Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/6f895b-7977-445d-b72c-8b5ef41d8c25/1/aRyDfOfuQzem6hlmpU-_1Qaq4Q4.roa
File: aRyDfOfuQzem6hlmpU-_1Qaq4Q4.roa (raw, json)
Hash identifier: dVOz7TexaWPLzE7tUT/DVN4J0qKM9ffXIoNwi842ad4=
Subject key identifier: 69:1C:83:7C:E7:EE:43:37:A6:EA:19:66:A5:4F:BF:D5:06:AA:E1:0E
Certificate issuer: /CN=2236b2b8afa6036d2c8e8317736faaa72d80c4f2
Certificate serial: 018571B0C6BE4B522AE31CDD7EAC8870FF1D
Authority key identifier: 22:36:B2:B8:AF:A6:03:6D:2C:8E:83:17:73:6F:AA:A7:2D:80:C4:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IjayuK-mA20sjoMXc2-qpy2AxPI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/6f895b-7977-445d-b72c-8b5ef41d8c25/1/aRyDfOfuQzem6hlmpU-_1Qaq4Q4.roa
Signing time: Mon 02 Jan 2023 08:54:48 +0000
ROA not before: Mon 02 Jan 2023 08:54:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 24725
IP address blocks: 109.70.105.0/24 maxlen: 24
109.70.104.0/24 maxlen: 24
109.70.107.0/24 maxlen: 24
109.70.106.0/24 maxlen: 24
2001:4130:107::/48 maxlen: 48
2001:4130:50f2::/48 maxlen: 48
2001:4130::/34 maxlen: 48
2001:4130::/32 maxlen: 48
2001:4130:18::/48 maxlen: 48
2001:4130::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:32:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:b0:c6:be:4b:52:2a:e3:1c:dd:7e:ac:88:70:ff:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2236b2b8afa6036d2c8e8317736faaa72d80c4f2
Validity
Not Before: Jan 2 08:54:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=691c837ce7ee4337a6ea1966a54fbfd506aae10e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:51:f1:c6:58:81:f7:68:6b:8a:43:b3:6d:a1:
b3:5b:9f:3f:95:91:21:bc:0e:a2:81:bb:ec:20:4a:
29:09:53:2b:96:f5:60:c2:0f:8c:89:f3:a0:4b:15:
78:d4:9b:87:ab:e8:ae:c1:74:a1:49:52:b5:0c:4e:
d5:3f:03:95:31:a3:f5:f4:18:22:27:1b:df:f0:0e:
2a:26:08:ec:ed:47:b0:37:ee:0b:ac:07:3c:1d:57:
10:66:47:83:6f:fc:49:ae:63:48:0a:de:ef:e9:5e:
a0:7c:d6:c4:73:a8:c7:bf:a8:a0:1b:8b:33:c2:2c:
08:44:61:c9:cc:36:7e:88:59:3b:22:99:4d:c4:ef:
1a:b8:21:b4:7c:01:78:a2:85:36:2b:e7:e3:1a:f3:
92:6f:01:93:1b:d2:4a:db:89:19:b0:fc:dd:cb:02:
d2:43:bd:1c:88:2f:ad:7e:bf:e9:22:a7:b3:f2:f9:
ef:5c:49:af:68:cb:c3:5d:e5:9c:3a:e9:6d:03:80:
c8:37:eb:55:f6:ec:45:0f:bb:a9:72:f7:8f:0a:67:
d9:62:59:18:88:11:92:b4:e6:ba:19:d3:f8:b1:e6:
c6:ce:53:65:26:88:96:04:ce:1b:6c:3a:fa:4a:b1:
ee:4c:2c:61:2a:01:f0:f5:2d:c4:59:84:0e:34:6f:
f6:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:1C:83:7C:E7:EE:43:37:A6:EA:19:66:A5:4F:BF:D5:06:AA:E1:0E
X509v3 Authority Key Identifier:
keyid:22:36:B2:B8:AF:A6:03:6D:2C:8E:83:17:73:6F:AA:A7:2D:80:C4:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IjayuK-mA20sjoMXc2-qpy2AxPI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/6f895b-7977-445d-b72c-8b5ef41d8c25/1/aRyDfOfuQzem6hlmpU-_1Qaq4Q4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/6f895b-7977-445d-b72c-8b5ef41d8c25/1/IjayuK-mA20sjoMXc2-qpy2AxPI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.70.104.0/22
