Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/lyzFfc-Krl-dRYPeKXKjmaH_-hc.roa
File: lyzFfc-Krl-dRYPeKXKjmaH_-hc.roa (raw, json)
Hash identifier: JhcCfnoqreXS10Lf51jhn/ZiNm75A9xvqtijt5uFOkM=
Subject key identifier: 97:2C:C5:7D:CF:8A:AE:5F:9D:45:83:DE:29:72:A3:99:A1:FF:FA:17
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 018595EAF8C9E471247263AD7A132C9C986B
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/lyzFfc-Krl-dRYPeKXKjmaH_-hc.roa
Signing time: Mon 09 Jan 2023 09:44:42 +0000
ROA not before: Mon 09 Jan 2023 09:44:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208068
IP address blocks: 109.72.117.0/24 maxlen: 24
109.72.118.0/24 maxlen: 24
109.72.119.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 10 Jan 2023 17:53:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:95:ea:f8:c9:e4:71:24:72:63:ad:7a:13:2c:9c:98:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Jan 9 09:44:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=972cc57dcf8aae5f9d4583de2972a399a1fffa17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:20:33:42:f9:9c:4e:36:50:7f:dd:e1:0f:b5:
06:b2:a5:29:18:f3:38:38:5f:53:92:22:b0:5b:52:
26:d4:31:f1:01:d3:dd:be:a8:0e:66:69:ab:bd:98:
8b:ee:56:55:35:c3:ac:d8:be:1b:d3:db:b1:cc:10:
ea:3b:b7:db:e3:4c:3c:30:13:11:97:c6:fe:81:3d:
2e:9b:be:d2:e6:1b:45:79:c2:ff:bb:60:48:61:2a:
cf:1d:48:cd:72:3f:bd:1a:2f:d4:2c:fb:ca:fe:e6:
9f:6a:76:4a:ee:05:c6:9b:fd:f6:07:54:1c:af:0f:
71:ba:64:cd:32:07:4c:19:93:64:7a:c8:83:5f:55:
03:07:12:76:c9:35:3b:9a:2c:d9:b1:25:56:c0:e5:
33:6c:f7:c8:90:9f:a9:21:6c:5a:0e:74:de:86:e7:
de:77:01:73:82:fd:c1:22:de:70:64:0e:53:8e:86:
5f:93:31:e3:6d:60:16:5d:d3:7c:6c:da:47:5e:e7:
05:ad:b4:90:b3:fb:43:b5:e7:8e:75:4a:f8:e9:3f:
ce:fc:c8:be:6b:8c:5e:d0:cb:40:13:38:cf:b2:eb:
82:0b:24:bf:4b:d2:46:8a:ed:9b:21:f7:12:40:c5:
c1:f5:e7:42:f9:86:dd:3d:de:b6:5e:2c:ca:36:46:
17:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:2C:C5:7D:CF:8A:AE:5F:9D:45:83:DE:29:72:A3:99:A1:FF:FA:17
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/lyzFfc-Krl-dRYPeKXKjmaH_-hc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.72.117.0-109.72.119.255
Signature Algorithm: sha256WithRSAEncryption
05:c1:5c:af:d9:d1:06:ec:35:5d:6e:f7:4f:27:c9:3b:89:68:
20:4d:54:bc:00:71:08:0b:1a:b8:bd:eb:99:9a:e4:2c:a0:3d:
69:41:2f:b9:a0:a8:d4:8f:a8:d7:04:8a:73:e8:01:9c:74:39:
27:0d:e9:b7:ca:64:37:15:be:8f:08:2a:90:8e:c9:a5:55:77:
b9:98:7c:67:10:da:ba:0f:c9:31:b5:29:c2:d9:e4:25:c4:48:
fc:40:97:6c:25:e1:88:8c:9d:aa:7d:41:dd:97:f2:5a:12:15:
db:03:b2:1d:ff:34:26:d4:26:19:46:c5:79:cc:b4:19:be:83:
39:a2:7c:c1:f5:ac:1d:1d:74:ea:c8:fd:6c:96:cd:e3:52:4e:
eb:19:02:18:61:47:1e:39:a9:74:85:ed:2a:58:36:38:8c:6c:
51:8f:3f:ac:3f:05:5b:5e:4b:0f:8a:62:14:ef:44:4b:07:79:
b5:c9:3f:3b:57:76:66:11:38:cb:de:46:6d:ae:f5:34:3c:2c:
78:0a:57:b4:b8:32:43:bb:02:23:30:d2:4b:22:23:ec:11:7a:
b1:16:6d:e3:f7:30:a0:a0:fd:b4:fb:e6:bd:e1:d9:10:29:d3:
7a:d0:57:36:65:08:6a:1f:15:6c:cf:91:64:7b:95:f8:76:d6:
be:39:ec:0e
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYWV6vjJ5HEkcmOtehMsnJhrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjMwMTA5MDk0NDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NzJjYzU3ZGNmOGFhZTVmOWQ0NTgzZGUyOTcyYTM5OWExZmZmYTE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtSAzQvmcTjZQf93hD7UGsqUpGPM4
OF9TkiKwW1Im1DHxAdPdvqgOZmmrvZiL7lZVNcOs2L4b09uxzBDqO7fb40w8MBMR
l8b+gT0um77S5htFecL/u2BIYSrPHUjNcj+9Gi/ULPvK/uafanZK7gXGm/32B1Qc
rw9xumTNMgdMGZNkesiDX1UDBxJ2yTU7mizZsSVWwOUzbPfIkJ+pIWxaDnTehufe
dwFzgv3BIt5wZA5TjoZfkzHjbWAWXdN8bNpHXucFrbSQs/tDteeOdUr46T/O/Mi+
a4xe0MtAEzjPsuuCCyS/S9JGiu2bIfcSQMXB9edC+YbdPd62XizKNkYXPQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFJcsxX3Piq5fnUWD3ilyo5mh//oXMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvbHl6RmZjLUtybC1kUllQZUtYS2ptYUhfLWhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBABtSHUD
BANtSHAwDQYJKoZIhvcNAQELBQADggEBAAXBXK/Z0QbsNV1u908nyTuJaCBNVLwA
cQgLGri965ma5CygPWlBL7mgqNSPqNcEinPoAZx0OScN6bfKZDcVvo8IKpCOyaVV
d7mYfGcQ2roPyTG1KcLZ5CXESPxAl2wl4YiMnap9Qd2X8loSFdsDsh3/NCbUJhlG
xXnMtBm+gzmifMH1rB0ddOrI/WyWzeNSTusZAhhhRx45qXSF7SpYNjiMbFGPP6w/
BVteSw+KYhTvREsHebXJPztXdmYROMveRm2u9TQ8LHgKV7S4MkO7AiMw0ksiI+wR
erEWbeP3MKCg/bT75r3h2RAp03rQVzZlCGofFWzPkWR7lfh21r457A4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:15 2024 by rpki-client on console-fra.rpki-client.org