Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/oCABBHBaUgacdZ-mWRD0S07e6Bg.roa
File: oCABBHBaUgacdZ-mWRD0S07e6Bg.roa (raw, json)
Hash identifier: B81dWBGy2lsjO0kC80lVsiKzXUANKL5hD53HM82+qHY=
Subject key identifier: A0:20:01:04:70:5A:52:06:9C:75:9F:A6:59:10:F4:4B:4E:DE:E8:18
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 01892CE8D8C06E54005E91A8C06B87FF33B4
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/oCABBHBaUgacdZ-mWRD0S07e6Bg.roa
Signing time: Thu 06 Jul 2023 20:33:24 +0000
ROA not before: Thu 06 Jul 2023 20:33:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 91.200.222.0/24 maxlen: 24
109.122.46.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 08 Jul 2023 14:05:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:2c:e8:d8:c0:6e:54:00:5e:91:a8:c0:6b:87:ff:33:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Jul 6 20:33:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a0200104705a52069c759fa65910f44b4edee818
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:05:e8:dc:31:1d:4f:a7:39:3c:b3:0e:88:33:
8e:89:ac:1e:df:7d:41:40:e2:b8:cb:ab:de:61:36:
17:0f:01:3b:21:44:d1:79:ac:0f:48:94:62:1b:6e:
82:8b:55:4f:58:73:a7:18:22:ca:b5:d8:c0:5b:37:
45:c0:65:e5:28:c3:c9:9e:3b:bc:b7:0d:6a:78:81:
95:9a:14:d2:91:45:e7:fe:61:cc:7d:d7:87:69:a0:
50:09:26:35:05:96:a1:ec:f2:04:b5:50:79:3b:23:
34:4c:e3:03:f6:83:14:e0:77:18:c3:60:93:6f:74:
94:78:91:5e:1b:71:2d:26:80:e0:7a:14:5b:7c:cf:
b7:e0:e0:79:30:43:bf:ba:57:eb:b4:81:0b:f1:0b:
86:9d:42:6f:f6:da:e3:71:76:28:2d:98:d4:f8:ab:
87:bc:72:2e:17:dc:ec:66:b2:40:3c:3a:9c:d3:10:
f5:82:6c:fd:76:f7:fa:7c:6a:03:b1:89:e9:5b:19:
74:14:13:5f:de:7e:9b:ea:03:33:1d:38:5c:24:56:
c1:06:eb:2b:03:68:0e:01:78:ca:e2:3b:13:da:53:
25:0e:b7:30:1a:cd:32:3c:96:f5:90:bd:99:b3:a2:
e6:55:1c:ec:65:a7:2b:2a:6c:e3:c0:dc:8d:d8:57:
89:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:20:01:04:70:5A:52:06:9C:75:9F:A6:59:10:F4:4B:4E:DE:E8:18
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/oCABBHBaUgacdZ-mWRD0S07e6Bg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.200.222.0/24
109.122.46.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:eb:52:7e:c2:ff:63:66:48:99:8a:f2:28:4f:b4:49:8e:37:
a5:20:99:3d:df:9e:e9:8b:8d:c1:79:ad:0c:25:64:d4:93:63:
19:ad:12:71:ca:4d:04:b8:da:47:19:e2:0f:c8:98:0c:e6:8b:
c8:a1:68:9b:ad:70:cd:71:d1:98:8b:be:ca:b8:02:8b:d5:a6:
d8:56:6a:36:40:4a:35:0a:21:ed:4b:7f:f3:a4:3c:fd:1d:1e:
eb:bf:5a:e4:68:c3:0d:ba:37:13:e3:67:12:8c:f9:8a:eb:b6:
13:91:4a:92:80:cf:75:0b:4b:08:b4:e7:f4:c1:71:c2:5e:b9:
81:af:bb:31:ab:b5:06:15:8e:53:7c:4b:ac:b9:f1:b6:28:3d:
f9:f1:71:e9:7d:c5:0a:37:e7:46:c2:cc:c1:6d:08:27:2a:bf:
7a:34:96:56:db:0a:e3:1c:f9:a2:b3:8c:39:32:8d:51:ea:33:
9c:9e:f6:99:28:d9:db:b6:86:2c:29:85:e1:02:c1:da:c1:04:
37:6e:22:49:1a:c5:10:c1:d3:61:8a:17:ea:53:e5:c3:86:0e:
a8:ca:ed:4b:c8:aa:7c:dd:8b:8c:de:3d:c2:4e:31:50:55:38:
6c:7f:b5:ed:4b:28:d4:13:4b:b5:68:37:62:b5:b0:ee:3b:ab:
9e:fc:f1:3d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYks6NjAblQAXpGowGuH/zO0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjMwNzA2MjAzMzI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDIwMDEwNDcwNWE1MjA2OWM3NTlmYTY1OTEwZjQ0YjRlZGVlODE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAngXo3DEdT6c5PLMOiDOOiawe331B
QOK4y6veYTYXDwE7IUTReawPSJRiG26Ci1VPWHOnGCLKtdjAWzdFwGXlKMPJnju8
tw1qeIGVmhTSkUXn/mHMfdeHaaBQCSY1BZah7PIEtVB5OyM0TOMD9oMU4HcYw2CT
b3SUeJFeG3EtJoDgehRbfM+34OB5MEO/ulfrtIEL8QuGnUJv9trjcXYoLZjU+KuH
vHIuF9zsZrJAPDqc0xD1gmz9dvf6fGoDsYnpWxl0FBNf3n6b6gMzHThcJFbBBusr
A2gOAXjK4jsT2lMlDrcwGs0yPJb1kL2Zs6LmVRzsZacrKmzjwNyN2FeJYwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKAgAQRwWlIGnHWfplkQ9EtO3ugYMB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvb0NBQkJIQmFVZ2FjZFotbVdSRDBTMDdlNkJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW8jeAwQA
bXouMA0GCSqGSIb3DQEBCwUAA4IBAQAa61J+wv9jZkiZivIoT7RJjjelIJk9357p
i43Bea0MJWTUk2MZrRJxyk0EuNpHGeIPyJgM5ovIoWibrXDNcdGYi77KuAKL1abY
Vmo2QEo1CiHtS3/zpDz9HR7rv1rkaMMNujcT42cSjPmK67YTkUqSgM91C0sItOf0
wXHCXrmBr7sxq7UGFY5TfEusufG2KD358XHpfcUKN+dGwszBbQgnKr96NJZW2wrj
HPmis4w5Mo1R6jOcnvaZKNnbtoYsKYXhAsHawQQ3biJJGsUQwdNhihfqU+XDhg6o
yu1LyKp83YuM3j3CTjFQVThsf7XtSyjUE0u1aDditbDuO6ue/PE9
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:07 2024 by rpki-client on console-ams.rpki-client.org