Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/UQow7yKVBhlsWadh0VIAPSwj30o.roa
File: UQow7yKVBhlsWadh0VIAPSwj30o.roa (raw, json)
Hash identifier: TaoQKgZhy3cS0ZrFZ8QYnYTSLSNWHr/vph2BIGx2r9U=
Subject key identifier: 51:0A:30:EF:22:95:06:19:6C:59:A7:61:D1:52:00:3D:2C:23:DF:4A
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 018809B04F8EF04D5EF9BBB8F99466A1373D
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/UQow7yKVBhlsWadh0VIAPSwj30o.roa
Signing time: Thu 11 May 2023 07:22:09 +0000
ROA not before: Thu 11 May 2023 07:22:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 140155
IP address blocks: 109.72.115.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 11 Jun 2023 10:06:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:09:b0:4f:8e:f0:4d:5e:f9:bb:b8:f9:94:66:a1:37:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: May 11 07:22:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=510a30ef229506196c59a761d152003d2c23df4a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:d5:52:8d:2b:ad:2b:8a:66:4a:4b:bf:4f:5a:
9a:56:8a:4a:f5:ca:07:ce:40:9a:2d:9c:c7:a4:d3:
ce:18:a4:96:23:52:90:dc:d1:ce:80:70:d6:85:c1:
b9:53:88:d1:73:b4:c9:a8:84:5b:75:a4:c2:05:af:
cc:98:10:22:c0:c1:8a:44:4f:7d:b0:66:80:af:4a:
da:f9:38:cf:b6:6c:f9:88:28:3c:6c:bc:ac:bc:b7:
68:5e:45:8d:52:98:42:cc:b0:73:4c:f0:14:81:43:
da:88:4b:02:e6:18:f5:a2:d1:b7:46:3c:79:cf:ee:
ec:71:bb:62:d8:f9:42:a1:e7:c1:97:5e:e6:59:4a:
a6:68:8b:0c:b2:eb:40:5e:ac:e8:98:0f:5d:d1:e2:
63:99:97:4c:75:8b:51:20:58:fd:5f:1b:5c:82:1f:
29:bb:3a:08:9e:5b:6e:4c:ea:7b:5e:5b:3b:b6:75:
d6:53:13:ac:53:25:b8:4d:78:87:c3:61:94:69:35:
90:9f:ad:18:ed:85:8f:55:e4:89:a1:1c:86:9a:cb:
e4:fe:30:fb:73:26:30:4f:d5:0e:13:fc:d9:25:aa:
fb:49:01:cc:17:36:e4:fc:8d:9c:b4:f1:32:f9:fb:
d8:d3:7c:27:db:32:08:b4:42:e5:23:fe:5f:d4:1c:
97:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:0A:30:EF:22:95:06:19:6C:59:A7:61:D1:52:00:3D:2C:23:DF:4A
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/UQow7yKVBhlsWadh0VIAPSwj30o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.72.115.0/24
Signature Algorithm: sha256WithRSAEncryption
14:ff:23:9a:19:03:06:87:a7:ca:e4:23:32:8b:d8:fa:e1:99:
14:a2:85:83:20:c4:42:44:0f:d3:84:62:c4:e7:9d:f5:d1:5d:
53:40:41:7f:c5:92:41:11:1e:85:7a:aa:aa:68:48:8f:3e:db:
d2:ee:72:10:34:1a:2d:d2:ea:18:42:75:ce:f0:88:4f:a6:ae:
33:b4:e6:cc:a8:5a:f0:68:2c:74:46:52:85:64:61:28:6c:8e:
b5:30:30:36:a3:7d:c0:57:51:22:fb:3e:c1:91:50:c1:a2:80:
8d:e0:cc:53:b2:8a:f1:e5:c6:9f:68:44:89:57:28:19:e7:ce:
cd:28:8b:26:4a:ab:00:16:08:79:92:2e:0c:45:bc:99:98:db:
e5:f6:c5:f0:2e:68:ff:42:e7:d6:7d:ca:3c:d9:3e:51:ec:4e:
50:21:b1:4e:21:5f:7d:92:a1:be:fa:58:6f:4e:e9:f1:93:4b:
b3:79:2c:df:13:37:8b:68:f7:b7:57:31:aa:94:43:c5:8f:c3:
66:b5:57:55:7f:1f:38:51:c1:2a:73:5d:7c:59:4a:53:99:d4:
59:e7:77:8c:68:1d:fe:9a:57:02:ed:25:65:53:b2:61:e0:d3:
85:91:9b:63:37:f7:33:8e:29:3b:e9:a9:d5:d2:8f:cb:29:de:
a8:50:c5:0b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYgJsE+O8E1e+bu4+ZRmoTc9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjMwNTExMDcyMjA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTBhMzBlZjIyOTUwNjE5NmM1OWE3NjFkMTUyMDAzZDJjMjNkZjRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAktVSjSutK4pmSku/T1qaVopK9coH
zkCaLZzHpNPOGKSWI1KQ3NHOgHDWhcG5U4jRc7TJqIRbdaTCBa/MmBAiwMGKRE99
sGaAr0ra+TjPtmz5iCg8bLysvLdoXkWNUphCzLBzTPAUgUPaiEsC5hj1otG3Rjx5
z+7scbti2PlCoefBl17mWUqmaIsMsutAXqzomA9d0eJjmZdMdYtRIFj9Xxtcgh8p
uzoInltuTOp7Xls7tnXWUxOsUyW4TXiHw2GUaTWQn60Y7YWPVeSJoRyGmsvk/jD7
cyYwT9UOE/zZJar7SQHMFzbk/I2ctPEy+fvY03wn2zIItELlI/5f1ByXcwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFEKMO8ilQYZbFmnYdFSAD0sI99KMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvVVFvdzd5S1ZCaGxzV2FkaDBWSUFQU3dqMzBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbUhzMA0G
CSqGSIb3DQEBCwUAA4IBAQAU/yOaGQMGh6fK5CMyi9j64ZkUooWDIMRCRA/ThGLE
55310V1TQEF/xZJBER6FeqqqaEiPPtvS7nIQNBot0uoYQnXO8IhPpq4ztObMqFrw
aCx0RlKFZGEobI61MDA2o33AV1Ei+z7BkVDBooCN4MxTsorx5cafaESJVygZ587N
KIsmSqsAFgh5ki4MRbyZmNvl9sXwLmj/QufWfco82T5R7E5QIbFOIV99kqG++lhv
Tunxk0uzeSzfEzeLaPe3VzGqlEPFj8NmtVdVfx84UcEqc118WUpTmdRZ53eMaB3+
mlcC7SVlU7Jh4NOFkZtjN/czjik76anV0o/LKd6oUMUL
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:46 2024 by rpki-client on console-ams.rpki-client.org