Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/1-kodhOvfFwWGb76hblk_PgqELCg.roa
File: 1-kodhOvfFwWGb76hblk_PgqELCg.roa (raw, json)
Hash identifier: iMlf2mCsmn7C2Hdxfxc9v5ss6r2XHoRRCrSCRY5y9vw=
Subject key identifier: FA:4A:1D:84:EB:DF:17:05:86:6F:BE:A1:6E:59:3F:3E:0A:84:2C:28
Certificate issuer: /CN=d8c60a0d2d70a9337d0bda56d1ad596ac1f69cda
Certificate serial: 0189C8729046190D610867B7DE16C585DFF7
Authority key identifier: D8:C6:0A:0D:2D:70:A9:33:7D:0B:DA:56:D1:AD:59:6A:C1:F6:9C:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2MYKDS1wqTN9C9pW0a1ZasH2nNo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/1-kodhOvfFwWGb76hblk_PgqELCg.roa
Signing time: Sun 06 Aug 2023 01:24:58 +0000
ROA not before: Sun 06 Aug 2023 01:24:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1239
IP address blocks: 109.105.193.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 17 Sep 2023 01:50:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:c8:72:90:46:19:0d:61:08:67:b7:de:16:c5:85:df:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8c60a0d2d70a9337d0bda56d1ad596ac1f69cda
Validity
Not Before: Aug 6 01:24:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fa4a1d84ebdf1705866fbea16e593f3e0a842c28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:2e:e4:f7:db:74:36:fb:b1:70:3e:29:37:de:
ab:48:80:4e:aa:ed:c3:31:a3:53:59:9b:c7:a2:29:
d6:2c:78:f8:80:49:9a:fb:f2:b1:bb:e3:eb:b6:2c:
55:df:81:04:9b:f8:ed:fe:a6:47:f7:32:53:f9:8b:
20:a3:f2:22:ee:44:27:c2:45:99:2f:fb:a2:7a:27:
09:c0:7e:5d:b2:e6:9e:a8:54:97:86:8f:64:6e:bb:
9b:47:86:c2:ea:40:a4:fc:7b:2f:ee:39:70:61:60:
9c:e6:b9:8a:57:71:35:08:67:4c:fa:90:db:88:b0:
92:33:ec:c3:4d:0d:ca:7a:82:64:9c:a6:ba:a8:0e:
2b:e3:a9:3e:2d:28:c9:2a:ca:a4:b6:7e:7c:a1:52:
04:ba:e2:72:88:1c:c1:5e:c0:50:fb:ae:35:f5:fe:
c1:16:a6:64:d1:73:f2:b5:1e:82:c2:6b:b6:d9:92:
a3:8b:1c:14:78:7b:52:fa:c3:86:66:ee:aa:ab:0d:
5f:d4:17:cb:21:4e:dc:33:49:7f:f5:98:eb:cf:d0:
c2:d8:e7:27:50:e4:cc:d0:6f:fc:18:95:3c:06:88:
52:c5:23:26:4b:a6:06:39:59:47:36:23:95:3a:00:
04:33:cb:a0:d3:aa:d8:3c:56:0a:81:38:aa:d7:96:
7c:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:4A:1D:84:EB:DF:17:05:86:6F:BE:A1:6E:59:3F:3E:0A:84:2C:28
X509v3 Authority Key Identifier:
keyid:D8:C6:0A:0D:2D:70:A9:33:7D:0B:DA:56:D1:AD:59:6A:C1:F6:9C:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2MYKDS1wqTN9C9pW0a1ZasH2nNo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/1-kodhOvfFwWGb76hblk_PgqELCg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/2MYKDS1wqTN9C9pW0a1ZasH2nNo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.105.193.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:64:91:4c:36:57:bf:1d:b1:bb:61:1c:f6:58:f1:00:54:c2:
