: Sun 01 Sep 2024 16:46:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 109.122.41.0/24 maxlen: 24
109.122.46.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 05 Sep 2024 01:42:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:ae:7b:02:62:9d:45:c2:f1:d1:0d:f9:b8:63:cb:63:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Sep 1 16:46:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8ed5d86763a756bbca89345a91b44cc14ac61b86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:44:51:b8:3e:a5:4f:5c:2a:c3:1d:5d:91:21:
d3:95:34:fb:16:33:40:41:88:29:70:2f:6f:89:48:
c8:b5:22:3b:4b:ef:19:ba:df:b8:66:f1:fd:5c:52:
ca:1e:3f:91:45:0d:d7:96:b5:4b:43:19:92:e7:18:
23:e6:7b:ec:89:60:86:41:4d:aa:ee:56:d0:73:03:
63:4f:4b:99:be:4c:04:29:aa:c0:6b:57:c2:71:2b:
fc:78:c3:37:3a:04:36:d8:65:d5:2a:f6:04:92:3b:
b4:be:fe:9f:f1:7f:26:35:dd:63:07:64:66:c3:06:
09:2a:c9:98:ce:17:60:0d:0e:8e:0f:57:ba:78:68:
af:9b:cb:a6:0b:28:76:01:02:84:6c:f4:19:0b:7a:
74:f6:d5:06:08:2b:57:b2:0c:fa:bb:a6:f5:25:25:
80:4f:bb:9b:3f:ff:e4:96:db:fd:82:2b:5f:bd:47:
b2:a4:07:e2:3a:1a:1e:fc:1f:51:e4:24:e8:dc:91:
3c:fa:6b:4c:84:fc:dc:71:60:12:3c:5e:29:4a:9a:
40:71:46:17:98:6f:99:41:3d:d3:ae:c2:1d:48:6f:
b7:58:ad:6c:ba:c8:bc:3a:aa:ec:ef:e5:e1:5c:ff:
5f:ae:f5:8c:b8:be:9e:b6:b1:a0:78:4a:ad:7f:81:
45:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:D5:D8:67:63:A7:56:BB:CA:89:34:5A:91:B4:4C:C1:4A:C6:1B:86
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/jtXYZ2OnVrvKiTRakbRMwUrGG4Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.122.41.0/24
109.122.46.0/24
Signature Algorithm: sha256WithRSAEncryption
28:8c:1a:08:33:fb:e1:26:d8:d0:cf:e8:9f:e2:74:74:50:29:
7d:ab:97:9f:9f:49:48:b2:17:f5:4c:cc:30:66:29:5f:bb:27:
f9:68:69:34:d8:e2:da:15:48:c6:82:cc:9a:9b:05:64:99:6e:
62:0d:64:e6:2f:6b:b7:60:27:60:66:c6:f1:f7:8e:f9:4d:d7:
71:3a:0b:34:d9:33:fa:79:65:29:70:73:d9:bf:c3:2e:4d:69:
94:26:ee:1b:48:c5:9e:9a:fb:c7:d5:46:fe:01:f4:fd:5e:6c:
f7:fc:0e:c8:98:79:14:4e:ba:7d:34:83:12:e5:67:63:1e:17:
05:57:df:93:a1:7a:e6:31:22:06:51:71:aa:69:fe:e7:bb:ae:
5d:7b:36:41:99:a1:3c:fd:b6:31:e5:5b:60:ac:98:8d:7a:bf:
f8:cd:f4:02:91:37:56:19:bc:b6:61:18:7c:3e:d3:9f:d3:1b:
e3:69:f7:d7:09:1e:53:b8:04:76:bc:c6:a0:b0:94:f6:99:04:
b5:ef:1c:d8:64:bb:cd:b8:94:4e:59:76:1d:97:49:3f:c8:68:
e4:c4:12:79:65:a7:55:20:11:18:78:8f:5e:dd:7b:b2:2d:95:
a6:8b:88:cd:a7:e3:c3:7c:23:8b:fc:02:1e:5b:6e:63:1d:d7:
61:08:27:e4
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZGuewJinUXC8dEN+bhjy2NcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjQwOTAxMTY0NjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZWQ1ZDg2NzYzYTc1NmJiY2E4OTM0NWE5MWI0NGNjMTRhYzYxYjg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqkRRuD6lT1wqwx1dkSHTlTT7FjNA
QYgpcC9viUjItSI7S+8Zut+4ZvH9XFLKHj+RRQ3XlrVLQxmS5xgj5nvsiWCGQU2q
7lbQcwNjT0uZvkwEKarAa1fCcSv8eMM3OgQ22GXVKvYEkju0vv6f8X8mNd1jB2Rm
wwYJKsmYzhdgDQ6OD1e6eGivm8umCyh2AQKEbPQZC3p09tUGCCtXsgz6u6b1JSWA
T7ubP//kltv9gitfvUeypAfiOhoe/B9R5CTo3JE8+mtMhPzccWASPF4pSppAcUYX
mG+ZQT3TrsIdSG+3WK1susi8Oqrs7+XhXP9frvWMuL6etrGgeEqtf4FF7wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFI7V2Gdjp1a7yok0WpG0TMFKxhuGMB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvanRYWVoyT25WcnZLaVRSYWtiUk13VXJHRzRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAbXopAwQA
bXouMA0GCSqGSIb3DQEBCwUAA4IBAQAojBoIM/vhJtjQz+if4nR0UCl9q5efn0lI
shf1TMwwZilfuyf5aGk02OLaFUjGgsyamwVkmW5iDWTmL2u3YCdgZsbx9475Tddx
Ogs02TP6eWUpcHPZv8MuTWmUJu4bSMWemvvH1Ub+AfT9Xmz3/A7ImHkUTrp9NIMS
5WdjHhcFV9+ToXrmMSIGUXGqaf7nu65dezZBmaE8/bYx5VtgrJiNer/4zfQCkTdW
Gby2YRh8PtOf0xvjaffXCR5TuAR2vMagsJT2mQS17xzYZLvNuJROWXYdl0k/yGjk
xBJ5ZadVIBEYeI9e3XuyLZWmi4jNp+PDfCOL/AIeW25jHddhCCfk
-----END CERTIFICATE-----
Generated at Thu Sep 5 03:16:19 2024 by rpki-client on console-ams.rpki-client.org