Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/mY6LsQCA13PcKjYBibCFh9O7jds.roa
File: mY6LsQCA13PcKjYBibCFh9O7jds.roa (raw, json)
Hash identifier: 0VR5CAoKbopm7F68qpeANZGaMWw4GL1p1kq0vxmJA04=
Subject key identifier: 99:8E:8B:B1:00:80:D7:73:DC:2A:36:01:89:B0:85:87:D3:BB:8D:DB
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 0186499C09303044636168F06EE80B440A21
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/mY6LsQCA13PcKjYBibCFh9O7jds.roa
Signing time: Mon 13 Feb 2023 07:10:08 +0000
ROA not before: Mon 13 Feb 2023 07:10:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209260
IP address blocks: 91.200.223.0/24 maxlen: 24
109.122.43.0/24 maxlen: 24
109.122.44.0/24 maxlen: 24
91.226.57.0/24 maxlen: 24
91.226.59.0/24 maxlen: 24
193.93.52.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 15 Feb 2023 05:53:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:49:9c:09:30:30:44:63:61:68:f0:6e:e8:0b:44:0a:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Feb 13 07:10:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=998e8bb10080d773dc2a360189b08587d3bb8ddb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:a3:24:de:64:79:13:dc:91:50:5c:0e:76:db:
ce:00:f9:1f:ff:de:cd:f2:a5:2d:23:b5:3f:70:39:
d4:95:e1:41:f2:9d:d0:0b:57:c5:20:03:3a:06:eb:
76:27:5f:75:60:62:e2:24:40:84:dd:35:80:e7:db:
99:11:88:d1:2f:0d:5b:51:3f:db:14:e4:76:9c:20:
5b:a1:7a:54:77:23:dd:7d:4c:56:83:ef:43:d8:72:
32:6f:ea:24:69:1c:c6:bc:df:15:59:f0:92:d8:7b:
7f:87:b4:6f:82:c4:b8:0d:50:31:9d:30:5b:5b:ea:
cd:c2:b3:a2:cc:2d:77:5b:33:e2:54:47:17:70:7f:
aa:4c:e2:1b:20:29:b3:40:58:7e:22:8b:bb:a3:04:
ec:f6:60:17:07:49:b9:0b:b8:f0:ed:ce:f4:6c:d9:
7c:0c:3c:2c:69:db:87:6d:76:82:82:06:fb:f7:f3:
5a:e1:2b:e7:05:66:f0:fb:ea:c9:8d:d3:e0:0b:df:
a1:2b:a2:9a:e6:06:31:a2:23:9a:b3:79:21:3d:1c:
42:e6:b4:77:06:9a:e6:16:21:06:ec:82:97:61:69:
4b:0b:d0:37:65:06:08:9f:1f:76:5f:49:25:1b:97:
fc:f5:9a:9f:d3:52:3b:b4:16:7f:77:d0:62:dd:9e:
22:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:8E:8B:B1:00:80:D7:73:DC:2A:36:01:89:B0:85:87:D3:BB:8D:DB
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/mY6LsQCA13PcKjYBibCFh9O7jds.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.200.223.0/24
91.226.57.0/24
91.226.59.0/24
109.122.43.0-109.122.44.255
193.93.52.0/24
Signature Algorithm: sha256WithRSAEncryption
75:a8:af:d3:96:3b:af:63:1b:9d:07:f1:21:3d:8c:dc:7e:75:
26:5f:f3:3a:88:f8:60:17:3f:01:d8:5d:9b:98:f7:97:7b:b5:
a5:6f:83:65:68:33:ad:9a:3c:43:23:6b:dd:17:2a:bb:e1:f5:
8f:87:99:b3:f8:cd:bf:86:d3:f4:51:1d:98:7a:04:60:88:ef:
0c:d9:bd:13:22:3b:02:05:28:d6:36:71:f3:70:33:9d:74:bd:
17:ec:65:e4:35:cd:04:5f:d4:b6:7a:e1:c8:c7:21:f3:c1:3c:
35:df:8f:d0:03:33:49:de:7b:49:8d:ae:46:d9:6b:9c:ab:65:
ef:2c:99:44:8d:1f:05:32:8d:13:5f:95:ca:83:37:18:25:15:
25:82:ca:97:f5:c2:40:be:c5:0e:15:7f:04:9b:b9:a7:c6:cd:
22:b6:14:c8:1e:9e:fc:d6:43:2e:47:55:7d:6e:d6:6c:f1:66:
59:3d:60:74:d2:65:76:e8:ac:fb:b4:2f:a1:3e:87:39:74:0d:
ba:e5:06:eb:10:40:b4:0e:bd:e8:fd:9a:48:2c:82:0e:2a:65:
8d:c1:83:69:82:43:dc:ae:0e:7c:aa:ee:68:d0:5c:f4:2f:b8:
53:3f:cf:95:55:26:b9:b2:c2:b5:58:e2:68:7e:b5:d4:c5:63:
d3:c2:00:6e
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYZJnAkwMERjYWjwbugLRAohMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjMwMjEzMDcxMDA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OThlOGJiMTAwODBkNzczZGMyYTM2MDE4OWIwODU4N2QzYmI4ZGRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlaMk3mR5E9yRUFwOdtvOAPkf/97N
8qUtI7U/cDnUleFB8p3QC1fFIAM6But2J191YGLiJECE3TWA59uZEYjRLw1bUT/b
FOR2nCBboXpUdyPdfUxWg+9D2HIyb+okaRzGvN8VWfCS2Ht/h7RvgsS4DVAxnTBb
W+rNwrOizC13WzPiVEcXcH+qTOIbICmzQFh+Iou7owTs9mAXB0m5C7jw7c70bNl8
DDwsaduHbXaCggb79/Na4SvnBWbw++rJjdPgC9+hK6Ka5gYxoiOas3khPRxC5rR3
BprmFiEG7IKXYWlLC9A3ZQYInx92X0klG5f89Zqf01I7tBZ/d9Bi3Z4ihwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFJmOi7EAgNdz3Co2AYmwhYfTu43bMB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvbVk2THNRQ0ExM1BjS2pZQmliQ0ZoOU83amRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQAW8jfAwQA
W+I5AwQAW+I7MAwDBABteisDBABteiwDBADBXTQwDQYJKoZIhvcNAQELBQADggEB
AHWor9OWO69jG50H8SE9jNx+dSZf8zqI+GAXPwHYXZuY95d7taVvg2VoM62aPEMj
a90XKrvh9Y+HmbP4zb+G0/RRHZh6BGCI7wzZvRMiOwIFKNY2cfNwM510vRfsZeQ1
zQRf1LZ64cjHIfPBPDXfj9ADM0nee0mNrkbZa5yrZe8smUSNHwUyjRNflcqDNxgl
FSWCypf1wkC+xQ4VfwSbuafGzSK2FMgenvzWQy5HVX1u1mzxZlk9YHTSZXborPu0
L6E+hzl0DbrlBusQQLQOvej9mkgsgg4qZY3Bg2mCQ9yuDnyq7mjQXPQvuFM/z5VV
JrmywrVY4mh+tdTFY9PCAG4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:37 2024 by rpki-client on console-fra.rpki-client.org