Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/ff5cc6-8f61-447b-b658-4fb559b3b9b3/1/9JGsnAs0bI5Yaf7SZ6e7py9txMk.roa
File: 9JGsnAs0bI5Yaf7SZ6e7py9txMk.roa (raw, json)
Hash identifier: DTG/D89oJ6wFWpRmWDS+zE+y4rKWhOAerPrsVclvDPo=
Subject key identifier: F4:91:AC:9C:0B:34:6C:8E:58:69:FE:D2:67:A7:BB:A7:2F:6D:C4:C9
Certificate issuer: /CN=767f3bd4bfbd3071c38cd4d7092bd3490920c3d9
Certificate serial: 018CC3B7424E49F72A1BB39776125D9843AA
Authority key identifier: 76:7F:3B:D4:BF:BD:30:71:C3:8C:D4:D7:09:2B:D3:49:09:20:C3:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dn871L-9MHHDjNTXCSvTSQkgw9k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/06/ff5cc6-8f61-447b-b658-4fb559b3b9b3/1/9JGsnAs0bI5Yaf7SZ6e7py9txMk.roa
Signing time: Mon 01 Jan 2024 06:30:16 +0000
ROA not before: Mon 01 Jan 2024 06:30:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39855
IP address blocks: 213.109.152.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 31 Jan 2024 10:42:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b7:42:4e:49:f7:2a:1b:b3:97:76:12:5d:98:43:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=767f3bd4bfbd3071c38cd4d7092bd3490920c3d9
Validity
Not Before: Jan 1 06:30:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f491ac9c0b346c8e5869fed267a7bba72f6dc4c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:d8:ad:61:6a:93:1b:33:42:a7:10:f3:9c:e1:
c4:3a:5d:8e:f2:3e:96:89:0f:03:67:b0:b6:c6:08:
b0:e2:85:af:74:bf:fb:14:ff:27:80:ed:54:bf:96:
74:75:63:46:fa:0f:6d:0a:51:cd:48:e6:3c:e0:9b:
b4:99:9a:a1:5f:be:93:4f:bf:59:51:b1:c6:01:31:
b7:7f:ad:42:d3:27:30:ae:d9:09:9c:1e:fe:d0:66:
f8:94:26:74:41:47:01:45:cb:91:91:51:a0:6b:eb:
4e:23:a7:76:94:fe:0b:3a:32:ad:e3:23:a6:06:3a:
85:62:d0:4f:71:a3:31:04:95:89:01:b7:f1:44:d6:
ef:5a:19:29:a5:57:9a:57:e8:f5:b6:d3:04:5a:16:
2d:93:a4:bb:36:27:11:b1:20:9e:bc:34:7e:56:67:
df:4d:3d:fe:6b:1c:89:f9:9f:34:10:76:56:02:7a:
a3:35:55:33:39:70:28:73:b6:58:b8:4f:83:da:c5:
b5:47:5f:a9:c6:eb:c8:5a:63:ce:c8:a6:ab:89:a0:
23:f4:6e:03:b6:e2:47:79:1c:b0:88:19:5c:4d:7b:
77:41:73:fd:ec:9e:bd:a8:09:72:24:90:e3:34:ab:
4d:ac:ec:f7:78:3c:26:4c:14:ad:2a:30:c5:2e:74:
72:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:91:AC:9C:0B:34:6C:8E:58:69:FE:D2:67:A7:BB:A7:2F:6D:C4:C9
X509v3 Authority Key Identifier:
keyid:76:7F:3B:D4:BF:BD:30:71:C3:8C:D4:D7:09:2B:D3:49:09:20:C3:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dn871L-9MHHDjNTXCSvTSQkgw9k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/ff5cc6-8f61-447b-b658-4fb559b3b9b3/1/9JGsnAs0bI5Yaf7SZ6e7py9txMk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/06/ff5cc6-8f61-447b-b658-4fb559b3b9b3/1/dn871L-9MHHDjNTXCSvTSQkgw9k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.109.152.0/24
