Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/X9G8JO4j47dtqwe9pO3TJYHWZIE.roa
File: X9G8JO4j47dtqwe9pO3TJYHWZIE.roa (raw, json)
Hash identifier: X2n8rIFvQfZ2/3OPELgtlRqMXuGIugjPOyal978mje4=
Subject key identifier: 5F:D1:BC:24:EE:23:E3:B7:6D:AB:07:BD:A4:ED:D3:25:81:D6:64:81
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 0187FED11A8267FF65D24C0D79D78BFDDDCD
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/X9G8JO4j47dtqwe9pO3TJYHWZIE.roa
Signing time: Tue 09 May 2023 04:42:09 +0000
ROA not before: Tue 09 May 2023 04:42:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209260
IP address blocks: 109.72.121.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 17 May 2023 08:56:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:fe:d1:1a:82:67:ff:65:d2:4c:0d:79:d7:8b:fd:dd:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: May 9 04:42:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5fd1bc24ee23e3b76dab07bda4edd32581d66481
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:29:42:1a:1a:ca:4d:76:1d:25:88:38:56:c4:
b4:5b:98:84:a1:41:ef:7b:63:af:54:75:fa:5e:d8:
c5:d1:76:97:61:58:0e:88:3b:43:5a:a2:64:8f:de:
8e:1c:6a:33:cf:7a:46:5d:0d:db:07:8b:2f:1f:f0:
d4:63:a0:30:9d:79:88:b0:b0:ab:c4:2a:52:c1:02:
4e:92:d2:62:5d:6c:b1:26:8e:20:6a:8c:ae:1d:79:
10:9d:ed:aa:09:7f:5e:26:ca:fb:44:30:65:22:51:
94:fc:8d:f7:58:75:5b:1c:5b:d1:08:db:f8:1d:ae:
a1:69:01:d5:ab:fb:06:97:67:8c:f3:b0:d7:56:88:
0e:1c:8c:dc:a6:09:af:87:12:3f:df:61:ed:4d:a8:
91:64:5a:4f:1a:df:a2:70:9c:47:7e:17:92:14:b3:
49:e7:ee:ca:2f:e3:49:a4:23:a2:b2:f0:f2:4f:19:
26:47:76:d4:82:80:84:71:09:1b:c3:5c:4f:c6:ea:
d4:c3:76:fb:e0:b4:1a:9d:4f:e9:08:11:b7:50:9a:
0a:7e:51:18:01:25:f9:a7:39:6c:e1:51:26:f0:18:
ef:3f:c0:88:af:ad:63:4f:96:42:2d:41:55:f9:f7:
fa:fd:f1:c9:30:75:f8:0c:0c:41:e0:ba:43:32:3c:
b7:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:D1:BC:24:EE:23:E3:B7:6D:AB:07:BD:A4:ED:D3:25:81:D6:64:81
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/X9G8JO4j47dtqwe9pO3TJYHWZIE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.72.121.0/24
Signature Algorithm: sha256WithRSAEncryption
18:2a:48:63:0b:a4:31:41:ca:8c:04:5c:0a:2e:6f:94:85:33:
b2:c1:81:37:e3:d9:f4:c6:b0:e7:77:f4:cf:95:da:9c:53:9f:
86:8f:13:13:75:e3:9a:14:03:7f:9b:6c:33:84:33:45:ee:bd:
a7:75:12:f1:4e:99:29:c1:93:f9:6e:ac:41:f5:cf:5c:c0:af:
7d:22:8b:2e:0c:88:1b:79:bd:83:7e:86:26:36:1c:5b:e3:bb:
99:90:c6:7b:7e:1b:2c:f4:0f:07:ec:ae:87:33:cb:fc:da:0f:
11:3c:47:50:bd:0c:01:b2:0a:f9:18:8d:19:2f:ef:84:9e:cb:
d8:b8:ad:2a:fb:7d:0b:09:49:f7:c8:9d:1b:92:4b:b9:4f:ff:
6d:de:7d:2d:ce:e0:c6:f2:18:e7:63:ef:bb:91:fe:78:a9:19:
16:0d:85:18:db:17:1c:89:4b:dd:9e:db:6b:4e:cc:bd:17:ca:
5f:c2:48:1a:dc:f9:d8:0f:b5:a2:03:51:3a:0c:b2:e4:4c:fa:
01:fc:37:cc:75:21:03:37:23:28:bf:fd:73:f0:4a:25:2c:af:
fa:5c:85:e1:59:a0:98:8d:3d:2d:b6:7e:a3:61:8e:7a:a4:c3:
ec:89:69:2f:31:cc:9d:d2:c9:9c:12:ef:ac:02:fc:a6:15:af:
7b:c3:9b:03
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYf+0RqCZ/9l0kwNedeL/d3NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjMwNTA5MDQ0MjA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZmQxYmMyNGVlMjNlM2I3NmRhYjA3YmRhNGVkZDMyNTgxZDY2NDgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1ilCGhrKTXYdJYg4VsS0W5iEoUHv
e2OvVHX6XtjF0XaXYVgOiDtDWqJkj96OHGozz3pGXQ3bB4svH/DUY6AwnXmIsLCr
xCpSwQJOktJiXWyxJo4gaoyuHXkQne2qCX9eJsr7RDBlIlGU/I33WHVbHFvRCNv4
Ha6haQHVq/sGl2eM87DXVogOHIzcpgmvhxI/32HtTaiRZFpPGt+icJxHfheSFLNJ
5+7KL+NJpCOisvDyTxkmR3bUgoCEcQkbw1xPxurUw3b74LQanU/pCBG3UJoKflEY
ASX5pzls4VEm8BjvP8CIr61jT5ZCLUFV+ff6/fHJMHX4DAxB4LpDMjy3NQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF/RvCTuI+O3basHvaTt0yWB1mSBMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvWDlHOEpPNGo0N2R0cXdlOXBPM1RKWUhXWklFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbUh5MA0G
CSqGSIb3DQEBCwUAA4IBAQAYKkhjC6QxQcqMBFwKLm+UhTOywYE349n0xrDnd/TP
ldqcU5+GjxMTdeOaFAN/m2wzhDNF7r2ndRLxTpkpwZP5bqxB9c9cwK99IosuDIgb
eb2DfoYmNhxb47uZkMZ7fhss9A8H7K6HM8v82g8RPEdQvQwBsgr5GI0ZL++EnsvY
uK0q+30LCUn3yJ0bkku5T/9t3n0tzuDG8hjnY++7kf54qRkWDYUY2xcciUvdnttr
Tsy9F8pfwkga3PnYD7WiA1E6DLLkTPoB/DfMdSEDNyMov/1z8EolLK/6XIXhWaCY
jT0ttn6jYY56pMPsiWkvMcyd0smcEu+sAvymFa97w5sD
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:46 2024 by rpki-client on console-ams.rpki-client.org