Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/db9bf1-e019-45a4-8663-a6ca454db2d7/1/h-iTnIi6XHLboyADAEAXA6rMAc4.roa
File: h-iTnIi6XHLboyADAEAXA6rMAc4.roa (raw, json)
Hash identifier: VmzM/WtgVJ2TJ94AGFLNAzhBvsq/XV+rVWR1Hra9FLM=
Subject key identifier: 87:E8:93:9C:88:BA:5C:72:DB:A3:20:03:00:40:17:03:AA:CC:01:CE
Certificate issuer: /CN=6363bb65895f3a54a4b324a10c79ac98efe2a1ca
Certificate serial: 01863CF979EF35CE67520A589799F72E386C
Authority key identifier: 63:63:BB:65:89:5F:3A:54:A4:B3:24:A1:0C:79:AC:98:EF:E2:A1:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y2O7ZYlfOlSksyShDHmsmO_ioco.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/db9bf1-e019-45a4-8663-a6ca454db2d7/1/h-iTnIi6XHLboyADAEAXA6rMAc4.roa
Signing time: Fri 10 Feb 2023 20:17:08 +0000
ROA not before: Fri 10 Feb 2023 20:17:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60707
IP address blocks: 109.107.132.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 10 Apr 2023 12:52:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:3c:f9:79:ef:35:ce:67:52:0a:58:97:99:f7:2e:38:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6363bb65895f3a54a4b324a10c79ac98efe2a1ca
Validity
Not Before: Feb 10 20:17:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=87e8939c88ba5c72dba3200300401703aacc01ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:c4:6c:67:74:b5:f9:42:b5:83:aa:e0:8d:78:
65:46:bb:84:70:a6:1d:42:00:db:57:9e:b8:a8:41:
15:af:e3:e2:c8:01:28:cd:da:e8:e9:1a:05:22:36:
89:ec:78:3e:bc:a0:39:b8:16:22:00:57:9f:7a:89:
bd:7d:ae:ea:b6:35:10:fd:a0:d2:e4:21:56:06:07:
0a:b4:64:6e:c0:d5:2b:46:30:25:64:65:56:98:72:
75:35:66:da:fc:3d:0d:26:57:87:a5:12:1f:43:1b:
2f:ae:65:3b:49:54:61:19:25:d5:41:11:ec:eb:b8:
6c:19:1b:49:4e:c8:f4:d8:94:bf:65:9f:c7:80:36:
3a:0d:a4:be:3c:10:fd:52:b5:50:cf:7a:f0:df:20:
ae:e2:4c:b1:1e:09:0e:22:88:97:5e:2f:82:6e:0d:
aa:34:ce:c5:ca:2f:8b:f1:84:72:b0:cd:19:d0:11:
ed:7c:51:3d:a5:30:eb:9c:7c:3c:bd:31:0b:b6:b1:
7d:36:d9:e8:51:31:67:65:76:fa:b4:f3:00:0c:f8:
3d:3a:20:f4:0f:15:67:73:fb:ef:73:1c:c9:35:ba:
ef:57:9e:b5:4e:76:00:12:a7:48:8d:c0:a7:b6:79:
d5:21:cb:be:9c:e9:c6:c8:93:bf:b4:b3:f8:34:b9:
8c:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:E8:93:9C:88:BA:5C:72:DB:A3:20:03:00:40:17:03:AA:CC:01:CE
X509v3 Authority Key Identifier:
keyid:63:63:BB:65:89:5F:3A:54:A4:B3:24:A1:0C:79:AC:98:EF:E2:A1:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y2O7ZYlfOlSksyShDHmsmO_ioco.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/db9bf1-e019-45a4-8663-a6ca454db2d7/1/h-iTnIi6XHLboyADAEAXA6rMAc4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/db9bf1-e019-45a4-8663-a6ca454db2d7/1/Y2O7ZYlfOlSksyShDHmsmO_ioco.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.107.132.0/24
