Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/bc0a25-933a-4f5a-a5f3-9dcfd2ef3023/1/0a3xy39BcKYPBeQ8T24SkpSv9rk.roa
File: 0a3xy39BcKYPBeQ8T24SkpSv9rk.roa (raw, json)
Hash identifier: 1hkWaN8kz7mIKPNCtS3iHQLxSViEjRlOMnn+sHnn7KE=
Subject key identifier: D1:AD:F1:CB:7F:41:70:A6:0F:05:E4:3C:4F:6E:12:92:94:AF:F6:B9
Certificate issuer: /CN=dd5f2e7cc2c687f58c0d1f6132bb2dcfdf38cb64
Certificate serial: 018CAB07190C63E393465FB1880B4FFEC0CD
Authority key identifier: DD:5F:2E:7C:C2:C6:87:F5:8C:0D:1F:61:32:BB:2D:CF:DF:38:CB:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3V8ufMLGh_WMDR9hMrstz984y2Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/bc0a25-933a-4f5a-a5f3-9dcfd2ef3023/1/0a3xy39BcKYPBeQ8T24SkpSv9rk.roa
Signing time: Wed 27 Dec 2023 11:26:58 +0000
ROA not before: Wed 27 Dec 2023 11:26:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39402
IP address blocks: 109.75.64.0/24 maxlen: 24
109.75.71.0/24 maxlen: 24
109.75.69.0/24 maxlen: 24
109.75.70.0/24 maxlen: 24
109.75.68.0/24 maxlen: 24
109.75.66.0/24 maxlen: 24
109.75.67.0/24 maxlen: 24
109.75.65.0/24 maxlen: 24
109.75.73.0/24 maxlen: 24
109.75.74.0/24 maxlen: 24
109.75.72.0/24 maxlen: 24
109.75.78.0/24 maxlen: 24
109.75.76.0/24 maxlen: 24
109.75.77.0/24 maxlen: 24
109.75.75.0/24 maxlen: 24
109.75.79.0/24 maxlen: 24
185.204.51.0/24 maxlen: 24
185.204.50.0/24 maxlen: 24
185.204.48.0/24 maxlen: 24
185.204.49.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:31:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ab:07:19:0c:63:e3:93:46:5f:b1:88:0b:4f:fe:c0:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dd5f2e7cc2c687f58c0d1f6132bb2dcfdf38cb64
Validity
Not Before: Dec 27 11:26:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d1adf1cb7f4170a60f05e43c4f6e129294aff6b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:8f:fb:1a:11:a3:2a:d1:ac:73:67:fb:12:1f:
82:fa:0f:df:30:da:1f:10:be:b6:46:54:44:56:cc:
a2:0a:9d:33:ca:b5:3f:96:07:d3:0c:16:38:a0:87:
fd:f0:28:92:12:a8:c1:44:12:bd:33:f3:52:d1:62:
d2:af:07:d9:1d:d7:30:cf:83:0b:bb:1b:b5:2e:ba:
89:b7:5a:b4:a3:b7:74:94:06:16:10:d2:e5:18:9f:
c5:20:89:c4:b9:1d:7f:96:83:ce:a7:99:83:e9:3a:
3a:6e:9e:aa:24:12:b6:88:9b:20:ef:17:f8:90:d9:
8a:fb:25:ed:8e:47:a8:fa:a2:67:8e:fa:c2:9e:14:
9e:e1:5e:a8:48:ae:8a:5e:91:ee:f5:6f:7b:8c:48:
cf:c4:93:e0:38:43:1e:27:1c:ff:7b:ba:4e:77:fc:
00:83:e8:6d:3a:58:18:9b:01:e9:ee:70:83:01:26:
3a:af:3a:03:2b:7a:f6:c6:cd:76:f3:fe:5a:75:0d:
d4:b6:20:22:b6:ae:44:84:52:80:64:b0:63:47:1c:
45:93:0a:c1:f7:37:1b:20:5a:40:a8:b9:40:fe:71:
f7:18:72:1d:ea:0b:44:18:55:c4:39:7f:c0:05:f1:
56:f4:e7:07:d0:0d:27:29:8d:1a:2a:22:41:6c:0c:
12:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:AD:F1:CB:7F:41:70:A6:0F:05:E4:3C:4F:6E:12:92:94:AF:F6:B9
X509v3 Authority Key Identifier:
