Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/FOSRtmw8KJB757RsGRyXLQnROUY.roa
File: FOSRtmw8KJB757RsGRyXLQnROUY.roa (raw, json)
Hash identifier: stWERqqcdUAM36IISmjvbngMoZSAb2rYp4Kv/+UUXqI=
Subject key identifier: 14:E4:91:B6:6C:3C:28:90:7B:E7:B4:6C:19:1C:97:2D:09:D1:39:46
Certificate issuer: /CN=d8c60a0d2d70a9337d0bda56d1ad596ac1f69cda
Certificate serial: 0185DF9FE9B35283A9A019001AB4F7F549C1
Authority key identifier: D8:C6:0A:0D:2D:70:A9:33:7D:0B:DA:56:D1:AD:59:6A:C1:F6:9C:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2MYKDS1wqTN9C9pW0a1ZasH2nNo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/FOSRtmw8KJB757RsGRyXLQnROUY.roa
Signing time: Mon 23 Jan 2023 17:14:37 +0000
ROA not before: Mon 23 Jan 2023 17:14:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211432
IP address blocks: 109.105.192.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 14:30:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:df:9f:e9:b3:52:83:a9:a0:19:00:1a:b4:f7:f5:49:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8c60a0d2d70a9337d0bda56d1ad596ac1f69cda
Validity
Not Before: Jan 23 17:14:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=14e491b66c3c28907be7b46c191c972d09d13946
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:b5:75:79:76:9e:64:95:85:14:67:26:48:b5:
24:76:0e:6d:6e:4c:c5:7a:0e:c3:70:32:9b:52:46:
a0:0e:43:19:c6:31:60:77:37:8d:c3:35:ba:f2:2b:
ec:8d:80:d2:5a:cc:82:2c:eb:74:5f:dc:45:a4:7d:
63:1c:c9:b3:37:a3:aa:f7:f9:46:7d:cd:a8:66:e6:
c2:20:a0:82:23:d2:0a:31:a1:b9:4e:d0:89:49:ff:
6e:40:53:a6:5b:3b:a9:b9:50:de:63:ab:75:67:95:
ac:8e:8e:b7:0b:97:50:a8:81:53:65:ff:d2:35:65:
49:a6:52:6c:c1:b9:1f:81:2d:cb:80:b3:9c:5d:b0:
ee:0a:cd:09:ea:c2:30:48:58:21:a8:0f:61:12:17:
76:49:33:84:36:48:20:ca:3c:09:7c:3b:71:97:bf:
5b:17:db:57:bb:0a:d4:cf:c7:7d:09:fb:3d:bf:80:
32:48:83:c7:63:30:72:9b:4d:5c:bd:5e:45:96:9d:
76:c8:29:b2:26:2a:c2:09:78:35:38:8d:49:c1:84:
dc:6f:8f:2c:38:fc:22:de:e9:da:ce:6d:e5:ba:21:
87:b2:05:cd:be:2c:70:41:ee:af:7b:bb:bd:40:e4:
c3:b0:f3:ad:f7:9d:70:14:dd:7b:44:3c:86:e6:cf:
6b:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:E4:91:B6:6C:3C:28:90:7B:E7:B4:6C:19:1C:97:2D:09:D1:39:46
X509v3 Authority Key Identifier:
keyid:D8:C6:0A:0D:2D:70:A9:33:7D:0B:DA:56:D1:AD:59:6A:C1:F6:9C:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2MYKDS1wqTN9C9pW0a1ZasH2nNo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/FOSRtmw8KJB757RsGRyXLQnROUY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/2MYKDS1wqTN9C9pW0a1ZasH2nNo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.105.192.0/24
