Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/0ffb64-efcb-49f5-8342-f9fb38c77c55/1/qOSnSInyz21aJz_d1XBQNArZxLE.roa
File: qOSnSInyz21aJz_d1XBQNArZxLE.roa (raw, json)
Hash identifier: CHL7iqiloYOXdraAyyfSSEOUVRYplJPxPoH9WsaCLKA=
Subject key identifier: A8:E4:A7:48:89:F2:CF:6D:5A:27:3F:DD:D5:70:50:34:0A:D9:C4:B1
Certificate issuer: /CN=b30e3011a0fb3111fbe8493c1230974aef532704
Certificate serial: 01881FD0BD74CB261F631524B3E9CCA18C0B
Authority key identifier: B3:0E:30:11:A0:FB:31:11:FB:E8:49:3C:12:30:97:4A:EF:53:27:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sw4wEaD7MRH76Ek8EjCXSu9TJwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/0ffb64-efcb-49f5-8342-f9fb38c77c55/1/qOSnSInyz21aJz_d1XBQNArZxLE.roa
Signing time: Mon 15 May 2023 14:29:13 +0000
ROA not before: Mon 15 May 2023 14:29:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208951
IP address blocks: 109.207.169.0/24 maxlen: 24
109.207.172.0/24 maxlen: 24
109.207.168.0/24 maxlen: 24
109.207.168.0/21 maxlen: 21
Validation: Failed, certificate revoked on Mon 15 May 2023 15:30:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:1f:d0:bd:74:cb:26:1f:63:15:24:b3:e9:cc:a1:8c:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b30e3011a0fb3111fbe8493c1230974aef532704
Validity
Not Before: May 15 14:29:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a8e4a74889f2cf6d5a273fddd57050340ad9c4b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f8:d6:e8:05:a7:cf:a9:67:17:d0:74:ff:b0:58:
14:01:d3:25:fe:02:0f:cb:9b:77:86:05:fc:27:af:
3d:8a:76:2f:0e:0c:c6:2c:c6:84:e9:b6:a3:f7:9a:
6d:5d:90:6a:b3:3b:13:34:30:99:9e:f4:02:db:27:
e9:51:83:77:cb:ca:55:35:18:ef:05:c1:be:1f:2e:
f5:3f:1e:48:27:0f:26:a5:7b:da:5b:8b:ce:c2:5b:
2f:35:92:f5:38:93:5d:68:8a:19:89:02:ad:ae:8f:
18:5b:85:57:71:4e:5a:43:46:12:48:a3:b8:ac:de:
8c:76:d7:62:72:15:0d:cd:3e:1e:34:8a:cb:8e:ad:
53:ab:4d:21:b6:31:43:6f:e2:29:d7:35:c9:02:01:
98:2a:1a:f5:40:c7:f1:23:1e:13:17:a0:6f:ad:63:
4b:fd:60:f7:f0:c2:51:29:ba:7e:81:7f:9a:8a:dd:
7a:bf:c4:a4:21:70:79:e3:79:14:f2:33:10:d0:7d:
e7:8a:08:de:0c:26:b4:2c:50:0e:30:45:99:ac:16:
5f:68:b9:49:74:81:b0:5c:56:6d:cb:79:34:8b:e1:
30:64:57:6b:3d:27:9f:d6:5b:e6:9c:46:b0:4e:a1:
6e:49:2d:53:4a:ef:ad:fa:e2:f4:21:c5:6d:f9:07:
ea:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:E4:A7:48:89:F2:CF:6D:5A:27:3F:DD:D5:70:50:34:0A:D9:C4:B1
X509v3 Authority Key Identifier:
keyid:B3:0E:30:11:A0:FB:31:11:FB:E8:49:3C:12:30:97:4A:EF:53:27:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sw4wEaD7MRH76Ek8EjCXSu9TJwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/0ffb64-efcb-49f5-8342-f9fb38c77c55/1/qOSnSInyz21aJz_d1XBQNArZxLE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/0ffb64-efcb-49f5-8342-f9fb38c77c55/1/sw4wEaD7MRH76Ek8EjCXSu9TJwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.207.168.0/21
