Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/lW-KmvDtz5rGweCoChwh8wztfKo.roa
File: lW-KmvDtz5rGweCoChwh8wztfKo.roa (raw, json)
Hash identifier: axRaTIW+jgRi1vhHzb/BWaYZo9j/CohCpaAOaYjjI1Q=
Subject key identifier: 95:6F:8A:9A:F0:ED:CF:9A:C6:C1:E0:A8:0A:1C:21:F3:0C:ED:7C:AA
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 0187939F94166C9236694ECA0D5DD70E8AA0
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/lW-KmvDtz5rGweCoChwh8wztfKo.roa
Signing time: Tue 18 Apr 2023 09:08:41 +0000
ROA not before: Tue 18 Apr 2023 09:08:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212219
IP address blocks: 91.200.220.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 19 May 2023 04:02:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:93:9f:94:16:6c:92:36:69:4e:ca:0d:5d:d7:0e:8a:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Apr 18 09:08:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=956f8a9af0edcf9ac6c1e0a80a1c21f30ced7caa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:99:7d:55:9e:b4:02:40:85:4b:bd:30:d0:43:
45:64:0a:9a:98:a6:b2:6c:61:9f:7c:2e:82:e9:d7:
b5:40:69:2e:2d:62:85:a1:08:a4:f2:54:bb:9f:7f:
d5:2b:f2:73:19:87:91:38:63:49:64:e4:e4:93:0d:
96:d5:1a:4c:d3:4d:30:ba:d4:65:65:75:1b:f7:72:
52:42:ba:b1:0b:15:0f:32:0b:86:fb:c7:d0:1e:57:
8c:95:bf:82:11:bf:b1:bc:2f:38:79:f9:6a:f5:aa:
7a:a9:21:1c:56:ac:90:3e:5f:9e:51:3a:e8:be:0d:
8f:74:db:7c:5d:9c:9e:fd:b4:61:ef:20:b1:e8:6a:
6c:06:e2:d7:40:d8:2d:3c:63:d3:11:55:c5:49:b6:
24:ba:27:9e:54:2d:8a:f8:68:6c:aa:50:c0:8e:8f:
67:34:d4:ed:e1:c1:b3:b2:30:bb:16:4e:ba:16:3f:
be:3b:df:f0:2f:a8:49:1c:95:99:df:2a:9d:21:d7:
bb:c8:76:9a:15:57:61:a1:b5:65:3a:5d:e4:c7:b7:
a5:74:d1:3e:ee:e8:31:87:6e:17:c3:cf:5f:26:4a:
e0:8d:34:97:d5:42:03:c3:4d:0e:1b:c6:9a:a9:20:
ae:04:49:ba:08:52:7b:00:90:4d:05:03:67:5b:db:
fb:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:6F:8A:9A:F0:ED:CF:9A:C6:C1:E0:A8:0A:1C:21:F3:0C:ED:7C:AA
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/lW-KmvDtz5rGweCoChwh8wztfKo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.200.220.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:65:1d:1b:25:ce:56:c9:88:16:5f:cd:35:e5:10:14:34:28:
fa:49:08:85:a3:44:fe:cc:2b:60:19:b7:54:c9:2b:09:34:8e:
95:48:16:30:a0:01:a7:6d:b2:b6:7c:de:80:e2:d5:1a:dd:f9:
e3:91:29:89:b6:53:44:f8:51:67:e9:b1:f9:71:b2:ff:d4:8e:
cb:aa:42:56:34:1e:6a:05:dd:2f:f5:1d:7d:c6:03:eb:6d:b1:
3c:4a:7d:38:89:e0:07:88:66:42:d1:4a:c3:ae:e4:da:c2:53:
84:da:34:21:6d:9d:f9:4d:bc:78:10:c1:89:7c:8f:07:95:7c:
73:f0:f1:14:38:fd:d6:53:92:40:e4:43:cc:6c:6f:9e:1c:23:
d7:df:d6:9e:98:fc:4f:e6:08:04:40:2a:63:f9:7f:a8:33:18:
0e:0e:35:01:4b:a1:e7:bb:60:87:7e:53:6f:ad:ab:61:00:cc:
12:ed:0d:fa:ea:1a:ba:ba:48:8e:88:54:19:77:20:3e:dd:a5:
fc:69:ae:bc:7f:86:2a:cf:44:b4:b4:81:58:2a:10:20:ee:1a:
ca:b6:a6:15:8e:c9:9f:f3:ef:fb:be:e0:b8:53:f5:7c:c9:01:
f0:3f:60:da:9e:ab:77:89:0e:ff:19:84:06:31:56:de:31:8a:
a6:4f:eb:29
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYeTn5QWbJI2aU7KDV3XDoqgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjMwNDE4MDkwODQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTZmOGE5YWYwZWRjZjlhYzZjMWUwYTgwYTFjMjFmMzBjZWQ3Y2FhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6Zl9VZ60AkCFS70w0ENFZAqamKay
bGGffC6C6de1QGkuLWKFoQik8lS7n3/VK/JzGYeROGNJZOTkkw2W1RpM000wutRl
ZXUb93JSQrqxCxUPMguG+8fQHleMlb+CEb+xvC84eflq9ap6qSEcVqyQPl+eUTro
vg2PdNt8XZye/bRh7yCx6GpsBuLXQNgtPGPTEVXFSbYkuieeVC2K+GhsqlDAjo9n
NNTt4cGzsjC7Fk66Fj++O9/wL6hJHJWZ3yqdIde7yHaaFVdhobVlOl3kx7eldNE+
7ugxh24Xw89fJkrgjTSX1UIDw00OG8aaqSCuBEm6CFJ7AJBNBQNnW9v7iwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJVviprw7c+axsHgqAocIfMM7XyqMB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvbFctS212RHR6NXJHd2VDb0Nod2g4d3p0ZktvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW8jcMA0G
CSqGSIb3DQEBCwUAA4IBAQCKZR0bJc5WyYgWX8015RAUNCj6SQiFo0T+zCtgGbdU
ySsJNI6VSBYwoAGnbbK2fN6A4tUa3fnjkSmJtlNE+FFn6bH5cbL/1I7LqkJWNB5q
Bd0v9R19xgPrbbE8Sn04ieAHiGZC0UrDruTawlOE2jQhbZ35Tbx4EMGJfI8HlXxz
8PEUOP3WU5JA5EPMbG+eHCPX39aemPxP5ggEQCpj+X+oMxgODjUBS6Hnu2CHflNv
rathAMwS7Q366hq6ukiOiFQZdyA+3aX8aa68f4Yqz0S0tIFYKhAg7hrKtqYVjsmf
8+/7vuC4U/V8yQHwP2Danqt3iQ7/GYQGMVbeMYqmT+sp
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:07 2024 by rpki-client on console-ams.rpki-client.org