Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/zXjJDLxus1a6yI--sLxqalllnBM.roa
File: zXjJDLxus1a6yI--sLxqalllnBM.roa (raw, json)
Hash identifier: 6/joB31m36r8v5N8C5j+QfsRcx8gS72YAUakeijc1GE=
Subject key identifier: CD:78:C9:0C:BC:6E:B3:56:BA:C8:8F:BE:B0:BC:6A:6A:59:65:9C:13
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 018F30FDC4C86D57D92E2A272B904CCAB29A
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/zXjJDLxus1a6yI--sLxqalllnBM.roa
Signing time: Tue 30 Apr 2024 21:51:28 +0000
ROA not before: Tue 30 Apr 2024 21:51:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 91.200.222.0/24 maxlen: 24
109.122.46.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 05 May 2024 01:13:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:30:fd:c4:c8:6d:57:d9:2e:2a:27:2b:90:4c:ca:b2:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Apr 30 21:51:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cd78c90cbc6eb356bac88fbeb0bc6a6a59659c13
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:ec:cb:ca:ce:4e:69:9e:aa:e3:ac:d3:4e:e0:
89:15:3e:42:d5:cd:26:75:46:ca:3c:d7:27:f0:9c:
f6:56:d7:37:bc:f1:b3:37:8f:e1:0d:c4:84:27:97:
c7:14:16:ea:9c:c1:c1:38:fe:74:f3:c7:aa:78:8f:
30:95:b9:68:a2:f5:8f:83:e6:d3:e0:ab:9d:ef:4c:
b5:1c:ce:87:4b:f6:e0:d9:50:3a:29:ee:94:a5:af:
ae:0b:15:28:34:01:f2:1d:97:ea:99:01:33:58:53:
44:f3:8f:be:41:91:9d:b4:07:4d:5a:c8:1d:fb:7d:
a2:c7:86:55:3d:56:c5:55:c4:92:35:ea:a4:1b:72:
c0:41:63:0d:07:92:ef:d3:fe:a5:26:8b:11:80:f3:
81:63:68:32:4a:f9:a1:e3:c8:d8:95:03:06:69:db:
99:cb:2a:eb:f4:05:41:84:f7:63:7e:24:07:e8:59:
2f:69:81:e8:56:b3:90:74:5f:42:5e:ec:dd:ab:12:
a1:77:de:45:98:20:85:11:96:25:ca:9f:46:c5:e3:
8c:0f:1a:3a:89:fa:4f:be:59:ee:4d:19:80:4a:62:
cd:69:c6:84:e3:fe:a1:44:10:4a:ed:dc:c6:4f:1d:
92:e4:3e:c1:72:34:35:5c:24:99:9c:95:56:1c:8b:
33:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:78:C9:0C:BC:6E:B3:56:BA:C8:8F:BE:B0:BC:6A:6A:59:65:9C:13
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/zXjJDLxus1a6yI--sLxqalllnBM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.200.222.0/24
109.122.46.0/24
Signature Algorithm: sha256WithRSAEncryption
1b:e3:44:93:87:01:b3:a7:56:6e:17:a6:6c:31:2e:ac:4a:1c:
d2:21:e5:63:4e:09:55:69:eb:2a:37:7e:26:66:56:48:72:61:
81:26:64:8c:e2:19:dc:3d:5e:e2:6f:39:97:79:1c:2c:72:3c:
a9:ce:8a:36:0c:4b:12:92:27:e5:44:c8:09:95:43:b4:72:ff:
d2:b1:aa:72:b9:37:22:0c:c7:dc:42:65:91:3d:3e:d5:c8:f3:
bb:41:26:f5:5b:67:75:37:ec:9e:19:5b:f8:d2:54:75:3e:df:
c0:96:fd:42:27:9a:19:25:72:29:96:41:74:a9:da:98:b7:c6:
c6:f4:a4:68:6d:bc:d2:6b:51:9c:9d:64:94:f3:0b:63:2a:6b:
b3:8d:a1:f0:7a:4c:d9:15:0e:6a:c8:d1:54:91:b4:34:2c:95:
87:28:64:0c:04:74:2c:02:48:c2:2c:9f:49:b7:6a:05:8c:2c:
7a:c4:1c:ec:30:ca:d9:a3:e5:4b:f4:eb:20:e8:3c:90:d5:22:
e3:28:f2:3d:23:a8:08:3d:db:ba:e4:8b:7e:b5:be:76:f3:88:
df:6d:6b:75:8f:7f:9c:bc:10:7a:d4:b2:57:37:4a:42:df:66:
60:08:9c:f2:e5:96:5e:64:21:5b:c2:04:1c:19:31:84:03:64:
ba:81:72:58
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY8w/cTIbVfZLionK5BMyrKaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjQwNDMwMjE1MTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDc4YzkwY2JjNmViMzU2YmFjODhmYmViMGJjNmE2YTU5NjU5YzEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxOzLys5OaZ6q46zTTuCJFT5C1c0m
dUbKPNcn8Jz2Vtc3vPGzN4/hDcSEJ5fHFBbqnMHBOP5088eqeI8wlbloovWPg+bT
4Kud70y1HM6HS/bg2VA6Ke6Upa+uCxUoNAHyHZfqmQEzWFNE84++QZGdtAdNWsgd
+32ix4ZVPVbFVcSSNeqkG3LAQWMNB5Lv0/6lJosRgPOBY2gySvmh48jYlQMGaduZ
yyrr9AVBhPdjfiQH6FkvaYHoVrOQdF9CXuzdqxKhd95FmCCFEZYlyp9GxeOMDxo6
ifpPvlnuTRmASmLNacaE4/6hRBBK7dzGTx2S5D7BcjQ1XCSZnJVWHIszhQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFM14yQy8brNWusiPvrC8ampZZZwTMB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvelhqSkRMeHVzMWE2eUktLXNMeHFhbGxsbkJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW8jeAwQA
bXouMA0GCSqGSIb3DQEBCwUAA4IBAQAb40SThwGzp1ZuF6ZsMS6sShzSIeVjTglV
aesqN34mZlZIcmGBJmSM4hncPV7ibzmXeRwscjypzoo2DEsSkiflRMgJlUO0cv/S
sapyuTciDMfcQmWRPT7VyPO7QSb1W2d1N+yeGVv40lR1Pt/Alv1CJ5oZJXIplkF0
qdqYt8bG9KRobbzSa1GcnWSU8wtjKmuzjaHwekzZFQ5qyNFUkbQ0LJWHKGQMBHQs
AkjCLJ9Jt2oFjCx6xBzsMMrZo+VL9Osg6DyQ1SLjKPI9I6gIPdu65It+tb5284jf
bWt1j3+cvBB61LJXN0pC32ZgCJzy5ZZeZCFbwgQcGTGEA2S6gXJY
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:37 2024 by rpki-client on console-fra.rpki-client.org