Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/DkItY2VAeqXqKiALVIevybpRUKY.roa
File: DkItY2VAeqXqKiALVIevybpRUKY.roa (raw, json)
Hash identifier: 2kUyAl2F8ECxeLldyaCf+2LvjSU0KLRoshxi0vkdgtc=
Subject key identifier: 0E:42:2D:63:65:40:7A:A5:EA:2A:20:0B:54:87:AF:C9:BA:51:50:A6
Certificate issuer: /CN=d8c60a0d2d70a9337d0bda56d1ad596ac1f69cda
Certificate serial: 018573B99AD35C435EE466F919BEE870B62E
Authority key identifier: D8:C6:0A:0D:2D:70:A9:33:7D:0B:DA:56:D1:AD:59:6A:C1:F6:9C:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2MYKDS1wqTN9C9pW0a1ZasH2nNo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/DkItY2VAeqXqKiALVIevybpRUKY.roa
Signing time: Mon 02 Jan 2023 18:23:41 +0000
ROA not before: Mon 02 Jan 2023 18:23:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210439
IP address blocks: 109.105.192.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 20 Jan 2023 13:01:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:b9:9a:d3:5c:43:5e:e4:66:f9:19:be:e8:70:b6:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8c60a0d2d70a9337d0bda56d1ad596ac1f69cda
Validity
Not Before: Jan 2 18:23:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0e422d6365407aa5ea2a200b5487afc9ba5150a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:a3:35:90:e5:ac:3a:dd:75:43:39:e2:2e:1d:
72:c3:12:95:3c:1d:02:75:6e:8f:b9:d4:5e:8e:53:
b1:78:0c:00:ff:3a:1d:f6:9d:a4:f8:b9:a8:21:f3:
5c:62:93:3f:1e:e6:3d:1d:5b:9f:c6:1d:bc:af:0a:
b7:2a:d3:26:fa:16:b1:84:48:dc:16:c3:ef:e0:d9:
bc:a6:73:10:11:69:98:13:ca:f7:e0:f8:43:e8:b0:
64:f9:82:7e:29:72:71:58:63:fd:1d:aa:79:b9:cc:
f9:c8:b2:07:5b:53:02:8a:05:0c:65:39:19:aa:04:
e6:22:7e:e7:54:c2:56:4d:de:65:41:d6:0f:d2:dd:
fc:c5:e8:19:66:41:8f:91:7a:33:36:d4:e8:a9:1f:
73:88:db:6c:c3:2a:e7:d2:1c:98:58:54:b5:a6:f5:
c9:bd:3a:0c:e4:bc:9f:0a:d9:1e:26:4a:ea:50:57:
48:69:1e:17:f3:d7:11:76:5d:be:f5:ce:ee:f3:5e:
59:f6:81:04:47:e0:89:ea:36:dd:d8:17:e8:c3:ca:
35:b3:98:61:95:ee:08:d8:c5:27:4b:29:2a:0e:1c:
09:4b:c8:4a:ab:e4:c5:60:46:64:26:08:f1:f2:7d:
49:5d:2a:b9:19:15:94:7b:c4:21:fc:b0:3e:1f:62:
db:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:42:2D:63:65:40:7A:A5:EA:2A:20:0B:54:87:AF:C9:BA:51:50:A6
X509v3 Authority Key Identifier:
keyid:D8:C6:0A:0D:2D:70:A9:33:7D:0B:DA:56:D1:AD:59:6A:C1:F6:9C:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2MYKDS1wqTN9C9pW0a1ZasH2nNo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/DkItY2VAeqXqKiALVIevybpRUKY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/2MYKDS1wqTN9C9pW0a1ZasH2nNo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.105.192.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:31:27:3c:37:b8:c2:38:43:95:5a:87:1e:36:bc:63:bf:ba:
