Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/4e7b5c-2906-478a-8ef0-d29701487536/1/FbFnZhVFmlkD_ZRSvzj1LSnX-NI.roa
File: FbFnZhVFmlkD_ZRSvzj1LSnX-NI.roa (raw, json)
Hash identifier: jgc9c3vIb1AqSG619oO2lTFVYFMEd418SUu2GNSM83k=
Subject key identifier: 15:B1:67:66:15:45:9A:59:03:FD:94:52:BF:38:F5:2D:29:D7:F8:D2
Certificate issuer: /CN=5157c87d111c8050fd5c9ac2b06be62323675033
Certificate serial: 0189BB9CDE115CE7317EB071E522889CF089
Authority key identifier: 51:57:C8:7D:11:1C:80:50:FD:5C:9A:C2:B0:6B:E6:23:23:67:50:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UVfIfREcgFD9XJrCsGvmIyNnUDM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/4e7b5c-2906-478a-8ef0-d29701487536/1/FbFnZhVFmlkD_ZRSvzj1LSnX-NI.roa
Signing time: Thu 03 Aug 2023 13:36:07 +0000
ROA not before: Thu 03 Aug 2023 13:36:07 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58082
IP address blocks: 109.233.128.0/21 maxlen: 24
109.233.128.0/22 maxlen: 24
109.233.132.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 08:30:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:bb:9c:de:11:5c:e7:31:7e:b0:71:e5:22:88:9c:f0:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5157c87d111c8050fd5c9ac2b06be62323675033
Validity
Not Before: Aug 3 13:36:07 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=15b1676615459a5903fd9452bf38f52d29d7f8d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:4e:49:1a:54:eb:da:39:20:eb:21:18:00:7c:
5d:8f:83:6f:6e:2d:e7:e6:de:36:44:f8:78:6f:70:
fa:79:63:d0:9b:ad:26:09:88:b4:98:ce:4d:51:9d:
31:9c:d0:09:46:55:b4:ba:2b:86:0b:d6:c9:01:df:
7d:35:7c:9f:94:fd:30:a9:8f:ab:07:fd:17:04:28:
b5:08:5b:d6:43:03:9c:66:ce:6a:f3:fc:37:3c:57:
bb:b7:2a:48:6c:17:a4:f6:0a:ec:b7:c0:d6:46:13:
68:33:dc:84:d6:bf:98:33:ab:f3:be:1f:18:77:30:
92:91:4f:00:83:3c:9d:d2:25:36:8b:38:c2:c2:de:
ea:05:eb:51:b8:34:ed:f5:72:2a:e4:8e:81:73:2b:
0f:cb:dc:4a:dc:4c:ed:63:95:48:50:d4:28:d5:f5:
89:7c:b3:e6:d5:39:b5:87:17:8a:fb:f9:9f:5d:7f:
6c:2c:3e:49:ab:6c:2d:50:57:0b:d5:56:79:f7:58:
4a:62:ce:49:a0:41:b4:65:8a:ab:3d:b6:54:1d:7c:
3f:57:0d:63:0d:f1:78:6f:db:c6:3d:d3:3d:1c:08:
c5:3a:21:83:e2:b1:08:c3:db:ad:cc:12:9b:9f:cc:
87:f8:3c:e4:10:1e:17:e7:b0:e2:02:3d:ed:b1:1e:
92:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:B1:67:66:15:45:9A:59:03:FD:94:52:BF:38:F5:2D:29:D7:F8:D2
X509v3 Authority Key Identifier:
keyid:51:57:C8:7D:11:1C:80:50:FD:5C:9A:C2:B0:6B:E6:23:23:67:50:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UVfIfREcgFD9XJrCsGvmIyNnUDM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/4e7b5c-2906-478a-8ef0-d29701487536/1/FbFnZhVFmlkD_ZRSvzj1LSnX-NI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/4e7b5c-2906-478a-8ef0-d29701487536/1/UVfIfREcgFD9XJrCsGvmIyNnUDM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.233.128.0/21
