Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/BdSgBtIlKToVm8tNHAyY-sMbGe0.roa
File: BdSgBtIlKToVm8tNHAyY-sMbGe0.roa (raw, json)
Hash identifier: uz8t45zUIwJioegEv6rzzQTTzLfZt7VF/i1hEBlnuk0=
Subject key identifier: 05:D4:A0:06:D2:25:29:3A:15:9B:CB:4D:1C:0C:98:FA:C3:1B:19:ED
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 0185708CE94B5F7E337DC330C9B731030FF2
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/BdSgBtIlKToVm8tNHAyY-sMbGe0.roa
Signing time: Mon 02 Jan 2023 03:36:01 +0000
ROA not before: Mon 02 Jan 2023 03:36:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207548
IP address blocks: 109.108.40.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:30:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:8c:e9:4b:5f:7e:33:7d:c3:30:c9:b7:31:03:0f:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Jan 2 03:36:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=05d4a006d225293a159bcb4d1c0c98fac31b19ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:e5:68:32:17:d3:3a:1c:dc:02:fd:35:99:5d:
b9:f8:88:70:3e:78:7b:a4:e4:e2:24:76:6e:35:56:
05:a1:85:ca:53:fb:3b:f5:a6:16:63:cd:80:34:98:
26:a9:b9:5c:24:46:a9:03:7c:ca:90:7a:18:7c:d4:
9f:13:4e:7e:fe:30:13:e2:9f:4d:64:f5:65:ee:68:
8e:af:e0:6f:db:d2:8b:6e:f3:23:b8:de:30:9e:15:
25:7e:3b:2d:2b:16:bf:b6:61:bf:69:e0:3c:9e:f2:
bf:04:bd:da:e3:5d:82:3f:09:39:e2:c3:ba:84:61:
09:7a:ee:af:48:c8:89:6f:a3:f6:d7:78:ad:53:22:
53:66:7c:80:67:f2:cc:3c:89:4e:c2:59:a0:2d:15:
30:bf:2b:02:60:9d:5e:4a:f9:4f:0f:83:3a:bf:2f:
94:99:50:c7:95:82:3f:e8:88:08:99:2e:ab:8c:65:
d6:35:cb:9b:33:9c:cf:79:a9:e0:af:a3:52:b3:96:
cc:12:bc:b5:44:93:fd:95:a9:eb:3c:b8:a6:82:69:
3d:95:1a:a1:d8:21:76:30:a0:5c:31:b4:a7:a4:27:
57:17:46:a1:8c:31:27:dc:bc:4f:a0:d9:e6:d7:60:
94:50:ff:68:5f:86:bc:15:8e:5f:e2:7a:b4:85:ed:
12:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:D4:A0:06:D2:25:29:3A:15:9B:CB:4D:1C:0C:98:FA:C3:1B:19:ED
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/BdSgBtIlKToVm8tNHAyY-sMbGe0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.108.40.0/24
Signature Algorithm: sha256WithRSAEncryption
12:ba:01:98:0b:6c:52:d2:ef:9a:6a:f7:10:52:e5:cc:10:ae:
b5:4f:ff:54:e7:96:12:72:b7:30:c9:d1:71:b2:2f:51:5a:6f:
53:3f:91:08:a2:fb:b1:69:29:09:35:63:ef:84:1d:4f:68:26:
cd:0c:63:a1:fa:ef:20:f2:1c:9f:f2:43:56:89:f0:0f:c6:39:
a3:69:be:b1:b5:fa:8f:04:cc:b9:6b:91:c7:de:39:bf:f1:4d:
95:d3:44:6c:5f:0b:e5:fa:70:8d:75:34:e9:27:57:20:37:dd:
55:b3:e7:14:d7:c8:8f:0b:d6:04:ea:38:5c:1b:51:25:97:1c:
d3:3e:b6:2b:25:d6:83:5c:f3:4c:81:d7:c1:74:2b:2a:29:11:
e9:df:7c:15:63:b4:b8:21:71:05:d3:f8:11:23:6b:04:61:d8:
1b:4a:3f:8e:84:e2:2d:59:2e:24:c5:68:f0:09:69:04:97:9b:
fc:5b:b4:40:43:a3:34:55:35:06:a9:f5:8f:2f:92:58:cb:c4:
af:a2:5f:d2:0b:49:18:54:9e:b4:09:ae:79:68:83:ac:b4:da:
52:f1:45:93:0f:30:48:44:c7:a0:44:b4:48:e8:d2:06:4f:b2:
40:36:d7:eb:5e:ce:15:25:23:a4:72:2b:d0:b8:3f:6a:9b:af:
38:cf:6b:58
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwjOlLX34zfcMwybcxAw/yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjMwMTAyMDMzNjAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNWQ0YTAwNmQyMjUyOTNhMTU5YmNiNGQxYzBjOThmYWMzMWIxOWVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApuVoMhfTOhzcAv01mV25+IhwPnh7
pOTiJHZuNVYFoYXKU/s79aYWY82ANJgmqblcJEapA3zKkHoYfNSfE05+/jAT4p9N
ZPVl7miOr+Bv29KLbvMjuN4wnhUlfjstKxa/tmG/aeA8nvK/BL3a412CPwk54sO6
hGEJeu6vSMiJb6P213itUyJTZnyAZ/LMPIlOwlmgLRUwvysCYJ1eSvlPD4M6vy+U
mVDHlYI/6IgImS6rjGXWNcubM5zPeangr6NSs5bMEry1RJP9lanrPLimgmk9lRqh
2CF2MKBcMbSnpCdXF0ahjDEn3LxPoNnm12CUUP9oX4a8FY5f4nq0he0SYQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAXUoAbSJSk6FZvLTRwMmPrDGxntMB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEvQmRTZ0J0SWxLVG9WbTh0TkhBeVktc01iR2UwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbWwoMA0G
CSqGSIb3DQEBCwUAA4IBAQASugGYC2xS0u+aavcQUuXMEK61T/9U55YScrcwydFx
si9RWm9TP5EIovuxaSkJNWPvhB1PaCbNDGOh+u8g8hyf8kNWifAPxjmjab6xtfqP
BMy5a5HH3jm/8U2V00RsXwvl+nCNdTTpJ1cgN91Vs+cU18iPC9YE6jhcG1EllxzT
PrYrJdaDXPNMgdfBdCsqKRHp33wVY7S4IXEF0/gRI2sEYdgbSj+OhOItWS4kxWjw
CWkEl5v8W7RAQ6M0VTUGqfWPL5JYy8Svol/SC0kYVJ60Ca55aIOstNpS8UWTDzBI
RMegRLRI6NIGT7JANtfrXs4VJSOkcivQuD9qm684z2tY
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:54:24 2024 by rpki-client on console-ams.rpki-client.org