Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/a7FHxgGDGalFJReToWu1rYNOzZQ.roa
File: a7FHxgGDGalFJReToWu1rYNOzZQ.roa (raw, json)
Hash identifier: YIJrzynzwXsrDbMmT66eBbOd632P38qLfje3e1klFBg=
Subject key identifier: 6B:B1:47:C6:01:83:19:A9:45:25:17:93:A1:6B:B5:AD:83:4E:CD:94
Certificate issuer: /CN=d8c60a0d2d70a9337d0bda56d1ad596ac1f69cda
Certificate serial: 018F5D99928EEE01E0857E5792981DC5274A
Authority key identifier: D8:C6:0A:0D:2D:70:A9:33:7D:0B:DA:56:D1:AD:59:6A:C1:F6:9C:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2MYKDS1wqTN9C9pW0a1ZasH2nNo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/a7FHxgGDGalFJReToWu1rYNOzZQ.roa
Signing time: Thu 09 May 2024 13:44:56 +0000
ROA not before: Thu 09 May 2024 13:44:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 109.105.194.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 11 May 2024 16:36:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:5d:99:92:8e:ee:01:e0:85:7e:57:92:98:1d:c5:27:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8c60a0d2d70a9337d0bda56d1ad596ac1f69cda
Validity
Not Before: May 9 13:44:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6bb147c6018319a945251793a16bb5ad834ecd94
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:99:73:e8:e1:4b:4f:5a:fb:76:30:d0:c0:d7:
2d:10:41:9f:d3:83:ad:dc:08:68:ed:1e:1a:f0:92:
ba:d7:da:65:ea:7e:08:a7:93:a0:37:fb:21:6f:aa:
33:ec:85:1f:7b:3f:d3:03:c0:ea:c4:61:de:ea:70:
59:28:8e:89:0b:53:be:c8:bb:91:6e:43:30:56:17:
0e:ba:e6:6a:44:34:91:ed:f4:38:40:7f:bb:2b:5d:
86:e3:18:cc:b2:a3:16:03:7b:b3:1e:e2:ed:10:cd:
5e:44:b8:27:3a:2a:6a:dd:e2:e8:ef:ab:00:7c:7a:
15:74:bb:06:07:fa:13:65:17:8f:aa:39:aa:c3:8f:
21:42:f0:cc:cd:ef:5a:7e:ee:7a:b0:65:1d:57:ed:
0c:1b:1c:ad:25:6a:97:c3:b8:e0:c7:cd:64:e5:73:
56:27:14:af:c6:b9:8c:86:66:90:eb:35:7a:d4:5b:
81:8c:d3:87:63:17:26:95:8d:25:2c:ba:62:32:70:
eb:73:1d:85:98:eb:03:72:f5:7b:d9:87:c0:7c:1a:
21:e4:20:7c:e4:7d:f0:91:16:b4:40:cd:72:bb:29:
70:de:f6:de:09:7b:86:55:59:07:5c:e3:9e:02:21:
b2:5e:54:a6:ab:20:3f:1c:fb:c1:5a:e5:fa:7f:99:
ab:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:B1:47:C6:01:83:19:A9:45:25:17:93:A1:6B:B5:AD:83:4E:CD:94
X509v3 Authority Key Identifier:
keyid:D8:C6:0A:0D:2D:70:A9:33:7D:0B:DA:56:D1:AD:59:6A:C1:F6:9C:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2MYKDS1wqTN9C9pW0a1ZasH2nNo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/a7FHxgGDGalFJReToWu1rYNOzZQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/2MYKDS1wqTN9C9pW0a1ZasH2nNo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.105.194.0/24
