Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/1hq0Y9bPWRWgbLvbklMoJCWgqDA.roa
File: 1hq0Y9bPWRWgbLvbklMoJCWgqDA.roa (raw, json)
Hash identifier: XhNJeUwV8JivXHpYX7Y8oh0hYaSEz2C2MOBdp8dUqtM=
Subject key identifier: D6:1A:B4:63:D6:CF:59:15:A0:6C:BB:DB:92:53:28:24:25:A0:A8:30
Certificate issuer: /CN=d8c60a0d2d70a9337d0bda56d1ad596ac1f69cda
Certificate serial: 018573038F04C2C0BA53DEB4544DB637C998
Authority key identifier: D8:C6:0A:0D:2D:70:A9:33:7D:0B:DA:56:D1:AD:59:6A:C1:F6:9C:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2MYKDS1wqTN9C9pW0a1ZasH2nNo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/1hq0Y9bPWRWgbLvbklMoJCWgqDA.roa
Signing time: Mon 02 Jan 2023 15:04:51 +0000
ROA not before: Mon 02 Jan 2023 15:04:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201814
IP address blocks: 109.105.194.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:03:8f:04:c2:c0:ba:53:de:b4:54:4d:b6:37:c9:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8c60a0d2d70a9337d0bda56d1ad596ac1f69cda
Validity
Not Before: Jan 2 15:04:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d61ab463d6cf5915a06cbbdb9253282425a0a830
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:3d:93:13:e3:eb:3a:56:40:84:4d:14:95:4f:
95:34:d3:44:85:09:49:50:21:f7:10:eb:55:fd:27:
41:28:d0:d8:17:c6:87:b3:46:fd:5a:2f:d7:74:41:
7f:62:65:a2:7a:f8:4a:80:16:2e:5b:77:f4:f2:44:
71:9a:76:d2:94:8a:96:d9:0f:91:aa:a5:06:16:6b:
54:95:bd:ab:84:23:59:c0:2f:6f:16:99:00:1a:cb:
25:b7:d9:e6:0c:13:f7:d3:f8:3e:95:bf:4d:20:73:
93:f2:fa:f6:57:28:ae:03:ca:f4:36:0c:ee:a5:9a:
51:ce:91:a0:58:c4:33:0a:32:97:76:f4:58:de:b5:
f7:82:51:08:dc:c6:08:c8:8a:2b:9f:d3:45:90:11:
41:f5:28:1c:df:a2:76:99:82:7b:86:11:91:59:99:
19:42:8a:0c:13:60:ee:09:35:e3:c4:0c:96:e9:25:
07:cf:41:5c:97:3a:ec:7d:78:21:dc:e8:17:d7:4a:
78:15:f6:73:5d:51:d4:08:fa:94:ea:e2:8e:6b:5d:
d9:9c:16:d9:06:98:23:49:4c:4b:aa:3e:03:81:f5:
cb:12:f7:6e:9f:d9:dd:e6:be:9f:ef:62:67:0b:27:
94:2f:b0:cb:13:c3:e5:59:f2:2e:e1:0f:d9:43:0d:
5d:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:1A:B4:63:D6:CF:59:15:A0:6C:BB:DB:92:53:28:24:25:A0:A8:30
X509v3 Authority Key Identifier:
keyid:D8:C6:0A:0D:2D:70:A9:33:7D:0B:DA:56:D1:AD:59:6A:C1:F6:9C:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2MYKDS1wqTN9C9pW0a1ZasH2nNo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/1hq0Y9bPWRWgbLvbklMoJCWgqDA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/2MYKDS1wqTN9C9pW0a1ZasH2nNo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.105.194.0/24
Signature Algorithm: sha256WithRSAEncryption
