Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/0JGliwhlOoLZwe4OnQl91KqnylA.roa
File: 0JGliwhlOoLZwe4OnQl91KqnylA.roa (raw, json)
Hash identifier: +fZmpZwqSkbGWOQS1LG94+IelH0ITrxVYiocUvEJLow=
Subject key identifier: D0:91:A5:8B:08:65:3A:82:D9:C1:EE:0E:9D:09:7D:D4:AA:A7:CA:50
Certificate issuer: /CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Certificate serial: 01900107D16D1E06C5B8282AC980DB29C9DD
Authority key identifier: D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/0JGliwhlOoLZwe4OnQl91KqnylA.roa
Signing time: Mon 10 Jun 2024 07:23:27 +0000
ROA not before: Mon 10 Jun 2024 07:23:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206092
IP address blocks: 192.109.205.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jul 2024 16:30:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:01:07:d1:6d:1e:06:c5:b8:28:2a:c9:80:db:29:c9:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Validity
Not Before: Jun 10 07:23:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d091a58b08653a82d9c1ee0e9d097dd4aaa7ca50
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:e5:66:78:df:9d:fe:f4:3f:ba:27:21:b3:04:
e5:b5:06:10:c1:c8:39:af:a3:10:47:1a:e0:b0:bd:
2e:db:46:0d:0c:f5:eb:0f:68:b4:fb:cc:9f:44:70:
00:f9:86:02:28:05:80:20:28:4a:d4:10:a8:75:f9:
26:06:4f:2e:e6:69:db:1e:b9:09:68:4f:d5:4d:41:
53:d3:b9:51:ae:cc:7b:9f:55:8a:21:1b:90:2d:c8:
a4:ec:0e:e0:7a:4f:bc:7b:98:8b:e2:4b:a9:70:5b:
86:22:ad:b0:0d:e6:31:45:68:b3:eb:19:6e:6b:bd:
44:5b:fb:0d:2f:28:0d:ce:cf:bc:0c:e8:1d:7d:9c:
d5:ae:24:e0:48:5d:7e:6b:f0:b7:2d:24:bb:6c:b1:
25:a4:9c:34:c7:98:6c:47:61:4a:8f:64:2c:4c:d7:
40:39:57:17:88:e4:2d:69:95:21:bd:36:d2:57:06:
09:c2:b1:ba:02:5a:9b:1f:c3:a2:5f:1d:36:dd:b6:
2c:87:b0:96:f1:36:ec:9b:9d:2c:31:8d:81:68:e0:
ab:7b:16:f1:27:56:81:1f:7e:34:97:54:a8:2c:73:
09:63:44:50:96:14:df:01:90:7e:1e:f4:6b:15:31:
23:7e:6d:f8:28:d1:d2:7a:42:a3:58:c4:2f:7f:c5:
87:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:91:A5:8B:08:65:3A:82:D9:C1:EE:0E:9D:09:7D:D4:AA:A7:CA:50
X509v3 Authority Key Identifier:
keyid:D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/0JGliwhlOoLZwe4OnQl91KqnylA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.109.205.0/24
Signature Algorithm: sha256WithRSAEncryption
85:04:2b:f2:3a:82:21:c6:f3:05:51:93:8a:bd:fb:21:55:a4:
05:a9:a4:64:d8:19:3f:c9:88:7e:eb:1e:d2:a6:7f:5a:27:52:
ff:fa:9e:c3:e4:d0:60:91:69:aa:19:23:5c:eb:5d:e0:2d:3d:
a5:7d:fc:e3:d9:62:75:62:69:0a:ab:fc:c1:a9:a9:f3:ed:17:
bf:b3:3a:a6:7f:e5:16:ec:dc:7b:e1:2b:70:77:33:d7:16:38:
54:b6:0d:39:b3:99:15:e9:04:bc:f9:74:90:98:7d:c8:51:d2:
82:dd:62:49:61:38:7d:4e:21:29:66:12:ef:1d:86:97:01:63:
d5:ae:3b:95:91:24:63:e5:17:15:85:8b:07:0f:a7:91:c7:08:
2b:9a:fe:a9:e3:22:6c:de:b7:ce:74:37:51:b2:b9:e4:05:a8:
26:f3:00:f3:8e:a7:f5:ee:ad:9c:54:b9:a1:07:73:7f:4f:8e:
0c:67:9c:35:81:af:b5:6a:96:c7:b9:f2:cb:6b:47:04:d6:af:
78:b3:10:3b:42:e8:ea:23:41:a6:7b:c2:e8:59:e8:90:98:d5:
fe:24:10:93:e1:0f:6e:6f:29:de:88:3c:cb:cf:63:c2:34:b5:
73:10:da:f4:2a:07:63:39:8b:9d:48:e0:e4:2d:4a:62:c3:6f:
ae:e0:e3:6b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZABB9FtHgbFuCgqyYDbKcndMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0OGEyN2Y0NGIxMDQwNGM1MmY2ZmZjNGUwOGRjODJiZjhi
NWRlZTQwHhcNMjQwNjEwMDcyMzI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDkxYTU4YjA4NjUzYTgyZDljMWVlMGU5ZDA5N2RkNGFhYTdjYTUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnuVmeN+d/vQ/uichswTltQYQwcg5
r6MQRxrgsL0u20YNDPXrD2i0+8yfRHAA+YYCKAWAIChK1BCodfkmBk8u5mnbHrkJ
aE/VTUFT07lRrsx7n1WKIRuQLcik7A7gek+8e5iL4kupcFuGIq2wDeYxRWiz6xlu
a71EW/sNLygNzs+8DOgdfZzVriTgSF1+a/C3LSS7bLElpJw0x5hsR2FKj2QsTNdA
OVcXiOQtaZUhvTbSVwYJwrG6AlqbH8OiXx023bYsh7CW8Tbsm50sMY2BaOCrexbx
J1aBH340l1SoLHMJY0RQlhTfAZB+HvRrFTEjfm34KNHSekKjWMQvf8WHTwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNCRpYsIZTqC2cHuDp0JfdSqp8pQMB8GA1UdIwQY
MBaAFNSKJ/RLEEBMUvb/xOCNyCv4td7kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYt
NTlmNTk4NGI2NGVhLzEvMEpHbGl3aGxPb0xad2U0T25RbDkxS3FueWxBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYtNTlmNTk4NGI2NGVh
LzEvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwG3NMA0G
CSqGSIb3DQEBCwUAA4IBAQCFBCvyOoIhxvMFUZOKvfshVaQFqaRk2Bk/yYh+6x7S
pn9aJ1L/+p7D5NBgkWmqGSNc613gLT2lffzj2WJ1YmkKq/zBqanz7Re/szqmf+UW
7Nx74StwdzPXFjhUtg05s5kV6QS8+XSQmH3IUdKC3WJJYTh9TiEpZhLvHYaXAWPV
rjuVkSRj5RcVhYsHD6eRxwgrmv6p4yJs3rfOdDdRsrnkBagm8wDzjqf17q2cVLmh
B3N/T44MZ5w1ga+1apbHufLLa0cE1q94sxA7QujqI0Gme8LoWeiQmNX+JBCT4Q9u
byneiDzLz2PCNLVzENr0KgdjOYudSODkLUpiw2+u4ONr
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:57:32 2025 by rpki-client