Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/r9FV0rA5jb_ACrKivcgsmpWk0Bk.roa
File: r9FV0rA5jb_ACrKivcgsmpWk0Bk.roa (raw, json)
Hash identifier: +ER1Y1MktPyarmjNKYLecjbB/VSdBP+8zkMANg6MhBg=
Subject key identifier: AF:D1:55:D2:B0:39:8D:BF:C0:0A:B2:A2:BD:C8:2C:9A:95:A4:D0:19
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 018FD2BC4FCD2CAE415C8DA6DCF68270EF7C
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/r9FV0rA5jb_ACrKivcgsmpWk0Bk.roa
Signing time: Sat 01 Jun 2024 07:38:27 +0000
ROA not before: Sat 01 Jun 2024 07:38:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 91.200.223.0/24 maxlen: 24
91.226.56.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 06 Jun 2024 12:10:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:d2:bc:4f:cd:2c:ae:41:5c:8d:a6:dc:f6:82:70:ef:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Jun 1 07:38:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=afd155d2b0398dbfc00ab2a2bdc82c9a95a4d019
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:c6:97:aa:32:b9:13:e5:32:47:fd:12:5a:36:
6b:69:0e:b9:75:8a:26:24:45:05:6c:54:be:c1:48:
dc:53:ef:e3:16:cf:4a:17:f8:1e:88:db:71:86:02:
64:2f:bf:6d:0c:3a:bf:69:a9:58:d6:81:51:f0:56:
58:c3:38:72:69:34:b2:dd:13:1e:df:fc:a8:93:6b:
27:ff:5a:1a:e6:aa:1d:8f:f3:dc:42:e3:3f:4c:ee:
f4:be:ed:93:1a:35:8f:2d:64:82:b5:6e:26:eb:cc:
e8:73:b2:88:42:a0:89:2b:fa:dd:71:8c:22:a1:ea:
be:a5:16:10:f0:67:11:93:bb:f4:50:9e:ab:6d:db:
9a:02:11:ed:a5:40:21:97:5c:08:7e:57:f7:6f:c7:
29:d6:e7:ab:9b:ab:79:f7:cb:27:09:30:5f:a0:d6:
c3:66:a0:96:08:e6:51:fc:6b:de:de:ca:eb:0d:30:
41:9d:9c:93:a2:3b:d8:46:8d:c4:98:d8:fa:f6:92:
79:5e:69:cc:5f:7c:ed:4b:3f:2a:2f:0a:e4:ef:0d:
42:2f:2c:c8:f6:ae:29:61:ca:e5:c2:76:a9:d1:a4:
47:c2:ae:a8:7c:00:0e:e3:98:00:0e:9f:a0:e1:80:
f5:83:5a:26:d3:f1:be:16:8f:56:96:f6:94:0b:de:
7c:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:D1:55:D2:B0:39:8D:BF:C0:0A:B2:A2:BD:C8:2C:9A:95:A4:D0:19
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/r9FV0rA5jb_ACrKivcgsmpWk0Bk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.200.223.0/24
91.226.56.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:72:35:b3:37:1a:c5:6a:d5:7e:4f:86:bf:7b:03:06:e3:aa:
91:8d:77:ff:6e:46:10:4d:2a:6a:78:c8:1d:ba:4c:e1:51:e7:
8f:be:3c:5e:41:be:20:ea:64:67:20:a6:52:c5:c7:f2:fe:d1:
11:ef:3e:d4:af:8b:c9:3c:77:65:b0:47:cf:a2:86:1d:67:f8:
e2:c4:36:61:a3:72:d3:82:45:db:db:e8:80:1e:f1:2e:b4:b0:
3e:15:0b:19:81:a9:07:64:d6:02:49:97:8e:c1:ed:19:69:46:
c9:b2:96:6d:35:ae:8a:62:fc:cb:e9:1b:9f:c1:1b:72:bd:29:
f3:97:14:64:99:ad:bd:3a:a3:fd:c2:51:ac:9e:84:21:69:3b:
21:67:a5:f4:68:d3:35:87:4c:5d:e6:4a:9a:f1:3c:9a:26:88:
42:6a:dd:eb:e7:12:0d:59:bf:97:60:6f:a4:01:3d:1b:56:74:
8c:2f:1c:cb:63:2e:c8:19:71:5a:bc:d6:89:f7:51:ff:ec:6a:
e2:f9:a4:31:1e:dc:4a:f1:cc:e9:d6:a7:57:a2:f6:90:11:c9:
75:7f:35:b0:d7:97:2f:2b:4f:a2:bf:7b:a1:3f:bb:e5:3c:71:
21:d8:1b:45:fc:b1:aa:3c:fe:24:69:8f:3f:a8:2d:3b:e8:9b:
1c:3e:85:4f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY/SvE/NLK5BXI2m3PaCcO98MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjQwNjAxMDczODI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZmQxNTVkMmIwMzk4ZGJmYzAwYWIyYTJiZGM4MmM5YTk1YTRkMDE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAysaXqjK5E+UyR/0SWjZraQ65dYom
JEUFbFS+wUjcU+/jFs9KF/geiNtxhgJkL79tDDq/aalY1oFR8FZYwzhyaTSy3RMe
3/yok2sn/1oa5qodj/PcQuM/TO70vu2TGjWPLWSCtW4m68zoc7KIQqCJK/rdcYwi
oeq+pRYQ8GcRk7v0UJ6rbduaAhHtpUAhl1wIflf3b8cp1uerm6t598snCTBfoNbD
ZqCWCOZR/Gve3srrDTBBnZyTojvYRo3EmNj69pJ5XmnMX3ztSz8qLwrk7w1CLyzI
9q4pYcrlwnap0aRHwq6ofAAO45gADp+g4YD1g1om0/G+Fo9WlvaUC9582QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFK/RVdKwOY2/wAqyor3ILJqVpNAZMB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvcjlGVjByQTVqYl9BQ3JLaXZjZ3NtcFdrMEJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW8jfAwQA
W+I4MA0GCSqGSIb3DQEBCwUAA4IBAQBrcjWzNxrFatV+T4a/ewMG46qRjXf/bkYQ
TSpqeMgdukzhUeePvjxeQb4g6mRnIKZSxcfy/tER7z7Ur4vJPHdlsEfPooYdZ/ji
xDZho3LTgkXb2+iAHvEutLA+FQsZgakHZNYCSZeOwe0ZaUbJspZtNa6KYvzL6Ruf
wRtyvSnzlxRkma29OqP9wlGsnoQhaTshZ6X0aNM1h0xd5kqa8TyaJohCat3r5xIN
Wb+XYG+kAT0bVnSMLxzLYy7IGXFavNaJ91H/7Gri+aQxHtxK8czp1qdXovaQEcl1
fzWw15cvK0+iv3uhP7vlPHEh2BtF/LGqPP4kaY8/qC076JscPoVP
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:37 2024 by rpki-client on console-fra.rpki-client.org