Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/yzz3fvl4hGffmeBYEJPikNLxYZ0.roa
File: yzz3fvl4hGffmeBYEJPikNLxYZ0.roa (raw, json)
Hash identifier: gnglcys610Ndxd7F3aG8XF/m5NP/IT1lbikMG9zHXao=
Subject key identifier: CB:3C:F7:7E:F9:78:84:67:DF:99:E0:58:10:93:E2:90:D2:F1:61:9D
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 018935D21A0FDC914FAC288335A02509386B
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/yzz3fvl4hGffmeBYEJPikNLxYZ0.roa
Signing time: Sat 08 Jul 2023 14:05:08 +0000
ROA not before: Sat 08 Jul 2023 14:05:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 91.200.222.0/24 maxlen: 24
109.122.46.0/24 maxlen: 24
91.226.56.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 09 Jul 2023 04:39:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:35:d2:1a:0f:dc:91:4f:ac:28:83:35:a0:25:09:38:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Jul 8 14:05:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cb3cf77ef9788467df99e0581093e290d2f1619d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:42:87:02:3d:d5:da:2a:ab:98:77:8a:01:7b:
95:5f:42:cd:7e:52:8e:f1:2c:1c:28:6f:a8:9a:d8:
71:61:2d:95:12:3b:f3:60:92:46:d6:4d:48:94:05:
13:6c:22:b3:c1:6b:cc:28:0e:d5:26:7b:57:1b:1a:
4e:79:6d:d8:57:94:44:d6:f0:3e:20:76:b3:5d:d4:
95:71:28:7a:48:53:26:e2:d8:76:8f:de:63:d1:df:
91:0d:2f:1f:31:fb:ad:50:46:11:68:03:d8:54:ff:
2e:0a:7f:e4:b7:1f:19:ec:98:7e:0f:d7:2e:eb:c8:
27:1e:bf:2f:8f:bf:3a:ea:ab:0e:cd:22:9f:bf:59:
c5:05:7e:83:3e:74:95:5e:65:dc:31:10:7f:f8:10:
ba:ae:6c:77:f1:9b:0b:b0:b6:d9:6e:51:40:23:f3:
46:74:e4:88:fa:42:ee:37:77:a8:c8:07:d2:c3:79:
73:d1:d5:21:96:70:0e:95:66:b7:35:18:02:43:98:
77:28:3e:62:2f:7a:25:0c:b1:dc:a3:62:71:e8:1d:
22:1f:cb:5f:86:ed:6a:00:05:84:cd:c6:2a:0f:94:
ce:f6:ea:d1:b6:8c:25:95:32:62:d6:39:6c:af:53:
ec:3e:0d:26:00:31:22:61:90:d5:44:3d:92:ae:37:
5f:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:3C:F7:7E:F9:78:84:67:DF:99:E0:58:10:93:E2:90:D2:F1:61:9D
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/yzz3fvl4hGffmeBYEJPikNLxYZ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.200.222.0/24
91.226.56.0/24
109.122.46.0/24
Signature Algorithm: sha256WithRSAEncryption
45:c6:df:0a:aa:71:ea:06:cd:f2:e7:30:7e:5c:a1:a3:c9:72:
a5:c0:78:ca:3b:95:3d:85:19:ec:05:fd:aa:b7:10:35:04:5b:
1f:e2:25:6c:72:82:e1:34:8c:4a:1e:d0:03:98:98:c6:6b:ca:
13:87:e3:eb:d8:80:15:e8:63:a1:a2:67:8b:27:4a:64:02:f0:
9d:17:64:58:72:07:c1:e7:7e:b7:18:17:61:61:3f:9e:04:46:
c9:a8:5b:38:b4:77:5f:71:df:9b:55:5c:ed:89:8e:6a:c3:c1:
4b:84:2a:56:67:52:0d:16:f3:e5:c9:53:a5:71:7f:06:f8:2f:
f9:21:1a:ca:15:fe:8d:38:b0:2f:30:0c:9c:d8:85:92:c6:3e:
18:d6:b5:df:2e:c8:ba:ae:5e:d8:38:6e:d7:8c:25:9d:cd:73:
e9:14:91:e5:e1:3f:4a:2a:9e:ea:bb:b3:97:c6:ca:10:5f:d6:
24:6b:13:73:8d:07:f6:73:e9:6b:d1:72:a5:06:17:b4:85:9a:
8b:af:7e:53:e1:f3:ad:ab:a7:53:e3:3a:f9:11:cb:54:d9:e0:
37:79:20:1e:f5:51:b8:77:ec:33:a9:6b:4b:d7:df:7c:ad:22:
ba:59:8a:0e:71:20:e5:07:a7:eb:0a:bb:98:7f:49:33:e6:e4:
5f:bf:81:30
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYk10hoP3JFPrCiDNaAlCThrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjMwNzA4MTQwNTA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjNjZjc3ZWY5Nzg4NDY3ZGY5OWUwNTgxMDkzZTI5MGQyZjE2MTlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkUKHAj3V2iqrmHeKAXuVX0LNflKO
8SwcKG+omthxYS2VEjvzYJJG1k1IlAUTbCKzwWvMKA7VJntXGxpOeW3YV5RE1vA+
IHazXdSVcSh6SFMm4th2j95j0d+RDS8fMfutUEYRaAPYVP8uCn/ktx8Z7Jh+D9cu
68gnHr8vj7866qsOzSKfv1nFBX6DPnSVXmXcMRB/+BC6rmx38ZsLsLbZblFAI/NG
dOSI+kLuN3eoyAfSw3lz0dUhlnAOlWa3NRgCQ5h3KD5iL3olDLHco2Jx6B0iH8tf
hu1qAAWEzcYqD5TO9urRtowllTJi1jlsr1PsPg0mADEiYZDVRD2SrjdfIQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMs89375eIRn35ngWBCT4pDS8WGdMB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEveXp6M2Z2bDRoR2ZmbWVCWUVKUGlrTkx4WVowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAW8jeAwQA
W+I4AwQAbXouMA0GCSqGSIb3DQEBCwUAA4IBAQBFxt8KqnHqBs3y5zB+XKGjyXKl
wHjKO5U9hRnsBf2qtxA1BFsf4iVscoLhNIxKHtADmJjGa8oTh+Pr2IAV6GOhomeL
J0pkAvCdF2RYcgfB5363GBdhYT+eBEbJqFs4tHdfcd+bVVztiY5qw8FLhCpWZ1IN
FvPlyVOlcX8G+C/5IRrKFf6NOLAvMAyc2IWSxj4Y1rXfLsi6rl7YOG7XjCWdzXPp
FJHl4T9KKp7qu7OXxsoQX9YkaxNzjQf2c+lr0XKlBhe0hZqLr35T4fOtq6dT4zr5
EctU2eA3eSAe9VG4d+wzqWtL1998rSK6WYoOcSDlB6frCruYf0kz5uRfv4Ew
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:37 2024 by rpki-client on console-fra.rpki-client.org