Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/7wNgkpteCzL6Zg5H5V-3BBmufo4.roa
File: 7wNgkpteCzL6Zg5H5V-3BBmufo4.roa (raw, json)
Hash identifier: mvPCxaLQ0zQ4gVDNVBfsCrV2HS42i+u5ps+WO0SlofI=
Subject key identifier: EF:03:60:92:9B:5E:0B:32:FA:66:0E:47:E5:5F:B7:04:19:AE:7E:8E
Certificate issuer: /CN=359f0f5ff620e0db5311f64736909973ac60f6f3
Certificate serial: 018570B97EC8CC9768529D2AA9698071CBB8
Authority key identifier: 35:9F:0F:5F:F6:20:E0:DB:53:11:F6:47:36:90:99:73:AC:60:F6:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/7wNgkpteCzL6Zg5H5V-3BBmufo4.roa
Signing time: Mon 02 Jan 2023 04:24:42 +0000
ROA not before: Mon 02 Jan 2023 04:24:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200059
IP address blocks: 109.235.0.0/21 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:29:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:b9:7e:c8:cc:97:68:52:9d:2a:a9:69:80:71:cb:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=359f0f5ff620e0db5311f64736909973ac60f6f3
Validity
Not Before: Jan 2 04:24:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ef0360929b5e0b32fa660e47e55fb70419ae7e8e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:c0:2e:a1:c4:9f:86:55:4f:b5:ab:48:55:3a:
87:e9:9a:4a:5a:ac:59:e5:aa:96:4e:b0:51:84:03:
60:6f:84:25:1c:c5:f0:e6:f2:14:e6:70:67:18:1a:
25:79:1d:50:d8:66:00:f5:18:38:92:b4:e7:e1:45:
5b:aa:97:53:7b:19:c8:d9:40:a9:db:6c:ea:bd:17:
df:8d:fc:b0:8e:7d:c6:13:71:0a:d4:80:da:13:70:
e1:1b:c1:27:1f:d8:62:43:39:dc:78:b6:5b:00:f8:
0b:83:da:70:1c:39:80:4a:00:92:f5:78:1a:92:2a:
8f:9d:d7:b4:fd:c6:01:c7:61:51:96:7c:12:cb:3a:
97:ba:10:07:85:6c:5a:c0:ce:5c:52:52:8a:7b:5e:
3b:50:91:63:cc:99:2c:c6:f9:c0:a7:4c:fd:2b:98:
51:87:6a:90:d2:a3:23:09:8d:22:af:5b:a0:b6:13:
9d:08:bf:d1:43:91:7d:9c:4a:7e:65:67:9c:c7:01:
26:09:ad:96:2a:da:8b:e3:ca:75:e8:c2:b2:45:ae:
30:ef:98:77:ce:91:57:8d:c2:1d:4b:01:11:3b:fe:
ce:d7:8c:97:7b:28:f5:47:c7:e7:86:ec:42:89:13:
ca:8e:0a:dd:b0:7f:89:0e:d2:5c:34:c7:2c:dd:7c:
12:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:03:60:92:9B:5E:0B:32:FA:66:0E:47:E5:5F:B7:04:19:AE:7E:8E
X509v3 Authority Key Identifier:
keyid:35:9F:0F:5F:F6:20:E0:DB:53:11:F6:47:36:90:99:73:AC:60:F6:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/7wNgkpteCzL6Zg5H5V-3BBmufo4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.235.0.0/21
Signature Algorithm: sha256WithRSAEncryption
53:52:cb:ce:4e:ba:72:e9:b7:5c:62:e1:36:5d:79:6f:f2:7b:
a8:51:54:c6:59:36:44:4c:ba:1e:f7:f4:b0:e9:2c:e6:44:5c:
