Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/wSn2byz7u86eGBQuLSFxqy4NocE.roa
File: wSn2byz7u86eGBQuLSFxqy4NocE.roa (raw, json)
Hash identifier: Zma4q8/V0+P86E6Jx5mdXesvUYgWIdiK0zeIj/TIwc8=
Subject key identifier: C1:29:F6:6F:2C:FB:BB:CE:9E:18:14:2E:2D:21:71:AB:2E:0D:A1:C1
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 0188322CC2F3BA388784A2DA681DE6B900BE
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/wSn2byz7u86eGBQuLSFxqy4NocE.roa
Signing time: Fri 19 May 2023 04:02:54 +0000
ROA not before: Fri 19 May 2023 04:02:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 91.200.220.0/24 maxlen: 24
109.122.46.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 26 May 2023 04:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:32:2c:c2:f3:ba:38:87:84:a2:da:68:1d:e6:b9:00:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: May 19 04:02:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c129f66f2cfbbbce9e18142e2d2171ab2e0da1c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:7a:2c:a7:a9:69:95:95:f5:84:be:c8:73:b8:
af:98:5a:24:37:6b:1c:54:10:ac:c1:18:ba:78:ee:
5e:1d:aa:0e:76:1e:02:fa:a2:79:6b:de:e7:92:7f:
a5:66:d9:df:83:ba:d8:9b:ec:3d:2c:48:c7:b1:e2:
5b:6d:18:9a:60:9c:92:40:15:96:0a:1f:69:30:ce:
ad:29:67:18:92:41:47:b0:43:f7:b9:8e:77:db:f5:
c7:07:37:58:3b:5b:d4:56:c9:c6:58:2a:00:45:ad:
e1:fb:4f:a2:69:26:91:cb:ff:2b:3f:fe:3f:2f:f9:
69:a7:14:c5:c1:1d:a0:fa:52:20:53:fe:bc:cb:f2:
a0:ae:13:96:0d:ce:2c:24:61:39:85:63:08:5e:d3:
7a:58:ab:35:00:42:81:be:fa:c6:c9:6d:2b:60:c9:
c1:6f:cb:a5:7d:5e:34:01:1b:13:1d:3b:4a:52:cf:
79:84:f2:5f:fc:e5:af:ca:2b:0e:c5:74:f3:54:b8:
e2:64:95:1a:fe:45:3e:0a:00:09:5d:0c:13:d6:b8:
f2:bd:6a:ea:a8:31:9c:a9:b9:ca:7e:34:a1:e3:9a:
20:b9:59:4d:c0:48:1b:11:bd:0a:2d:9e:37:6f:07:
ab:dc:f6:ab:fb:6d:09:6c:8d:9b:81:e0:b8:46:7d:
40:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:29:F6:6F:2C:FB:BB:CE:9E:18:14:2E:2D:21:71:AB:2E:0D:A1:C1
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/wSn2byz7u86eGBQuLSFxqy4NocE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.200.220.0/24
109.122.46.0/24
Signature Algorithm: sha256WithRSAEncryption
01:b2:0f:ff:29:19:2d:33:e0:fb:c3:15:0e:fe:1a:d0:28:72:
44:b5:69:c9:79:e2:fd:36:d6:41:87:21:13:22:aa:db:40:45:
03:e0:9b:e6:d9:49:79:67:73:7c:a6:6d:3c:0e:02:b9:3a:27:
da:b0:5a:d9:86:5a:4d:43:f6:a7:ee:bd:a6:71:fd:3c:46:45:
0f:e4:0e:c7:06:53:e8:78:d8:03:c9:e0:83:44:de:d9:97:96:
82:1f:27:c3:b4:0f:71:be:76:6e:9d:c0:fa:fb:b1:a3:e5:43:
cf:cf:d8:12:3d:3b:34:a2:c4:81:ad:e9:56:5a:f0:ef:4a:b7:
70:f9:05:90:3f:64:ef:c1:47:48:a1:f5:29:68:54:35:b0:c1:
cb:f8:12:06:08:c6:83:b1:75:38:a9:7e:82:b4:e4:a4:16:66:
8a:5c:01:bf:e7:d7:9d:8e:87:89:bf:91:42:e9:d8:10:e7:cc:
8d:83:e4:14:dd:40:59:ec:17:aa:5d:08:6f:34:0f:79:9f:80:
da:96:d4:55:2d:e4:f6:8d:a4:92:71:3d:d8:ce:2f:a2:fe:f1:
a6:5c:f1:15:96:b8:2b:9d:9a:3b:5f:44:c4:98:bc:e8:9e:ad:
0e:74:0f:d9:5e:15:0a:5a:53:c3:4e:6e:71:23:57:24:c4:4a:
64:40:af:5e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYgyLMLzujiHhKLaaB3muQC+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjMwNTE5MDQwMjU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMTI5ZjY2ZjJjZmJiYmNlOWUxODE0MmUyZDIxNzFhYjJlMGRhMWMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhXosp6lplZX1hL7Ic7ivmFokN2sc
VBCswRi6eO5eHaoOdh4C+qJ5a97nkn+lZtnfg7rYm+w9LEjHseJbbRiaYJySQBWW
Ch9pMM6tKWcYkkFHsEP3uY532/XHBzdYO1vUVsnGWCoARa3h+0+iaSaRy/8rP/4/
L/lppxTFwR2g+lIgU/68y/KgrhOWDc4sJGE5hWMIXtN6WKs1AEKBvvrGyW0rYMnB
b8ulfV40ARsTHTtKUs95hPJf/OWvyisOxXTzVLjiZJUa/kU+CgAJXQwT1rjyvWrq
qDGcqbnKfjSh45oguVlNwEgbEb0KLZ43bwer3Par+20JbI2bgeC4Rn1ABwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMEp9m8s+7vOnhgULi0hcasuDaHBMB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvd1NuMmJ5ejd1ODZlR0JRdUxTRnhxeTROb2NFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW8jcAwQA
bXouMA0GCSqGSIb3DQEBCwUAA4IBAQABsg//KRktM+D7wxUO/hrQKHJEtWnJeeL9
NtZBhyETIqrbQEUD4Jvm2Ul5Z3N8pm08DgK5OifasFrZhlpNQ/an7r2mcf08RkUP
5A7HBlPoeNgDyeCDRN7Zl5aCHyfDtA9xvnZuncD6+7Gj5UPPz9gSPTs0osSBrelW
WvDvSrdw+QWQP2TvwUdIofUpaFQ1sMHL+BIGCMaDsXU4qX6CtOSkFmaKXAG/59ed
joeJv5FC6dgQ58yNg+QU3UBZ7BeqXQhvNA95n4DaltRVLeT2jaSScT3Yzi+i/vGm
XPEVlrgrnZo7X0TEmLzonq0OdA/ZXhUKWlPDTm5xI1ckxEpkQK9e
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:07 2024 by rpki-client on console-ams.rpki-client.org