Signature Algorithm: sha256WithRSAEncryption
17:9a:96:ba:b5:38:47:0b:50:46:8e:ab:0b:6f:89:45:be:21:
9e:be:cc:37:cf:5a:6c:33:92:1d:a0:7b:db:2b:dc:e8:65:ca:
05:6c:22:f1:e1:50:cb:73:a2:1e:78:17:be:72:46:62:cb:9f:
22:82:0c:e7:f6:1f:12:03:9d:8d:81:ee:22:c8:5a:93:42:c2:
b2:77:48:e1:ad:66:b1:d5:25:e7:4d:7e:6f:df:c7:cc:30:31:
75:00:72:3c:8b:17:c7:2a:b0:26:03:41:58:ce:25:b0:15:4d:
9c:ce:e4:e0:68:bd:70:fb:a9:1e:a3:cb:c4:23:5d:ae:92:fb:
71:94:28:aa:94:32:80:cc:dc:47:a4:15:26:e7:22:8c:d6:f6:
12:fc:dd:ad:90:2b:8a:40:51:b2:30:53:3a:80:de:b8:93:da:
6f:83:3b:d2:c2:9c:bc:0b:22:e7:9e:72:d8:65:c6:83:bf:e9:
68:f4:61:ed:44:4a:d4:13:40:7e:53:63:a8:72:ce:ab:af:ca:
0e:e0:a7:ce:ca:5c:1d:48:21:93:a4:25:6a:70:b3:86:64:e0:
59:a1:0a:d9:a4:f0:69:d0:f0:02:12:68:2c:a7:19:16:e4:cd:
0a:76:a7:cc:30:19:2b:5b:40:d2:df:85:0e:42:ff:31:00:6d:
7f:e5:b2:88
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYgf0L10yyYfYxUks+nMoYwLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzMGUzMDExYTBmYjMxMTFmYmU4NDkzYzEyMzA5NzRhZWY1
MzI3MDQwHhcNMjMwNTE1MTQyOTEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOGU0YTc0ODg5ZjJjZjZkNWEyNzNmZGRkNTcwNTAzNDBhZDljNGIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+NboBafPqWcX0HT/sFgUAdMl/gIP
y5t3hgX8J689inYvDgzGLMaE6baj95ptXZBqszsTNDCZnvQC2yfpUYN3y8pVNRjv
BcG+Hy71Px5IJw8mpXvaW4vOwlsvNZL1OJNdaIoZiQKtro8YW4VXcU5aQ0YSSKO4
rN6MdtdichUNzT4eNIrLjq1Tq00htjFDb+Ip1zXJAgGYKhr1QMfxIx4TF6BvrWNL
/WD38MJRKbp+gX+ait16v8SkIXB543kU8jMQ0H3nigjeDCa0LFAOMEWZrBZfaLlJ
dIGwXFZty3k0i+EwZFdrPSef1lvmnEawTqFuSS1TSu+t+uL0IcVt+QfqnwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKjkp0iJ8s9tWic/3dVwUDQK2cSxMB8GA1UdIwQY
MBaAFLMOMBGg+zER++hJPBIwl0rvUycEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3c0d0VhRDdNUkg3NkVrOEVqQ1hTdTlUSndRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS8wZmZiNjQtZWZjYi00OWY1LTgzNDIt
ZjlmYjM4Yzc3YzU1LzEvcU9TblNJbnl6MjFhSnpfZDFYQlFOQXJaeExFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS8wZmZiNjQtZWZjYi00OWY1LTgzNDItZjlmYjM4Yzc3YzU1
LzEvc3c0d0VhRDdNUkg3NkVrOEVqQ1hTdTlUSndRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDbc+oMA0G
CSqGSIb3DQEBCwUAA4IBAQAXmpa6tThHC1BGjqsLb4lFviGevsw3z1psM5IdoHvb
K9zoZcoFbCLx4VDLc6IeeBe+ckZiy58iggzn9h8SA52Nge4iyFqTQsKyd0jhrWax
1SXnTX5v38fMMDF1AHI8ixfHKrAmA0FYziWwFU2czuTgaL1w+6keo8vEI12ukvtx
lCiqlDKAzNxHpBUm5yKM1vYS/N2tkCuKQFGyMFM6gN64k9pvgzvSwpy8CyLnnnLY
ZcaDv+lo9GHtRErUE0B+U2Oocs6rr8oO4KfOylwdSCGTpCVqcLOGZOBZoQrZpPBp
0PACEmgspxkW5M0KdqfMMBkrW0DS34UOQv8xAG1/5bKI
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:14 2024 by rpki-client on console-fra.rpki-client.org