Signature Algorithm: sha256WithRSAEncryption
92:ba:4e:f8:0c:5d:e7:11:6b:51:69:87:5d:ca:0f:ba:20:f1:
8a:fb:11:e9:f1:f6:11:ed:b8:57:33:72:6f:28:a0:52:60:c2:
c0:15:1d:38:cb:4b:74:b9:f8:d9:6b:6e:a0:99:6f:52:d4:ec:
f5:35:d1:02:9e:e6:06:19:f9:6b:0e:44:e4:dd:23:33:5e:f2:
b1:ab:bf:d6:ce:35:99:68:a7:74:c0:69:11:eb:e3:a7:5a:7f:
52:88:d6:c4:69:35:35:62:25:34:b3:68:b5:b6:62:ba:7e:10:
24:cb:6e:ff:ed:c9:10:f3:87:26:4c:7c:b9:d5:6a:53:14:36:
ef:9c:d5:88:22:97:24:d3:8a:fd:30:91:e0:81:49:39:16:f1:
df:eb:13:bc:16:cc:40:90:a3:d3:6c:48:43:ab:37:21:4e:29:
5c:28:00:f6:1d:38:c8:7f:1f:fc:1a:f7:85:9a:a6:7a:ae:b5:
a0:9d:86:24:d5:03:96:73:96:80:6f:d8:95:3a:b0:b4:eb:c5:
ef:8e:94:90:ed:d6:c1:a2:31:11:b3:4f:90:15:77:b3:b7:cf:
c6:1d:86:ab:96:9f:b0:2e:51:3d:5a:29:4d:54:ed:23:3e:0d:
2c:81:87:10:c9:4d:6f:34:5a:da:3c:da:5e:fb:10:6a:d1:f3:
fb:03:a5:13
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDt0JOSfcqG7OXdhJdmEOqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2N2YzYmQ0YmZiZDMwNzFjMzhjZDRkNzA5MmJkMzQ5MDky
MGMzZDkwHhcNMjQwMTAxMDYzMDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDkxYWM5YzBiMzQ2YzhlNTg2OWZlZDI2N2E3YmJhNzJmNmRjNGM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvNitYWqTGzNCpxDznOHEOl2O8j6W
iQ8DZ7C2xgiw4oWvdL/7FP8ngO1Uv5Z0dWNG+g9tClHNSOY84Ju0mZqhX76TT79Z
UbHGATG3f61C0ycwrtkJnB7+0Gb4lCZ0QUcBRcuRkVGga+tOI6d2lP4LOjKt4yOm
BjqFYtBPcaMxBJWJAbfxRNbvWhkppVeaV+j1ttMEWhYtk6S7NicRsSCevDR+Vmff
TT3+axyJ+Z80EHZWAnqjNVUzOXAoc7ZYuE+D2sW1R1+pxuvIWmPOyKariaAj9G4D
tuJHeRywiBlcTXt3QXP97J69qAlyJJDjNKtNrOz3eDwmTBStKjDFLnRyMwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPSRrJwLNGyOWGn+0menu6cvbcTJMB8GA1UdIwQY
MBaAFHZ/O9S/vTBxw4zU1wkr00kJIMPZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZG44NzFMLTlNSEhEak5UWENTdlRTUWtndzlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi9mZjVjYzYtOGY2MS00NDdiLWI2NTgt
NGZiNTU5YjNiOWIzLzEvOUpHc25BczBiSTVZYWY3U1o2ZTdweTl0eE1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi9mZjVjYzYtOGY2MS00NDdiLWI2NTgtNGZiNTU5YjNiOWIz
LzEvZG44NzFMLTlNSEhEak5UWENTdlRTUWtndzlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1W2YMA0G
CSqGSIb3DQEBCwUAA4IBAQCSuk74DF3nEWtRaYddyg+6IPGK+xHp8fYR7bhXM3Jv
KKBSYMLAFR04y0t0ufjZa26gmW9S1Oz1NdECnuYGGflrDkTk3SMzXvKxq7/WzjWZ
aKd0wGkR6+OnWn9SiNbEaTU1YiU0s2i1tmK6fhAky27/7ckQ84cmTHy51WpTFDbv
nNWIIpck04r9MJHggUk5FvHf6xO8FsxAkKPTbEhDqzchTilcKAD2HTjIfx/8GveF
mqZ6rrWgnYYk1QOWc5aAb9iVOrC068XvjpSQ7dbBojERs0+QFXezt8/GHYarlp+w
LlE9WilNVO0jPg0sgYcQyU1vNFraPNpe+xBq0fP7A6UT
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:46 2024 by rpki-client on console-fra.rpki-client.org