Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/zYlHafS1IlRNAHVcUJwRE35iMv4.roa
File: zYlHafS1IlRNAHVcUJwRE35iMv4.roa (raw, json)
Hash identifier: cW+bHgjGeTMBC+Fk5bU3LWgiZ7F9svhCQ7pzt/k+o+c=
Subject key identifier: CD:89:47:69:F4:B5:22:54:4D:00:75:5C:50:9C:11:13:7E:62:32:FE
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 01928A705AE96A94CF3D7459D5CA56CAF053
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/zYlHafS1IlRNAHVcUJwRE35iMv4.roa
Signing time: Mon 14 Oct 2024 09:51:12 +0000
ROA not before: Mon 14 Oct 2024 09:51:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 109.122.46.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 20 Oct 2024 18:32:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:8a:70:5a:e9:6a:94:cf:3d:74:59:d5:ca:56:ca:f0:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Oct 14 09:51:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cd894769f4b522544d00755c509c11137e6232fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:09:a2:83:dd:49:8d:cd:3b:ff:99:a7:fb:f0:
a8:65:f1:66:34:89:9a:97:fd:ea:52:75:32:33:d9:
14:e0:65:75:b0:b9:51:d8:70:e6:e9:8d:87:ea:11:
d0:d9:79:fb:24:4a:6e:71:6f:7a:3a:fa:47:0b:65:
47:c8:a7:4d:f9:49:f4:dc:ba:b0:d6:d6:62:8e:1f:
22:34:e6:78:c5:5c:53:cf:51:86:8a:f3:e7:5b:98:
33:78:a2:6d:f1:d2:c3:35:e8:bd:cb:f1:fb:c0:61:
94:65:2f:0b:72:2d:64:1d:94:f8:43:9e:05:99:df:
cd:2e:d4:46:3b:9f:70:5b:f9:3e:14:a9:34:e2:45:
cb:c6:01:8d:e5:6e:08:42:59:63:be:df:2f:33:94:
d4:10:2f:45:7c:81:03:51:16:e3:c8:00:02:28:ee:
cf:67:91:73:41:0d:a9:2e:20:7c:98:38:9c:be:9c:
28:14:5b:45:ad:07:57:65:9d:04:8e:d6:e3:69:f1:
de:e8:b9:17:a2:cb:07:3b:97:3f:44:03:60:19:d5:
e3:96:0b:d1:19:e4:93:7e:f4:07:20:06:53:ae:a7:
97:a4:45:2a:6d:2e:fb:1d:4c:7c:57:63:a7:ef:4c:
f2:d1:7a:dc:29:0c:f8:ab:87:f5:3d:31:0c:dc:4a:
d5:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:89:47:69:F4:B5:22:54:4D:00:75:5C:50:9C:11:13:7E:62:32:FE
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/zYlHafS1IlRNAHVcUJwRE35iMv4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.122.46.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:7e:20:a7:fa:83:48:79:3e:4b:82:93:fb:98:56:4d:0e:01:
33:8e:7e:76:04:7f:68:4e:be:d5:3f:6f:1c:f8:d0:ea:00:93:
c6:27:1d:05:16:cf:5f:d8:a0:0d:df:66:9c:f7:4a:db:2d:25:
04:16:ca:2a:04:b7:ab:8f:12:7c:2b:12:ef:08:6a:d4:62:03:
cf:7a:56:d8:b7:f8:f0:fc:3b:92:e4:78:f3:e6:80:e4:bc:5a:
67:ee:c4:a1:df:d4:44:71:c2:9c:09:b2:d8:dd:de:ae:93:5b:
b6:c3:a8:dd:fd:f3:53:04:99:52:ce:bc:86:0d:58:eb:61:ca:
ac:c6:a6:d3:bb:4b:80:6d:6b:d9:ae:7c:20:1c:f9:e8:db:a5:
b9:25:07:40:5e:c2:0d:19:ea:d2:a0:43:86:20:f8:92:c9:0a:
d8:c8:c3:45:42:1b:ff:6f:b4:26:6d:3c:e8:37:dc:41:21:3f:
0d:2f:ae:fd:4c:10:f7:22:15:16:15:c9:1a:b5:3d:2f:35:fc:
cf:2a:b5:eb:57:82:51:3c:49:ea:c6:10:42:0b:fe:74:1e:87:
34:68:8d:b9:b5:4d:65:d8:b2:45:38:cc:b9:03:ac:04:ea:da:
b3:b2:b7:a0:b3:55:b6:06:02:03:f6:fc:30:fb:04:d2:4a:38:
a4:aa:47:42
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZKKcFrpapTPPXRZ1cpWyvBTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjQxMDE0MDk1MTEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDg5NDc2OWY0YjUyMjU0NGQwMDc1NWM1MDljMTExMzdlNjIzMmZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Amig91Jjc07/5mn+/CoZfFmNIma
l/3qUnUyM9kU4GV1sLlR2HDm6Y2H6hHQ2Xn7JEpucW96OvpHC2VHyKdN+Un03Lqw
1tZijh8iNOZ4xVxTz1GGivPnW5gzeKJt8dLDNei9y/H7wGGUZS8Lci1kHZT4Q54F
md/NLtRGO59wW/k+FKk04kXLxgGN5W4IQlljvt8vM5TUEC9FfIEDURbjyAACKO7P
Z5FzQQ2pLiB8mDicvpwoFFtFrQdXZZ0EjtbjafHe6LkXossHO5c/RANgGdXjlgvR
GeSTfvQHIAZTrqeXpEUqbS77HUx8V2On70zy0XrcKQz4q4f1PTEM3ErVGQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFM2JR2n0tSJUTQB1XFCcERN+YjL+MB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvellsSGFmUzFJbFJOQUhWY1VKd1JFMzVpTXY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbXouMA0G
CSqGSIb3DQEBCwUAA4IBAQA/fiCn+oNIeT5LgpP7mFZNDgEzjn52BH9oTr7VP28c
+NDqAJPGJx0FFs9f2KAN32ac90rbLSUEFsoqBLerjxJ8KxLvCGrUYgPPelbYt/jw
/DuS5Hjz5oDkvFpn7sSh39REccKcCbLY3d6uk1u2w6jd/fNTBJlSzryGDVjrYcqs
xqbTu0uAbWvZrnwgHPno26W5JQdAXsINGerSoEOGIPiSyQrYyMNFQhv/b7QmbTzo
N9xBIT8NL679TBD3IhUWFckatT0vNfzPKrXrV4JRPEnqxhBCC/50Hoc0aI25tU1l
2LJFOMy5A6wE6tqzsregs1W2BgID9vww+wTSSjikqkdC
-----END CERTIFICATE-----
Generated at Sun Oct 20 20:06:06 2024 by rpki-client on console-fra.rpki-client.org