Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/f7f53d-068c-444e-ad1e-b7c2696bae50/1/SxrtgkGXTq0sNVMXussxbtrbFdc.roa
File: SxrtgkGXTq0sNVMXussxbtrbFdc.roa (raw, json)
Hash identifier: 4E8hHRfx2jXgI/uOlrtFSYjrTPzfio+XMlvDBB4zT9U=
Subject key identifier: 4B:1A:ED:82:41:97:4E:AD:2C:35:53:17:BA:CB:31:6E:DA:DB:15:D7
Certificate issuer: /CN=34d0ec7ac4c391e4ecba9d0a3749191b18ebf934
Certificate serial: 0185701530BF01650509A611249EA25D14DE
Authority key identifier: 34:D0:EC:7A:C4:C3:91:E4:EC:BA:9D:0A:37:49:19:1B:18:EB:F9:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NNDsesTDkeTsup0KN0kZGxjr-TQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/f7f53d-068c-444e-ad1e-b7c2696bae50/1/SxrtgkGXTq0sNVMXussxbtrbFdc.roa
Signing time: Mon 02 Jan 2023 01:25:14 +0000
ROA not before: Mon 02 Jan 2023 01:25:14 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8226
IP address blocks: 109.68.124.0/23 maxlen: 23
109.68.120.0/22 maxlen: 22
109.68.126.0/24 maxlen: 24
2001:4d00::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:29:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:15:30:bf:01:65:05:09:a6:11:24:9e:a2:5d:14:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34d0ec7ac4c391e4ecba9d0a3749191b18ebf934
Validity
Not Before: Jan 2 01:25:14 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4b1aed8241974ead2c355317bacb316edadb15d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:7d:19:37:3d:a3:e5:50:57:b9:3c:5a:2a:24:
02:b3:0c:77:9c:67:50:9d:4b:59:0a:bd:22:e7:f4:
d3:6c:e3:59:98:2a:1d:30:e7:97:7b:59:45:4b:4d:
1f:50:08:9a:62:7c:15:d4:eb:59:94:da:c9:ee:6d:
03:2b:1b:3a:5b:72:36:bb:a8:87:52:1f:19:8c:f0:
f8:94:4c:a3:39:bf:7d:a0:b5:cf:06:ca:9d:a6:eb:
7e:9e:62:d4:20:1f:41:27:21:61:4d:88:e4:8f:53:
5b:3a:d5:ff:14:7c:74:76:82:6b:78:8e:a5:e8:26:
13:d2:9c:46:ce:19:b6:57:04:eb:bd:e6:d5:85:9f:
b4:60:06:49:c3:78:8a:5b:0c:de:07:89:a3:65:4f:
15:ed:67:68:b0:50:39:31:00:f4:00:e9:12:b2:f7:
2a:b3:a2:07:9e:df:67:79:c9:6d:9a:86:a7:a7:3b:
ab:cc:d4:29:39:6e:f8:2a:6a:37:a0:29:d8:f0:18:
bc:d4:52:5b:7e:ab:f7:c2:c8:4c:4e:34:5d:fb:ef:
01:95:82:7a:ab:64:80:20:4f:57:19:80:9a:0d:e8:
54:08:03:ea:85:a8:ca:a3:1d:df:1e:63:20:9e:0a:
d3:f5:14:35:2d:92:d0:15:2c:75:07:70:7d:75:af:
17:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:1A:ED:82:41:97:4E:AD:2C:35:53:17:BA:CB:31:6E:DA:DB:15:D7
X509v3 Authority Key Identifier:
keyid:34:D0:EC:7A:C4:C3:91:E4:EC:BA:9D:0A:37:49:19:1B:18:EB:F9:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NNDsesTDkeTsup0KN0kZGxjr-TQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/f7f53d-068c-444e-ad1e-b7c2696bae50/1/SxrtgkGXTq0sNVMXussxbtrbFdc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/f7f53d-068c-444e-ad1e-b7c2696bae50/1/NNDsesTDkeTsup0KN0kZGxjr-TQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.68.120.0-109.68.126.255
