Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/bTzZB5eJSEVND5o7cQHPU_gGats.roa
File: bTzZB5eJSEVND5o7cQHPU_gGats.roa (raw, json)
Hash identifier: k+V/QQHCTOpI+9n0bWspdVYQoayz60wp4d2SYRTLJqA=
Subject key identifier: 6D:3C:D9:07:97:89:48:45:4D:0F:9A:3B:71:01:CF:53:F8:06:6A:DB
Certificate issuer: /CN=d8c60a0d2d70a9337d0bda56d1ad596ac1f69cda
Certificate serial: 018CC56EDDBF179F9DF05E90FA7F4960DF46
Authority key identifier: D8:C6:0A:0D:2D:70:A9:33:7D:0B:DA:56:D1:AD:59:6A:C1:F6:9C:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2MYKDS1wqTN9C9pW0a1ZasH2nNo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/bTzZB5eJSEVND5o7cQHPU_gGats.roa
Signing time: Mon 01 Jan 2024 14:30:26 +0000
ROA not before: Mon 01 Jan 2024 14:30:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60949
IP address blocks: 109.105.199.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 15:48:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:dd:bf:17:9f:9d:f0:5e:90:fa:7f:49:60:df:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8c60a0d2d70a9337d0bda56d1ad596ac1f69cda
Validity
Not Before: Jan 1 14:30:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6d3cd907978948454d0f9a3b7101cf53f8066adb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:b7:4a:92:57:14:9c:2c:1a:ae:d8:e6:24:df:
69:4f:95:3f:42:64:4b:ec:96:32:fa:22:b1:79:8c:
0b:89:03:7f:d9:61:38:ac:db:7f:3f:42:3e:bc:38:
c4:39:b3:b0:33:42:a8:3c:2b:05:85:d8:30:8b:a9:
b8:47:36:3a:90:03:17:7e:66:9f:7a:20:22:ed:e1:
79:4f:df:36:2b:56:53:ce:aa:4b:b1:af:93:e4:d3:
e5:e8:67:3a:77:16:6d:0d:f4:be:0d:c1:a1:2d:ca:
20:a5:4e:d7:45:af:a5:81:7b:2a:f9:6b:f0:7a:69:
fb:0a:ad:21:c9:f2:bc:73:43:bd:6d:dc:c2:86:66:
5d:c4:77:96:17:ec:69:44:cc:f2:47:74:4d:5f:28:
45:b8:68:d7:8c:b7:ea:d8:16:46:ae:61:65:d9:e3:
b4:40:e0:4e:f9:e5:de:c8:a2:ef:69:28:a8:26:0b:
2b:b3:f7:91:22:ff:c7:8c:6e:8d:08:1f:e2:06:f1:
b3:3b:ce:7a:5c:e4:9f:2a:0a:53:7d:bf:35:8d:95:
65:83:fc:34:82:3e:11:02:d7:98:ef:4c:b3:1a:ad:
19:eb:ef:63:75:41:43:c7:57:b4:6a:04:77:94:ab:
70:8f:ca:0a:e3:93:24:2a:46:da:d2:b0:38:b4:e5:
41:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:3C:D9:07:97:89:48:45:4D:0F:9A:3B:71:01:CF:53:F8:06:6A:DB
X509v3 Authority Key Identifier:
keyid:D8:C6:0A:0D:2D:70:A9:33:7D:0B:DA:56:D1:AD:59:6A:C1:F6:9C:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2MYKDS1wqTN9C9pW0a1ZasH2nNo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/bTzZB5eJSEVND5o7cQHPU_gGats.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/2MYKDS1wqTN9C9pW0a1ZasH2nNo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.105.199.0/24