Signature Algorithm: sha256WithRSAEncryption
d6:62:d8:71:3c:b7:7b:35:15:92:1c:ad:9a:2a:56:51:f9:74:
9c:c1:61:1a:f5:4a:f4:11:d2:6d:cc:38:63:34:c7:59:8b:22:
09:81:3b:10:af:e4:a7:59:d3:43:1d:f8:79:ed:7c:6f:8d:48:
2b:53:18:3f:e4:b2:70:6c:08:af:04:64:08:e8:f4:5f:7a:f3:
92:7d:fa:1e:10:70:e3:0a:4f:0c:9c:0f:21:3b:6d:cd:ea:77:
20:6e:58:e1:6a:87:e4:60:c6:5b:a2:03:f4:22:d0:f1:37:69:
9e:94:81:29:7e:d7:36:84:63:ee:67:0c:6b:11:8c:2c:6e:55:
2a:0b:91:c1:92:3a:4f:f7:db:a1:d7:02:25:c4:20:25:5a:88:
fe:40:7f:1b:a7:b8:01:b6:ad:aa:5d:ed:09:08:a9:71:cd:37:
dd:f3:4b:41:ee:2a:ee:e1:4f:1f:f3:67:d7:51:05:f0:ed:b8:
7e:40:6a:5e:2d:05:fc:56:aa:15:a5:71:17:2d:e0:81:65:15:
b9:61:2f:4c:e8:5c:87:4c:2a:6d:3a:7d:a9:93:cf:1f:12:b6:
88:9e:27:14:a4:c2:94:e2:48:b5:a3:b2:9c:57:29:5e:db:67:
ea:d1:86:d3:33:61:3f:e4:f8:0c:ea:80:f7:8b:87:05:14:a7:
c9:55:0f:b4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYm7nN4RXOcxfrBx5SKInPCJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxNTdjODdkMTExYzgwNTBmZDVjOWFjMmIwNmJlNjIzMjM2
NzUwMzMwHhcNMjMwODAzMTMzNjA3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNWIxNjc2NjE1NDU5YTU5MDNmZDk0NTJiZjM4ZjUyZDI5ZDdmOGQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArU5JGlTr2jkg6yEYAHxdj4Nvbi3n
5t42RPh4b3D6eWPQm60mCYi0mM5NUZ0xnNAJRlW0uiuGC9bJAd99NXyflP0wqY+r
B/0XBCi1CFvWQwOcZs5q8/w3PFe7typIbBek9grst8DWRhNoM9yE1r+YM6vzvh8Y
dzCSkU8Agzyd0iU2izjCwt7qBetRuDTt9XIq5I6BcysPy9xK3EztY5VIUNQo1fWJ
fLPm1Tm1hxeK+/mfXX9sLD5Jq2wtUFcL1VZ591hKYs5JoEG0ZYqrPbZUHXw/Vw1j
DfF4b9vGPdM9HAjFOiGD4rEIw9utzBKbn8yH+DzkEB4X57DiAj3tsR6StwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBWxZ2YVRZpZA/2UUr849S0p1/jSMB8GA1UdIwQY
MBaAFFFXyH0RHIBQ/VyawrBr5iMjZ1AzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVVZmSWZSRWNnRkQ5WEpyQ3NHdm1JeU5uVURNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy80ZTdiNWMtMjkwNi00NzhhLThlZjAt
ZDI5NzAxNDg3NTM2LzEvRmJGblpoVkZtbGtEX1pSU3Z6ajFMU25YLU5JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy80ZTdiNWMtMjkwNi00NzhhLThlZjAtZDI5NzAxNDg3NTM2
LzEvVVZmSWZSRWNnRkQ5WEpyQ3NHdm1JeU5uVURNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDbemAMA0G
CSqGSIb3DQEBCwUAA4IBAQDWYthxPLd7NRWSHK2aKlZR+XScwWEa9Ur0EdJtzDhj
NMdZiyIJgTsQr+SnWdNDHfh57XxvjUgrUxg/5LJwbAivBGQI6PRfevOSffoeEHDj
Ck8MnA8hO23N6ncgbljhaofkYMZbogP0ItDxN2melIEpftc2hGPuZwxrEYwsblUq
C5HBkjpP99uh1wIlxCAlWoj+QH8bp7gBtq2qXe0JCKlxzTfd80tB7iru4U8f82fX
UQXw7bh+QGpeLQX8VqoVpXEXLeCBZRW5YS9M6FyHTCptOn2pk88fEraInicUpMKU
4ki1o7KcVyle22fq0YbTM2E/5PgM6oD3i4cFFKfJVQ+0
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:52:28 2024 by rpki-client on console-ams.rpki-client.org