Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/DtNXcdOZK5VtlqZIiajmE0vqUw8.roa
File: DtNXcdOZK5VtlqZIiajmE0vqUw8.roa (raw, json)
Hash identifier: cidbbJTzBRe0RYINqD+w4zmfAj+hT0H7lf3ymIoXQQw=
Subject key identifier: 0E:D3:57:71:D3:99:2B:95:6D:96:A6:48:89:A8:E6:13:4B:EA:53:0F
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 018CC649C6BAFA2D1A70BECF15B77F778FFA
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/DtNXcdOZK5VtlqZIiajmE0vqUw8.roa
Signing time: Mon 01 Jan 2024 18:29:32 +0000
ROA not before: Mon 01 Jan 2024 18:29:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 23470
IP address blocks: 109.72.119.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 13 Jan 2024 11:04:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:49:c6:ba:fa:2d:1a:70:be:cf:15:b7:7f:77:8f:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Jan 1 18:29:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0ed35771d3992b956d96a64889a8e6134bea530f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:71:68:cf:f3:91:2c:af:d4:df:bd:00:4c:8b:
89:69:d2:1d:e9:62:06:60:20:04:0a:8a:82:66:f2:
f2:db:ba:31:1d:27:86:3d:16:b9:f2:7e:c7:78:7c:
94:bb:cf:8b:d7:1b:a7:ce:2d:f8:10:8b:b1:ee:a2:
df:d9:b5:11:63:a1:40:5d:d0:65:f8:6a:15:62:fd:
c0:59:e9:77:c5:f4:cc:3d:34:56:e4:66:f4:62:c2:
37:b8:ba:4c:ea:59:d4:65:86:e0:ee:15:91:b8:b5:
39:b0:81:5a:f8:a7:d7:ca:87:7c:ed:b6:73:f0:d4:
74:90:12:a2:3d:c6:f9:b6:cf:68:3e:d2:54:3c:1b:
d9:1a:2c:b8:ab:c6:ec:1e:35:48:42:3e:dc:13:61:
e8:fc:5b:17:d2:8e:0a:07:02:86:85:a6:b1:1d:ef:
af:39:04:23:02:a0:ba:31:7e:ec:87:3f:c7:3a:81:
d3:66:1b:e8:9e:b1:b4:98:fe:d6:b1:7a:9f:b1:c7:
19:44:03:04:45:36:d4:37:ad:6a:06:97:28:f7:8f:
1b:46:2b:8a:7b:e4:9a:12:92:b1:ab:83:d2:0b:8f:
da:f1:65:ba:00:14:82:9f:f4:e4:c8:e0:1c:89:dd:
96:47:97:45:ba:bb:01:c6:2e:ff:02:33:20:f0:6a:
55:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:D3:57:71:D3:99:2B:95:6D:96:A6:48:89:A8:E6:13:4B:EA:53:0F
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/DtNXcdOZK5VtlqZIiajmE0vqUw8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.72.119.0/24
Signature Algorithm: sha256WithRSAEncryption
96:32:42:7f:d7:22:a0:16:18:ff:07:77:7f:d2:2e:21:93:05:
8c:38:c2:57:26:0a:d4:99:7d:f9:e4:e8:f7:8b:69:fd:b6:4e:
30:c0:c1:09:20:9e:4d:7a:04:04:98:21:2e:c5:98:c3:ae:42:
d5:62:9e:a9:89:5e:2d:6b:ed:ab:d9:da:69:4a:c2:ed:0e:06:
2b:4d:2f:ae:3a:25:91:d7:d3:af:9f:c0:8d:be:41:ac:3d:ff:
6a:14:d9:b0:77:a6:99:58:6d:7f:5a:e7:52:7c:b0:43:ab:ec:
2b:d9:c8:ee:65:62:f3:e9:54:59:8c:c8:0b:68:c1:bd:81:90:
8e:ed:c9:64:46:84:15:88:32:e6:9c:0b:be:48:23:07:27:7a:
57:c9:ca:61:e2:2c:a0:4c:bd:8f:d2:d0:63:b0:b0:e7:36:4b:
98:c3:9d:a4:d8:f1:a2:4b:fe:76:80:6a:65:3b:ba:f7:32:12:
9e:6d:56:a1:9f:24:90:5d:b7:f6:a4:94:47:4c:a3:57:9f:d3:
d8:83:2b:bf:53:8b:a4:1d:9a:a6:37:5c:f3:79:49:3b:0d:57:
cb:dc:0c:cb:74:39:f1:2d:bb:30:fa:8d:3b:71:f3:80:7d:ba:
2c:2a:21:ee:24:0e:23:fe:a2:36:3f:e9:09:a9:4d:9e:7d:60:
2d:ad:16:73
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGSca6+i0acL7PFbd/d4/6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjQwMTAxMTgyOTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZWQzNTc3MWQzOTkyYjk1NmQ5NmE2NDg4OWE4ZTYxMzRiZWE1MzBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiXFoz/ORLK/U370ATIuJadId6WIG
YCAECoqCZvLy27oxHSeGPRa58n7HeHyUu8+L1xunzi34EIux7qLf2bURY6FAXdBl
+GoVYv3AWel3xfTMPTRW5Gb0YsI3uLpM6lnUZYbg7hWRuLU5sIFa+KfXyod87bZz
8NR0kBKiPcb5ts9oPtJUPBvZGiy4q8bsHjVIQj7cE2Ho/FsX0o4KBwKGhaaxHe+v
OQQjAqC6MX7shz/HOoHTZhvonrG0mP7WsXqfsccZRAMERTbUN61qBpco948bRiuK
e+SaEpKxq4PSC4/a8WW6ABSCn/TkyOAcid2WR5dFursBxi7/AjMg8GpVDwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA7TV3HTmSuVbZamSImo5hNL6lMPMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvRHROWGNkT1pLNVZ0bHFaSWlham1FMHZxVXc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbUh3MA0G
CSqGSIb3DQEBCwUAA4IBAQCWMkJ/1yKgFhj/B3d/0i4hkwWMOMJXJgrUmX355Oj3
i2n9tk4wwMEJIJ5NegQEmCEuxZjDrkLVYp6piV4ta+2r2dppSsLtDgYrTS+uOiWR
19Ovn8CNvkGsPf9qFNmwd6aZWG1/WudSfLBDq+wr2cjuZWLz6VRZjMgLaMG9gZCO
7clkRoQViDLmnAu+SCMHJ3pXycph4iygTL2P0tBjsLDnNkuYw52k2PGiS/52gGpl
O7r3MhKebVahnySQXbf2pJRHTKNXn9PYgyu/U4ukHZqmN1zzeUk7DVfL3AzLdDnx
Lbsw+o07cfOAfbosKiHuJA4j/qI2P+kJqU2efWAtrRZz
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:45 2024 by rpki-client on console-ams.rpki-client.org