Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/Ml_n5UkM1NMJZy8X-N1mczLAR3g.roa
File: Ml_n5UkM1NMJZy8X-N1mczLAR3g.roa (raw, json)
Hash identifier: 0vrwsW65pntMMwyxvb5thZ4ZnKTQu2xErJ/4G2GBo+Q=
Subject key identifier: 32:5F:E7:E5:49:0C:D4:D3:09:67:2F:17:F8:DD:66:73:32:C0:47:78
Certificate issuer: /CN=d8c60a0d2d70a9337d0bda56d1ad596ac1f69cda
Certificate serial: 018573038E9876AD932575B52695EEAB79ED
Authority key identifier: D8:C6:0A:0D:2D:70:A9:33:7D:0B:DA:56:D1:AD:59:6A:C1:F6:9C:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2MYKDS1wqTN9C9pW0a1ZasH2nNo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/Ml_n5UkM1NMJZy8X-N1mczLAR3g.roa
Signing time: Mon 02 Jan 2023 15:04:51 +0000
ROA not before: Mon 02 Jan 2023 15:04:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 109.105.197.0/24 maxlen: 24
109.105.199.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 12 Apr 2023 08:45:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:03:8e:98:76:ad:93:25:75:b5:26:95:ee:ab:79:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8c60a0d2d70a9337d0bda56d1ad596ac1f69cda
Validity
Not Before: Jan 2 15:04:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=325fe7e5490cd4d309672f17f8dd667332c04778
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:dc:c3:05:7c:fe:02:d8:e3:82:c7:d0:a1:27:
87:24:d3:50:9e:5b:7d:93:6e:02:66:47:33:94:88:
0b:79:13:93:45:6f:0c:cf:1e:8d:c6:11:38:ab:c5:
6f:24:b5:db:d8:3f:79:16:13:ac:c5:a4:b1:99:08:
a7:bc:ed:60:34:3d:b1:9c:ca:51:9e:c8:0c:0f:0d:
1e:59:ca:5a:dd:b7:b4:00:fa:a8:4e:05:0f:84:ec:
31:70:26:c9:59:35:99:6b:50:89:19:58:ff:bd:b5:
7c:fd:31:91:b1:48:98:77:92:83:ea:83:07:cc:e6:
d4:44:e8:53:5a:eb:9b:dc:76:c9:65:91:2b:27:46:
f3:1b:2f:e3:fa:c6:2d:88:f9:c3:62:5b:93:6f:3d:
98:ba:4a:33:1a:4a:09:9d:e3:42:c7:f6:c0:10:c3:
55:82:39:b0:f4:77:1f:20:44:15:a4:26:38:39:96:
20:f6:a9:f9:c5:49:f6:de:a8:88:db:e9:de:8d:9c:
70:cf:b9:d9:4e:a4:f5:ae:b4:da:b0:01:94:84:0d:
15:91:0e:7b:09:2e:66:03:3c:85:03:27:ae:ac:81:
13:2c:07:72:51:35:18:c9:e8:72:22:85:51:72:98:
90:89:a3:15:f2:d9:c4:e8:3d:cc:30:6c:b9:76:b6:
ba:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:5F:E7:E5:49:0C:D4:D3:09:67:2F:17:F8:DD:66:73:32:C0:47:78
X509v3 Authority Key Identifier:
keyid:D8:C6:0A:0D:2D:70:A9:33:7D:0B:DA:56:D1:AD:59:6A:C1:F6:9C:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2MYKDS1wqTN9C9pW0a1ZasH2nNo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/Ml_n5UkM1NMJZy8X-N1mczLAR3g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/2MYKDS1wqTN9C9pW0a1ZasH2nNo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.105.197.0/24
109.105.199.0/24
