Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/3fLCzLKmSr8C1GWSfwUoxclLLk4.roa
File: 3fLCzLKmSr8C1GWSfwUoxclLLk4.roa (raw, json)
Hash identifier: 9alpXbbtHwbNTPVn+r9mJbEj3EKh5etpyXbF7Hf57y8=
Subject key identifier: DD:F2:C2:CC:B2:A6:4A:BF:02:D4:65:92:7F:05:28:C5:C9:4B:2E:4E
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 0185708CE1859A3B0B0DEDF1A4F7F257A040
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/3fLCzLKmSr8C1GWSfwUoxclLLk4.roa
Signing time: Mon 02 Jan 2023 03:35:59 +0000
ROA not before: Mon 02 Jan 2023 03:35:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42575
IP address blocks: 109.68.169.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:30:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:8c:e1:85:9a:3b:0b:0d:ed:f1:a4:f7:f2:57:a0:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Jan 2 03:35:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ddf2c2ccb2a64abf02d465927f0528c5c94b2e4e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:f9:c3:6c:83:e2:4e:dd:0a:fa:0a:e2:60:9e:
88:05:d9:09:db:f7:49:70:f6:c8:58:ba:c6:b0:4b:
3a:e3:90:e8:b2:10:2f:76:0f:d9:64:1e:29:8c:82:
02:32:93:2f:e8:be:8b:78:4e:7e:a1:c2:19:b0:50:
f7:93:e5:13:7c:4f:62:d0:1a:a9:fc:4c:43:a4:b3:
5a:2c:21:8e:35:bf:48:5f:5a:4e:3f:40:7b:08:8e:
e2:3c:c3:2b:c6:43:d5:15:0b:1e:a6:14:86:cb:19:
38:c4:aa:a4:41:c9:c4:a9:ae:df:85:c8:9a:e8:6a:
08:61:d9:3c:63:f3:70:c9:41:4c:20:11:40:c6:8e:
8c:12:b6:43:46:71:64:03:cf:06:18:99:60:7c:07:
c0:81:6c:ae:55:b0:27:1b:63:b2:62:a6:f4:0d:ce:
1e:a8:7a:35:ca:be:3f:e8:7f:b1:04:85:52:c6:a2:
99:05:de:b3:59:de:e1:7c:a0:01:52:37:fa:9c:01:
2e:27:fb:7d:9e:52:16:8a:12:53:f7:87:3d:d0:1f:
35:cd:43:67:e1:88:b6:30:82:61:86:3b:c7:4d:f1:
2e:b3:9d:e0:e4:b0:bf:fb:af:2c:29:4a:5a:73:73:
e3:ea:50:ef:6b:91:f3:85:1b:1d:8a:b3:8e:a1:50:
0d:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:F2:C2:CC:B2:A6:4A:BF:02:D4:65:92:7F:05:28:C5:C9:4B:2E:4E
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/3fLCzLKmSr8C1GWSfwUoxclLLk4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.68.169.0/24
Signature Algorithm: sha256WithRSAEncryption
68:a2:d2:fb:58:47:bc:5e:ef:2a:c8:ef:36:5e:dc:34:b4:d2:
e9:6b:bb:fa:87:c6:23:7f:3f:a2:60:66:ae:c8:71:64:17:b8:
24:a3:99:5b:db:2f:a9:9d:4a:15:0a:a5:b4:06:91:f2:b4:78:
bf:27:af:6a:90:8f:ea:33:a3:cc:fe:e6:41:a7:01:d4:50:2f:
52:c9:9b:5b:fc:72:34:f1:f1:3b:9f:0c:71:01:57:19:87:b7:
9d:c1:58:0b:15:18:df:00:09:ea:af:93:6c:88:4b:4e:55:fe:
66:a3:ff:e6:26:87:c9:78:26:01:8e:bc:2d:46:63:5a:cf:a1:
23:08:28:7d:ee:ec:c6:12:8f:49:62:0f:ac:59:30:12:cc:e8:
1f:a4:c6:b9:b9:09:e2:7b:46:7d:ee:78:36:06:94:fc:58:6b:
55:13:0f:ae:88:d2:a4:02:96:05:92:c8:ee:44:29:d7:7e:9b:
12:fc:1d:0b:f5:2e:ca:55:e8:22:d2:8f:fc:89:f3:3c:03:20:
f4:c4:62:f3:64:a8:65:6b:05:23:8f:59:ca:33:b3:ad:ce:41:
b3:7a:b2:b5:e5:e2:98:f5:0c:eb:2f:d3:de:89:9f:59:72:ed:
71:85:0e:5a:c0:dd:d5:94:fc:d1:d5:3b:4f:dc:bf:c1:32:da:
35:5e:7b:5f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwjOGFmjsLDe3xpPfyV6BAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjMwMTAyMDMzNTU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZGYyYzJjY2IyYTY0YWJmMDJkNDY1OTI3ZjA1MjhjNWM5NGIyZTRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqvnDbIPiTt0K+griYJ6IBdkJ2/dJ
cPbIWLrGsEs645DoshAvdg/ZZB4pjIICMpMv6L6LeE5+ocIZsFD3k+UTfE9i0Bqp
/ExDpLNaLCGONb9IX1pOP0B7CI7iPMMrxkPVFQsephSGyxk4xKqkQcnEqa7fhcia
6GoIYdk8Y/NwyUFMIBFAxo6MErZDRnFkA88GGJlgfAfAgWyuVbAnG2OyYqb0Dc4e
qHo1yr4/6H+xBIVSxqKZBd6zWd7hfKABUjf6nAEuJ/t9nlIWihJT94c90B81zUNn
4Yi2MIJhhjvHTfEus53g5LC/+68sKUpac3Pj6lDva5HzhRsdirOOoVANYwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN3ywsyypkq/AtRlkn8FKMXJSy5OMB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEvM2ZMQ3pMS21TcjhDMUdXU2Z3VW94Y2xMTGs0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbUSpMA0G
CSqGSIb3DQEBCwUAA4IBAQBootL7WEe8Xu8qyO82Xtw0tNLpa7v6h8Yjfz+iYGau
yHFkF7gko5lb2y+pnUoVCqW0BpHytHi/J69qkI/qM6PM/uZBpwHUUC9SyZtb/HI0
8fE7nwxxAVcZh7edwVgLFRjfAAnqr5NsiEtOVf5mo//mJofJeCYBjrwtRmNaz6Ej
CCh97uzGEo9JYg+sWTASzOgfpMa5uQnie0Z97ng2BpT8WGtVEw+uiNKkApYFksju
RCnXfpsS/B0L9S7KVegi0o/8ifM8AyD0xGLzZKhlawUjj1nKM7OtzkGzerK15eKY
9QzrL9PeiZ9Zcu1xhQ5awN3VlPzR1TtP3L/BMto1Xntf
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:54:24 2024 by rpki-client on console-ams.rpki-client.org