Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/y-uYnFcdUyN9Gl7Nqls6ge0-HVM.roa
File: y-uYnFcdUyN9Gl7Nqls6ge0-HVM.roa (raw, json)
Hash identifier: yi/gVkaEfwwVJNIakrH5UuD+D0BaCoHrorXBXyT+70M=
Subject key identifier: CB:EB:98:9C:57:1D:53:23:7D:1A:5E:CD:AA:5B:3A:81:ED:3E:1D:53
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 018EA706CF7757504415999328E9B3BFDB9F
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/y-uYnFcdUyN9Gl7Nqls6ge0-HVM.roa
Signing time: Thu 04 Apr 2024 02:53:45 +0000
ROA not before: Thu 04 Apr 2024 02:53:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 91.210.145.0/24 maxlen: 24
109.122.46.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 05 Apr 2024 09:42:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:a7:06:cf:77:57:50:44:15:99:93:28:e9:b3:bf:db:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Apr 4 02:53:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cbeb989c571d53237d1a5ecdaa5b3a81ed3e1d53
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:21:1e:9d:db:d3:86:8a:58:18:19:67:6d:80:
8b:12:ef:d4:62:21:16:4a:86:4a:b8:65:e5:75:0a:
50:bb:4d:7c:40:f1:3f:1d:91:8e:e9:2b:1d:85:e8:
ea:81:5a:46:5a:06:c0:48:89:6c:34:cc:41:0b:64:
2d:4e:20:c2:e6:2d:ae:8f:3b:58:46:5b:85:47:f5:
dc:bb:fa:b0:e2:46:5a:1c:3b:98:d7:4b:c5:d8:3f:
09:40:84:b9:14:1c:9d:15:c5:6b:b2:7a:55:e9:32:
98:99:f4:27:86:6b:66:4e:1b:0b:af:68:8a:93:2f:
45:57:c1:bc:a1:d2:ea:2f:7b:d1:31:34:6d:a1:54:
3f:d2:3d:62:72:11:b4:10:75:49:2a:ac:75:31:20:
c2:08:b6:d2:e8:95:11:75:a3:28:48:bb:d7:4f:5c:
3d:44:f9:49:2f:c8:c9:ff:e8:3e:eb:56:92:c6:6d:
0b:ce:cc:e7:2b:85:ec:21:e6:78:67:6a:48:9e:79:
e9:95:c2:58:0e:de:17:ed:c2:4f:5d:9a:8a:2b:6c:
99:da:99:76:56:07:9b:7a:42:65:98:06:10:40:3d:
8b:9c:0c:86:94:39:18:92:ca:8c:3e:0b:f4:ff:50:
a4:e5:2d:13:5b:ab:d5:c6:b2:b8:df:62:b0:16:35:
44:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:EB:98:9C:57:1D:53:23:7D:1A:5E:CD:AA:5B:3A:81:ED:3E:1D:53
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/y-uYnFcdUyN9Gl7Nqls6ge0-HVM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.210.145.0/24
109.122.46.0/24
Signature Algorithm: sha256WithRSAEncryption
74:26:5b:0c:62:80:e9:4f:95:5e:cd:74:d1:5a:e7:4f:92:f9:
fd:e6:12:ab:1b:ea:a0:b8:5d:af:fa:a6:e1:e7:c9:1a:6a:82:
41:b0:4a:94:b0:01:cb:80:ec:02:2c:64:a7:81:fd:a5:97:62:
cd:c5:3b:d9:a1:da:a5:06:a9:6f:d3:9c:8e:fe:49:08:be:2d:
0c:60:c4:12:0e:b9:bb:e1:24:a3:4e:80:4e:a7:14:7a:a4:23:
34:98:2a:0e:f7:97:9d:61:f9:95:e1:23:8d:bd:6d:fc:cc:98:
e8:42:b6:27:62:ba:61:bd:44:b7:d5:e4:08:d6:50:4b:ac:f1:
f2:9e:fa:e5:8b:c9:32:b5:6b:cc:34:fc:31:dc:a0:47:c9:1a:
e7:4c:35:45:e0:71:68:e2:f8:04:44:5d:8c:60:1a:c1:13:d0:
bd:88:66:3e:ec:83:69:56:10:8d:6c:5e:9d:61:01:2d:50:cc:
2b:35:2f:a1:ce:11:1a:c5:ed:d7:51:1b:46:ef:99:f3:ed:85:
96:71:89:eb:55:1c:a4:52:a7:22:d2:ee:15:44:c2:4b:4b:72:
0c:c0:48:0d:34:58:31:7c:58:35:f1:d5:71:c0:3d:26:8a:8d:
06:ad:4f:1d:c8:5a:f9:33:7f:4c:ba:7c:4a:38:43:5e:bf:ed:
87:2f:0c:a4
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY6nBs93V1BEFZmTKOmzv9ufMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjQwNDA0MDI1MzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYmViOTg5YzU3MWQ1MzIzN2QxYTVlY2RhYTViM2E4MWVkM2UxZDUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoCEendvThopYGBlnbYCLEu/UYiEW
SoZKuGXldQpQu018QPE/HZGO6SsdhejqgVpGWgbASIlsNMxBC2QtTiDC5i2ujztY
RluFR/Xcu/qw4kZaHDuY10vF2D8JQIS5FBydFcVrsnpV6TKYmfQnhmtmThsLr2iK
ky9FV8G8odLqL3vRMTRtoVQ/0j1ichG0EHVJKqx1MSDCCLbS6JURdaMoSLvXT1w9
RPlJL8jJ/+g+61aSxm0LzsznK4XsIeZ4Z2pInnnplcJYDt4X7cJPXZqKK2yZ2pl2
VgebekJlmAYQQD2LnAyGlDkYksqMPgv0/1Ck5S0TW6vVxrK432KwFjVENQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMvrmJxXHVMjfRpezapbOoHtPh1TMB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEveS11WW5GY2RVeU45R2w3TnFsczZnZTAtSFZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW9KRAwQA
bXouMA0GCSqGSIb3DQEBCwUAA4IBAQB0JlsMYoDpT5VezXTRWudPkvn95hKrG+qg
uF2v+qbh58kaaoJBsEqUsAHLgOwCLGSngf2ll2LNxTvZodqlBqlv05yO/kkIvi0M
YMQSDrm74SSjToBOpxR6pCM0mCoO95edYfmV4SONvW38zJjoQrYnYrphvUS31eQI
1lBLrPHynvrli8kytWvMNPwx3KBHyRrnTDVF4HFo4vgERF2MYBrBE9C9iGY+7INp
VhCNbF6dYQEtUMwrNS+hzhEaxe3XURtG75nz7YWWcYnrVRykUqci0u4VRMJLS3IM
wEgNNFgxfFg18dVxwD0mio0GrU8dyFr5M39MunxKOENev+2HLwyk
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:37 2024 by rpki-client on console-fra.rpki-client.org