Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/db9bf1-e019-45a4-8663-a6ca454db2d7/1/nGZcil9j-E7uIw_3rm7f-1fSMwY.roa
File: nGZcil9j-E7uIw_3rm7f-1fSMwY.roa (raw, json)
Hash identifier: n64QlU1nQkxIIFADuh47XxjpV8Ytw8p1FqyP5EvTqCM=
Subject key identifier: 9C:66:5C:8A:5F:63:F8:4E:EE:23:0F:F7:AE:6E:DF:FB:57:D2:33:06
Certificate issuer: /CN=6363bb65895f3a54a4b324a10c79ac98efe2a1ca
Certificate serial: 018635A1E80C549065BA24E50FE8C0A2133B
Authority key identifier: 63:63:BB:65:89:5F:3A:54:A4:B3:24:A1:0C:79:AC:98:EF:E2:A1:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y2O7ZYlfOlSksyShDHmsmO_ioco.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/db9bf1-e019-45a4-8663-a6ca454db2d7/1/nGZcil9j-E7uIw_3rm7f-1fSMwY.roa
Signing time: Thu 09 Feb 2023 10:04:08 +0000
ROA not before: Thu 09 Feb 2023 10:04:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 109.107.132.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 10 Apr 2023 12:53:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:35:a1:e8:0c:54:90:65:ba:24:e5:0f:e8:c0:a2:13:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6363bb65895f3a54a4b324a10c79ac98efe2a1ca
Validity
Not Before: Feb 9 10:04:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9c665c8a5f63f84eee230ff7ae6edffb57d23306
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:fb:c4:8a:05:ec:12:fd:eb:b9:ae:10:17:90:
9c:21:52:48:fe:04:ff:a4:d6:d6:8f:52:23:e8:8c:
2c:ac:54:8d:ef:94:68:0f:89:a1:12:98:43:d6:b3:
bb:5b:c4:8e:87:0e:5c:16:b0:ee:08:bf:26:f3:d1:
f3:e0:04:fa:d0:f9:7e:02:70:0e:fc:20:9e:22:4e:
de:17:e1:7f:b2:c9:e0:cf:3a:e5:33:98:6c:aa:86:
75:f0:42:fd:bf:d5:7e:db:51:a0:ba:8f:68:09:7a:
77:8d:60:61:56:58:bc:a7:3a:e6:98:21:d6:4f:f6:
55:46:b9:66:a1:6a:13:0d:1c:8b:3d:f2:10:2c:9d:
1b:5c:a4:43:d9:04:f0:65:98:e3:48:b8:14:bb:17:
23:29:9b:68:64:b3:7c:4c:1c:4e:8d:59:bf:5e:a4:
aa:ad:bb:2e:e4:84:3e:21:27:e5:d5:b8:e2:3d:bd:
67:df:0c:aa:db:8a:99:b9:d1:7d:d7:9f:e5:1f:04:
66:f3:84:ab:81:72:49:4a:25:c9:25:59:d7:89:af:
a6:da:ce:03:a6:e1:58:e1:2d:3a:37:06:df:c6:b9:
92:93:f1:e3:57:3d:b4:b2:88:33:eb:7a:81:53:ed:
6f:7e:bc:84:8f:94:70:d5:37:e0:bc:5d:9f:78:03:
2e:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:66:5C:8A:5F:63:F8:4E:EE:23:0F:F7:AE:6E:DF:FB:57:D2:33:06
X509v3 Authority Key Identifier:
keyid:63:63:BB:65:89:5F:3A:54:A4:B3:24:A1:0C:79:AC:98:EF:E2:A1:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y2O7ZYlfOlSksyShDHmsmO_ioco.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/db9bf1-e019-45a4-8663-a6ca454db2d7/1/nGZcil9j-E7uIw_3rm7f-1fSMwY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/db9bf1-e019-45a4-8663-a6ca454db2d7/1/Y2O7ZYlfOlSksyShDHmsmO_ioco.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.107.132.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:53:cb:07:a6:34:5d:84:18:ee:42:23:6d:58:d7:6a:13:5d:
