Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/y31waKM7TOktq_R050UpSHltOBc.roa
File: y31waKM7TOktq_R050UpSHltOBc.roa (raw, json)
Hash identifier: COjZ/4gIUrzk1WYB31l/nCUNyyoSH8JkvKUxYEKWGqg=
Subject key identifier: CB:7D:70:68:A3:3B:4C:E9:2D:AB:F4:74:E7:45:29:48:79:6D:38:17
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 018CC649C813F05569AE3DFB684E887580FD
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/y31waKM7TOktq_R050UpSHltOBc.roa
Signing time: Mon 01 Jan 2024 18:29:33 +0000
ROA not before: Mon 01 Jan 2024 18:29:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43289
IP address blocks: 109.72.118.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 21 Jan 2024 10:50:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:49:c8:13:f0:55:69:ae:3d:fb:68:4e:88:75:80:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Jan 1 18:29:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cb7d7068a33b4ce92dabf474e7452948796d3817
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:e4:42:09:80:fb:ac:40:cf:d8:56:43:36:39:
d1:a0:e7:c3:42:82:94:1d:7f:61:77:9f:a2:67:32:
f4:f4:12:10:b4:90:7e:a9:fa:08:ed:a0:02:86:de:
ac:f7:2a:dc:e2:b1:05:cb:8f:d0:63:67:95:0e:bf:
a4:90:5a:07:b1:a1:0b:38:06:17:50:e3:1d:87:34:
b7:10:3b:c4:c5:86:84:11:da:98:9e:0b:8c:77:a8:
ed:34:78:b1:3a:49:13:99:04:75:b9:c3:54:79:56:
24:86:6c:8a:ed:db:d2:60:1c:c9:9f:98:dc:f5:24:
e8:4e:b0:dd:be:6e:24:84:c7:8d:9f:5c:bf:73:6f:
5c:d9:cd:66:82:73:45:aa:36:9d:9a:c5:ca:37:2b:
f1:e0:ea:4a:f3:0e:df:3c:7d:c2:f4:68:1f:f2:15:
ec:4e:7c:de:fd:fb:dc:ea:ac:ea:36:6d:82:35:ed:
3f:1f:82:5e:0f:c8:f7:48:dc:1a:87:9a:c6:4b:5c:
84:ec:87:eb:9e:32:bd:ed:e8:44:c8:70:f7:ac:d3:
e4:97:ff:b4:70:ce:2a:7d:d8:f1:e1:e7:bf:74:ba:
37:5e:e0:3f:de:2f:15:37:b2:53:ff:ad:c2:ce:d3:
80:0b:81:cf:3e:8e:c1:87:3d:29:1e:58:3d:09:a3:
5d:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:7D:70:68:A3:3B:4C:E9:2D:AB:F4:74:E7:45:29:48:79:6D:38:17
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/y31waKM7TOktq_R050UpSHltOBc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.72.118.0/24
Signature Algorithm: sha256WithRSAEncryption
04:7b:e4:f9:02:7d:8f:9e:94:f0:a5:9b:67:2a:9e:0a:2c:26:
74:a1:54:85:e1:ab:91:e6:6c:57:ae:a1:a3:2d:48:60:c1:4b:
05:0b:cb:3d:9b:5a:c1:a1:25:04:3a:99:19:8e:e1:4f:cb:e9:
6f:69:95:66:8a:ed:b9:c2:87:92:b6:c9:7a:75:d5:a9:8e:7b:
e1:c8:3c:1d:d6:ec:af:e9:ec:1e:56:21:9d:b8:1e:77:d6:36:
47:7a:5a:1f:5c:c1:d4:bc:46:fc:3f:1b:02:8f:70:48:64:07:
00:ca:d9:c5:44:a2:a6:39:86:c9:2c:10:c3:ad:a7:32:47:cc:
7d:69:3f:c8:44:fc:b1:66:99:2d:1c:13:24:cf:d0:cb:b6:d8:
71:ea:b5:f1:c9:8e:9e:92:87:3d:77:2c:a3:ea:9c:7c:59:52:
2c:f7:dc:96:1e:9e:1f:8f:5f:03:d4:80:45:9a:04:af:92:05:
9c:d2:3b:3e:12:5f:7d:74:2f:04:0e:a9:fd:2d:c7:cd:e8:d2:
26:22:69:6f:37:1f:c5:39:79:fb:28:91:f2:97:1e:25:77:55:
b0:4d:6a:13:5a:92:8c:36:1f:e7:87:54:b7:40:06:d7:26:06:
c7:e9:5a:5a:9d:7f:0b:7d:7e:74:02:4e:c7:26:17:0a:dc:7a:
5e:eb:47:81
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGScgT8FVprj37aE6IdYD9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjQwMTAxMTgyOTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjdkNzA2OGEzM2I0Y2U5MmRhYmY0NzRlNzQ1Mjk0ODc5NmQzODE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAouRCCYD7rEDP2FZDNjnRoOfDQoKU
HX9hd5+iZzL09BIQtJB+qfoI7aACht6s9yrc4rEFy4/QY2eVDr+kkFoHsaELOAYX
UOMdhzS3EDvExYaEEdqYnguMd6jtNHixOkkTmQR1ucNUeVYkhmyK7dvSYBzJn5jc
9SToTrDdvm4khMeNn1y/c29c2c1mgnNFqjadmsXKNyvx4OpK8w7fPH3C9Ggf8hXs
Tnze/fvc6qzqNm2CNe0/H4JeD8j3SNwah5rGS1yE7IfrnjK97ehEyHD3rNPkl/+0
cM4qfdjx4ee/dLo3XuA/3i8VN7JT/63CztOAC4HPPo7Bhz0pHlg9CaNdKQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMt9cGijO0zpLav0dOdFKUh5bTgXMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEveTMxd2FLTTdUT2t0cV9SMDUwVXBTSGx0T0JjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbUh2MA0G
CSqGSIb3DQEBCwUAA4IBAQAEe+T5An2PnpTwpZtnKp4KLCZ0oVSF4auR5mxXrqGj
LUhgwUsFC8s9m1rBoSUEOpkZjuFPy+lvaZVmiu25woeStsl6ddWpjnvhyDwd1uyv
6eweViGduB531jZHelofXMHUvEb8PxsCj3BIZAcAytnFRKKmOYbJLBDDracyR8x9
aT/IRPyxZpktHBMkz9DLtthx6rXxyY6ekoc9dyyj6px8WVIs99yWHp4fj18D1IBF
mgSvkgWc0js+El99dC8EDqn9LcfN6NImImlvNx/FOXn7KJHylx4ld1WwTWoTWpKM
Nh/nh1S3QAbXJgbH6VpanX8LfX50Ak7HJhcK3Hpe60eB
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:15 2024 by rpki-client on console-fra.rpki-client.org