Signature Algorithm: sha256WithRSAEncryption
12:6a:7e:80:dd:73:be:86:69:f7:04:be:50:b1:b3:fa:a4:9a:
c0:d4:36:7d:fb:d5:64:3b:71:7f:2c:f0:02:15:0e:ad:3a:1c:
33:af:8f:ee:9a:30:8e:96:47:86:94:e3:02:d8:cb:b6:83:a7:
e5:1a:a1:3b:2e:7f:73:12:e7:d2:e5:0b:c2:68:f2:fc:4b:f7:
2a:92:2b:cb:19:6a:93:53:1c:ab:c7:03:10:da:30:45:54:f5:
61:5d:55:00:07:23:24:99:6a:4b:36:3c:28:a9:ae:10:23:44:
12:a4:e2:83:4b:09:7e:a5:e4:a3:e9:f7:ec:05:cd:35:3d:2b:
2f:c7:db:d9:14:42:32:e6:c5:83:05:40:69:85:f5:7a:51:06:
fb:65:92:1b:0a:e4:37:0b:22:8e:ea:1d:00:c7:96:51:54:6d:
a9:6d:73:5d:6b:54:61:2c:8f:dc:14:66:aa:28:7e:8a:81:ed:
fa:81:a8:84:7e:7e:89:10:a0:66:41:7e:a2:e9:09:e1:2c:09:
18:c8:8c:81:af:57:c3:0e:b8:ca:14:ad:ec:70:4e:31:cb:ea:
10:13:50:88:75:fa:a1:79:ad:74:39:75:f9:fe:7e:05:0d:e4:
ff:c4:71:ae:59:40:dc:3b:02:ed:83:87:f2:dd:d2:91:79:14:
48:2e:5a:50
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVzA46Ydq2TJXW1JpXuq3ntMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4YzYwYTBkMmQ3MGE5MzM3ZDBiZGE1NmQxYWQ1OTZhYzFm
NjljZGEwHhcNMjMwMTAyMTUwNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjVmZTdlNTQ5MGNkNGQzMDk2NzJmMTdmOGRkNjY3MzMyYzA0Nzc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAndzDBXz+AtjjgsfQoSeHJNNQnlt9
k24CZkczlIgLeROTRW8Mzx6NxhE4q8VvJLXb2D95FhOsxaSxmQinvO1gND2xnMpR
nsgMDw0eWcpa3be0APqoTgUPhOwxcCbJWTWZa1CJGVj/vbV8/TGRsUiYd5KD6oMH
zObUROhTWuub3HbJZZErJ0bzGy/j+sYtiPnDYluTbz2YukozGkoJneNCx/bAEMNV
gjmw9HcfIEQVpCY4OZYg9qn5xUn23qiI2+nejZxwz7nZTqT1rrTasAGUhA0VkQ57
CS5mAzyFAyeurIETLAdyUTUYyehyIoVRcpiQiaMV8tnE6D3MMGy5dra6nQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDJf5+VJDNTTCWcvF/jdZnMywEd4MB8GA1UdIwQY
MBaAFNjGCg0tcKkzfQvaVtGtWWrB9pzaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMk1ZS0RTMXdxVE45QzlwVzBhMVphc0gybk5vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC9iNTFhODUtZjk5Zi00MjNmLTlmYWUt
ZGQyOTRjMzc4ZjZjLzEvTWxfbjVVa00xTk1KWnk4WC1OMW1jekxBUjNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC9iNTFhODUtZjk5Zi00MjNmLTlmYWUtZGQyOTRjMzc4ZjZj
LzEvMk1ZS0RTMXdxVE45QzlwVzBhMVphc0gybk5vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAbWnFAwQA
bWnHMA0GCSqGSIb3DQEBCwUAA4IBAQASan6A3XO+hmn3BL5QsbP6pJrA1DZ9+9Vk
O3F/LPACFQ6tOhwzr4/umjCOlkeGlOMC2Mu2g6flGqE7Ln9zEufS5QvCaPL8S/cq
kivLGWqTUxyrxwMQ2jBFVPVhXVUAByMkmWpLNjwoqa4QI0QSpOKDSwl+peSj6ffs
Bc01PSsvx9vZFEIy5sWDBUBphfV6UQb7ZZIbCuQ3CyKO6h0Ax5ZRVG2pbXNda1Rh
LI/cFGaqKH6Kge36gaiEfn6JEKBmQX6i6QnhLAkYyIyBr1fDDrjKFK3scE4xy+oQ
E1CIdfqhea10OXX5/n4FDeT/xHGuWUDcOwLtg4fy3dKReRRILlpQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:28 2024 by rpki-client on console-ams.rpki-client.org