Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/oJyiBKq8bvQBQCmsWr9gdLm3x0Y.roa
File: oJyiBKq8bvQBQCmsWr9gdLm3x0Y.roa (raw, json)
Hash identifier: vvWzNqHuGFSBI2AirDGqyvt8/kecFlA5GN3KhIO8Ong=
Subject key identifier: A0:9C:A2:04:AA:BC:6E:F4:01:40:29:AC:5A:BF:60:74:B9:B7:C7:46
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 01926C0FDD965772979899CEC016775D77F8
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/oJyiBKq8bvQBQCmsWr9gdLm3x0Y.roa
Signing time: Tue 08 Oct 2024 12:17:12 +0000
ROA not before: Tue 08 Oct 2024 12:17:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 91.200.221.0/24 maxlen: 24
109.122.41.0/24 maxlen: 24
109.122.45.0/24 maxlen: 24
109.122.46.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 11 Oct 2024 11:23:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:6c:0f:dd:96:57:72:97:98:99:ce:c0:16:77:5d:77:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Oct 8 12:17:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a09ca204aabc6ef4014029ac5abf6074b9b7c746
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:41:aa:f0:7f:bc:a3:56:af:86:66:bd:dc:c2:
63:97:0e:e2:5a:d8:04:ea:76:56:6e:d7:01:2c:b8:
c6:c5:0f:34:4e:ea:10:81:da:b9:aa:60:92:d7:68:
6f:1c:aa:e6:c4:35:6c:92:c0:80:6f:fb:83:79:cb:
a5:26:d8:4d:fa:49:b2:04:67:0a:13:91:02:82:a6:
10:3d:03:c9:c0:1a:f5:c7:40:a9:3c:50:9b:6a:f1:
0d:7d:38:37:18:14:f1:88:63:40:aa:b4:ca:eb:30:
c8:16:de:0b:75:5a:14:73:da:d3:9c:db:c8:9a:c1:
7e:c4:00:ff:65:2d:c5:6a:cc:6b:26:e1:45:19:57:
20:a2:b0:2b:e8:e3:18:c6:f2:8d:51:06:61:4a:08:
08:96:17:17:4e:01:cc:80:c0:f9:15:9d:98:c5:64:
89:88:39:65:04:a3:67:8e:06:d5:e4:05:e9:3e:6f:
cf:22:3d:02:fc:46:07:82:1a:38:e2:07:af:dd:22:
14:b3:68:f0:c3:29:96:8f:cf:31:96:9b:0b:ca:d3:
b5:57:18:47:a2:2b:4f:b0:a1:7e:a3:25:84:40:87:
41:28:18:b6:f5:ca:a4:1a:67:e7:fc:e1:fc:74:42:
a3:b3:f8:9b:23:9b:54:16:ca:06:d4:33:8c:ee:54:
71:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:9C:A2:04:AA:BC:6E:F4:01:40:29:AC:5A:BF:60:74:B9:B7:C7:46
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/oJyiBKq8bvQBQCmsWr9gdLm3x0Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.200.221.0/24
109.122.41.0/24
109.122.45.0-109.122.46.255
Signature Algorithm: sha256WithRSAEncryption
91:95:74:5f:bc:9b:09:c6:79:4a:59:e2:91:39:ae:fe:c0:9a:
10:4b:61:03:a6:0f:9b:e0:37:8e:27:26:48:5d:6a:72:5b:ec:
a4:23:a4:32:67:56:02:c3:3a:d4:e2:5e:89:9f:cd:d1:fb:b3:
0d:12:d9:13:ce:66:95:f5:f0:73:35:69:65:d2:48:e5:25:77:
b0:1d:9a:ca:1e:2b:cd:d1:4b:c5:6c:75:66:68:c2:97:7e:22:
73:74:67:18:d3:0a:f0:37:2c:d1:ab:ff:61:7c:d8:97:be:77:
99:9e:5e:f0:81:10:94:31:ba:45:1e:34:b7:19:cf:91:4f:8f:
4b:a5:2e:5d:33:11:28:2f:3c:f6:44:37:fc:34:12:0b:b2:85:
78:1e:d8:8e:71:19:57:ee:5e:cf:03:a2:0e:8e:50:ec:ce:fa:
9f:18:82:48:a5:e2:73:47:53:2a:d8:df:87:95:7b:5a:e9:16:
fe:70:0b:cf:4d:fb:0b:82:32:84:b4:61:a7:f6:74:3d:9d:13:
d1:cb:a5:20:3b:90:e7:dc:00:56:13:65:01:dc:03:b6:63:ee:
35:f8:36:88:b4:f2:f6:f4:43:e9:8a:dd:88:b0:89:b5:2c:55:
3e:44:b9:64:23:2c:47:44:97:3f:27:03:29:80:63:7f:ab:2b:
ac:97:bc:d6
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZJsD92WV3KXmJnOwBZ3XXf4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjQxMDA4MTIxNzEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDljYTIwNGFhYmM2ZWY0MDE0MDI5YWM1YWJmNjA3NGI5YjdjNzQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1UGq8H+8o1avhma93MJjlw7iWtgE
6nZWbtcBLLjGxQ80TuoQgdq5qmCS12hvHKrmxDVsksCAb/uDeculJthN+kmyBGcK
E5ECgqYQPQPJwBr1x0CpPFCbavENfTg3GBTxiGNAqrTK6zDIFt4LdVoUc9rTnNvI
msF+xAD/ZS3FasxrJuFFGVcgorAr6OMYxvKNUQZhSggIlhcXTgHMgMD5FZ2YxWSJ
iDllBKNnjgbV5AXpPm/PIj0C/EYHgho44gev3SIUs2jwwymWj88xlpsLytO1VxhH
oitPsKF+oyWEQIdBKBi29cqkGmfn/OH8dEKjs/ibI5tUFsoG1DOM7lRxfwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFKCcogSqvG70AUAprFq/YHS5t8dGMB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvb0p5aUJLcThidlFCUUNtc1dyOWdkTG0zeDBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAW8jdAwQA
bXopMAwDBABtei0DBABtei4wDQYJKoZIhvcNAQELBQADggEBAJGVdF+8mwnGeUpZ
4pE5rv7AmhBLYQOmD5vgN44nJkhdanJb7KQjpDJnVgLDOtTiXomfzdH7sw0S2RPO
ZpX18HM1aWXSSOUld7AdmsoeK83RS8VsdWZowpd+InN0ZxjTCvA3LNGr/2F82Je+
d5meXvCBEJQxukUeNLcZz5FPj0ulLl0zESgvPPZEN/w0EguyhXge2I5xGVfuXs8D
og6OUOzO+p8Ygkil4nNHUyrY34eVe1rpFv5wC89N+wuCMoS0Yaf2dD2dE9HLpSA7
kOfcAFYTZQHcA7Zj7jX4Noi08vb0Q+mK3YiwibUsVT5EuWQjLEdElz8nAymAY3+r
K6yXvNY=
-----END CERTIFICATE-----
Generated at Fri Oct 11 17:42:55 2024 by rpki-client on console-ams.rpki-client.org