d8:23:fd:a0:b3:7c:bf:f2:4f:39:09:39:5b:a5:dd:52:bc:98:
f7:70:7a:75:e4:78:fd:8e:e1:75:44:3c:9f:f5:a0:60:76:03:
49:8f:76:1a:4b:67:d2:63:24:5e:5e:ac:17:44:8d:a9:26:00:
63:23:fa:08:5e:6e:b3:74:58:e7:3b:e4:5d:79:5a:a4:cd:43:
6d:7e:76:c6:8f:08:c2:71:ba:d0:94:fe:7d:b4:32:47:8d:71:
da:3c:c1:6a:37:c5:c9:5c:6d:fe:33:69:76:a8:8c:22:39:c1:
9c:9e:82:36:fb:dc:31:24:27:6a:aa:30:cf:04:8c:ad:96:00:
a8:1b:7b:7f:70:45:d0:7a:bc:d8:05:1f:b9:9d:c2:f1:e8:61:
28:c3:a2:2e:31:50:db:96:ee:7d:ac:c5:55:fb:ce:9b:bd:9b:
e5:3b:31:0d:5a:45:1e:bc:1d:36:82:27:21:de:8f:d1:4b:05:
13:7f:83:7a:86:56:42:c9:bc:93:0e:d0:3c:d4:e5:7b:df:df:
08:ec:5d:4f:a9:53:4e:b6:71:fe:10:6c:5e:51:51:79:55:9e:
36:dc:18:12
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwuX7IzJdoUp0qqWmAccu4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1OWYwZjVmZjYyMGUwZGI1MzExZjY0NzM2OTA5OTczYWM2
MGY2ZjMwHhcNMjMwMTAyMDQyNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZjAzNjA5MjliNWUwYjMyZmE2NjBlNDdlNTVmYjcwNDE5YWU3ZThlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxsAuocSfhlVPtatIVTqH6ZpKWqxZ
5aqWTrBRhANgb4QlHMXw5vIU5nBnGBoleR1Q2GYA9Rg4krTn4UVbqpdTexnI2UCp
22zqvRffjfywjn3GE3EK1IDaE3DhG8EnH9hiQznceLZbAPgLg9pwHDmASgCS9Xga
kiqPnde0/cYBx2FRlnwSyzqXuhAHhWxawM5cUlKKe147UJFjzJksxvnAp0z9K5hR
h2qQ0qMjCY0ir1ugthOdCL/RQ5F9nEp+ZWecxwEmCa2WKtqL48p16MKyRa4w75h3
zpFXjcIdSwERO/7O14yXeyj1R8fnhuxCiRPKjgrdsH+JDtJcNMcs3XwSCQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFO8DYJKbXgsy+mYOR+VftwQZrn6OMB8GA1UdIwQY
MBaAFDWfD1/2IODbUxH2RzaQmXOsYPbzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlo4UFhfWWc0TnRURWZaSE5wQ1pjNnhnOXZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS80MGQ5YTUtMjU2Ni00OWUxLWE1N2It
ZDFhYmY0ZWUzMmNiLzEvN3dOZ2twdGVDekw2Wmc1SDVWLTNCQm11Zm80LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS80MGQ5YTUtMjU2Ni00OWUxLWE1N2ItZDFhYmY0ZWUzMmNi
LzEvTlo4UFhfWWc0TnRURWZaSE5wQ1pjNnhnOXZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDbesAMA0G
CSqGSIb3DQEBCwUAA4IBAQBTUsvOTrpy6bdcYuE2XXlv8nuoUVTGWTZETLoe9/Sw
6SzmRFzYI/2gs3y/8k85CTlbpd1SvJj3cHp15Hj9juF1RDyf9aBgdgNJj3YaS2fS
YyReXqwXRI2pJgBjI/oIXm6zdFjnO+RdeVqkzUNtfnbGjwjCcbrQlP59tDJHjXHa
PMFqN8XJXG3+M2l2qIwiOcGcnoI2+9wxJCdqqjDPBIytlgCoG3t/cEXQerzYBR+5
ncLx6GEow6IuMVDblu59rMVV+86bvZvlOzENWkUevB02gich3o/RSwUTf4N6hlZC
ybyTDtA81OV7398I7F1PqVNOtnH+EGxeUVF5VZ423BgS
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:25:32 2024 by rpki-client on console-ams.rpki-client.org