IPv6:
2001:4d00::/32
Signature Algorithm: sha256WithRSAEncryption
1c:7b:ec:1a:54:db:df:1e:68:e8:ce:0e:f6:55:6a:3b:93:c8:
5f:00:65:bc:08:89:94:b1:85:3d:ab:63:ac:54:81:44:5b:ae:
0b:35:a5:5d:4d:e0:d9:5a:6e:a3:6e:85:c5:7d:52:59:22:ef:
a0:60:80:28:63:8f:2b:53:d2:15:e1:31:8f:ed:fc:b7:42:e4:
43:b2:ab:12:01:7a:ea:49:2b:90:ee:8c:72:4f:73:2b:40:b6:
92:e6:8e:d7:71:31:48:d7:4c:d0:37:26:94:4e:fe:99:9b:11:
21:2e:eb:b8:74:47:af:74:f3:bc:08:c5:2a:24:72:cc:08:1c:
de:75:7c:ec:df:97:26:7d:d0:90:b2:1d:3b:ec:2a:84:b2:dd:
27:7d:5c:a4:1e:f3:49:98:0e:22:7e:f5:7b:49:4e:ce:ba:b3:
9f:c0:6a:6d:31:12:43:ac:8c:e2:b3:2c:af:3b:d9:fd:d8:5d:
61:1e:68:24:33:e3:85:5f:1d:1b:03:4b:b2:01:9a:6d:88:7c:
02:28:fd:66:9f:c0:22:5f:8b:c8:9a:ea:b9:f1:3d:10:1a:21:
db:fa:d5:01:b0:98:87:37:5e:32:6e:47:0a:a7:14:9a:b3:16:
3f:25:93:7d:e8:00:c2:db:7c:f0:0d:ea:ce:ca:2c:88:4e:67:
e0:7b:a2:7d
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYVwFTC/AWUFCaYRJJ6iXRTeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0ZDBlYzdhYzRjMzkxZTRlY2JhOWQwYTM3NDkxOTFiMThl
YmY5MzQwHhcNMjMwMTAyMDEyNTE0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjFhZWQ4MjQxOTc0ZWFkMmMzNTUzMTdiYWNiMzE2ZWRhZGIxNWQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl30ZNz2j5VBXuTxaKiQCswx3nGdQ
nUtZCr0i5/TTbONZmCodMOeXe1lFS00fUAiaYnwV1OtZlNrJ7m0DKxs6W3I2u6iH
Uh8ZjPD4lEyjOb99oLXPBsqdput+nmLUIB9BJyFhTYjkj1NbOtX/FHx0doJreI6l
6CYT0pxGzhm2VwTrvebVhZ+0YAZJw3iKWwzeB4mjZU8V7WdosFA5MQD0AOkSsvcq
s6IHnt9necltmoanpzurzNQpOW74Kmo3oCnY8Bi81FJbfqv3wshMTjRd++8BlYJ6
q2SAIE9XGYCaDehUCAPqhajKox3fHmMgngrT9RQ1LZLQFSx1B3B9da8XWwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFEsa7YJBl06tLDVTF7rLMW7a2xXXMB8GA1UdIwQY
MBaAFDTQ7HrEw5Hk7LqdCjdJGRsY6/k0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTk5Ec2VzVERrZVRzdXAwS04wa1pHeGpyLVRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS9mN2Y1M2QtMDY4Yy00NDRlLWFkMWUt
YjdjMjY5NmJhZTUwLzEvU3hydGdrR1hUcTBzTlZNWHVzc3hidHJiRmRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS9mN2Y1M2QtMDY4Yy00NDRlLWFkMWUtYjdjMjY5NmJhZTUw
LzEvTk5Ec2VzVERrZVRzdXAwS04wa1pHeGpyLVRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAUBAIAATAOMAwDBANtRHgD
BABtRH4wDQQCAAIwBwMFACABTQAwDQYJKoZIhvcNAQELBQADggEBABx77BpU298e
aOjODvZVajuTyF8AZbwIiZSxhT2rY6xUgURbrgs1pV1N4NlabqNuhcV9Ulki76Bg
gChjjytT0hXhMY/t/LdC5EOyqxIBeupJK5DujHJPcytAtpLmjtdxMUjXTNA3JpRO
/pmbESEu67h0R69087wIxSokcswIHN51fOzflyZ90JCyHTvsKoSy3Sd9XKQe80mY
DiJ+9XtJTs66s5/Aam0xEkOsjOKzLK872f3YXWEeaCQz44VfHRsDS7IBmm2IfAIo
/WafwCJfi8ia6rnxPRAaIdv61QGwmIc3XjJuRwqnFJqzFj8lk33oAMLbfPAN6s7K
LIhOZ+B7on0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:51:59 2024 by rpki-client on console-ams.rpki-client.org