Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/yCKFVmNCoMnTBYUOkNwlRdqVin0.roa
File: yCKFVmNCoMnTBYUOkNwlRdqVin0.roa (raw, json)
Hash identifier: S2cvGXGV8ryashCrWlF92H0K733gDvY13LlilcmYHK0=
Subject key identifier: C8:22:85:56:63:42:A0:C9:D3:05:85:0E:90:DC:25:45:DA:95:8A:7D
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 01859CD1E3E7C201FD6992BAA4C17892949E
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/yCKFVmNCoMnTBYUOkNwlRdqVin0.roa
Signing time: Tue 10 Jan 2023 17:54:39 +0000
ROA not before: Tue 10 Jan 2023 17:54:39 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211975
IP address blocks: 109.72.118.0/24 maxlen: 24
109.72.117.0/24 maxlen: 24
109.72.119.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 09 May 2023 04:42:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:9c:d1:e3:e7:c2:01:fd:69:92:ba:a4:c1:78:92:94:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Jan 10 17:54:39 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c82285566342a0c9d305850e90dc2545da958a7d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:0a:58:d6:98:94:22:bf:08:62:68:77:95:3c:
b3:49:75:de:ec:82:dc:7a:72:48:ba:72:93:e5:45:
63:b2:ce:08:f7:0c:a9:6b:e2:19:33:71:3b:d1:55:
39:8c:8b:b7:49:9c:bc:61:71:0b:96:eb:8a:d3:0a:
09:0e:03:ba:11:0e:7c:37:48:59:58:c0:8f:30:e8:
52:7b:ab:f9:56:f6:19:fb:7f:50:10:26:10:8c:e0:
a6:8c:af:5a:35:27:af:c2:51:9b:a3:b4:9c:2d:f4:
92:60:b5:62:eb:6a:1d:59:56:8d:06:14:dd:af:c1:
e2:3f:fa:4f:b2:f6:e6:fb:13:81:72:c0:e3:65:49:
44:c8:0b:53:b2:ce:34:d5:ca:1a:f2:eb:49:18:91:
7d:91:39:c6:59:71:ac:39:c7:a3:49:ac:cc:b5:2a:
37:63:5b:04:20:53:9f:03:d0:ca:eb:e2:4c:a6:32:
aa:a8:e3:cb:9f:73:49:9a:86:c9:25:87:39:1e:fa:
a9:77:52:65:f6:6c:3a:74:00:bc:c3:78:80:8c:59:
87:a0:46:fa:45:7d:4d:11:e6:f2:4f:e4:e3:76:a3:
ca:22:2f:b2:fd:69:af:3e:19:9d:f2:d4:17:62:86:
6f:7c:2b:70:4e:54:26:e9:33:f9:16:d3:4e:98:79:
f5:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:22:85:56:63:42:A0:C9:D3:05:85:0E:90:DC:25:45:DA:95:8A:7D
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/yCKFVmNCoMnTBYUOkNwlRdqVin0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.72.117.0-109.72.119.255
Signature Algorithm: sha256WithRSAEncryption
1e:4b:b5:92:2b:bd:e1:cc:60:60:1b:0b:16:0c:7f:f8:9c:72:
99:15:71:18:2b:62:09:c1:20:8a:a9:65:29:82:bf:b5:bf:e3:
e3:ee:ab:a8:70:d9:66:b5:54:f8:62:6c:ea:d5:92:75:6b:85:
ea:eb:59:2e:7b:98:ca:2d:f5:69:21:9e:98:f3:92:0f:13:5b:
a9:8b:e7:bb:16:57:2a:a2:4f:1f:81:86:be:68:c9:48:23:38:
a8:b8:d4:5b:94:ea:46:f1:57:63:91:34:d7:6e:f3:e0:f9:e7:
91:1d:ba:c5:a6:81:b6:01:93:63:0d:e1:c9:e4:40:12:56:5b:
3a:37:1d:29:e5:2f:b9:a1:34:8e:64:39:d2:49:be:fe:6a:0c:
e5:cc:49:7d:63:59:f8:9a:36:c4:d8:44:b9:7b:96:84:7c:e0:
7f:fa:23:cb:ab:10:07:d1:cf:a9:c9:05:de:31:59:6d:e0:2c:
7e:c6:63:a9:ee:79:29:bf:8f:fb:3c:e4:68:f8:94:2b:85:05:
5f:8e:2c:fd:43:4f:3d:ac:fe:c7:d3:bd:10:d9:81:bf:41:3a:
e6:e6:a8:63:5d:f3:a9:b4:0b:15:93:da:06:5c:15:07:b0:1b:
15:16:06:f5:04:96:e0:b3:58:12:94:64:aa:e3:a7:1c:59:d9:
5e:b8:99:d2
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYWc0ePnwgH9aZK6pMF4kpSeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjMwMTEwMTc1NDM5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODIyODU1NjYzNDJhMGM5ZDMwNTg1MGU5MGRjMjU0NWRhOTU4YTdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1gpY1piUIr8IYmh3lTyzSXXe7ILc
enJIunKT5UVjss4I9wypa+IZM3E70VU5jIu3SZy8YXELluuK0woJDgO6EQ58N0hZ
WMCPMOhSe6v5VvYZ+39QECYQjOCmjK9aNSevwlGbo7ScLfSSYLVi62odWVaNBhTd
r8HiP/pPsvbm+xOBcsDjZUlEyAtTss401coa8utJGJF9kTnGWXGsOcejSazMtSo3
Y1sEIFOfA9DK6+JMpjKqqOPLn3NJmobJJYc5Hvqpd1Jl9mw6dAC8w3iAjFmHoEb6
RX1NEebyT+TjdqPKIi+y/WmvPhmd8tQXYoZvfCtwTlQm6TP5FtNOmHn1+wIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFMgihVZjQqDJ0wWFDpDcJUXalYp9MB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEveUNLRlZtTkNvTW5UQllVT2tOd2xSZHFWaW4wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBABtSHUD
BANtSHAwDQYJKoZIhvcNAQELBQADggEBAB5LtZIrveHMYGAbCxYMf/iccpkVcRgr
YgnBIIqpZSmCv7W/4+Puq6hw2Wa1VPhibOrVknVrherrWS57mMot9Wkhnpjzkg8T
W6mL57sWVyqiTx+Bhr5oyUgjOKi41FuU6kbxV2ORNNdu8+D555EdusWmgbYBk2MN
4cnkQBJWWzo3HSnlL7mhNI5kOdJJvv5qDOXMSX1jWfiaNsTYRLl7loR84H/6I8ur
EAfRz6nJBd4xWW3gLH7GY6nueSm/j/s85Gj4lCuFBV+OLP1DTz2s/sfTvRDZgb9B
OubmqGNd86m0CxWT2gZcFQewGxUWBvUEluCzWBKUZKrjpxxZ2V64mdI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:15 2024 by rpki-client on console-fra.rpki-client.org