Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/qnYAlSXp3iy5ZtRb3mSkMHnxIQw.roa
File: qnYAlSXp3iy5ZtRb3mSkMHnxIQw.roa (raw, json)
Hash identifier: 1IShe3+Xv4/bmDS0zGuYkhkXoqDZ48yYg4Pq5lIRoRs=
Subject key identifier: AA:76:00:95:25:E9:DE:2C:B9:66:D4:5B:DE:64:A4:30:79:F1:21:0C
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 018E79333E372860807CA0BF05DF75FE0974
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/qnYAlSXp3iy5ZtRb3mSkMHnxIQw.roa
Signing time: Tue 26 Mar 2024 05:19:45 +0000
ROA not before: Tue 26 Mar 2024 05:19:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 91.200.223.0/24 maxlen: 24
109.122.46.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 27 Mar 2024 09:05:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:79:33:3e:37:28:60:80:7c:a0:bf:05:df:75:fe:09:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Mar 26 05:19:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=aa76009525e9de2cb966d45bde64a43079f1210c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:d4:fb:0c:51:6d:04:48:83:35:5d:a8:d8:25:
99:a9:3c:d6:d1:2c:ad:eb:8b:bc:c2:74:b1:28:66:
cc:e0:3d:df:4f:dd:91:70:f0:89:4f:ca:cd:27:b5:
56:c6:4b:f8:ad:84:03:4e:45:22:36:01:b4:29:5e:
38:f4:bc:c1:fd:93:af:4f:4d:e2:52:32:25:65:f6:
3b:c7:20:ae:6f:a5:3e:fe:85:29:94:bd:f2:d5:c2:
8d:54:9a:e2:2d:84:d8:c2:f5:b0:e0:b3:41:ef:07:
8d:7c:0c:b5:d1:79:96:fb:bf:f9:77:9e:cd:5b:8e:
a2:5d:45:9b:76:90:80:80:5d:bf:71:d0:e2:d8:56:
91:07:b2:ca:6b:1e:4f:11:8e:71:3d:cc:d9:71:f1:
56:97:8f:43:7c:9d:ca:01:9b:14:db:f5:48:6c:33:
c1:fb:dd:8a:0a:d0:d9:e0:a5:98:55:41:93:2d:21:
d6:7e:af:ae:8b:3f:f6:f7:5d:96:1e:c4:33:a0:e3:
6d:28:83:4f:27:24:9f:27:87:b4:ad:b0:04:58:46:
d2:c2:cc:8c:92:1b:fa:bf:88:ab:b5:b9:b9:e6:99:
1e:74:74:6e:5e:31:d0:82:dc:50:03:2e:98:38:bb:
b3:71:4f:1f:51:46:c5:fe:ba:23:91:3b:28:18:44:
67:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:76:00:95:25:E9:DE:2C:B9:66:D4:5B:DE:64:A4:30:79:F1:21:0C
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/qnYAlSXp3iy5ZtRb3mSkMHnxIQw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.200.223.0/24
109.122.46.0/24
Signature Algorithm: sha256WithRSAEncryption
71:ff:52:4d:28:42:39:72:5f:18:f1:d0:6f:82:aa:ea:e5:69:
29:8e:e9:2e:90:d3:29:9a:a4:eb:bb:14:70:2e:6e:57:8d:d5:
2b:7a:8f:af:9e:3d:9e:27:13:0e:be:18:15:5b:c8:95:a0:e4:
da:2d:4b:2f:23:24:e7:8a:cb:7d:78:2d:5a:fb:d0:15:88:85:
5a:fc:e1:76:3c:2d:8c:3a:6e:30:2a:4c:2a:14:73:57:66:fd:
a5:4d:5b:62:75:ac:ba:7b:72:88:f1:98:44:2c:ce:3d:8f:d8:
75:03:8a:8a:51:ad:54:f3:25:22:68:8b:63:df:ba:49:2c:81:
18:42:5f:69:76:9d:83:5e:df:07:f4:6e:65:6e:e8:44:67:0f:
85:0f:4c:c1:ef:60:f2:16:12:4d:1f:98:b6:57:40:7d:af:3f:
92:3a:69:4a:52:7f:57:09:c5:33:56:61:ae:7b:ef:5c:4f:92:
7d:a3:ef:07:4d:02:f9:d9:35:52:44:54:b2:cd:96:46:99:26:
81:e6:56:ce:b2:8c:9c:4e:fc:2b:99:d6:f1:35:2f:c5:5a:b6:
e8:6d:6b:3a:2f:f7:fe:ca:be:b1:72:9c:95:2c:a0:00:ac:0d:
c0:5f:d6:6e:ad:00:bf:9e:1d:b5:aa:d6:69:4b:44:9e:47:3c:
81:b0:69:62
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY55Mz43KGCAfKC/Bd91/gl0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjQwMzI2MDUxOTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTc2MDA5NTI1ZTlkZTJjYjk2NmQ0NWJkZTY0YTQzMDc5ZjEyMTBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlNT7DFFtBEiDNV2o2CWZqTzW0Syt
64u8wnSxKGbM4D3fT92RcPCJT8rNJ7VWxkv4rYQDTkUiNgG0KV449LzB/ZOvT03i
UjIlZfY7xyCub6U+/oUplL3y1cKNVJriLYTYwvWw4LNB7weNfAy10XmW+7/5d57N
W46iXUWbdpCAgF2/cdDi2FaRB7LKax5PEY5xPczZcfFWl49DfJ3KAZsU2/VIbDPB
+92KCtDZ4KWYVUGTLSHWfq+uiz/2912WHsQzoONtKINPJySfJ4e0rbAEWEbSwsyM
khv6v4irtbm55pkedHRuXjHQgtxQAy6YOLuzcU8fUUbF/rojkTsoGERn/QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKp2AJUl6d4suWbUW95kpDB58SEMMB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvcW5ZQWxTWHAzaXk1WnRSYjNtU2tNSG54SVF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW8jfAwQA
bXouMA0GCSqGSIb3DQEBCwUAA4IBAQBx/1JNKEI5cl8Y8dBvgqrq5WkpjukukNMp
mqTruxRwLm5XjdUreo+vnj2eJxMOvhgVW8iVoOTaLUsvIyTnist9eC1a+9AViIVa
/OF2PC2MOm4wKkwqFHNXZv2lTVtiday6e3KI8ZhELM49j9h1A4qKUa1U8yUiaItj
37pJLIEYQl9pdp2DXt8H9G5lbuhEZw+FD0zB72DyFhJNH5i2V0B9rz+SOmlKUn9X
CcUzVmGue+9cT5J9o+8HTQL52TVSRFSyzZZGmSaB5lbOsoycTvwrmdbxNS/FWrbo
bWs6L/f+yr6xcpyVLKAArA3AX9ZurQC/nh21qtZpS0SeRzyBsGli
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:37 2024 by rpki-client on console-fra.rpki-client.org