Signature Algorithm: sha256WithRSAEncryption
6d:11:40:ed:df:82:ca:e4:5f:dd:2f:e8:df:1f:32:58:0e:a9:
e7:d5:5b:ab:87:df:f9:8d:9e:93:fc:9b:89:0f:91:a2:f1:61:
9a:6b:00:64:9c:36:c4:ae:e8:b6:c8:28:ce:af:44:7b:69:9f:
72:f4:cb:f0:db:fd:9e:1f:c4:47:92:0e:2e:a3:be:94:9c:05:
87:05:70:f5:96:5f:9a:7d:e2:0b:40:67:cf:cb:e5:f6:e9:66:
a0:41:df:d5:93:0f:7a:39:75:0f:32:98:e7:db:09:f3:a2:fe:
d0:1e:39:ae:c7:39:f0:34:23:0a:7f:15:2d:f0:9c:2f:af:fd:
50:e1:4f:5b:b1:c4:29:2e:81:64:2d:88:34:64:e4:a1:20:af:
53:f6:86:13:6e:3f:92:f1:4b:86:df:7a:0e:27:c4:81:97:ff:
f0:20:7b:2c:b2:87:c3:15:f8:11:94:fb:3e:77:ea:65:28:f8:
f6:fd:6a:cc:24:22:89:9d:86:0e:b9:e6:16:89:15:6a:67:63:
2b:e3:61:27:bf:93:cd:d2:c2:61:23:dd:7c:11:19:e0:4b:d8:
09:47:eb:73:4c:4f:36:97:44:cb:31:90:b9:06:c8:42:26:3f:
9d:db:1d:70:32:8b:e1:17:e0:03:e1:03:81:a9:40:fc:b4:f6:
12:86:b3:90
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFbt2/F5+d8F6Q+n9JYN9GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4YzYwYTBkMmQ3MGE5MzM3ZDBiZGE1NmQxYWQ1OTZhYzFm
NjljZGEwHhcNMjQwMTAxMTQzMDI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDNjZDkwNzk3ODk0ODQ1NGQwZjlhM2I3MTAxY2Y1M2Y4MDY2YWRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA07dKklcUnCwartjmJN9pT5U/QmRL
7JYy+iKxeYwLiQN/2WE4rNt/P0I+vDjEObOwM0KoPCsFhdgwi6m4RzY6kAMXfmaf
eiAi7eF5T982K1ZTzqpLsa+T5NPl6Gc6dxZtDfS+DcGhLcogpU7XRa+lgXsq+Wvw
emn7Cq0hyfK8c0O9bdzChmZdxHeWF+xpRMzyR3RNXyhFuGjXjLfq2BZGrmFl2eO0
QOBO+eXeyKLvaSioJgsrs/eRIv/HjG6NCB/iBvGzO856XOSfKgpTfb81jZVlg/w0
gj4RAteY70yzGq0Z6+9jdUFDx1e0agR3lKtwj8oK45MkKkba0rA4tOVBuwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG082QeXiUhFTQ+aO3EBz1P4BmrbMB8GA1UdIwQY
MBaAFNjGCg0tcKkzfQvaVtGtWWrB9pzaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMk1ZS0RTMXdxVE45QzlwVzBhMVphc0gybk5vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC9iNTFhODUtZjk5Zi00MjNmLTlmYWUt
ZGQyOTRjMzc4ZjZjLzEvYlR6WkI1ZUpTRVZORDVvN2NRSFBVX2dHYXRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC9iNTFhODUtZjk5Zi00MjNmLTlmYWUtZGQyOTRjMzc4ZjZj
LzEvMk1ZS0RTMXdxVE45QzlwVzBhMVphc0gybk5vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbWnHMA0G
CSqGSIb3DQEBCwUAA4IBAQBtEUDt34LK5F/dL+jfHzJYDqnn1Vurh9/5jZ6T/JuJ
D5Gi8WGaawBknDbErui2yCjOr0R7aZ9y9Mvw2/2eH8RHkg4uo76UnAWHBXD1ll+a
feILQGfPy+X26WagQd/Vkw96OXUPMpjn2wnzov7QHjmuxznwNCMKfxUt8Jwvr/1Q
4U9bscQpLoFkLYg0ZOShIK9T9oYTbj+S8UuG33oOJ8SBl//wIHsssofDFfgRlPs+
d+plKPj2/WrMJCKJnYYOueYWiRVqZ2Mr42Env5PN0sJhI918ERngS9gJR+tzTE82
l0TLMZC5BshCJj+d2x1wMovhF+AD4QOBqUD8tPYShrOQ
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:05:15 2025 by rpki-client