Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/8025f6-5f38-4ddf-917d-114c2400c3e3/1/cIxzth7PsuYldeycjgXhLf3zBIE.roa
File: cIxzth7PsuYldeycjgXhLf3zBIE.roa (raw, json)
Hash identifier: u1Lkv2Us3Bqd3qGhk8PIxl/qNcIN3QL5GUivujZSYwc=
Subject key identifier: 70:8C:73:B6:1E:CF:B2:E6:25:75:EC:9C:8E:05:E1:2D:FD:F3:04:81
Certificate issuer: /CN=11d47912efd409a46f7cd42741804c7d4f5e1ad5
Certificate serial: 01856BE5B08361A453750B3735981A0EEF22
Authority key identifier: 11:D4:79:12:EF:D4:09:A4:6F:7C:D4:27:41:80:4C:7D:4F:5E:1A:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EdR5Eu_UCaRvfNQnQYBMfU9eGtU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/8025f6-5f38-4ddf-917d-114c2400c3e3/1/cIxzth7PsuYldeycjgXhLf3zBIE.roa
Signing time: Sun 01 Jan 2023 05:54:53 +0000
ROA not before: Sun 01 Jan 2023 05:54:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 680
IP address blocks: 192.109.134.0/24 maxlen: 24
129.70.0.0/16 maxlen: 16
Validation: Failed, certificate revoked on Tue 02 Jan 2024 14:35:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:e5:b0:83:61:a4:53:75:0b:37:35:98:1a:0e:ef:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11d47912efd409a46f7cd42741804c7d4f5e1ad5
Validity
Not Before: Jan 1 05:54:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=708c73b61ecfb2e62575ec9c8e05e12dfdf30481
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:fa:1a:80:1e:f6:bd:b9:fc:99:a8:9f:ac:ce:
a2:ef:c6:bd:a7:4c:06:a0:af:c0:bf:17:da:b9:ac:
ed:a1:e7:70:48:be:20:76:e5:ad:29:2d:e7:2b:f4:
06:cc:e1:e9:79:b3:0c:6f:42:06:56:49:31:80:5f:
6d:f3:c6:34:95:f6:0a:1d:00:62:4f:25:4c:6f:b4:
70:dd:3e:eb:c8:56:a4:71:7f:af:d1:53:92:ff:6d:
fa:a3:e0:f5:90:e6:fa:d2:91:e8:58:c6:96:40:e6:
54:30:15:e6:7c:c7:e3:da:5f:ae:10:fe:3a:06:a2:
3b:5e:db:d3:d2:d2:5f:0c:5a:b0:eb:1d:9f:2d:cd:
bd:ad:66:c8:e3:d4:bb:1b:be:a6:83:06:10:ff:5c:
7f:2c:03:44:82:85:08:26:43:03:08:2e:20:00:31:
11:2d:dc:06:74:cc:0a:23:37:9c:93:d9:f2:b9:35:
25:2f:ae:c0:09:b7:57:1b:35:c4:c8:5b:bd:7a:31:
6b:4a:9a:94:02:eb:00:f1:b9:c3:01:a9:60:97:04:
c8:40:9f:4b:9b:23:13:56:eb:64:79:ba:b2:51:dd:
01:f1:c5:44:2c:8a:f6:63:f3:32:62:0b:84:b4:6b:
3e:b7:16:bc:75:2a:ca:4d:fc:8f:b5:3a:f7:f0:31:
d9:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:8C:73:B6:1E:CF:B2:E6:25:75:EC:9C:8E:05:E1:2D:FD:F3:04:81
X509v3 Authority Key Identifier:
keyid:11:D4:79:12:EF:D4:09:A4:6F:7C:D4:27:41:80:4C:7D:4F:5E:1A:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EdR5Eu_UCaRvfNQnQYBMfU9eGtU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/8025f6-5f38-4ddf-917d-114c2400c3e3/1/cIxzth7PsuYldeycjgXhLf3zBIE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/8025f6-5f38-4ddf-917d-114c2400c3e3/1/EdR5Eu_UCaRvfNQnQYBMfU9eGtU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
