Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/db9bf1-e019-45a4-8663-a6ca454db2d7/1/pFj-aNtVSzPYQ0RO6vjCRJpFzHA.roa
File: pFj-aNtVSzPYQ0RO6vjCRJpFzHA.roa (raw, json)
Hash identifier: kduBj0ZMONmmnJi/wxC9dH6NY2SEglt0JtnRsbCmLZs=
Subject key identifier: A4:58:FE:68:DB:55:4B:33:D8:43:44:4E:EA:F8:C2:44:9A:45:CC:70
Certificate issuer: /CN=6363bb65895f3a54a4b324a10c79ac98efe2a1ca
Certificate serial: 01877558866FA97BD8A67854721EBD4D222E
Authority key identifier: 63:63:BB:65:89:5F:3A:54:A4:B3:24:A1:0C:79:AC:98:EF:E2:A1:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y2O7ZYlfOlSksyShDHmsmO_ioco.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/db9bf1-e019-45a4-8663-a6ca454db2d7/1/pFj-aNtVSzPYQ0RO6vjCRJpFzHA.roa
Signing time: Wed 12 Apr 2023 12:02:28 +0000
ROA not before: Wed 12 Apr 2023 12:02:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200017
IP address blocks: 109.107.132.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:29:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:75:58:86:6f:a9:7b:d8:a6:78:54:72:1e:bd:4d:22:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6363bb65895f3a54a4b324a10c79ac98efe2a1ca
Validity
Not Before: Apr 12 12:02:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a458fe68db554b33d843444eeaf8c2449a45cc70
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:39:80:80:a9:7d:bf:67:dc:af:ba:63:1e:be:
8a:af:33:b7:f3:7e:76:46:3a:65:7f:e1:eb:01:a5:
05:79:48:23:e9:08:bc:0a:f5:16:20:08:81:a9:56:
ee:fc:7e:88:b0:0a:2e:62:3f:17:02:70:8c:bc:67:
29:27:ea:4f:48:48:9f:4e:f1:37:75:c6:f0:41:1a:
e4:5b:fe:f4:63:be:44:ea:40:c1:ae:ea:a4:25:77:
eb:98:80:c2:b8:a8:f2:31:e9:78:31:89:82:b3:cb:
86:4d:db:18:6b:27:46:fe:c3:e0:46:e8:ae:d5:4e:
a3:22:ba:6e:4b:7d:c3:cf:eb:2f:9b:e3:a2:80:dd:
08:90:dd:51:fa:f3:dd:cf:b0:61:df:90:06:33:00:
0a:d9:3e:ac:a6:48:b4:45:f7:f5:39:f8:90:3c:7c:
df:36:2e:e7:d3:ae:d9:02:4e:6d:eb:a7:10:7a:f2:
87:07:38:26:b4:b6:66:5c:ac:f6:05:52:1a:03:37:
b1:82:b0:1a:3d:cc:3a:81:a7:ae:13:a5:0c:71:0c:
6d:a0:6a:63:fd:bd:d0:b5:07:89:3c:70:9d:18:10:
03:b5:af:fa:a6:7e:d4:51:55:d0:ec:06:94:c3:3c:
e1:59:92:b0:e7:5a:a7:b3:d9:1e:f7:97:10:cd:bb:
28:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:58:FE:68:DB:55:4B:33:D8:43:44:4E:EA:F8:C2:44:9A:45:CC:70
X509v3 Authority Key Identifier:
keyid:63:63:BB:65:89:5F:3A:54:A4:B3:24:A1:0C:79:AC:98:EF:E2:A1:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y2O7ZYlfOlSksyShDHmsmO_ioco.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/db9bf1-e019-45a4-8663-a6ca454db2d7/1/pFj-aNtVSzPYQ0RO6vjCRJpFzHA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/db9bf1-e019-45a4-8663-a6ca454db2d7/1/Y2O7ZYlfOlSksyShDHmsmO_ioco.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.107.132.0/24
