Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/Q91dbi0XvOcc6c-TOeUtrpYkjQA.roa
File: Q91dbi0XvOcc6c-TOeUtrpYkjQA.roa (raw, json)
Hash identifier: YugZSHcuNRPwrqADnQDGGLbaaZ7+rb1sAC7f7ImPJVo=
Subject key identifier: 43:DD:5D:6E:2D:17:BC:E7:1C:E9:CF:93:39:E5:2D:AE:96:24:8D:00
Certificate issuer: /CN=d8c60a0d2d70a9337d0bda56d1ad596ac1f69cda
Certificate serial: 018CE03B3EC10366A4CE15744850A47615D6
Authority key identifier: D8:C6:0A:0D:2D:70:A9:33:7D:0B:DA:56:D1:AD:59:6A:C1:F6:9C:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2MYKDS1wqTN9C9pW0a1ZasH2nNo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/Q91dbi0XvOcc6c-TOeUtrpYkjQA.roa
Signing time: Sat 06 Jan 2024 19:23:48 +0000
ROA not before: Sat 06 Jan 2024 19:23:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 139482
IP address blocks: 109.105.194.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 09 May 2024 13:44:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:e0:3b:3e:c1:03:66:a4:ce:15:74:48:50:a4:76:15:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8c60a0d2d70a9337d0bda56d1ad596ac1f69cda
Validity
Not Before: Jan 6 19:23:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=43dd5d6e2d17bce71ce9cf9339e52dae96248d00
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:d3:b8:bd:12:0f:b4:cc:71:47:97:9e:07:7e:
5f:56:d4:d0:97:c9:66:80:31:db:eb:fd:e2:13:b5:
49:e0:24:96:7c:61:3b:17:c0:90:71:99:96:b2:d2:
46:e9:54:6c:e4:34:37:d8:f6:65:20:60:51:85:4b:
f1:44:fa:5a:2a:c5:4b:6f:61:7e:ce:8a:7b:29:41:
31:b0:c5:48:59:cf:0d:ca:40:c0:fb:37:ba:47:1f:
c1:e6:3f:a5:b9:39:ae:e5:c0:b6:26:ce:17:46:a1:
92:53:c1:af:bc:08:b3:cb:f3:0f:9a:bb:da:45:61:
79:2a:a8:7f:0e:7a:e9:b5:54:0f:2b:0e:15:a4:5a:
e5:0b:4e:34:b5:7b:1f:3c:db:f2:4b:1d:7d:94:f9:
20:ad:87:4e:00:9f:65:7a:8f:32:ba:7f:a0:95:85:
b5:76:23:ac:df:84:6b:48:e9:9b:a1:7c:ba:04:10:
df:df:ab:dd:ad:44:82:d8:98:2b:db:72:ef:71:61:
98:a2:d0:a6:5b:89:d1:1d:18:d3:5e:1a:61:8b:e0:
8d:69:c4:c3:54:5d:16:a5:7c:f5:e3:53:2d:66:d1:
a5:88:88:2c:54:da:18:b8:e0:9d:1d:78:18:f2:5a:
50:cf:21:9b:d3:ad:4e:1e:c9:a1:2a:76:9b:9b:a3:
e7:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:DD:5D:6E:2D:17:BC:E7:1C:E9:CF:93:39:E5:2D:AE:96:24:8D:00
X509v3 Authority Key Identifier:
keyid:D8:C6:0A:0D:2D:70:A9:33:7D:0B:DA:56:D1:AD:59:6A:C1:F6:9C:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2MYKDS1wqTN9C9pW0a1ZasH2nNo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/Q91dbi0XvOcc6c-TOeUtrpYkjQA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/2MYKDS1wqTN9C9pW0a1ZasH2nNo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.105.194.0/24