129.70.0.0/16
192.109.134.0/24
Signature Algorithm: sha256WithRSAEncryption
20:a5:01:2d:ed:51:91:2b:a0:f5:c0:5d:c8:59:1f:e0:2c:6c:
93:55:fc:eb:18:ea:7b:20:b1:08:98:96:ad:a8:ef:32:a0:b9:
f4:dd:95:92:67:04:86:ce:5b:c9:da:23:37:8b:62:5d:b9:04:
86:28:ef:32:9f:72:2e:1b:21:be:39:ce:14:9c:c2:7f:06:0d:
c8:83:2d:0b:b8:06:15:a1:0e:da:10:c1:68:e1:89:8d:42:f3:
04:f2:4a:95:b8:50:e4:22:3c:07:33:eb:c6:90:9f:c9:ff:f4:
ca:01:8d:f2:e9:1a:5a:e6:7c:7a:c3:02:f2:d1:a5:bf:e5:9f:
77:67:e1:e8:12:c9:a4:f6:f7:67:a3:b7:aa:31:41:d1:09:c2:
b1:46:86:17:b6:2d:bf:91:56:5a:7f:7e:0a:0e:7d:23:c6:55:
cf:5f:11:b9:75:39:e2:8b:f2:4e:89:67:75:e0:8e:aa:06:56:
56:fd:f3:15:a7:10:4a:91:31:f1:4a:0b:be:c3:e9:7c:d7:3b:
d5:dc:58:0b:1b:c0:57:da:a5:17:20:51:14:5d:8d:69:0d:4b:
1e:5c:b2:90:80:db:0e:2f:5f:83:b9:e4:f5:0f:c6:c3:97:3e:
7a:07:4c:5a:6d:50:ef:25:0c:c0:e8:25:1d:8a:dd:28:4a:29:
95:3c:0e:1e
-----BEGIN CERTIFICATE-----
MIIFAjCCA+qgAwIBAgISAYVr5bCDYaRTdQs3NZgaDu8iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExZDQ3OTEyZWZkNDA5YTQ2ZjdjZDQyNzQxODA0YzdkNGY1
ZTFhZDUwHhcNMjMwMTAxMDU1NDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDhjNzNiNjFlY2ZiMmU2MjU3NWVjOWM4ZTA1ZTEyZGZkZjMwNDgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5foagB72vbn8maifrM6i78a9p0wG
oK/AvxfauaztoedwSL4gduWtKS3nK/QGzOHpebMMb0IGVkkxgF9t88Y0lfYKHQBi
TyVMb7Rw3T7ryFakcX+v0VOS/236o+D1kOb60pHoWMaWQOZUMBXmfMfj2l+uEP46
BqI7XtvT0tJfDFqw6x2fLc29rWbI49S7G76mgwYQ/1x/LANEgoUIJkMDCC4gADER
LdwGdMwKIzeck9nyuTUlL67ACbdXGzXEyFu9ejFrSpqUAusA8bnDAalglwTIQJ9L
myMTVutkebqyUd0B8cVELIr2Y/MyYguEtGs+txa8dSrKTfyPtTr38DHZawIDAQAB
o4ICDjCCAgowHQYDVR0OBBYEFHCMc7Yez7LmJXXsnI4F4S398wSBMB8GA1UdIwQY
MBaAFBHUeRLv1Amkb3zUJ0GATH1PXhrVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWRSNUV1X1VDYVJ2Zk5RblFZQk1mVTllR3RVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi84MDI1ZjYtNWYzOC00ZGRmLTkxN2Qt
MTE0YzI0MDBjM2UzLzEvY0l4enRoN1BzdVlsZGV5Y2pnWGhMZjN6QklFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi84MDI1ZjYtNWYzOC00ZGRmLTkxN2QtMTE0YzI0MDBjM2Uz
LzEvRWRSNUV1X1VDYVJ2Zk5RblFZQk1mVTllR3RVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCQGCCsGAQUFBwEHAQH/BBUwEzARBAIAATALAwMAgUYDBADA
bYYwDQYJKoZIhvcNAQELBQADggEBACClAS3tUZEroPXAXchZH+AsbJNV/OsY6nsg
sQiYlq2o7zKgufTdlZJnBIbOW8naIzeLYl25BIYo7zKfci4bIb45zhScwn8GDciD
LQu4BhWhDtoQwWjhiY1C8wTySpW4UOQiPAcz68aQn8n/9MoBjfLpGlrmfHrDAvLR
pb/ln3dn4egSyaT292ejt6oxQdEJwrFGhhe2Lb+RVlp/fgoOfSPGVc9fEbl1OeKL
8k6JZ3XgjqoGVlb98xWnEEqRMfFKC77D6XzXO9XcWAsbwFfapRcgURRdjWkNSx5c
spCA2w4vX4O55PUPxsOXPnoHTFptUO8lDMDoJR2K3ShKKZU8Dh4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:55 2024 by rpki-client on console-ams.rpki-client.org