16:29:d1:1b:a9:48:ce:a6:6f:3e:c6:dd:dd:d1:86:ca:b3:aa:
94:39:77:14:ba:b3:24:36:7d:43:19:bd:ca:a9:c7:37:91:4c:
ab:8b:f5:b5:53:ab:7a:6d:4f:e4:e2:e1:43:c5:49:6e:8f:b6:
ef:03:fc:65:99:38:4c:87:be:57:c3:04:38:cd:e4:d9:a2:f2:
0a:1a:85:98:89:03:db:98:ce:cf:80:b3:0b:7e:51:f5:08:8b:
70:c9:8b:ff:b8:c0:17:20:9e:4e:03:87:c7:df:02:14:60:84:
46:3d:d5:52:bd:8e:ab:c7:8d:0b:46:c1:f7:55:66:86:d3:85:
36:e6:01:0b:09:b2:de:a4:e5:79:0f:bb:7b:7f:25:38:09:ab:
4d:ae:48:26:32:51:f3:8d:25:9c:0c:80:5e:92:7a:17:64:ac:
9d:47:ed:55:cd:10:cc:b1:26:a7:cb:15:7b:db:91:67:d9:38:
cf:c0:8c:88:99:29:8e:d5:6a:91:e8:ee:0d:0d:65:82:51:e5:
65:68:df:3c:36:e5:f3:ee:10:c8:f7:3b:e5:87:df:b5:09:c8:
11:24:f8:89:48:ec:7c:b0:7e:d2:70:b8:52:03:88:17:29:7c:
fc:82:60:25
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVzuZrTXENe5Gb5Gb7ocLYuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4YzYwYTBkMmQ3MGE5MzM3ZDBiZGE1NmQxYWQ1OTZhYzFm
NjljZGEwHhcNMjMwMTAyMTgyMzQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZTQyMmQ2MzY1NDA3YWE1ZWEyYTIwMGI1NDg3YWZjOWJhNTE1MGE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmaM1kOWsOt11QzniLh1ywxKVPB0C
dW6PudRejlOxeAwA/zod9p2k+LmoIfNcYpM/HuY9HVufxh28rwq3KtMm+haxhEjc
FsPv4Nm8pnMQEWmYE8r34PhD6LBk+YJ+KXJxWGP9Hap5ucz5yLIHW1MCigUMZTkZ
qgTmIn7nVMJWTd5lQdYP0t38xegZZkGPkXozNtToqR9ziNtswyrn0hyYWFS1pvXJ
vToM5LyfCtkeJkrqUFdIaR4X89cRdl2+9c7u815Z9oEER+CJ6jbd2Bfow8o1s5hh
le4I2MUnSykqDhwJS8hKq+TFYEZkJgjx8n1JXSq5GRWUe8Qh/LA+H2LbowIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA5CLWNlQHql6iogC1SHr8m6UVCmMB8GA1UdIwQY
MBaAFNjGCg0tcKkzfQvaVtGtWWrB9pzaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMk1ZS0RTMXdxVE45QzlwVzBhMVphc0gybk5vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC9iNTFhODUtZjk5Zi00MjNmLTlmYWUt
ZGQyOTRjMzc4ZjZjLzEvRGtJdFkyVkFlcVhxS2lBTFZJZXZ5YnBSVUtZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC9iNTFhODUtZjk5Zi00MjNmLTlmYWUtZGQyOTRjMzc4ZjZj
LzEvMk1ZS0RTMXdxVE45QzlwVzBhMVphc0gybk5vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbWnAMA0G
CSqGSIb3DQEBCwUAA4IBAQBNMSc8N7jCOEOVWoceNrxjv7oWKdEbqUjOpm8+xt3d
0YbKs6qUOXcUurMkNn1DGb3Kqcc3kUyri/W1U6t6bU/k4uFDxUluj7bvA/xlmThM
h75XwwQ4zeTZovIKGoWYiQPbmM7PgLMLflH1CItwyYv/uMAXIJ5OA4fH3wIUYIRG
PdVSvY6rx40LRsH3VWaG04U25gELCbLepOV5D7t7fyU4CatNrkgmMlHzjSWcDIBe
knoXZKydR+1VzRDMsSanyxV725Fn2TjPwIyImSmO1WqR6O4NDWWCUeVlaN88NuXz
7hDI9zvlh9+1CcgRJPiJSOx8sH7ScLhSA4gXKXz8gmAl
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:36 2024 by rpki-client on console-fra.rpki-client.org