Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/0357e8-3ea0-4968-9ef9-7d70519b76da/1/baynY81JhGiXQZNXkEzE3JUXKns.roa
File: baynY81JhGiXQZNXkEzE3JUXKns.roa (raw, json)
Hash identifier: SYOG1IjmXYq9dTpCKB3OV62Uhh1GtAYytzEHyjCcpfA=
Subject key identifier: 6D:AC:A7:63:CD:49:84:68:97:41:93:57:90:4C:C4:DC:95:17:2A:7B
Certificate issuer: /CN=2dfef2b839ad07786833b1bedca8b0b19203e111
Certificate serial: 0193B739DBA9B6AA59EC25ACBDDFF5CA5CB1
Authority key identifier: 2D:FE:F2:B8:39:AD:07:78:68:33:B1:BE:DC:A8:B0:B1:92:03:E1:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Lf7yuDmtB3hoM7G-3KiwsZID4RE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/0357e8-3ea0-4968-9ef9-7d70519b76da/1/baynY81JhGiXQZNXkEzE3JUXKns.roa
Signing time: Wed 11 Dec 2024 19:37:22 +0000
ROA not before: Wed 11 Dec 2024 19:37:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34568
IP address blocks: 109.234.223.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 09:47:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:b7:39:db:a9:b6:aa:59:ec:25:ac:bd:df:f5:ca:5c:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2dfef2b839ad07786833b1bedca8b0b19203e111
Validity
Not Before: Dec 11 19:37:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6daca763cd49846897419357904cc4dc95172a7b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:48:c8:d2:83:5a:5c:48:80:05:46:ea:e6:fd:
fc:53:d0:de:b0:3f:f9:a8:16:4d:8d:7a:5f:b2:3f:
13:8c:24:47:ec:6b:8b:48:a9:2b:a1:fa:1a:6c:ed:
29:86:cd:29:a6:38:47:d7:b5:f5:dc:6f:25:8f:f6:
76:fc:24:72:d7:1e:9f:11:82:61:fe:63:38:25:9e:
2c:a2:7b:88:8d:a4:a0:25:cd:64:b2:59:b5:23:68:
7c:51:49:84:83:b0:a4:e8:60:9b:64:ca:cf:49:e7:
9a:e4:30:a2:23:5b:61:fe:69:8d:38:a0:fe:6b:c0:
93:68:c8:82:f0:28:ec:67:7b:e7:e5:3e:8b:a7:4d:
2f:19:90:47:80:b5:bb:f7:de:8d:e2:a9:9e:90:23:
62:6d:14:c9:17:bd:81:de:e6:29:48:49:be:8b:e4:
ea:55:64:2a:4b:bb:0d:83:31:a2:cb:17:6a:0e:cd:
dd:23:4e:6f:16:f5:f2:75:bd:87:39:1f:60:d2:63:
4c:e9:88:cf:07:0b:3a:0a:5c:51:86:97:3c:c6:59:
59:3d:2f:0a:4a:17:b5:a7:24:81:dc:f7:a1:8b:e2:
6b:50:67:da:91:e6:02:e9:a5:0c:4c:c5:a8:17:ef:
6d:7a:48:2e:59:16:94:dd:e4:80:64:1d:85:e5:7a:
20:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:AC:A7:63:CD:49:84:68:97:41:93:57:90:4C:C4:DC:95:17:2A:7B
X509v3 Authority Key Identifier:
keyid:2D:FE:F2:B8:39:AD:07:78:68:33:B1:BE:DC:A8:B0:B1:92:03:E1:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Lf7yuDmtB3hoM7G-3KiwsZID4RE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/0357e8-3ea0-4968-9ef9-7d70519b76da/1/baynY81JhGiXQZNXkEzE3JUXKns.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/0357e8-3ea0-4968-9ef9-7d70519b76da/1/Lf7yuDmtB3hoM7G-3KiwsZID4RE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.234.223.0/24