23:e2:40:b0:32:9c:1b:c0:ef:99:c9:36:c6:78:73:96:e8:66:
42:ff:0e:6a:61:d5:27:99:85:14:db:91:4b:93:87:88:20:ee:
0d:e1:1e:92:ab:a8:71:fb:93:8e:63:9e:5c:7d:fc:fb:c2:ba:
19:5d:fa:11:0c:97:d5:3c:d3:9e:72:85:d3:b1:ad:b2:fd:77:
a3:ec:e9:f0:f9:f4:b7:1c:4f:13:2f:58:3c:7f:c6:dc:56:66:
e8:ff:21:7e:95:af:c7:5a:ed:9d:ee:77:33:8d:a1:85:b9:b2:
76:32:9c:78:f0:77:cc:bc:6e:1f:87:b8:a5:88:02:35:dd:02:
f7:ac:76:b7:1e:fc:c0:52:e4:3b:7a:dd:4c:7b:6b:d2:d7:8c:
68:a6:4d:ba:87:24:eb:0a:ea:16:13:dd:b2:78:d1:1a:49:59:
1f:82:6f:10:23:35:7a:10:6d:e4:e8:f2:93:4c:81:d7:2d:9f:
27:7c:55:af:36:f3:57:80:b9:ea:15:65:f1:8b:a1:2b:87:e9:
a7:7c:b8:b6:a5:1c:dd:e7:eb:85:7d:35:82:c6:ef:a9:23:12:
6a:f5:63:b4:8d:d9:b6:f6:91:aa:68:bb:69:de:1a:31:fa:9e:
9a:88:c5:d6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYY1oegMVJBluiTlD+jAohM7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzNjNiYjY1ODk1ZjNhNTRhNGIzMjRhMTBjNzlhYzk4ZWZl
MmExY2EwHhcNMjMwMjA5MTAwNDA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzY2NWM4YTVmNjNmODRlZWUyMzBmZjdhZTZlZGZmYjU3ZDIzMzA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhPvEigXsEv3rua4QF5CcIVJI/gT/
pNbWj1Ij6IwsrFSN75RoD4mhEphD1rO7W8SOhw5cFrDuCL8m89Hz4AT60Pl+AnAO
/CCeIk7eF+F/ssngzzrlM5hsqoZ18EL9v9V+21Gguo9oCXp3jWBhVli8pzrmmCHW
T/ZVRrlmoWoTDRyLPfIQLJ0bXKRD2QTwZZjjSLgUuxcjKZtoZLN8TBxOjVm/XqSq
rbsu5IQ+ISfl1bjiPb1n3wyq24qZudF915/lHwRm84SrgXJJSiXJJVnXia+m2s4D
puFY4S06NwbfxrmSk/HjVz20sogz63qBU+1vfryEj5Rw1TfgvF2feAMuCwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJxmXIpfY/hO7iMP965u3/tX0jMGMB8GA1UdIwQY
MBaAFGNju2WJXzpUpLMkoQx5rJjv4qHKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWTJPN1pZbGZPbFNrc3lTaERIbXNtT19pb2NvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9kYjliZjEtZTAxOS00NWE0LTg2NjMt
YTZjYTQ1NGRiMmQ3LzEvbkdaY2lsOWotRTd1SXdfM3JtN2YtMWZTTXdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9kYjliZjEtZTAxOS00NWE0LTg2NjMtYTZjYTQ1NGRiMmQ3
LzEvWTJPN1pZbGZPbFNrc3lTaERIbXNtT19pb2NvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbWuEMA0G
CSqGSIb3DQEBCwUAA4IBAQB6U8sHpjRdhBjuQiNtWNdqE10j4kCwMpwbwO+ZyTbG
eHOW6GZC/w5qYdUnmYUU25FLk4eIIO4N4R6Sq6hx+5OOY55cffz7wroZXfoRDJfV
PNOecoXTsa2y/Xej7Onw+fS3HE8TL1g8f8bcVmbo/yF+la/HWu2d7nczjaGFubJ2
Mpx48HfMvG4fh7iliAI13QL3rHa3HvzAUuQ7et1Me2vS14xopk26hyTrCuoWE92y
eNEaSVkfgm8QIzV6EG3k6PKTTIHXLZ8nfFWvNvNXgLnqFWXxi6Erh+mnfLi2pRzd
5+uFfTWCxu+pIxJq9WO0jdm29pGqaLtp3hox+p6aiMXW
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:45 2024 by rpki-client on console-fra.rpki-client.org