Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/c9TD53o7_4UbcqmUVBL0GMiriGE.roa
File: c9TD53o7_4UbcqmUVBL0GMiriGE.roa (raw, json)
Hash identifier: 7ejeith6QdXI7X8hjHcFBy5gzO1yWV3m/vr/kc9XJFA=
Subject key identifier: 73:D4:C3:E7:7A:3B:FF:85:1B:72:A9:94:54:12:F4:18:C8:AB:88:61
Certificate issuer: /CN=d8c60a0d2d70a9337d0bda56d1ad596ac1f69cda
Certificate serial: 018573038E32EC9E7A5615CA2874611F03FE
Authority key identifier: D8:C6:0A:0D:2D:70:A9:33:7D:0B:DA:56:D1:AD:59:6A:C1:F6:9C:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2MYKDS1wqTN9C9pW0a1ZasH2nNo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/c9TD53o7_4UbcqmUVBL0GMiriGE.roa
Signing time: Mon 02 Jan 2023 15:04:50 +0000
ROA not before: Mon 02 Jan 2023 15:04:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60588
IP address blocks: 109.105.206.0/24 maxlen: 24
109.105.204.0/24 maxlen: 24
109.105.205.0/24 maxlen: 24
109.105.203.0/24 maxlen: 24
109.105.201.0/24 maxlen: 24
109.105.202.0/24 maxlen: 24
109.105.200.0/24 maxlen: 24
109.105.207.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 13 May 2023 18:45:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:03:8e:32:ec:9e:7a:56:15:ca:28:74:61:1f:03:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8c60a0d2d70a9337d0bda56d1ad596ac1f69cda
Validity
Not Before: Jan 2 15:04:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=73d4c3e77a3bff851b72a9945412f418c8ab8861
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:3a:bd:bc:a1:df:a4:5c:d7:74:41:8e:6a:03:
b4:82:e7:1f:cc:4d:44:a7:eb:22:d8:5f:e3:0d:0c:
72:7b:5e:14:65:e4:47:08:50:23:75:dc:f2:18:ee:
09:29:0c:6f:6c:7d:25:ec:80:df:ee:07:28:a3:28:
33:17:07:ee:0e:79:f2:dd:ef:4a:f0:8b:68:d5:ae:
24:d0:04:73:69:c0:4b:ca:21:8f:f0:97:cb:40:df:
e2:4e:0e:77:ef:04:40:5f:0d:89:e5:6e:4a:6f:ef:
2f:a5:1d:51:8d:6c:57:e7:cc:67:ce:70:de:e8:40:
01:e4:60:55:ba:dd:ca:e1:93:26:9c:8c:5d:a3:58:
3a:1f:fb:8d:3d:c7:61:94:d0:55:c1:99:5e:6d:20:
95:37:d4:9a:88:f7:6e:c4:d5:1b:fd:6d:95:a6:69:
a8:e3:f3:09:a3:60:b4:23:2c:83:af:e7:d2:4e:c4:
4a:f9:b5:a2:21:05:e3:b7:b1:f6:7a:80:ab:60:12:
e3:3a:1f:0d:3a:b2:91:0f:20:b9:9a:32:54:3e:1d:
e5:56:36:7a:3c:8b:ef:3f:d9:fb:42:eb:38:3d:a5:
55:59:b4:13:6d:ea:cd:e9:8a:12:93:d1:73:47:69:
c6:84:eb:b0:37:66:29:2d:98:b2:aa:86:a1:ce:0c:
d1:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:D4:C3:E7:7A:3B:FF:85:1B:72:A9:94:54:12:F4:18:C8:AB:88:61
X509v3 Authority Key Identifier:
keyid:D8:C6:0A:0D:2D:70:A9:33:7D:0B:DA:56:D1:AD:59:6A:C1:F6:9C:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2MYKDS1wqTN9C9pW0a1ZasH2nNo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/c9TD53o7_4UbcqmUVBL0GMiriGE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/2MYKDS1wqTN9C9pW0a1ZasH2nNo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.105.200.0/21