Signature Algorithm: sha256WithRSAEncryption
23:6e:93:d8:90:93:d1:77:81:c7:09:ff:34:c0:4d:78:3d:0d:
c8:8f:29:7e:51:16:05:1d:8c:c0:87:32:e1:87:45:e9:01:44:
ec:86:50:4e:c5:55:87:d3:f0:86:7a:8e:01:a6:db:7d:25:d6:
a2:cc:39:45:74:e3:90:ee:9f:64:41:40:d3:77:1f:73:9b:d8:
e0:ba:d6:88:ad:a8:2a:88:9c:6e:29:1e:99:06:11:65:c9:1f:
37:a5:c0:64:3e:8a:9d:e6:b4:25:99:2e:03:bb:f6:bc:47:4c:
9c:10:bf:1c:0e:9a:92:6d:f6:33:e2:db:b1:45:a7:2b:dc:f5:
aa:3b:ae:05:85:7b:a0:75:91:de:f9:02:11:55:77:4f:38:54:
65:f1:79:47:87:2d:58:26:42:99:b1:da:6d:eb:a2:46:73:95:
d5:54:30:b6:11:87:03:a9:f7:0b:5a:df:db:a4:8b:0a:88:75:
e1:0a:8e:02:6b:58:bb:c1:00:c8:0f:6c:bd:bc:ee:f1:b9:de:
48:38:a0:00:a2:02:16:97:4c:9f:31:90:4d:3c:66:c0:7d:1f:
f7:35:f5:a8:64:72:93:b8:5e:59:2d:4a:f5:34:dc:cf:53:62:
7f:a3:db:b1:5f:49:52:f3:4b:47:17:45:0e:7b:f7:09:f1:1e:
47:2d:e1:78
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZO3OduptqpZ7CWsvd/1ylyxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkZmVmMmI4MzlhZDA3Nzg2ODMzYjFiZWRjYThiMGIxOTIw
M2UxMTEwHhcNMjQxMjExMTkzNzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZGFjYTc2M2NkNDk4NDY4OTc0MTkzNTc5MDRjYzRkYzk1MTcyYTdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyEjI0oNaXEiABUbq5v38U9DesD/5
qBZNjXpfsj8TjCRH7GuLSKkrofoabO0phs0ppjhH17X13G8lj/Z2/CRy1x6fEYJh
/mM4JZ4sonuIjaSgJc1kslm1I2h8UUmEg7Ck6GCbZMrPSeea5DCiI1th/mmNOKD+
a8CTaMiC8CjsZ3vn5T6Lp00vGZBHgLW7996N4qmekCNibRTJF72B3uYpSEm+i+Tq
VWQqS7sNgzGiyxdqDs3dI05vFvXydb2HOR9g0mNM6YjPBws6ClxRhpc8xllZPS8K
She1pySB3Pehi+JrUGfakeYC6aUMTMWoF+9tekguWRaU3eSAZB2F5XogRQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG2sp2PNSYRol0GTV5BMxNyVFyp7MB8GA1UdIwQY
MBaAFC3+8rg5rQd4aDOxvtyosLGSA+ERMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTGY3eXVEbXRCM2hvTTdHLTNLaXdzWklENFJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC8wMzU3ZTgtM2VhMC00OTY4LTllZjkt
N2Q3MDUxOWI3NmRhLzEvYmF5blk4MUpoR2lYUVpOWGtFekUzSlVYS25zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC8wMzU3ZTgtM2VhMC00OTY4LTllZjktN2Q3MDUxOWI3NmRh
LzEvTGY3eXVEbXRCM2hvTTdHLTNLaXdzWklENFJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAberfMA0G
CSqGSIb3DQEBCwUAA4IBAQAjbpPYkJPRd4HHCf80wE14PQ3Ijyl+URYFHYzAhzLh
h0XpAUTshlBOxVWH0/CGeo4Bptt9JdaizDlFdOOQ7p9kQUDTdx9zm9jgutaIragq
iJxuKR6ZBhFlyR83pcBkPoqd5rQlmS4Du/a8R0ycEL8cDpqSbfYz4tuxRacr3PWq
O64FhXugdZHe+QIRVXdPOFRl8XlHhy1YJkKZsdpt66JGc5XVVDC2EYcDqfcLWt/b
pIsKiHXhCo4Ca1i7wQDID2y9vO7xud5IOKAAogIWl0yfMZBNPGbAfR/3NfWoZHKT
uF5ZLUr1NNzPU2J/o9uxX0lS80tHF0UOe/cJ8R5HLeF4
-----END CERTIFICATE-----
Generated at Sun Jun 8 20:26:42 2025 by rpki-client