Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/y51B9f182qCDmm7Uu_hMxWvvcpc.roa
File: y51B9f182qCDmm7Uu_hMxWvvcpc.roa (raw, json)
Hash identifier: 3ng9BRF2p0QiGtLU870YBEiu7u8Wz5Dk9ouqynOl2fI=
Subject key identifier: CB:9D:41:F5:FD:7C:DA:A0:83:9A:6E:D4:BB:F8:4C:C5:6B:EF:72:97
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 01856ED4DFAFB8880E46433D0B48C8317003
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/y51B9f182qCDmm7Uu_hMxWvvcpc.roa
Signing time: Sun 01 Jan 2023 19:35:22 +0000
ROA not before: Sun 01 Jan 2023 19:35:22 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209260
IP address blocks: 109.122.44.0/24 maxlen: 24
91.226.57.0/24 maxlen: 24
91.226.59.0/24 maxlen: 24
193.93.52.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 22 Jan 2023 09:23:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:d4:df:af:b8:88:0e:46:43:3d:0b:48:c8:31:70:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Jan 1 19:35:22 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cb9d41f5fd7cdaa0839a6ed4bbf84cc56bef7297
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:57:60:e4:f3:2f:7e:7e:2c:32:a4:74:9f:26:
1b:ce:7c:3e:5c:23:50:e1:b3:40:b4:e3:c9:b4:02:
ad:25:e9:6b:65:b7:f5:ba:b7:86:d2:67:bb:b8:68:
23:9e:c5:55:42:cd:21:be:21:63:70:b1:08:27:3a:
d6:17:ac:2b:83:00:62:bb:cf:62:b9:3d:a1:b3:7f:
c3:4f:4b:c1:bf:67:6e:a8:85:17:ac:ec:54:3a:b3:
7f:04:3c:46:64:52:63:7b:dc:45:ff:fc:d0:8e:4a:
6f:29:74:e9:55:f3:7c:78:91:6c:31:71:c4:e8:e0:
0f:71:dd:b9:2f:9b:a8:61:2f:2e:02:dc:07:32:af:
c9:cf:5a:7f:4b:73:bf:12:82:fa:2a:92:70:fd:29:
a6:e8:1f:cf:73:4f:3e:46:e0:0b:2d:7b:cb:ae:72:
62:6f:45:b1:2a:45:06:12:19:2a:58:a4:5a:3d:d6:
5e:75:e4:79:fd:90:f2:98:16:a1:54:4e:ae:74:2a:
48:08:28:60:f9:d7:bb:3f:c4:79:73:c4:e5:02:5d:
05:99:24:10:2a:de:49:1a:c9:43:de:55:c2:8e:4e:
26:c8:c8:dd:4e:f8:57:c6:8c:90:f7:fd:97:12:cb:
3b:2a:b1:b6:c3:b9:36:8b:9c:22:bb:d5:63:28:ed:
9a:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:9D:41:F5:FD:7C:DA:A0:83:9A:6E:D4:BB:F8:4C:C5:6B:EF:72:97
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/y51B9f182qCDmm7Uu_hMxWvvcpc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.226.57.0/24
91.226.59.0/24
109.122.44.0/24
193.93.52.0/24
Signature Algorithm: sha256WithRSAEncryption
15:04:ee:71:bb:a5:69:ac:33:cc:13:c2:e9:f9:17:2c:19:c6:
e8:a0:c3:bd:05:29:c3:35:e3:e3:f7:fe:eb:dd:29:ec:4f:5a:
1a:30:ee:3e:15:9f:a7:f9:ad:f5:1a:f2:ab:d3:7b:9c:10:55:
39:57:e2:d0:09:94:87:2e:27:7a:49:d5:91:e8:40:93:c8:1c:
0f:c9:03:5a:03:49:0b:5d:67:a5:77:b2:2a:70:fa:96:dd:e3:
73:fc:fb:c3:30:3b:e8:d2:b0:d6:5e:bb:c8:24:ce:4d:5e:30:
a8:9c:ac:52:0c:59:7b:a3:c0:3c:91:46:fb:be:c3:ed:c3:63:
c2:cb:d4:e4:cb:4e:12:ac:87:e5:15:1b:cb:d4:68:42:7a:af:
bc:75:75:33:de:74:9f:c5:d6:3b:6e:25:c7:88:c1:3a:36:8b:
4b:cb:fa:88:be:6b:56:d4:b9:c6:b7:e6:d6:8e:e3:0c:e8:26:
a7:8d:63:2d:7a:1d:33:1a:f8:ef:89:e6:9e:41:cb:58:e0:86:
a3:fc:d6:2c:94:f2:3d:03:12:1c:76:53:9f:d2:b0:a5:fb:7f:
25:ed:dd:7c:77:27:60:81:f8:74:46:8f:ae:52:cf:9b:c1:45:
75:7e:b1:c9:cc:df:25:a6:57:64:f5:b1:de:9c:4a:55:68:f9:
b5:8e:0a:b5
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVu1N+vuIgORkM9C0jIMXADMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjMwMTAxMTkzNTIyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjlkNDFmNWZkN2NkYWEwODM5YTZlZDRiYmY4NGNjNTZiZWY3Mjk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzldg5PMvfn4sMqR0nyYbznw+XCNQ
4bNAtOPJtAKtJelrZbf1ureG0me7uGgjnsVVQs0hviFjcLEIJzrWF6wrgwBiu89i
uT2hs3/DT0vBv2duqIUXrOxUOrN/BDxGZFJje9xF//zQjkpvKXTpVfN8eJFsMXHE
6OAPcd25L5uoYS8uAtwHMq/Jz1p/S3O/EoL6KpJw/Smm6B/Pc08+RuALLXvLrnJi
b0WxKkUGEhkqWKRaPdZedeR5/ZDymBahVE6udCpICChg+de7P8R5c8TlAl0FmSQQ
Kt5JGslD3lXCjk4myMjdTvhXxoyQ9/2XEss7KrG2w7k2i5wiu9VjKO2a0wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFMudQfX9fNqgg5pu1Lv4TMVr73KXMB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEveTUxQjlmMTgycUNEbW03VXVfaE14V3Z2Y3BjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAW+I5AwQA
W+I7AwQAbXosAwQAwV00MA0GCSqGSIb3DQEBCwUAA4IBAQAVBO5xu6VprDPME8Lp
+RcsGcbooMO9BSnDNePj9/7r3SnsT1oaMO4+FZ+n+a31GvKr03ucEFU5V+LQCZSH
Lid6SdWR6ECTyBwPyQNaA0kLXWeld7IqcPqW3eNz/PvDMDvo0rDWXrvIJM5NXjCo
nKxSDFl7o8A8kUb7vsPtw2PCy9Tky04SrIflFRvL1GhCeq+8dXUz3nSfxdY7biXH
iME6NotLy/qIvmtW1LnGt+bWjuMM6CanjWMteh0zGvjvieaeQctY4Iaj/NYslPI9
AxIcdlOf0rCl+38l7d18dydggfh0Ro+uUs+bwUV1frHJzN8lpldk9bHenEpVaPm1
jgq1
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:07 2024 by rpki-client on console-ams.rpki-client.org