Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/z0-KgInZvoBc6B50gOL9eeN3ZH4.roa
File: z0-KgInZvoBc6B50gOL9eeN3ZH4.roa (raw, json)
Hash identifier: LlBjo3v2w1kL/1Ui2HSVX+6OLf9sEDJVFLcjJI3/UUo=
Subject key identifier: CF:4F:8A:80:89:D9:BE:80:5C:E8:1E:74:80:E2:FD:79:E3:77:64:7E
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 0187388C0B79B57969FA1E99CE4E70BB31B4
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/z0-KgInZvoBc6B50gOL9eeN3ZH4.roa
Signing time: Fri 31 Mar 2023 16:41:54 +0000
ROA not before: Fri 31 Mar 2023 16:41:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 109.72.125.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 04 Apr 2023 08:42:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:38:8c:0b:79:b5:79:69:fa:1e:99:ce:4e:70:bb:31:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Mar 31 16:41:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cf4f8a8089d9be805ce81e7480e2fd79e377647e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:f7:f8:f0:99:b9:bb:80:7d:4a:63:49:98:26:
69:00:d4:09:8a:c9:d3:b6:a9:4e:85:3a:46:07:93:
b1:dc:b3:90:28:19:47:94:d2:ad:b7:c5:3d:94:52:
f7:10:6f:cd:ea:96:be:93:ea:e0:4b:d2:57:20:b8:
6a:21:36:8d:d2:0f:d4:77:ca:50:bc:3c:60:2d:9c:
d1:98:d1:ca:9b:c9:23:79:a5:20:3f:0c:8d:59:d1:
42:10:bd:3d:fd:07:33:81:e9:64:54:ac:40:42:e9:
5e:1c:f9:83:1d:47:32:30:1c:93:5d:16:c0:ca:df:
f6:ef:0e:68:cf:19:b2:64:5d:4d:df:eb:b2:d9:6f:
ff:6c:28:da:85:af:0a:91:ff:a1:be:53:fa:fc:ed:
80:35:a3:ce:ec:8d:63:d6:53:59:4a:1f:26:69:19:
bc:cb:a2:94:54:39:8c:c6:09:e2:99:bc:b9:b1:11:
08:61:4d:de:26:14:0b:33:08:60:32:40:50:e5:ed:
23:f5:4a:16:df:fa:de:db:b8:47:84:9e:81:c4:c6:
2a:4c:5e:d0:db:55:b7:0c:51:ab:63:3c:58:e3:d6:
52:bd:35:24:47:2d:9f:87:81:f1:37:17:1f:3a:90:
c5:5c:92:06:aa:32:af:23:d8:8e:32:33:bb:a8:a7:
7b:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:4F:8A:80:89:D9:BE:80:5C:E8:1E:74:80:E2:FD:79:E3:77:64:7E
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/z0-KgInZvoBc6B50gOL9eeN3ZH4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.72.125.0/24
Signature Algorithm: sha256WithRSAEncryption
a2:58:3a:b1:69:23:91:17:17:cf:c3:cc:e4:93:d8:07:3d:bd:
7a:d5:5e:6e:5d:07:67:53:51:86:79:c7:49:69:be:c6:40:97:
e4:ba:88:36:42:dc:23:af:a2:bf:0b:d1:c3:c3:ae:4e:5c:c9:
b3:20:cb:04:eb:5a:41:fb:0b:75:a3:c2:de:44:95:da:a7:1a:
9c:16:81:ff:22:4f:b2:f1:23:35:4e:3d:f7:d8:e0:d0:fc:05:
67:3a:fe:19:9f:19:34:25:30:48:8d:b6:bb:56:93:30:ee:5b:
04:e8:48:01:72:11:cf:af:eb:c2:8d:cb:0a:ef:cf:10:22:86:
2a:cf:83:a1:ae:07:a2:6b:40:65:97:7a:c7:cb:e8:23:97:53:
ba:36:47:dc:2e:0e:fc:fc:0f:85:fc:b7:b2:f1:8c:08:40:fc:
e9:d2:dc:56:c9:0e:27:a2:ca:55:6d:4a:2a:a7:cd:0c:79:92:
d6:70:d7:9a:bd:e9:5a:51:92:58:fb:87:38:59:9f:04:e1:76:
f9:6f:35:60:fc:03:9e:c2:72:d9:02:11:a5:8b:1a:84:38:a6:
98:dd:2a:5b:32:4e:89:6f:db:6d:00:74:15:35:89:75:21:e6:
4f:58:e2:19:9c:c1:85:c1:4a:5c:d2:13:17:f1:a6:0a:04:cb:
a4:7a:95:cd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYc4jAt5tXlp+h6Zzk5wuzG0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjMwMzMxMTY0MTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjRmOGE4MDg5ZDliZTgwNWNlODFlNzQ4MGUyZmQ3OWUzNzc2NDdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt/f48Jm5u4B9SmNJmCZpANQJisnT
tqlOhTpGB5Ox3LOQKBlHlNKtt8U9lFL3EG/N6pa+k+rgS9JXILhqITaN0g/Ud8pQ
vDxgLZzRmNHKm8kjeaUgPwyNWdFCEL09/QczgelkVKxAQuleHPmDHUcyMByTXRbA
yt/27w5ozxmyZF1N3+uy2W//bCjaha8Kkf+hvlP6/O2ANaPO7I1j1lNZSh8maRm8
y6KUVDmMxgnimby5sREIYU3eJhQLMwhgMkBQ5e0j9UoW3/re27hHhJ6BxMYqTF7Q
21W3DFGrYzxY49ZSvTUkRy2fh4HxNxcfOpDFXJIGqjKvI9iOMjO7qKd7xwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFM9PioCJ2b6AXOgedIDi/Xnjd2R+MB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvejAtS2dJblp2b0JjNkI1MGdPTDllZU4zWkg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbUh9MA0G
CSqGSIb3DQEBCwUAA4IBAQCiWDqxaSORFxfPw8zkk9gHPb161V5uXQdnU1GGecdJ
ab7GQJfkuog2Qtwjr6K/C9HDw65OXMmzIMsE61pB+wt1o8LeRJXapxqcFoH/Ik+y
8SM1Tj332ODQ/AVnOv4Znxk0JTBIjba7VpMw7lsE6EgBchHPr+vCjcsK788QIoYq
z4Ohrgeia0Bll3rHy+gjl1O6NkfcLg78/A+F/Ley8YwIQPzp0txWyQ4nospVbUoq
p80MeZLWcNeavelaUZJY+4c4WZ8E4Xb5bzVg/AOewnLZAhGlixqEOKaY3SpbMk6J
b9ttAHQVNYl1IeZPWOIZnMGFwUpc0hMX8aYKBMukepXN
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:15 2024 by rpki-client on console-fra.rpki-client.org