Signature Algorithm: sha256WithRSAEncryption
6d:f0:5d:68:af:93:36:3d:2c:4d:9b:5e:f8:8a:35:d7:a1:96:
c0:fa:0f:5d:67:60:57:4c:99:6d:19:c5:a1:d6:92:33:71:0f:
75:e8:8d:f6:27:79:26:00:dc:c3:40:80:88:81:d5:4e:ba:6a:
b0:43:49:e3:36:63:04:96:a3:17:3b:72:30:cc:ac:00:ca:15:
d7:7f:bc:b5:6d:30:9d:35:c9:9c:86:50:7b:f4:f6:b6:18:0d:
06:b3:88:97:cb:28:8c:d1:97:82:ad:b2:df:21:8a:75:e4:c7:
6b:bc:49:3b:63:1e:ec:b6:b1:27:cd:23:fc:49:1c:38:80:47:
0f:48:90:24:f3:7b:23:5e:0b:59:54:6d:e5:44:2c:ee:49:d2:
c1:ef:19:2a:de:7f:63:2f:c9:95:28:9f:d6:6d:e0:66:d6:8c:
34:cd:be:c2:a3:f3:aa:1f:2e:2b:55:68:f0:9d:70:2e:1d:4b:
ce:8e:b2:6a:29:43:a7:ec:55:1f:b0:f9:4f:f2:9e:b8:85:0f:
6e:03:2d:6f:4d:1b:92:5d:28:aa:81:52:93:f3:36:c1:77:f6:
90:9b:b6:37:d0:4c:14:4c:42:6f:0c:c2:65:62:5b:71:52:c6:
b4:ae:26:e0:d6:4a:14:0d:74:5d:7c:02:7e:0f:65:22:d8:a9:
d7:93:3e:57
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYd1WIZvqXvYpnhUch69TSIuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzNjNiYjY1ODk1ZjNhNTRhNGIzMjRhMTBjNzlhYzk4ZWZl
MmExY2EwHhcNMjMwNDEyMTIwMjI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDU4ZmU2OGRiNTU0YjMzZDg0MzQ0NGVlYWY4YzI0NDlhNDVjYzcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsTmAgKl9v2fcr7pjHr6KrzO38352
Rjplf+HrAaUFeUgj6Qi8CvUWIAiBqVbu/H6IsAouYj8XAnCMvGcpJ+pPSEifTvE3
dcbwQRrkW/70Y75E6kDBruqkJXfrmIDCuKjyMel4MYmCs8uGTdsYaydG/sPgRuiu
1U6jIrpuS33Dz+svm+OigN0IkN1R+vPdz7Bh35AGMwAK2T6spki0Rff1OfiQPHzf
Ni7n067ZAk5t66cQevKHBzgmtLZmXKz2BVIaAzexgrAaPcw6gaeuE6UMcQxtoGpj
/b3QtQeJPHCdGBADta/6pn7UUVXQ7AaUwzzhWZKw51qns9ke95cQzbsoPwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKRY/mjbVUsz2ENETur4wkSaRcxwMB8GA1UdIwQY
MBaAFGNju2WJXzpUpLMkoQx5rJjv4qHKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWTJPN1pZbGZPbFNrc3lTaERIbXNtT19pb2NvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9kYjliZjEtZTAxOS00NWE0LTg2NjMt
YTZjYTQ1NGRiMmQ3LzEvcEZqLWFOdFZTelBZUTBSTzZ2akNSSnBGekhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9kYjliZjEtZTAxOS00NWE0LTg2NjMtYTZjYTQ1NGRiMmQ3
LzEvWTJPN1pZbGZPbFNrc3lTaERIbXNtT19pb2NvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbWuEMA0G
CSqGSIb3DQEBCwUAA4IBAQBt8F1or5M2PSxNm174ijXXoZbA+g9dZ2BXTJltGcWh
1pIzcQ916I32J3kmANzDQICIgdVOumqwQ0njNmMElqMXO3IwzKwAyhXXf7y1bTCd
NcmchlB79Pa2GA0Gs4iXyyiM0ZeCrbLfIYp15MdrvEk7Yx7strEnzSP8SRw4gEcP
SJAk83sjXgtZVG3lRCzuSdLB7xkq3n9jL8mVKJ/WbeBm1ow0zb7Co/OqHy4rVWjw
nXAuHUvOjrJqKUOn7FUfsPlP8p64hQ9uAy1vTRuSXSiqgVKT8zbBd/aQm7Y30EwU
TEJvDMJlYltxUsa0ribg1koUDXRdfAJ+D2Ui2KnXkz5X
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:45 2024 by rpki-client on console-fra.rpki-client.org