Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/txsZRxfGFnCh-9wMINuoVlqA8dA.roa
File: txsZRxfGFnCh-9wMINuoVlqA8dA.roa (raw, json)
Hash identifier: SSZpd5RCfsrDbv5BJwa6HFAziPD+vn4zjVA/w4MdF8M=
Subject key identifier: B7:1B:19:47:17:C6:16:70:A1:FB:DC:0C:20:DB:A8:56:5A:80:F1:D0
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 0189B0E645C1289FD985AD75DBF3721D1E04
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/txsZRxfGFnCh-9wMINuoVlqA8dA.roa
Signing time: Tue 01 Aug 2023 11:40:28 +0000
ROA not before: Tue 01 Aug 2023 11:40:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212817
IP address blocks: 91.200.222.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:31:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:b0:e6:45:c1:28:9f:d9:85:ad:75:db:f3:72:1d:1e:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Aug 1 11:40:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b71b194717c61670a1fbdc0c20dba8565a80f1d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:b4:1f:da:ec:c6:17:2f:62:2a:2b:13:24:56:
84:ab:9d:c7:67:9f:c7:ad:6d:cf:19:ae:d1:d5:f7:
1c:90:ab:d5:e8:9e:73:1f:23:46:99:01:5d:e3:dc:
48:ae:e9:b6:10:75:16:59:1e:d3:2a:3f:3f:0e:46:
9b:99:07:12:d2:eb:17:11:8c:eb:22:85:d4:82:d3:
92:56:be:9d:00:77:01:c0:6d:7b:c4:31:e1:33:ac:
dc:7d:57:55:e9:3e:73:0f:92:23:37:42:ae:01:e9:
23:b0:04:b7:b8:84:f6:09:62:0a:2c:8d:77:81:17:
87:b3:85:db:0e:88:f3:33:0e:57:be:1d:92:65:c3:
ad:a6:e8:80:7c:ab:14:1a:6d:24:b2:85:09:e5:cf:
b3:5d:ef:b0:10:49:6f:5b:6c:16:b2:bb:88:23:48:
ba:1c:53:80:3c:ca:90:26:69:59:6a:c7:d7:4b:ca:
01:4f:06:28:1b:6a:e2:2c:1a:f0:d8:ba:77:d8:29:
2c:67:3b:cc:a0:68:72:52:94:68:f5:ab:a8:1c:10:
da:84:ba:af:db:d7:85:42:db:40:e0:68:60:5e:b8:
82:b8:0d:27:5c:20:f3:e7:49:75:69:1f:00:93:49:
7c:c9:15:8b:df:82:a0:8a:5d:70:79:4b:c6:aa:a8:
aa:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:1B:19:47:17:C6:16:70:A1:FB:DC:0C:20:DB:A8:56:5A:80:F1:D0
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/txsZRxfGFnCh-9wMINuoVlqA8dA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.200.222.0/24
Signature Algorithm: sha256WithRSAEncryption
07:74:af:7c:c2:50:ad:0d:cc:3a:b2:6f:e9:4f:75:6b:bf:14:
44:b1:4f:90:8d:ad:bd:d8:78:9c:98:b5:75:95:7f:2e:23:44:
01:e6:1b:8f:08:ff:92:20:1a:fc:d7:06:4d:03:60:fb:24:aa:
6e:5b:dd:30:86:d0:37:3d:08:c5:2b:03:15:5d:79:f5:cc:f4:
9e:88:9d:52:1a:37:4c:96:4f:19:e7:d3:8f:16:0a:11:7c:dc:
d7:ca:1d:65:f9:90:c5:27:d6:d6:29:44:b3:b0:ed:99:4d:8d:
8b:39:27:32:91:73:d7:0a:ea:a2:f7:9e:21:7f:76:43:ce:ad:
ca:8c:9f:99:3c:a8:17:42:80:07:59:25:47:cb:c2:74:ee:4c:
9e:8f:ee:4c:8f:e7:be:a2:b8:ca:f1:52:61:b5:e4:52:97:3c:
61:7f:2b:9d:be:18:44:c4:3f:14:2f:7f:f7:d8:25:f9:71:b5:
c3:dd:ab:af:43:5f:cb:e8:e5:d3:1b:0a:25:e6:1c:af:f8:ad:
ab:93:05:f5:fa:eb:39:32:c6:7a:ef:bb:08:92:49:aa:cb:76:
03:d2:10:fa:bb:b5:0a:a6:be:e2:d2:08:31:14:a8:d1:fb:b7:
68:67:66:09:87:3d:5f:8a:2c:5c:85:36:7c:22:6b:2e:c8:ff:
64:d0:60:dc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYmw5kXBKJ/Zha112/NyHR4EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjMwODAxMTE0MDI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzFiMTk0NzE3YzYxNjcwYTFmYmRjMGMyMGRiYTg1NjVhODBmMWQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArbQf2uzGFy9iKisTJFaEq53HZ5/H
rW3PGa7R1fcckKvV6J5zHyNGmQFd49xIrum2EHUWWR7TKj8/DkabmQcS0usXEYzr
IoXUgtOSVr6dAHcBwG17xDHhM6zcfVdV6T5zD5IjN0KuAekjsAS3uIT2CWIKLI13
gReHs4XbDojzMw5Xvh2SZcOtpuiAfKsUGm0ksoUJ5c+zXe+wEElvW2wWsruII0i6
HFOAPMqQJmlZasfXS8oBTwYoG2riLBrw2Lp32CksZzvMoGhyUpRo9auoHBDahLqv
29eFQttA4GhgXriCuA0nXCDz50l1aR8Ak0l8yRWL34Kgil1weUvGqqiqfwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLcbGUcXxhZwofvcDCDbqFZagPHQMB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvdHhzWlJ4ZkdGbkNoLTl3TUlOdW9WbHFBOGRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW8jeMA0G
CSqGSIb3DQEBCwUAA4IBAQAHdK98wlCtDcw6sm/pT3VrvxREsU+Qja292HicmLV1
lX8uI0QB5huPCP+SIBr81wZNA2D7JKpuW90whtA3PQjFKwMVXXn1zPSeiJ1SGjdM
lk8Z59OPFgoRfNzXyh1l+ZDFJ9bWKUSzsO2ZTY2LOScykXPXCuqi954hf3ZDzq3K
jJ+ZPKgXQoAHWSVHy8J07kyej+5Mj+e+orjK8VJhteRSlzxhfyudvhhExD8UL3/3
2CX5cbXD3auvQ1/L6OXTGwol5hyv+K2rkwX1+us5MsZ677sIkkmqy3YD0hD6u7UK
pr7i0ggxFKjR+7doZ2YJhz1fiixchTZ8ImsuyP9k0GDc
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:07 2024 by rpki-client on console-ams.rpki-client.org