Signature Algorithm: sha256WithRSAEncryption
10:a3:55:2d:57:c8:1a:2e:c5:70:87:d5:f5:d7:e2:0b:8d:a6:
82:17:54:be:9c:1d:17:3e:0a:34:50:b4:b6:3e:33:26:ee:75:
68:7d:f1:d8:08:3a:2c:9d:ac:4e:7b:b4:1e:88:74:2f:1b:f6:
bc:f7:21:23:4e:8b:2d:39:aa:7a:f2:1e:13:e1:a8:25:d5:22:
99:a4:14:6e:95:49:4c:e0:d5:2c:ad:5f:b3:4f:c8:5e:30:a6:
bd:40:46:74:f9:c8:08:6c:53:fb:ca:75:07:11:67:ac:1d:18:
c4:c0:f8:4b:65:9b:2a:15:4e:d2:45:a4:a4:34:a3:12:35:6f:
f6:ea:6b:c8:f3:93:ce:f9:30:90:f2:77:1f:af:07:08:7e:c7:
eb:8d:2c:74:0b:4f:88:99:e5:61:99:14:c5:b2:33:32:77:a5:
c0:88:e8:80:e8:fa:07:fd:c9:d9:40:12:24:5d:69:b0:a7:1f:
79:08:60:60:4c:26:a8:74:4d:ad:58:3e:31:47:b3:a6:94:2a:
4d:80:05:18:3a:91:d5:21:a1:ba:55:2e:70:69:91:73:b4:e7:
5b:a4:9f:0b:e4:4d:3f:36:a7:7a:d7:89:b0:c2:2b:74:2f:9b:
8a:f0:20:15:87:40:b5:61:4a:b0:1d:43:e0:69:4f:21:b6:72:
03:50:7e:ef
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVzA44y7J56VhXKKHRhHwP+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4YzYwYTBkMmQ3MGE5MzM3ZDBiZGE1NmQxYWQ1OTZhYzFm
NjljZGEwHhcNMjMwMTAyMTUwNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3M2Q0YzNlNzdhM2JmZjg1MWI3MmE5OTQ1NDEyZjQxOGM4YWI4ODYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApTq9vKHfpFzXdEGOagO0gucfzE1E
p+si2F/jDQxye14UZeRHCFAjddzyGO4JKQxvbH0l7IDf7gcooygzFwfuDnny3e9K
8Ito1a4k0ARzacBLyiGP8JfLQN/iTg537wRAXw2J5W5Kb+8vpR1RjWxX58xnznDe
6EAB5GBVut3K4ZMmnIxdo1g6H/uNPcdhlNBVwZlebSCVN9SaiPduxNUb/W2Vpmmo
4/MJo2C0IyyDr+fSTsRK+bWiIQXjt7H2eoCrYBLjOh8NOrKRDyC5mjJUPh3lVjZ6
PIvvP9n7Qus4PaVVWbQTberN6YoSk9FzR2nGhOuwN2YpLZiyqoahzgzRNwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHPUw+d6O/+FG3KplFQS9BjIq4hhMB8GA1UdIwQY
MBaAFNjGCg0tcKkzfQvaVtGtWWrB9pzaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMk1ZS0RTMXdxVE45QzlwVzBhMVphc0gybk5vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC9iNTFhODUtZjk5Zi00MjNmLTlmYWUt
ZGQyOTRjMzc4ZjZjLzEvYzlURDUzbzdfNFViY3FtVVZCTDBHTWlyaUdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC9iNTFhODUtZjk5Zi00MjNmLTlmYWUtZGQyOTRjMzc4ZjZj
LzEvMk1ZS0RTMXdxVE45QzlwVzBhMVphc0gybk5vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDbWnIMA0G
CSqGSIb3DQEBCwUAA4IBAQAQo1UtV8gaLsVwh9X11+ILjaaCF1S+nB0XPgo0ULS2
PjMm7nVoffHYCDosnaxOe7QeiHQvG/a89yEjTostOap68h4T4agl1SKZpBRulUlM
4NUsrV+zT8heMKa9QEZ0+cgIbFP7ynUHEWesHRjEwPhLZZsqFU7SRaSkNKMSNW/2
6mvI85PO+TCQ8ncfrwcIfsfrjSx0C0+ImeVhmRTFsjMyd6XAiOiA6PoH/cnZQBIk
XWmwpx95CGBgTCaodE2tWD4xR7OmlCpNgAUYOpHVIaG6VS5waZFztOdbpJ8L5E0/
Nqd614mwwit0L5uK8CAVh0C1YUqwHUPgaU8htnIDUH7v
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:36 2024 by rpki-client on console-fra.rpki-client.org