Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/xUnB4pXlDRyNxblDTaTQ-ChzmEQ.roa
File: xUnB4pXlDRyNxblDTaTQ-ChzmEQ.roa (raw, json)
Hash identifier: L1kDwjyPtapw/EdtbxOnTukxaQzQEpd8BvXgSOqBn40=
Subject key identifier: C5:49:C1:E2:95:E5:0D:1C:8D:C5:B9:43:4D:A4:D0:F8:28:73:98:44
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 018C0F80FFE9823DD96F6A1E70494D180DA8
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/xUnB4pXlDRyNxblDTaTQ-ChzmEQ.roa
Signing time: Mon 27 Nov 2023 06:39:21 +0000
ROA not before: Mon 27 Nov 2023 06:39:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 91.200.220.0/24 maxlen: 24
109.122.45.0/24 maxlen: 24
109.122.46.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 28 Nov 2023 18:20:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:0f:80:ff:e9:82:3d:d9:6f:6a:1e:70:49:4d:18:0d:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Nov 27 06:39:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c549c1e295e50d1c8dc5b9434da4d0f828739844
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:7e:38:15:7d:04:9b:fd:cd:84:53:ba:9e:a1:
21:23:09:52:f9:2d:aa:26:13:9d:08:67:e0:26:2b:
78:5f:3f:c7:56:b1:ec:b3:f1:1e:89:5c:03:41:53:
dd:90:b4:34:64:ba:dd:3e:3e:8a:0b:1d:2a:9b:d0:
d4:07:6d:f6:6d:74:55:98:74:74:fa:60:47:be:a2:
43:b1:ca:87:b1:27:ca:fa:dc:f5:b4:b0:d9:e6:45:
64:6b:b4:11:98:a8:da:31:45:e2:6b:cb:88:33:c4:
37:cb:ed:65:4e:32:d3:2f:ea:d9:77:2d:f7:94:07:
59:89:d9:c5:5b:1d:8f:6b:9b:a6:4e:6f:cd:f2:64:
4e:44:84:c2:26:dc:34:6e:81:50:59:68:3b:88:ee:
3f:8d:00:0e:69:13:75:a0:aa:3f:48:d6:12:de:5e:
ad:32:9a:0d:95:0b:0b:fb:ea:2f:d2:0f:a4:ca:f2:
45:b5:41:33:86:80:71:6c:60:cd:1c:f8:66:2a:48:
09:3b:6c:a5:91:64:a1:54:29:41:9d:1b:a0:c0:68:
bc:af:da:66:3c:73:c3:03:b8:a2:0e:48:cd:9c:20:
6a:7f:8f:b9:9b:61:32:01:cb:52:8f:5c:92:2e:34:
21:6f:7a:9d:62:ec:4a:70:82:63:5d:89:07:0a:2f:
eb:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:49:C1:E2:95:E5:0D:1C:8D:C5:B9:43:4D:A4:D0:F8:28:73:98:44
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/xUnB4pXlDRyNxblDTaTQ-ChzmEQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.200.220.0/24
109.122.45.0-109.122.46.255
Signature Algorithm: sha256WithRSAEncryption
69:f0:e1:6b:e9:63:26:b7:49:c4:ef:32:ad:da:41:fe:e6:10:
cc:56:1f:96:ec:74:cb:42:8c:56:2c:4f:3d:3c:58:77:36:72:
64:8c:93:e3:7b:a8:81:50:0a:b5:aa:dc:40:ba:64:7c:2e:b3:
71:07:91:a3:08:46:3b:34:45:35:0a:7c:39:42:80:13:84:e5:
de:21:97:fc:b2:60:dd:ab:6b:5a:18:e3:92:d2:5c:70:75:60:
47:70:76:01:7f:30:0c:35:00:96:a0:48:dd:74:8e:f8:e1:82:
07:09:f8:74:d6:cb:9c:02:19:c6:e5:35:c2:6c:ef:7d:2f:89:
93:0c:0f:73:fe:64:68:29:56:72:83:ea:bd:44:75:7b:e8:22:
10:12:ee:a5:62:30:dc:75:16:31:e9:3c:d1:6f:01:a2:9a:cc:
f9:0f:09:13:cb:3f:1f:6d:3b:98:c2:d6:5c:64:12:0b:0a:54:
3a:b7:ed:c0:78:a8:87:5d:e8:52:a4:74:22:0c:42:67:8f:ea:
2a:f7:26:a2:6e:76:a1:30:0d:be:e2:35:ef:ff:02:d5:a8:20:
fa:4b:96:e1:6b:31:1e:d8:23:3b:5f:8c:e9:84:b1:be:96:1f:
c1:ef:3e:36:ec:b2:00:b9:c9:41:91:2e:dd:e5:4b:6f:53:03:
ea:c1:e4:88
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYwPgP/pgj3Zb2oecElNGA2oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjMxMTI3MDYzOTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTQ5YzFlMjk1ZTUwZDFjOGRjNWI5NDM0ZGE0ZDBmODI4NzM5ODQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj344FX0Em/3NhFO6nqEhIwlS+S2q
JhOdCGfgJit4Xz/HVrHss/EeiVwDQVPdkLQ0ZLrdPj6KCx0qm9DUB232bXRVmHR0
+mBHvqJDscqHsSfK+tz1tLDZ5kVka7QRmKjaMUXia8uIM8Q3y+1lTjLTL+rZdy33
lAdZidnFWx2Pa5umTm/N8mRORITCJtw0boFQWWg7iO4/jQAOaRN1oKo/SNYS3l6t
MpoNlQsL++ov0g+kyvJFtUEzhoBxbGDNHPhmKkgJO2ylkWShVClBnRugwGi8r9pm
PHPDA7iiDkjNnCBqf4+5m2EyActSj1ySLjQhb3qdYuxKcIJjXYkHCi/rPQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFMVJweKV5Q0cjcW5Q02k0Pgoc5hEMB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEveFVuQjRwWGxEUnlOeGJsRFRhVFEtQ2h6bUVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQAW8jcMAwD
BABtei0DBABtei4wDQYJKoZIhvcNAQELBQADggEBAGnw4WvpYya3ScTvMq3aQf7m
EMxWH5bsdMtCjFYsTz08WHc2cmSMk+N7qIFQCrWq3EC6ZHwus3EHkaMIRjs0RTUK
fDlCgBOE5d4hl/yyYN2ra1oY45LSXHB1YEdwdgF/MAw1AJagSN10jvjhggcJ+HTW
y5wCGcblNcJs730viZMMD3P+ZGgpVnKD6r1EdXvoIhAS7qViMNx1FjHpPNFvAaKa
zPkPCRPLPx9tO5jC1lxkEgsKVDq37cB4qIdd6FKkdCIMQmeP6ir3JqJudqEwDb7i
Ne//AtWoIPpLluFrMR7YIztfjOmEsb6WH8HvPjbssgC5yUGRLt3lS29TA+rB5Ig=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:37 2024 by rpki-client on console-fra.rpki-client.org