Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/oeP-FUteZCZokI0A56IhjhId7_Y.roa
File: oeP-FUteZCZokI0A56IhjhId7_Y.roa (raw, json)
Hash identifier: T5zOXxKrTe1HPEUXsHSn7AXXKoef/jq34kShglsBKrs=
Subject key identifier: A1:E3:FE:15:4B:5E:64:26:68:90:8D:00:E7:A2:21:8E:12:1D:EF:F6
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 01860458B64A870EA0E5B3118E9ACE486FD8
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/oeP-FUteZCZokI0A56IhjhId7_Y.roa
Signing time: Mon 30 Jan 2023 20:22:47 +0000
ROA not before: Mon 30 Jan 2023 20:22:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 91.200.222.0/24 maxlen: 24
109.122.41.0/24 maxlen: 24
109.122.40.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 12 Feb 2023 08:36:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:04:58:b6:4a:87:0e:a0:e5:b3:11:8e:9a:ce:48:6f:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Jan 30 20:22:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a1e3fe154b5e642668908d00e7a2218e121deff6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:dd:ad:94:ed:f0:d1:0d:e4:0d:e7:03:4d:43:
9a:f7:80:91:14:40:ff:9d:11:e2:3f:fd:ed:c5:87:
69:8f:77:3b:04:47:19:f6:15:c4:a7:41:b8:7a:ba:
36:fc:cb:e5:4e:8e:d3:3d:6f:18:eb:c5:66:fd:c7:
60:9f:a0:2e:e2:7b:24:aa:29:8d:16:2f:8e:7c:07:
76:d6:76:cf:d6:59:86:5d:83:f3:aa:69:40:bf:3d:
a7:7c:6c:a4:e2:8c:f2:37:c6:25:db:fc:1f:75:6e:
f9:a4:8c:70:66:0c:40:cf:10:a7:3f:aa:e6:b0:85:
60:14:85:fc:6a:df:a9:bb:de:7f:a4:4f:e5:df:37:
66:93:fd:df:4a:89:ee:89:d2:89:22:a1:0e:74:0b:
c5:6a:38:a8:29:3d:3c:41:e7:4b:0b:81:37:ea:95:
2e:de:93:df:97:2f:e3:2c:ec:33:4e:26:3c:34:b3:
46:25:a6:80:d0:35:07:fd:2e:ce:43:57:e5:cb:36:
69:72:a3:a5:c7:59:c8:7e:79:d0:57:81:eb:3d:7f:
59:57:ca:36:08:f5:10:df:e0:52:41:f6:15:29:8c:
10:b2:68:ee:d4:46:c5:d4:51:01:79:77:c3:a0:03:
ca:e1:5d:8c:53:06:3a:30:25:2c:1b:4a:92:a0:a5:
a1:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:E3:FE:15:4B:5E:64:26:68:90:8D:00:E7:A2:21:8E:12:1D:EF:F6
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/oeP-FUteZCZokI0A56IhjhId7_Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.200.222.0/24
109.122.40.0/23
Signature Algorithm: sha256WithRSAEncryption
90:d1:1c:8b:5a:8f:84:e7:12:aa:59:e8:08:74:0b:80:8b:b5:
c7:c3:ce:6e:57:3a:1c:14:36:26:75:e7:91:f5:ba:97:b8:36:
8c:e0:92:11:d8:fd:b0:99:92:28:d6:69:ea:1f:01:0a:99:65:
19:8c:5f:a9:03:43:23:f5:be:80:66:9e:31:1e:05:9e:7e:94:
cb:86:8c:28:6f:53:c1:39:b9:69:18:6e:92:17:c9:c6:07:72:
7b:7b:75:a4:ba:cf:04:92:6b:9e:fd:01:0a:68:58:04:f4:94:
77:8c:49:a0:b8:6b:77:f4:5a:9b:70:e3:e5:00:bc:77:57:6b:
a7:3c:62:d2:15:31:7b:60:40:4c:60:01:16:f1:41:82:7a:1e:
4c:15:93:a5:e0:42:6c:22:16:ff:7d:c9:bd:11:de:7b:9f:a9:
4e:34:25:e3:63:ab:51:97:ea:48:f0:76:a9:61:ec:21:45:83:
7b:5b:73:11:b5:40:b5:4a:d4:c1:17:93:70:05:fb:55:30:38:
f3:46:19:c1:41:1b:9e:7c:77:66:d4:8a:b5:9d:d4:12:7e:2e:
50:47:88:57:6a:b6:6f:77:c2:12:01:71:72:34:33:0f:92:6f:
bc:61:04:53:de:55:23:cd:a9:f7:ee:7a:d5:0b:78:27:62:eb:
21:b5:e3:61
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYYEWLZKhw6g5bMRjprOSG/YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjMwMTMwMjAyMjQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMWUzZmUxNTRiNWU2NDI2Njg5MDhkMDBlN2EyMjE4ZTEyMWRlZmY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw92tlO3w0Q3kDecDTUOa94CRFED/
nRHiP/3txYdpj3c7BEcZ9hXEp0G4ero2/MvlTo7TPW8Y68Vm/cdgn6Au4nskqimN
Fi+OfAd21nbP1lmGXYPzqmlAvz2nfGyk4ozyN8Yl2/wfdW75pIxwZgxAzxCnP6rm
sIVgFIX8at+pu95/pE/l3zdmk/3fSonuidKJIqEOdAvFajioKT08QedLC4E36pUu
3pPfly/jLOwzTiY8NLNGJaaA0DUH/S7OQ1flyzZpcqOlx1nIfnnQV4HrPX9ZV8o2
CPUQ3+BSQfYVKYwQsmju1EbF1FEBeXfDoAPK4V2MUwY6MCUsG0qSoKWh6QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKHj/hVLXmQmaJCNAOeiIY4SHe/2MB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvb2VQLUZVdGVaQ1pva0kwQTU2SWhqaElkN19ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW8jeAwQB
bXooMA0GCSqGSIb3DQEBCwUAA4IBAQCQ0RyLWo+E5xKqWegIdAuAi7XHw85uVzoc
FDYmdeeR9bqXuDaM4JIR2P2wmZIo1mnqHwEKmWUZjF+pA0Mj9b6AZp4xHgWefpTL
howob1PBOblpGG6SF8nGB3J7e3Wkus8Ekmue/QEKaFgE9JR3jEmguGt39FqbcOPl
ALx3V2unPGLSFTF7YEBMYAEW8UGCeh5MFZOl4EJsIhb/fcm9Ed57n6lONCXjY6tR
l+pI8HapYewhRYN7W3MRtUC1StTBF5NwBftVMDjzRhnBQRuefHdm1Iq1ndQSfi5Q
R4hXarZvd8ISAXFyNDMPkm+8YQRT3lUjzan37nrVC3gnYushteNh
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:07 2024 by rpki-client on console-ams.rpki-client.org