Signature Algorithm: sha256WithRSAEncryption
67:24:43:d6:43:e6:71:50:85:13:8b:62:31:dc:cf:85:ca:a1:
5c:71:b3:66:85:80:9c:9a:4b:31:1a:5e:ad:a7:ef:25:d5:ac:
bc:18:9e:cf:21:bd:f9:96:9f:56:c3:3b:1b:21:cc:56:a5:e7:
45:01:81:1b:5d:74:a3:c0:6c:7c:0e:1e:db:88:ab:f3:35:e3:
a4:cb:38:e0:d2:c7:08:55:e1:4e:d7:5d:99:68:fe:84:33:c5:
49:bd:c8:8c:fe:84:97:42:7e:39:1f:48:9d:3c:c3:68:e6:5c:
c7:6e:47:10:3e:5e:03:e7:67:e2:23:59:98:2c:ae:13:46:49:
d6:49:9f:5c:9a:bb:30:86:36:64:28:ad:93:4f:23:ea:8a:58:
53:0c:03:87:d3:7c:4b:2f:0b:de:18:d0:1f:00:e1:88:bc:ea:
67:4f:e9:fb:cb:81:25:32:4f:b4:d0:84:0b:75:00:ec:dc:ab:
c7:7f:9d:b0:a6:d9:77:4b:bc:c7:8b:eb:ac:c4:31:b5:c5:00:
b2:ac:9c:f8:fe:20:66:2b:4b:3a:8e:06:48:58:64:d0:91:71:
31:42:49:4d:b8:18:3d:a3:38:99:0f:40:a1:00:6a:69:28:91:
7e:d7:65:3f:46:fc:68:b5:ae:70:bf:dd:bf:56:6a:f3:19:91:
38:43:8c:e7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYXfn+mzUoOpoBkAGrT39UnBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4YzYwYTBkMmQ3MGE5MzM3ZDBiZGE1NmQxYWQ1OTZhYzFm
NjljZGEwHhcNMjMwMTIzMTcxNDM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNGU0OTFiNjZjM2MyODkwN2JlN2I0NmMxOTFjOTcyZDA5ZDEzOTQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj7V1eXaeZJWFFGcmSLUkdg5tbkzF
eg7DcDKbUkagDkMZxjFgdzeNwzW68ivsjYDSWsyCLOt0X9xFpH1jHMmzN6Oq9/lG
fc2oZubCIKCCI9IKMaG5TtCJSf9uQFOmWzupuVDeY6t1Z5Wsjo63C5dQqIFTZf/S
NWVJplJswbkfgS3LgLOcXbDuCs0J6sIwSFghqA9hEhd2STOENkggyjwJfDtxl79b
F9tXuwrUz8d9Cfs9v4AySIPHYzBym01cvV5Flp12yCmyJirCCXg1OI1JwYTcb48s
OPwi3unazm3luiGHsgXNvixwQe6ve7u9QOTDsPOt951wFN17RDyG5s9rOQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBTkkbZsPCiQe+e0bBkcly0J0TlGMB8GA1UdIwQY
MBaAFNjGCg0tcKkzfQvaVtGtWWrB9pzaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMk1ZS0RTMXdxVE45QzlwVzBhMVphc0gybk5vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC9iNTFhODUtZjk5Zi00MjNmLTlmYWUt
ZGQyOTRjMzc4ZjZjLzEvRk9TUnRtdzhLSkI3NTdSc0dSeVhMUW5ST1VZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC9iNTFhODUtZjk5Zi00MjNmLTlmYWUtZGQyOTRjMzc4ZjZj
LzEvMk1ZS0RTMXdxVE45QzlwVzBhMVphc0gybk5vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbWnAMA0G
CSqGSIb3DQEBCwUAA4IBAQBnJEPWQ+ZxUIUTi2Ix3M+FyqFccbNmhYCcmksxGl6t
p+8l1ay8GJ7PIb35lp9WwzsbIcxWpedFAYEbXXSjwGx8Dh7biKvzNeOkyzjg0scI
VeFO112ZaP6EM8VJvciM/oSXQn45H0idPMNo5lzHbkcQPl4D52fiI1mYLK4TRknW
SZ9cmrswhjZkKK2TTyPqilhTDAOH03xLLwveGNAfAOGIvOpnT+n7y4ElMk+00IQL
dQDs3KvHf52wptl3S7zHi+usxDG1xQCyrJz4/iBmK0s6jgZIWGTQkXExQklNuBg9
oziZD0ChAGppKJF+12U/Rvxota5wv92/VmrzGZE4Q4zn
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:28 2024 by rpki-client on console-ams.rpki-client.org