Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/CUN7awJEs83MzzSqDAFUZ1msg-w.roa
File: CUN7awJEs83MzzSqDAFUZ1msg-w.roa (raw, json)
Hash identifier: VdwvaEKOQzwHAm8cK7xo+ytVcfMyLnK/EF/U2bWvIlg=
Subject key identifier: 09:43:7B:6B:02:44:B3:CD:CC:CF:34:AA:0C:01:54:67:59:AC:83:EC
Certificate issuer: /CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Certificate serial: 01900131040E3160BECF0959095492653FE8
Authority key identifier: DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/CUN7awJEs83MzzSqDAFUZ1msg-w.roa
Signing time: Mon 10 Jun 2024 08:08:27 +0000
ROA not before: Mon 10 Jun 2024 08:08:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205334
IP address blocks: 109.167.114.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 09:49:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:01:31:04:0e:31:60:be:cf:09:59:09:54:92:65:3f:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Validity
Not Before: Jun 10 08:08:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=09437b6b0244b3cdcccf34aa0c01546759ac83ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:4e:0b:42:5b:0f:b5:46:d1:b2:7e:bd:c7:8c:
7d:8e:a9:40:a1:54:f0:b1:f0:1f:10:85:7f:d5:9d:
24:29:d2:f5:30:49:59:a4:ef:42:eb:b2:6c:e2:05:
bc:a6:ec:63:de:de:d2:5c:ce:b6:7e:29:55:ba:63:
2f:01:91:5a:11:6d:b5:ff:6b:a4:ef:51:99:a6:5f:
3d:37:1a:81:59:8c:e2:04:a8:d7:4c:1f:bd:05:b4:
d8:4e:e3:5e:e2:e0:96:81:67:f7:69:e8:ca:12:3e:
89:2c:f9:47:b7:14:23:01:94:29:3b:00:e1:84:ad:
5b:cb:10:dc:b3:69:7c:8f:9b:65:d5:2e:1f:27:24:
60:03:bc:56:78:7d:eb:d9:1f:38:f2:92:00:6d:f1:
bb:ca:c6:fb:0c:59:e9:5a:14:82:ca:a4:69:12:ed:
90:b0:ce:07:32:6f:cc:2c:17:31:43:01:55:1d:11:
38:9c:1f:35:30:ba:40:1d:54:a0:ad:1e:84:dc:99:
c7:4a:72:14:b6:9b:5d:33:f4:2e:4e:b1:3a:c5:56:
68:c1:f2:91:64:b9:b7:85:96:e9:bd:93:22:97:5f:
78:b9:60:d4:2c:f8:90:9f:00:28:09:92:40:44:a0:
f5:ee:2a:ef:6c:c4:b5:9a:cf:e5:0a:ca:bc:ad:6d:
26:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:43:7B:6B:02:44:B3:CD:CC:CF:34:AA:0C:01:54:67:59:AC:83:EC
X509v3 Authority Key Identifier:
keyid:DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/CUN7awJEs83MzzSqDAFUZ1msg-w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.167.114.0/24
Signature Algorithm: sha256WithRSAEncryption
cf:78:b2:4e:6a:c1:84:cf:60:41:57:dc:da:fa:15:61:ae:a1:
c9:a2:dc:60:aa:d2:42:a6:6e:79:96:f0:e9:7d:02:72:ff:cb:
bd:d5:5b:c0:d1:d2:01:ea:50:7f:e2:bb:be:ed:20:22:be:bf:
bd:24:56:88:fe:7b:88:3d:25:48:5f:a5:47:dc:fa:95:39:1f:
99:fb:81:bf:29:62:09:6d:39:30:4b:9b:09:bb:3d:da:eb:82:
73:eb:85:95:27:0b:30:af:18:01:82:ac:0b:f6:f0:b0:63:26:
0e:47:3e:dd:68:d1:49:56:bc:73:1d:19:1f:be:05:b6:61:a5:
53:4e:11:ec:1f:15:e3:12:36:9e:db:cb:00:2c:9b:15:e7:93:
45:5f:d1:ba:2b:38:6d:e9:b0:61:aa:dc:18:8e:d2:6f:31:db:
61:fb:8f:06:fc:9f:ca:70:5a:a4:44:99:86:68:97:d9:cd:52:
4c:5f:6e:e3:8a:06:a0:99:c2:ae:eb:3e:f3:63:bb:91:f8:8d:
55:18:15:6b:d7:45:c9:95:84:04:7e:e8:76:dc:c1:d7:b5:2f:
4a:3e:c1:92:31:0a:fc:f0:4a:d9:a7:ff:db:7e:0c:d7:9d:11:
52:d2:d1:26:6d:b7:e9:18:0e:e7:0e:59:85:c3:b8:36:25:f2:
8e:9b:02:aa
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZABMQQOMWC+zwlZCVSSZT/oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhYWYxN2IwMDE1ZGJiN2NkOTkyZjI2Y2RmZjAxYzRlMjYy
MGI3M2UwHhcNMjQwNjEwMDgwODI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTQzN2I2YjAyNDRiM2NkY2NjZjM0YWEwYzAxNTQ2NzU5YWM4M2VjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9E4LQlsPtUbRsn69x4x9jqlAoVTw
sfAfEIV/1Z0kKdL1MElZpO9C67Js4gW8puxj3t7SXM62filVumMvAZFaEW21/2uk
71GZpl89NxqBWYziBKjXTB+9BbTYTuNe4uCWgWf3aejKEj6JLPlHtxQjAZQpOwDh
hK1byxDcs2l8j5tl1S4fJyRgA7xWeH3r2R848pIAbfG7ysb7DFnpWhSCyqRpEu2Q
sM4HMm/MLBcxQwFVHRE4nB81MLpAHVSgrR6E3JnHSnIUtptdM/QuTrE6xVZowfKR
ZLm3hZbpvZMil194uWDULPiQnwAoCZJARKD17irvbMS1ms/lCsq8rW0m0QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAlDe2sCRLPNzM80qgwBVGdZrIPsMB8GA1UdIwQY
MBaAFNqvF7ABXbt82ZLybN/wHE4mILc+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAt
Y2YwNmQxOTgzYmExLzEvQ1VON2F3SkVzODNNenpTcURBRlVaMW1zZy13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAtY2YwNmQxOTgzYmEx
LzEvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbadyMA0G
CSqGSIb3DQEBCwUAA4IBAQDPeLJOasGEz2BBV9za+hVhrqHJotxgqtJCpm55lvDp
fQJy/8u91VvA0dIB6lB/4ru+7SAivr+9JFaI/nuIPSVIX6VH3PqVOR+Z+4G/KWIJ
bTkwS5sJuz3a64Jz64WVJwswrxgBgqwL9vCwYyYORz7daNFJVrxzHRkfvgW2YaVT
ThHsHxXjEjae28sALJsV55NFX9G6Kzht6bBhqtwYjtJvMdth+48G/J/KcFqkRJmG
aJfZzVJMX27jigagmcKu6z7zY7uR+I1VGBVr10XJlYQEfuh23MHXtS9KPsGSMQr8
8ErZp//bfgzXnRFS0tEmbbfpGA7nDlmFw7g2JfKOmwKq
-----END CERTIFICATE-----
Generated at Sat Apr 19 14:15:18 2025 by rpki-client