Signature Algorithm: sha256WithRSAEncryption
75:6d:ce:72:f9:32:8c:d6:d6:fd:b6:33:fb:74:ee:78:fb:e5:
92:41:53:94:a8:0a:26:bc:34:a2:2c:a4:aa:d4:6a:1f:66:d1:
8d:f4:7f:e3:dc:e6:7c:5a:12:b1:0a:2c:2c:b6:15:2a:e0:ea:
77:87:73:6c:71:ed:c2:c2:6d:3c:bb:13:ae:f0:ea:5c:25:c5:
06:17:88:5a:dd:2d:6a:49:bb:65:14:00:7e:58:cd:af:b0:ea:
7b:67:0f:74:d6:ee:29:94:79:f2:0f:b1:a9:a1:96:2c:1c:a4:
97:f5:a3:d8:c3:e4:96:bc:70:c6:a4:e4:e6:7f:0c:66:e9:43:
fa:aa:1a:bc:4e:04:84:5a:2a:3c:56:6a:38:c0:ff:3b:94:68:
91:8d:a6:de:d4:a2:82:d2:1f:66:15:0b:ed:8a:ab:42:55:8e:
7b:dd:4a:13:7d:b2:cb:6d:5d:ba:99:d0:65:b8:38:02:04:fe:
75:51:cc:1a:f3:e4:1d:e2:24:2c:2e:43:ca:9d:a9:ef:8a:7b:
cd:55:11:30:1b:ed:f2:c5:0a:b2:7a:8f:95:e0:77:c6:c9:41:
e3:09:a8:58:56:25:7a:12:7d:55:85:b0:54:e6:8b:62:72:f6:
52:71:d4:9b:db:2e:e0:59:bc:d8:db:70:61:9e:88:d2:fe:fc:
65:dc:c7:da
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY9dmZKO7gHghX5XkpgdxSdKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4YzYwYTBkMmQ3MGE5MzM3ZDBiZGE1NmQxYWQ1OTZhYzFm
NjljZGEwHhcNMjQwNTA5MTM0NDU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YmIxNDdjNjAxODMxOWE5NDUyNTE3OTNhMTZiYjVhZDgzNGVjZDk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsZlz6OFLT1r7djDQwNctEEGf04Ot
3Aho7R4a8JK619pl6n4Ip5OgN/shb6oz7IUfez/TA8DqxGHe6nBZKI6JC1O+yLuR
bkMwVhcOuuZqRDSR7fQ4QH+7K12G4xjMsqMWA3uzHuLtEM1eRLgnOipq3eLo76sA
fHoVdLsGB/oTZRePqjmqw48hQvDMze9afu56sGUdV+0MGxytJWqXw7jgx81k5XNW
JxSvxrmMhmaQ6zV61FuBjNOHYxcmlY0lLLpiMnDrcx2FmOsDcvV72YfAfBoh5CB8
5H3wkRa0QM1yuylw3vbeCXuGVVkHXOOeAiGyXlSmqyA/HPvBWuX6f5mrVwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGuxR8YBgxmpRSUXk6Frta2DTs2UMB8GA1UdIwQY
MBaAFNjGCg0tcKkzfQvaVtGtWWrB9pzaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMk1ZS0RTMXdxVE45QzlwVzBhMVphc0gybk5vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC9iNTFhODUtZjk5Zi00MjNmLTlmYWUt
ZGQyOTRjMzc4ZjZjLzEvYTdGSHhnR0RHYWxGSlJlVG9XdTFyWU5PelpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC9iNTFhODUtZjk5Zi00MjNmLTlmYWUtZGQyOTRjMzc4ZjZj
LzEvMk1ZS0RTMXdxVE45QzlwVzBhMVphc0gybk5vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbWnCMA0G
CSqGSIb3DQEBCwUAA4IBAQB1bc5y+TKM1tb9tjP7dO54++WSQVOUqAomvDSiLKSq
1GofZtGN9H/j3OZ8WhKxCiwsthUq4Op3h3Nsce3Cwm08uxOu8OpcJcUGF4ha3S1q
SbtlFAB+WM2vsOp7Zw901u4plHnyD7GpoZYsHKSX9aPYw+SWvHDGpOTmfwxm6UP6
qhq8TgSEWio8Vmo4wP87lGiRjabe1KKC0h9mFQvtiqtCVY573UoTfbLLbV26mdBl
uDgCBP51Ucwa8+Qd4iQsLkPKnanvinvNVREwG+3yxQqyeo+V4HfGyUHjCahYViV6
En1VhbBU5oticvZScdSb2y7gWbzY23BhnojS/vxl3Mfa
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:36 2024 by rpki-client on console-fra.rpki-client.org