IPv6:
2001:4130::/32
Signature Algorithm: sha256WithRSAEncryption
2b:75:8f:93:3a:0d:99:eb:78:05:fa:2d:2c:da:5e:ba:c6:16:
ea:80:9d:ce:ba:8a:11:fc:8b:22:15:6e:ef:af:40:2c:bb:46:
5b:83:77:27:0a:3e:40:ef:85:08:12:0c:30:b7:f0:ec:87:d5:
08:3b:03:8a:ff:07:e5:49:c0:64:08:99:eb:bf:d7:da:12:39:
7f:3e:c9:52:ac:ee:ce:22:5f:07:ff:ea:4e:ce:ba:82:b5:a9:
96:b1:1d:f5:dd:07:18:17:f3:9e:b8:c9:5f:85:4d:19:26:dd:
dd:0e:e7:03:e1:b8:96:1c:04:b5:a4:86:b7:3e:d4:70:4a:a3:
29:dd:ed:a7:2b:de:8b:28:76:cf:dd:43:7f:f7:b2:76:3f:ae:
25:2f:61:e1:2a:53:3a:89:f5:b5:d5:fd:c2:10:81:36:24:c6:
04:8b:cc:04:71:69:09:53:94:73:24:88:13:c6:13:f1:d4:85:
66:5a:5d:b7:b2:80:df:5c:46:57:0a:f7:93:68:7d:b8:25:4e:
27:10:77:1c:66:b2:4c:85:6c:5b:75:30:75:bc:7d:c7:a6:b6:
75:f9:f2:5a:73:32:b4:33:c6:6c:fc:49:2a:e3:15:6b:f6:ec:
ed:d6:32:b1:ff:c1:01:54:c1:08:2b:3c:04:59:8f:b6:3b:8d:
7e:99:df:92
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVxsMa+S1Iq4xzdfqyIcP8dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyMzZiMmI4YWZhNjAzNmQyYzhlODMxNzczNmZhYWE3MmQ4
MGM0ZjIwHhcNMjMwMTAyMDg1NDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTFjODM3Y2U3ZWU0MzM3YTZlYTE5NjZhNTRmYmZkNTA2YWFlMTBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAylHxxliB92hrikOzbaGzW58/lZEh
vA6igbvsIEopCVMrlvVgwg+MifOgSxV41JuHq+iuwXShSVK1DE7VPwOVMaP19Bgi
Jxvf8A4qJgjs7UewN+4LrAc8HVcQZkeDb/xJrmNICt7v6V6gfNbEc6jHv6igG4sz
wiwIRGHJzDZ+iFk7IplNxO8auCG0fAF4ooU2K+fjGvOSbwGTG9JK24kZsPzdywLS
Q70ciC+tfr/pIqez8vnvXEmvaMvDXeWcOultA4DIN+tV9uxFD7upcvePCmfZYlkY
iBGStOa6GdP4sebGzlNlJoiWBM4bbDr6SrHuTCxhKgHw9S3EWYQONG/2kwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGkcg3zn7kM3puoZZqVPv9UGquEOMB8GA1UdIwQY
MBaAFCI2srivpgNtLI6DF3NvqqctgMTyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWpheXVLLW1BMjBzam9NWGMyLXFweTJBeFBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82Zjg5NWItNzk3Ny00NDVkLWI3MmMt
OGI1ZWY0MWQ4YzI1LzEvYVJ5RGZPZnVRemVtNmhsbXBVLV8xUWFxNFE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82Zjg5NWItNzk3Ny00NDVkLWI3MmMtOGI1ZWY0MWQ4YzI1
LzEvSWpheXVLLW1BMjBzam9NWGMyLXFweTJBeFBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCbUZoMA0E
AgACMAcDBQAgAUEwMA0GCSqGSIb3DQEBCwUAA4IBAQArdY+TOg2Z63gF+i0s2l66
xhbqgJ3OuooR/IsiFW7vr0Asu0Zbg3cnCj5A74UIEgwwt/Dsh9UIOwOK/wflScBk
CJnrv9faEjl/PslSrO7OIl8H/+pOzrqCtamWsR313QcYF/OeuMlfhU0ZJt3dDucD
4biWHAS1pIa3PtRwSqMp3e2nK96LKHbP3UN/97J2P64lL2HhKlM6ifW11f3CEIE2
JMYEi8wEcWkJU5RzJIgTxhPx1IVmWl23soDfXEZXCveTaH24JU4nEHccZrJMhWxb
dTB1vH3HprZ1+fJaczK0M8Zs/Ekq4xVr9uzt1jKx/8EBVMEIKzwEWY+2O41+md+S
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:33 2024 by rpki-client on console-fra.rpki-client.org