Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/G8ZInL0EXUtEo-iLinjBktDy_wQ.roa
File: G8ZInL0EXUtEo-iLinjBktDy_wQ.roa (raw, json)
Hash identifier: zkBvUAPxFJLUsZPYUhLNe9y/BPICh2gKrYwUvm7X4T0=
Subject key identifier: 1B:C6:48:9C:BD:04:5D:4B:44:A3:E8:8B:8A:78:C1:92:D0:F2:FF:04
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 0189E3961B72F9382CAD892F1F5D0D399698
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/G8ZInL0EXUtEo-iLinjBktDy_wQ.roa
Signing time: Fri 11 Aug 2023 07:53:32 +0000
ROA not before: Fri 11 Aug 2023 07:53:32 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 174
IP address blocks: 109.72.115.0/24 maxlen: 24
109.72.114.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 15 Sep 2023 07:05:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:e3:96:1b:72:f9:38:2c:ad:89:2f:1f:5d:0d:39:96:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Aug 11 07:53:32 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1bc6489cbd045d4b44a3e88b8a78c192d0f2ff04
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:fe:ea:b7:af:aa:6b:c5:28:b0:09:7a:c3:8f:
60:2a:fb:e6:20:b8:c4:73:cd:3b:a8:71:91:1e:8e:
31:46:86:53:c8:3b:b6:4c:b0:25:9f:cf:49:8b:14:
77:37:ba:d1:c7:a3:75:3d:d2:7f:8f:04:b1:a7:1a:
fd:5e:e7:1b:6b:d1:5b:99:82:39:16:83:6b:83:f6:
53:5a:15:68:ad:b4:ba:7c:b9:21:db:25:ec:74:aa:
c6:26:23:64:25:26:17:97:1e:85:59:0a:06:9c:df:
2b:9a:21:60:fe:76:40:29:a6:fd:ee:92:a8:82:62:
c9:0d:28:92:8d:ce:ef:4d:b4:cd:25:72:a1:5c:10:
2e:01:40:cd:47:0a:b7:5f:86:f8:8e:9d:00:b6:62:
6d:de:e2:8e:82:8c:9c:e7:4e:00:9a:de:d6:4d:09:
6c:85:6f:d1:8c:4f:0a:1e:99:7a:75:0f:e7:ef:59:
82:74:2f:d0:8a:37:0d:df:a7:f2:d7:a2:af:34:e6:
d2:22:a3:fe:48:41:4d:1b:b4:ff:28:de:fd:46:3a:
67:e3:fa:85:11:70:5a:59:48:5d:5e:ca:6e:30:85:
88:75:f7:cd:d7:91:42:ab:52:22:2f:a4:95:af:09:
f6:22:d2:ca:81:48:17:5f:d9:f6:f4:9f:07:83:9a:
54:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:C6:48:9C:BD:04:5D:4B:44:A3:E8:8B:8A:78:C1:92:D0:F2:FF:04
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/G8ZInL0EXUtEo-iLinjBktDy_wQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.72.114.0/23
Signature Algorithm: sha256WithRSAEncryption
20:26:28:7f:dd:cf:25:29:3b:8f:98:d0:82:43:c6:95:f8:cd:
e6:65:cf:a5:39:0f:af:50:47:b3:2a:e3:61:e2:69:0c:36:6b:
39:39:a6:fa:d6:bd:41:b4:67:1b:0e:db:a1:d9:02:10:24:87:
4f:46:1c:d0:29:41:6f:19:d4:17:c6:4d:03:3d:26:43:83:1c:
df:0c:fa:90:fb:2c:ef:61:c2:89:f8:b0:80:f5:d4:f2:47:b9:
40:61:ba:b6:5d:27:71:f3:0f:18:8c:52:81:45:f1:3d:95:91:
25:cb:6f:fb:1e:74:b6:37:ee:65:b9:90:e6:da:c7:55:d6:ed:
8c:03:68:4f:5c:0a:87:75:6a:e1:fd:86:1b:9c:22:f5:ef:bf:
72:8c:39:6d:87:6a:41:3f:73:4a:51:6f:09:77:bb:83:4c:da:
9d:51:c8:d1:f9:62:6d:45:b3:55:6c:62:a6:6d:28:45:ad:71:
42:fc:1c:61:1f:b2:40:2e:91:aa:a0:50:12:e3:59:f9:16:2f:
01:4f:99:37:4d:cf:c0:1b:ed:7e:5e:dc:85:4a:ab:6a:29:f5:
f5:31:b2:02:c6:4b:06:8f:81:2a:07:b3:ba:c8:c2:cb:91:fa:
57:09:81:10:fe:45:d0:cd:16:41:64:85:38:39:c2:e3:2c:0d:
f7:0d:67:42
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYnjlhty+TgsrYkvH10NOZaYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjMwODExMDc1MzMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYmM2NDg5Y2JkMDQ1ZDRiNDRhM2U4OGI4YTc4YzE5MmQwZjJmZjA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn/7qt6+qa8UosAl6w49gKvvmILjE
c807qHGRHo4xRoZTyDu2TLAln89JixR3N7rRx6N1PdJ/jwSxpxr9Xucba9FbmYI5
FoNrg/ZTWhVorbS6fLkh2yXsdKrGJiNkJSYXlx6FWQoGnN8rmiFg/nZAKab97pKo
gmLJDSiSjc7vTbTNJXKhXBAuAUDNRwq3X4b4jp0AtmJt3uKOgoyc504Amt7WTQls
hW/RjE8KHpl6dQ/n71mCdC/QijcN36fy16KvNObSIqP+SEFNG7T/KN79Rjpn4/qF
EXBaWUhdXspuMIWIdffN15FCq1IiL6SVrwn2ItLKgUgXX9n29J8Hg5pUgwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBvGSJy9BF1LRKPoi4p4wZLQ8v8EMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvRzhaSW5MMEVYVXRFby1pTGluakJrdER5X3dRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBbUhyMA0G
CSqGSIb3DQEBCwUAA4IBAQAgJih/3c8lKTuPmNCCQ8aV+M3mZc+lOQ+vUEezKuNh
4mkMNms5Oab61r1BtGcbDtuh2QIQJIdPRhzQKUFvGdQXxk0DPSZDgxzfDPqQ+yzv
YcKJ+LCA9dTyR7lAYbq2XSdx8w8YjFKBRfE9lZEly2/7HnS2N+5luZDm2sdV1u2M
A2hPXAqHdWrh/YYbnCL1779yjDlth2pBP3NKUW8Jd7uDTNqdUcjR+WJtRbNVbGKm
bShFrXFC/BxhH7JALpGqoFAS41n5Fi8BT5k3Tc/AG+1+XtyFSqtqKfX1MbICxksG
j4EqB7O6yMLLkfpXCYEQ/kXQzRZBZIU4OcLjLA33DWdC
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:45 2024 by rpki-client on console-ams.rpki-client.org