Signature Algorithm: sha256WithRSAEncryption
a4:0c:9c:ab:14:ac:00:7e:04:a6:e6:48:89:f7:fc:05:75:df:
cc:6c:23:a5:04:e1:05:73:dc:64:ae:ba:a9:4d:b6:1a:48:b7:
d3:74:46:f8:fa:d4:d4:ba:db:aa:3d:28:ff:d4:64:c1:13:6f:
ca:2e:e1:9c:cc:39:d9:2f:c7:21:03:6b:9e:9b:58:24:e8:09:
65:b4:96:d2:5d:3c:d1:1f:74:cb:6d:18:8b:18:e9:4f:eb:d6:
9f:75:21:16:9b:0b:e3:2d:00:ec:12:92:c1:a4:99:20:41:f9:
09:76:c6:37:c6:9c:83:5a:81:33:ad:d8:48:c9:bf:01:bc:44:
3d:82:eb:4f:d7:65:71:9f:e5:ba:6d:c9:e6:ab:d0:ea:b3:9d:
23:17:59:61:76:03:fa:eb:1b:25:d9:63:29:33:3b:01:b9:8f:
85:9c:97:16:76:e8:ec:f2:78:04:f0:ed:ce:de:68:03:2b:84:
0d:47:65:07:9e:f4:89:ab:9a:69:66:95:3a:26:18:f3:27:1a:
1d:4c:5d:3b:b7:3f:57:9c:81:5b:1d:21:84:34:a2:6a:31:15:
9d:88:96:16:6c:82:d2:89:ab:d8:69:82:67:42:74:41:85:36:
6d:9c:e4:37:e1:52:54:af:00:ab:5c:c3:75:7d:b7:7d:f8:fd:
6f:56:cd:a0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYY8+XnvNc5nUgpYl5n3LjhsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzNjNiYjY1ODk1ZjNhNTRhNGIzMjRhMTBjNzlhYzk4ZWZl
MmExY2EwHhcNMjMwMjEwMjAxNzA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4N2U4OTM5Yzg4YmE1YzcyZGJhMzIwMDMwMDQwMTcwM2FhY2MwMWNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr8RsZ3S1+UK1g6rgjXhlRruEcKYd
QgDbV564qEEVr+PiyAEozdro6RoFIjaJ7Hg+vKA5uBYiAFefeom9fa7qtjUQ/aDS
5CFWBgcKtGRuwNUrRjAlZGVWmHJ1NWba/D0NJleHpRIfQxsvrmU7SVRhGSXVQRHs
67hsGRtJTsj02JS/ZZ/HgDY6DaS+PBD9UrVQz3rw3yCu4kyxHgkOIoiXXi+Cbg2q
NM7Fyi+L8YRysM0Z0BHtfFE9pTDrnHw8vTELtrF9NtnoUTFnZXb6tPMADPg9OiD0
DxVnc/vvcxzJNbrvV561TnYAEqdIjcCntnnVIcu+nOnGyJO/tLP4NLmMxwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIfok5yIulxy26MgAwBAFwOqzAHOMB8GA1UdIwQY
MBaAFGNju2WJXzpUpLMkoQx5rJjv4qHKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWTJPN1pZbGZPbFNrc3lTaERIbXNtT19pb2NvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9kYjliZjEtZTAxOS00NWE0LTg2NjMt
YTZjYTQ1NGRiMmQ3LzEvaC1pVG5JaTZYSExib3lBREFFQVhBNnJNQWM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9kYjliZjEtZTAxOS00NWE0LTg2NjMtYTZjYTQ1NGRiMmQ3
LzEvWTJPN1pZbGZPbFNrc3lTaERIbXNtT19pb2NvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbWuEMA0G
CSqGSIb3DQEBCwUAA4IBAQCkDJyrFKwAfgSm5kiJ9/wFdd/MbCOlBOEFc9xkrrqp
TbYaSLfTdEb4+tTUutuqPSj/1GTBE2/KLuGczDnZL8chA2uem1gk6AlltJbSXTzR
H3TLbRiLGOlP69afdSEWmwvjLQDsEpLBpJkgQfkJdsY3xpyDWoEzrdhIyb8BvEQ9
gutP12Vxn+W6bcnmq9Dqs50jF1lhdgP66xsl2WMpMzsBuY+FnJcWdujs8ngE8O3O
3mgDK4QNR2UHnvSJq5ppZpU6JhjzJxodTF07tz9XnIFbHSGENKJqMRWdiJYWbILS
iavYaYJnQnRBhTZtnOQ34VJUrwCrXMN1fbd9+P1vVs2g
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:45 2024 by rpki-client on console-fra.rpki-client.org