Signature Algorithm: sha256WithRSAEncryption
77:35:88:42:87:77:00:c4:5d:86:4c:95:a9:73:1b:98:fa:35:
4f:1f:1d:5a:90:1a:c6:87:07:11:c0:aa:ff:7c:36:84:88:3b:
ce:51:fa:cf:7b:c0:e8:91:ca:2b:49:88:d5:79:43:7d:a4:30:
7d:71:5d:81:c7:30:6b:a4:4e:17:7c:1e:22:45:95:ab:0a:f8:
14:cf:ff:5c:90:b1:05:83:87:71:16:52:8b:08:f2:8a:37:73:
09:bc:05:59:bf:4d:7a:2d:ab:85:1a:af:34:7e:3f:1f:c3:a5:
5e:63:f8:47:6f:a4:fc:8f:ac:5e:fe:0b:bc:61:21:b3:e0:43:
a0:2d:7f:df:f9:3b:4b:ef:18:75:64:ea:50:e5:36:25:b2:08:
ba:eb:8b:5d:20:ef:f3:18:46:df:42:f3:7a:d2:61:88:a3:35:
51:d4:81:1a:ae:a2:d7:59:06:e3:0c:83:1d:4c:a4:cd:97:20:
f0:ea:da:5e:43:d0:7d:7a:af:02:b3:43:24:a7:e8:cf:f2:f1:
29:9a:ec:f7:e6:1d:7c:dc:a3:4d:b8:b9:a3:16:30:a7:8e:93:
5a:83:4c:75:af:1d:f3:17:01:d3:e2:be:f3:59:e9:f6:cd:5f:
ba:c7:aa:99:2c:6e:c4:f2:52:5d:ac:8a:32:3e:1e:c9:f9:69:
2d:a6:83:f9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzgOz7BA2akzhV0SFCkdhXWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4YzYwYTBkMmQ3MGE5MzM3ZDBiZGE1NmQxYWQ1OTZhYzFm
NjljZGEwHhcNMjQwMTA2MTkyMzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0M2RkNWQ2ZTJkMTdiY2U3MWNlOWNmOTMzOWU1MmRhZTk2MjQ4ZDAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAidO4vRIPtMxxR5eeB35fVtTQl8lm
gDHb6/3iE7VJ4CSWfGE7F8CQcZmWstJG6VRs5DQ32PZlIGBRhUvxRPpaKsVLb2F+
zop7KUExsMVIWc8NykDA+ze6Rx/B5j+luTmu5cC2Js4XRqGSU8GvvAizy/MPmrva
RWF5Kqh/DnrptVQPKw4VpFrlC040tXsfPNvySx19lPkgrYdOAJ9leo8yun+glYW1
diOs34RrSOmboXy6BBDf36vdrUSC2Jgr23LvcWGYotCmW4nRHRjTXhphi+CNacTD
VF0WpXz141MtZtGliIgsVNoYuOCdHXgY8lpQzyGb061OHsmhKnabm6PnHwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEPdXW4tF7znHOnPkznlLa6WJI0AMB8GA1UdIwQY
MBaAFNjGCg0tcKkzfQvaVtGtWWrB9pzaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMk1ZS0RTMXdxVE45QzlwVzBhMVphc0gybk5vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC9iNTFhODUtZjk5Zi00MjNmLTlmYWUt
ZGQyOTRjMzc4ZjZjLzEvUTkxZGJpMFh2T2NjNmMtVE9lVXRycFlralFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC9iNTFhODUtZjk5Zi00MjNmLTlmYWUtZGQyOTRjMzc4ZjZj
LzEvMk1ZS0RTMXdxVE45QzlwVzBhMVphc0gybk5vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbWnCMA0G
CSqGSIb3DQEBCwUAA4IBAQB3NYhCh3cAxF2GTJWpcxuY+jVPHx1akBrGhwcRwKr/
fDaEiDvOUfrPe8DokcorSYjVeUN9pDB9cV2BxzBrpE4XfB4iRZWrCvgUz/9ckLEF
g4dxFlKLCPKKN3MJvAVZv016LauFGq80fj8fw6VeY/hHb6T8j6xe/gu8YSGz4EOg
LX/f+TtL7xh1ZOpQ5TYlsgi664tdIO/zGEbfQvN60mGIozVR1IEarqLXWQbjDIMd
TKTNlyDw6tpeQ9B9eq8Cs0Mkp+jP8vEpmuz35h183KNNuLmjFjCnjpNag0x1rx3z
FwHT4r7zWen2zV+6x6qZLG7E8lJdrIoyPh7J+WktpoP5
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:28 2024 by rpki-client on console-ams.rpki-client.org