af:08:0e:77:12:72:7f:05:af:61:f0:4f:0e:f9:3e:0b:cb:f1:
62:90:ae:cd:1e:06:f3:75:cd:9e:53:cc:91:c4:a0:48:af:46:
f9:49:96:7c:10:02:95:f4:6f:94:18:35:0a:c4:36:9c:5f:00:
a3:d3:03:70:97:8a:53:6f:79:ac:37:08:9c:58:27:92:b7:5c:
6f:10:bf:aa:65:c3:89:22:72:b2:74:27:06:c4:9c:e4:2a:c7:
37:6e:8f:94:59:9e:0f:3a:a8:5a:93:a2:17:05:cf:c9:5f:16:
2c:a1:23:69:c5:45:d6:27:fa:95:61:c9:9c:87:cc:be:70:b1:
63:d6:1e:96:43:7c:55:a6:85:17:b9:12:94:b8:dd:82:ee:1b:
44:d1:bf:10:bf:1d:e8:c8:3d:b2:17:ff:2a:e2:70:0d:97:8a:
b8:42:5e:11:22:c7:15:08:8b:c2:74:62:23:5b:8d:f4:9a:7f:
1f:f8:21:7e:c2:c1:4f:ff:81:dc:71:2c:97:86:1e:f1:14:bc:
45:cc:fc:ba:f7:4d:51:c7:8e:16:91:08:40:c7:78:f8:2e:cc:
06:99:59:f0:2f:db:2c:45:5d:c6:72:7a:fe:cc:f3:ec:ab:f7:
93:36:5b:31
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYnIcpBGGQ1hCGe33hbFhd/3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4YzYwYTBkMmQ3MGE5MzM3ZDBiZGE1NmQxYWQ1OTZhYzFm
NjljZGEwHhcNMjMwODA2MDEyNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTRhMWQ4NGViZGYxNzA1ODY2ZmJlYTE2ZTU5M2YzZTBhODQyYzI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArS7k99t0NvuxcD4pN96rSIBOqu3D
MaNTWZvHoinWLHj4gEma+/Kxu+PrtixV34EEm/jt/qZH9zJT+Ysgo/Ii7kQnwkWZ
L/uieicJwH5dsuaeqFSXho9kbrubR4bC6kCk/Hsv7jlwYWCc5rmKV3E1CGdM+pDb
iLCSM+zDTQ3KeoJknKa6qA4r46k+LSjJKsqktn58oVIEuuJyiBzBXsBQ+6419f7B
FqZk0XPytR6Cwmu22ZKjixwUeHtS+sOGZu6qqw1f1BfLIU7cM0l/9Zjrz9DC2Ocn
UOTM0G/8GJU8BohSxSMmS6YGOVlHNiOVOgAEM8ug06rYPFYKgTiq15Z8vwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPpKHYTr3xcFhm++oW5ZPz4KhCwoMB8GA1UdIwQY
MBaAFNjGCg0tcKkzfQvaVtGtWWrB9pzaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMk1ZS0RTMXdxVE45QzlwVzBhMVphc0gybk5vLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC9iNTFhODUtZjk5Zi00MjNmLTlmYWUt
ZGQyOTRjMzc4ZjZjLzEvMS1rb2RoT3ZmRndXR2I3NmhibGtfUGdxRUxDZy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMjQvYjUxYTg1LWY5OWYtNDIzZi05ZmFlLWRkMjk0YzM3OGY2
Yy8xLzJNWUtEUzF3cVROOUM5cFcwYTFaYXNIMm5Oby5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAG1pwTAN
BgkqhkiG9w0BAQsFAAOCAQEAD2SRTDZXvx2xu2Ec9ljxAFTCrwgOdxJyfwWvYfBP
Dvk+C8vxYpCuzR4G83XNnlPMkcSgSK9G+UmWfBAClfRvlBg1CsQ2nF8Ao9MDcJeK
U295rDcInFgnkrdcbxC/qmXDiSJysnQnBsSc5CrHN26PlFmeDzqoWpOiFwXPyV8W
LKEjacVF1if6lWHJnIfMvnCxY9YelkN8VaaFF7kSlLjdgu4bRNG/EL8d6Mg9shf/
KuJwDZeKuEJeESLHFQiLwnRiI1uN9Jp/H/ghfsLBT/+B3HEsl4Ye8RS8Rcz8uvdN
UceOFpEIQMd4+C7MBplZ8C/bLEVdxnJ6/szz7Kv3kzZbMQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:36 2024 by rpki-client on console-fra.rpki-client.org