Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/wJZ_spPKDqxOCQ-saFClmSeGTzE.roa
File: wJZ_spPKDqxOCQ-saFClmSeGTzE.roa (raw, json)
Hash identifier: IKf6yGD6tg9VYPZBwBEYiVHxiAZLfSe2dGFXXUiurc0=
Subject key identifier: C0:96:7F:B2:93:CA:0E:AC:4E:09:0F:AC:68:50:A5:99:27:86:4F:31
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 018C67AFD6EF070B62044E165599579D0675
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/wJZ_spPKDqxOCQ-saFClmSeGTzE.roa
Signing time: Thu 14 Dec 2023 09:37:06 +0000
ROA not before: Thu 14 Dec 2023 09:37:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 91.200.220.0/24 maxlen: 24
109.122.46.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 19 Dec 2023 07:45:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:67:af:d6:ef:07:0b:62:04:4e:16:55:99:57:9d:06:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Dec 14 09:37:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c0967fb293ca0eac4e090fac6850a59927864f31
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:5a:0e:31:92:d0:30:8f:7c:78:3b:f1:79:4d:
d4:97:41:c1:c7:30:69:cc:60:38:72:0f:e7:d2:be:
72:04:5b:d1:78:f3:5a:92:ec:e5:22:15:b4:8c:98:
17:89:d0:e1:57:29:b1:3e:70:19:c3:82:c0:71:3c:
3d:69:4e:e7:ca:d9:b3:3d:55:dd:67:27:23:e2:80:
09:ec:6a:be:16:ce:bf:ad:6c:3f:dd:ad:12:36:91:
63:5b:7d:fa:3a:60:39:73:e1:6e:b7:ed:ae:94:a4:
f3:a5:cc:1b:43:74:76:f2:a1:9f:0d:b6:a5:74:96:
0f:42:4b:48:cf:d4:2c:2c:35:f4:32:0c:3a:b3:9d:
83:c9:91:e7:e9:7a:72:a7:bb:09:6b:73:9e:16:e0:
05:4f:e0:29:97:b7:e0:2a:fa:a4:d9:b8:65:39:01:
51:76:3d:57:bd:15:ec:40:11:0a:09:1f:8c:ba:5a:
01:d4:6b:37:ad:2e:58:0f:c7:da:77:bb:02:12:29:
3a:24:7c:e0:3f:90:68:c5:66:71:3c:46:68:0d:1b:
dc:f6:8b:b0:a2:25:b5:08:48:2c:42:1d:0e:59:72:
05:10:f0:6a:8f:bb:b6:0a:08:aa:5a:86:bc:b0:a5:
52:64:10:e6:da:7b:b7:d7:8c:07:c0:42:9d:ee:e8:
1f:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:96:7F:B2:93:CA:0E:AC:4E:09:0F:AC:68:50:A5:99:27:86:4F:31
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/wJZ_spPKDqxOCQ-saFClmSeGTzE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.200.220.0/24
109.122.46.0/24
Signature Algorithm: sha256WithRSAEncryption
2a:0b:2e:a0:4f:7a:93:a4:5e:2c:09:07:92:f0:80:bc:cc:67:
c0:21:54:7d:14:a2:fd:72:60:8d:6e:ec:0f:23:2e:e8:b3:f5:
f2:64:67:f7:9f:52:a0:82:62:3f:c5:14:40:ef:01:fe:7b:7c:
22:a4:85:a3:f9:bf:48:f1:44:23:ab:23:1e:62:4d:ca:e5:ae:
5f:4e:9c:b8:ef:49:94:5c:c8:bf:63:f1:44:00:7d:9f:c6:94:
07:45:d6:99:1a:d1:0a:5e:6b:cd:1e:54:27:97:00:6f:26:b7:
07:33:4d:8f:6a:63:eb:3a:2a:a2:72:ea:8d:89:ef:88:b4:c9:
73:a5:e5:ab:9f:a5:00:76:a1:7c:78:2e:ef:3e:fa:b4:15:c0:
25:17:eb:57:be:10:16:39:24:b3:f6:ef:9d:db:64:8b:e8:b9:
69:e4:cc:56:7a:d3:da:78:cb:6d:66:a2:eb:f4:7a:c3:7e:99:
08:95:f3:06:24:f3:6b:50:0b:37:11:2a:a8:65:0c:5b:e5:0d:
ec:fc:6c:99:c7:52:c4:c4:5b:96:6e:5b:73:9b:d9:4b:ed:60:
9a:1b:84:a7:84:c8:e8:c5:88:39:7b:c7:dc:24:cd:df:ee:88:
8e:05:ed:ac:7c:fd:67:66:bd:71:9d:9a:0e:2a:16:83:cc:5e:
5a:06:4b:de
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYxnr9bvBwtiBE4WVZlXnQZ1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjMxMjE0MDkzNzA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMDk2N2ZiMjkzY2EwZWFjNGUwOTBmYWM2ODUwYTU5OTI3ODY0ZjMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoFoOMZLQMI98eDvxeU3Ul0HBxzBp
zGA4cg/n0r5yBFvRePNakuzlIhW0jJgXidDhVymxPnAZw4LAcTw9aU7nytmzPVXd
Zycj4oAJ7Gq+Fs6/rWw/3a0SNpFjW336OmA5c+Fut+2ulKTzpcwbQ3R28qGfDbal
dJYPQktIz9QsLDX0Mgw6s52DyZHn6Xpyp7sJa3OeFuAFT+Apl7fgKvqk2bhlOQFR
dj1XvRXsQBEKCR+MuloB1Gs3rS5YD8fad7sCEik6JHzgP5BoxWZxPEZoDRvc9ouw
oiW1CEgsQh0OWXIFEPBqj7u2CgiqWoa8sKVSZBDm2nu314wHwEKd7ugfcQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMCWf7KTyg6sTgkPrGhQpZknhk8xMB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvd0paX3NwUEtEcXhPQ1Etc2FGQ2xtU2VHVHpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW8jcAwQA
bXouMA0GCSqGSIb3DQEBCwUAA4IBAQAqCy6gT3qTpF4sCQeS8IC8zGfAIVR9FKL9
cmCNbuwPIy7os/XyZGf3n1KggmI/xRRA7wH+e3wipIWj+b9I8UQjqyMeYk3K5a5f
Tpy470mUXMi/Y/FEAH2fxpQHRdaZGtEKXmvNHlQnlwBvJrcHM02PamPrOiqicuqN
ie+ItMlzpeWrn6UAdqF8eC7vPvq0FcAlF+tXvhAWOSSz9u+d22SL6Llp5MxWetPa
eMttZqLr9HrDfpkIlfMGJPNrUAs3ESqoZQxb5Q3s/GyZx1LExFuWbltzm9lL7WCa
G4SnhMjoxYg5e8fcJM3f7oiOBe2sfP1nZr1xnZoOKhaDzF5aBkve
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:07 2024 by rpki-client on console-ams.rpki-client.org