Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/xO7YUnDRuIZ7EGJlQS7O1Vb_pQY.roa
File: xO7YUnDRuIZ7EGJlQS7O1Vb_pQY.roa (raw, json)
Hash identifier: r8FZA62wrNnpzvy+GDGf28memZ7A++R9sBB49q3NOqw=
Subject key identifier: C4:EE:D8:52:70:D1:B8:86:7B:10:62:65:41:2E:CE:D5:56:FF:A5:06
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 0193DA336E909649942A9E6D80D31785A76F
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/xO7YUnDRuIZ7EGJlQS7O1Vb_pQY.roa
Signing time: Wed 18 Dec 2024 14:37:03 +0000
ROA not before: Wed 18 Dec 2024 14:37:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 109.122.46.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 24 Dec 2024 10:02:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:da:33:6e:90:96:49:94:2a:9e:6d:80:d3:17:85:a7:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Dec 18 14:37:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c4eed85270d1b8867b106265412eced556ffa506
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:69:4f:05:f3:e5:f3:d0:2a:5a:bd:2d:1f:33:
87:34:cb:51:c8:cc:0b:eb:e0:66:b5:fb:29:aa:75:
19:1a:95:cf:eb:a4:b8:2e:e5:bf:6d:10:83:40:97:
ef:6a:f9:20:8b:c2:1f:40:87:d7:ca:ac:ac:bb:e2:
c7:93:99:75:31:66:04:a4:11:0a:0a:71:8b:e6:3d:
a0:23:b9:04:7e:4a:01:14:4f:ba:68:c2:3b:26:89:
64:2d:41:80:8d:1d:05:5c:cf:41:d3:60:51:5a:c2:
67:7e:88:a7:4a:3b:d5:fd:9d:1d:3b:20:62:58:be:
17:42:a3:dc:4c:55:4c:1d:01:62:79:11:b3:73:e3:
c5:e2:a2:99:28:12:da:89:0c:68:ff:05:4e:a2:57:
10:c8:75:1c:c2:fb:67:b2:ec:42:63:49:25:52:0d:
26:9a:62:41:bc:ae:e7:c6:0e:58:b6:97:6a:15:c5:
dc:45:23:8f:d9:dd:2e:5d:19:e0:08:0a:3c:a8:43:
6b:8e:5e:3e:68:96:8c:1b:41:1c:8c:0e:66:79:9d:
22:e4:00:a4:60:f4:c7:82:9d:65:84:82:c9:af:a1:
9a:71:bb:7a:6a:8c:53:ec:7e:98:09:7a:be:25:1f:
b9:0b:a0:aa:9e:f3:f9:6c:fa:13:ee:97:fb:5b:be:
d7:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:EE:D8:52:70:D1:B8:86:7B:10:62:65:41:2E:CE:D5:56:FF:A5:06
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/xO7YUnDRuIZ7EGJlQS7O1Vb_pQY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.122.46.0/24
Signature Algorithm: sha256WithRSAEncryption
92:0f:fb:1f:5b:c9:35:c5:12:e1:3d:bb:b0:87:b5:ab:52:49:
cc:55:44:28:ab:9b:3e:1c:4b:1b:cc:d3:a9:2e:8f:8b:7c:22:
de:f6:cd:15:aa:69:f5:4d:cc:38:38:ca:59:50:89:67:01:11:
4b:ae:db:4b:ec:66:6e:eb:c4:b5:6d:61:cc:6d:3c:8b:a4:dd:
d9:f6:4f:81:af:d4:8b:1b:11:71:ae:80:aa:d4:29:83:02:b8:
b4:8b:f2:b0:9e:4e:53:0e:6d:ab:27:5d:ae:a1:a8:43:9d:ac:
18:6f:9a:12:4a:e8:83:f4:49:95:fa:ab:b6:f3:ac:4a:37:46:
a9:3a:6d:e9:c8:17:3e:31:ba:7d:4f:87:b8:fc:47:a1:a6:20:
97:b8:b5:f4:fd:48:4e:35:a6:71:ca:76:8b:5c:f9:4c:ca:3d:
84:b7:c0:49:36:10:44:59:e9:2a:42:eb:78:36:75:be:41:ec:
19:37:32:c3:5c:24:29:d7:cc:69:31:f4:70:06:e4:76:6f:84:
1f:da:2d:f2:12:6b:c8:f6:a1:79:6a:ad:04:0e:8a:97:1d:88:
da:97:07:dc:4c:cb:06:12:08:a7:2d:4f:ef:68:b7:a1:48:fe:
46:d6:08:e6:ec:60:27:04:8e:af:14:77:86:ff:4c:b0:dd:97:
82:81:6c:23
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZPaM26QlkmUKp5tgNMXhadvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjQxMjE4MTQzNzAzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNGVlZDg1MjcwZDFiODg2N2IxMDYyNjU0MTJlY2VkNTU2ZmZhNTA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkGlPBfPl89AqWr0tHzOHNMtRyMwL
6+BmtfspqnUZGpXP66S4LuW/bRCDQJfvavkgi8IfQIfXyqysu+LHk5l1MWYEpBEK
CnGL5j2gI7kEfkoBFE+6aMI7JolkLUGAjR0FXM9B02BRWsJnfoinSjvV/Z0dOyBi
WL4XQqPcTFVMHQFieRGzc+PF4qKZKBLaiQxo/wVOolcQyHUcwvtnsuxCY0klUg0m
mmJBvK7nxg5YtpdqFcXcRSOP2d0uXRngCAo8qENrjl4+aJaMG0EcjA5meZ0i5ACk
YPTHgp1lhILJr6Gacbt6aoxT7H6YCXq+JR+5C6CqnvP5bPoT7pf7W77XnQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMTu2FJw0biGexBiZUEuztVW/6UGMB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEveE83WVVuRFJ1SVo3RUdKbFFTN08xVmJfcFFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbXouMA0G
CSqGSIb3DQEBCwUAA4IBAQCSD/sfW8k1xRLhPbuwh7WrUknMVUQoq5s+HEsbzNOp
Lo+LfCLe9s0Vqmn1Tcw4OMpZUIlnARFLrttL7GZu68S1bWHMbTyLpN3Z9k+Br9SL
GxFxroCq1CmDAri0i/Kwnk5TDm2rJ12uoahDnawYb5oSSuiD9EmV+qu286xKN0ap
Om3pyBc+Mbp9T4e4/EehpiCXuLX0/UhONaZxynaLXPlMyj2Et8BJNhBEWekqQut4
NnW+QewZNzLDXCQp18xpMfRwBuR2b4Qf2i3yEmvI9qF5aq0EDoqXHYjalwfcTMsG
EginLU/vaLehSP5G1gjm7GAnBI6vFHeG/0yw3ZeCgWwj
-----END CERTIFICATE-----
Generated at Thu Apr 17 21:38:17 2025 by rpki-client