6e:5b:d7:4b:eb:4c:31:24:f2:9c:7f:d5:fb:0f:1f:70:f7:82:
0d:50:00:7c:78:3d:12:61:97:97:ec:6d:e1:be:75:f7:13:5d:
73:d5:86:08:5c:96:47:43:eb:60:7a:59:ee:fe:f1:e9:f1:fe:
c4:7e:64:71:f8:80:aa:1e:94:cf:8a:dd:d4:28:75:08:0e:39:
16:49:10:49:b7:45:f6:1a:71:be:b5:c7:9f:0e:7b:fe:74:38:
b2:8f:66:24:28:81:52:8b:f8:63:e7:d6:c1:ee:ad:34:b9:3e:
ae:d9:ef:54:4d:27:fb:bf:ca:cc:4e:60:ea:d9:85:c0:d8:d2:
09:98:6c:a5:d2:78:2b:2e:31:a8:eb:e1:43:5d:e3:fb:e7:27:
49:e0:e3:bb:db:dc:5a:f3:49:9a:04:ac:4f:da:11:2a:12:97:
62:81:d7:92:1f:dc:8a:5f:9c:53:49:88:fd:88:3a:cb:f9:c5:
c3:a7:e4:03:da:1a:91:b4:af:02:d2:d5:e4:6a:0b:ec:ab:09:
e9:73:fc:84:62:37:9a:b4:5f:18:85:24:62:bb:ec:9d:c4:2e:
d2:ff:c9:64:f8:6a:ad:c1:db:e9:19:f0:73:e6:00:92:14:8c:
3b:b2:10:0a:6e:62:d0:d9:2d:c2:29:a9:93:74:fb:ee:1f:f9:
fa:52:1f:12
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVzA48EwsC6U960VE22N8mYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4YzYwYTBkMmQ3MGE5MzM3ZDBiZGE1NmQxYWQ1OTZhYzFm
NjljZGEwHhcNMjMwMTAyMTUwNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjFhYjQ2M2Q2Y2Y1OTE1YTA2Y2JiZGI5MjUzMjgyNDI1YTBhODMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtz2TE+PrOlZAhE0UlU+VNNNEhQlJ
UCH3EOtV/SdBKNDYF8aHs0b9Wi/XdEF/YmWievhKgBYuW3f08kRxmnbSlIqW2Q+R
qqUGFmtUlb2rhCNZwC9vFpkAGsslt9nmDBP30/g+lb9NIHOT8vr2VyiuA8r0Ngzu
pZpRzpGgWMQzCjKXdvRY3rX3glEI3MYIyIorn9NFkBFB9Sgc36J2mYJ7hhGRWZkZ
QooME2DuCTXjxAyW6SUHz0FclzrsfXgh3OgX10p4FfZzXVHUCPqU6uKOa13ZnBbZ
BpgjSUxLqj4DgfXLEvdun9nd5r6f72JnCyeUL7DLE8PlWfIu4Q/ZQw1dwwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNYatGPWz1kVoGy725JTKCQloKgwMB8GA1UdIwQY
MBaAFNjGCg0tcKkzfQvaVtGtWWrB9pzaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMk1ZS0RTMXdxVE45QzlwVzBhMVphc0gybk5vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC9iNTFhODUtZjk5Zi00MjNmLTlmYWUt
ZGQyOTRjMzc4ZjZjLzEvMWhxMFk5YlBXUldnYkx2YmtsTW9KQ1dncURBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC9iNTFhODUtZjk5Zi00MjNmLTlmYWUtZGQyOTRjMzc4ZjZj
LzEvMk1ZS0RTMXdxVE45QzlwVzBhMVphc0gybk5vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbWnCMA0G
CSqGSIb3DQEBCwUAA4IBAQBuW9dL60wxJPKcf9X7Dx9w94INUAB8eD0SYZeX7G3h
vnX3E11z1YYIXJZHQ+tgelnu/vHp8f7EfmRx+ICqHpTPit3UKHUIDjkWSRBJt0X2
GnG+tcefDnv+dDiyj2YkKIFSi/hj59bB7q00uT6u2e9UTSf7v8rMTmDq2YXA2NIJ
mGyl0ngrLjGo6+FDXeP75ydJ4OO729xa80maBKxP2hEqEpdigdeSH9yKX5xTSYj9
iDrL+cXDp+QD2hqRtK8C0tXkagvsqwnpc/yEYjeatF8YhSRiu+ydxC7S/8lk+Gqt
wdvpGfBz5gCSFIw7shAKbmLQ2S3CKamTdPvuH/n6Uh8S
-----END CERTIFICATE-----
Generated at Mon Jan 1 17:25:29 2024 by rpki-client on console-fra.rpki-client.org