keyid:DD:5F:2E:7C:C2:C6:87:F5:8C:0D:1F:61:32:BB:2D:CF:DF:38:CB:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3V8ufMLGh_WMDR9hMrstz984y2Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/bc0a25-933a-4f5a-a5f3-9dcfd2ef3023/1/0a3xy39BcKYPBeQ8T24SkpSv9rk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/bc0a25-933a-4f5a-a5f3-9dcfd2ef3023/1/3V8ufMLGh_WMDR9hMrstz984y2Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.75.64.0/20
185.204.48.0/22
Signature Algorithm: sha256WithRSAEncryption
17:83:d4:a1:e8:29:40:29:21:c2:de:76:47:b0:34:e8:d0:a8:
72:a9:be:c8:9d:38:40:d8:29:2e:dc:81:4b:ef:e9:f6:c7:c9:
0b:c4:04:df:9f:4c:8c:d2:ad:dd:58:bb:ae:88:a4:96:1c:67:
0e:10:f8:7f:1c:2e:c6:10:16:a2:7a:7e:48:32:94:d2:4b:f8:
ab:2b:5d:0b:c9:dc:3c:6c:52:09:d4:f1:4b:cc:53:91:72:09:
5c:11:fd:7a:29:57:e6:8b:4e:63:18:8a:9d:f8:a1:bb:00:e1:
ec:cd:6f:4a:2e:ad:6e:cd:3b:66:1e:c9:73:b2:50:8a:62:3f:
ac:57:81:7b:25:0f:4e:b7:cd:a0:7b:78:b3:2b:1f:d0:70:8c:
75:fe:b0:c8:8c:10:d2:c9:b5:e7:b2:f0:e0:df:64:8d:1e:78:
0c:ef:6e:a9:bd:9b:fa:eb:dc:bf:0f:26:91:a8:6f:b7:c3:22:
49:6f:89:44:a1:f3:41:84:98:3e:99:c4:eb:43:04:af:05:63:
b8:a2:58:04:9c:5c:09:4f:39:e0:45:52:e1:62:c0:8f:4d:cc:
d7:a1:2e:b9:11:3a:d0:c1:21:b4:0f:9b:5f:94:46:82:1b:75:
ec:f7:58:39:c1:11:77:fe:57:d5:fb:ca:d1:eb:54:dd:26:e4:
fa:e3:1b:0b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYyrBxkMY+OTRl+xiAtP/sDNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkNWYyZTdjYzJjNjg3ZjU4YzBkMWY2MTMyYmIyZGNmZGYz
OGNiNjQwHhcNMjMxMjI3MTEyNjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMWFkZjFjYjdmNDE3MGE2MGYwNWU0M2M0ZjZlMTI5Mjk0YWZmNmI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqI/7GhGjKtGsc2f7Eh+C+g/fMNof
EL62RlREVsyiCp0zyrU/lgfTDBY4oIf98CiSEqjBRBK9M/NS0WLSrwfZHdcwz4ML
uxu1LrqJt1q0o7d0lAYWENLlGJ/FIInEuR1/loPOp5mD6To6bp6qJBK2iJsg7xf4
kNmK+yXtjkeo+qJnjvrCnhSe4V6oSK6KXpHu9W97jEjPxJPgOEMeJxz/e7pOd/wA
g+htOlgYmwHp7nCDASY6rzoDK3r2xs128/5adQ3UtiAitq5EhFKAZLBjRxxFkwrB
9zcbIFpAqLlA/nH3GHId6gtEGFXEOX/ABfFW9OcH0A0nKY0aKiJBbAwS/wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNGt8ct/QXCmDwXkPE9uEpKUr/a5MB8GA1UdIwQY
MBaAFN1fLnzCxof1jA0fYTK7Lc/fOMtkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1Y4dWZNTEdoX1dNRFI5aE1yc3R6OTg0eTJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi9iYzBhMjUtOTMzYS00ZjVhLWE1ZjMt
OWRjZmQyZWYzMDIzLzEvMGEzeHkzOUJjS1lQQmVROFQyNFNrcFN2OXJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi9iYzBhMjUtOTMzYS00ZjVhLWE1ZjMtOWRjZmQyZWYzMDIz
LzEvM1Y4dWZNTEdoX1dNRFI5aE1yc3R6OTg0eTJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQEbUtAAwQC
ucwwMA0GCSqGSIb3DQEBCwUAA4IBAQAXg9Sh6ClAKSHC3nZHsDTo0Khyqb7InThA
2Cku3IFL7+n2x8kLxATfn0yM0q3dWLuuiKSWHGcOEPh/HC7GEBaien5IMpTSS/ir
K10Lydw8bFIJ1PFLzFORcglcEf16KVfmi05jGIqd+KG7AOHszW9KLq1uzTtmHslz
slCKYj+sV4F7JQ9Ot82ge3izKx/QcIx1/rDIjBDSybXnsvDg32SNHngM726pvZv6
69y/DyaRqG+3wyJJb4lEofNBhJg+mcTrQwSvBWO4olgEnFwJTzngRVLhYsCPTczX
oS65ETrQwSG0D5tflEaCG3Xs91g5wRF3/lfV+8rR61TdJuT64xsL
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:26 2024 by rpki-client on console-fra.rpki-client.org