Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/dPnuEmpmiShc8y3pLdAKFvwcDko.roa
File: dPnuEmpmiShc8y3pLdAKFvwcDko.roa (raw, json)
Hash identifier: K+QJpbfo/CHOAb43oPAsYUJfZkTl9K0y84VwuNf5upM=
Subject key identifier: 74:F9:EE:12:6A:66:89:28:5C:F3:2D:E9:2D:D0:0A:16:FC:1C:0E:4A
Certificate issuer: /CN=d8c60a0d2d70a9337d0bda56d1ad596ac1f69cda
Certificate serial: 01889500B6FB0755D1E98CA0BDFAA3F39C75
Authority key identifier: D8:C6:0A:0D:2D:70:A9:33:7D:0B:DA:56:D1:AD:59:6A:C1:F6:9C:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2MYKDS1wqTN9C9pW0a1ZasH2nNo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/dPnuEmpmiShc8y3pLdAKFvwcDko.roa
Signing time: Wed 07 Jun 2023 08:37:11 +0000
ROA not before: Wed 07 Jun 2023 08:37:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 137409
IP address blocks: 109.105.196.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 08 Jun 2023 14:54:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:95:00:b6:fb:07:55:d1:e9:8c:a0:bd:fa:a3:f3:9c:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8c60a0d2d70a9337d0bda56d1ad596ac1f69cda
Validity
Not Before: Jun 7 08:37:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=74f9ee126a6689285cf32de92dd00a16fc1c0e4a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:0e:02:25:67:fa:7e:19:c8:b3:6d:83:63:18:
ce:8c:11:bb:bd:82:55:bc:9a:74:0b:4f:bc:ea:21:
03:cf:a9:a3:27:15:59:0b:03:b9:b6:14:ff:8e:92:
8e:57:b5:7a:46:61:b7:9b:12:bd:a8:0a:ef:02:14:
23:ca:12:04:2d:1b:d0:3c:33:67:a4:3a:b1:4d:c0:
7d:28:22:ef:ec:22:3d:33:73:c8:69:44:ac:88:df:
f3:a3:96:c4:a7:b2:4e:93:bb:05:36:a4:1e:c9:58:
3d:05:71:65:d2:d1:79:0f:f5:15:c0:7f:fd:d2:f9:
8c:f6:e7:61:c3:5a:09:51:a2:ec:26:24:7f:e3:9a:
0a:e2:eb:d7:c0:a4:77:38:97:a7:38:33:c1:14:59:
49:83:ce:c1:f6:28:4d:39:2a:f6:df:7d:6a:c1:93:
84:5b:e1:12:9a:82:88:07:ac:67:b6:72:e7:72:a6:
4f:a7:25:6e:84:07:4e:7e:5d:3e:77:6a:05:e9:0d:
79:51:28:e8:c1:a7:28:da:c5:61:ce:b0:8f:67:0a:
ba:47:2d:54:5d:d9:26:6b:a6:b7:b9:e5:35:90:a9:
f7:cd:0f:da:37:8a:ba:48:03:e6:ab:45:69:f1:6c:
68:f3:24:ae:72:2a:7c:a2:4d:0b:25:e0:25:f2:98:
30:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:F9:EE:12:6A:66:89:28:5C:F3:2D:E9:2D:D0:0A:16:FC:1C:0E:4A
X509v3 Authority Key Identifier:
keyid:D8:C6:0A:0D:2D:70:A9:33:7D:0B:DA:56:D1:AD:59:6A:C1:F6:9C:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2MYKDS1wqTN9C9pW0a1ZasH2nNo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/dPnuEmpmiShc8y3pLdAKFvwcDko.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/2MYKDS1wqTN9C9pW0a1ZasH2nNo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.105.196.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:35:b0:13:c0:66:23:75:42:9c:f1:54:9c:ed:73:2a:28:12:
0d:7d:f4:30:d6:57:a1:a3:70:14:b5:d8:95:3c:a9:32:8a:1a:
f6:a0:9e:f0:de:64:05:41:7b:00:a7:8d:23:f2:cc:cc:27:a1:
c4:59:64:66:05:02:59:bd:85:da:40:02:a6:ef:11:09:25:8c:
4d:cc:34:d0:84:49:93:5e:90:a9:a7:d9:11:2d:5b:13:78:9b:
3d:d0:eb:ee:21:61:86:8d:be:64:c7:5d:73:e2:ad:2c:98:23:
5a:3b:3e:cd:2c:4b:fe:c8:4a:86:cc:e2:a7:f9:c1:3e:23:b4:
cb:44:38:5c:45:f7:f4:e4:60:d5:cc:25:b4:c2:43:75:1c:a0:
96:33:68:1d:c7:88:41:8d:93:d0:75:0e:69:a1:20:71:dd:b4:
d3:d0:5a:97:03:1d:af:00:5e:2e:69:e2:15:da:81:59:8b:37:
0d:e0:0a:40:2e:f3:10:78:6b:03:93:04:ec:3a:fa:2f:96:60:
b1:b7:25:fa:53:0a:b2:b9:76:36:b7:b1:b3:b3:81:a0:0a:ea:
20:d8:79:9b:32:8f:53:42:64:20:16:dc:c2:34:ec:d1:8a:20:
35:8c:1f:f2:37:64:66:25:d3:a3:b8:83:c1:84:ab:d4:af:20:
dc:5d:89:bf
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYiVALb7B1XR6Yygvfqj85x1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4YzYwYTBkMmQ3MGE5MzM3ZDBiZGE1NmQxYWQ1OTZhYzFm
NjljZGEwHhcNMjMwNjA3MDgzNzExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NGY5ZWUxMjZhNjY4OTI4NWNmMzJkZTkyZGQwMGExNmZjMWMwZTRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuA4CJWf6fhnIs22DYxjOjBG7vYJV
vJp0C0+86iEDz6mjJxVZCwO5thT/jpKOV7V6RmG3mxK9qArvAhQjyhIELRvQPDNn
pDqxTcB9KCLv7CI9M3PIaUSsiN/zo5bEp7JOk7sFNqQeyVg9BXFl0tF5D/UVwH/9
0vmM9udhw1oJUaLsJiR/45oK4uvXwKR3OJenODPBFFlJg87B9ihNOSr2331qwZOE
W+ESmoKIB6xntnLncqZPpyVuhAdOfl0+d2oF6Q15USjowaco2sVhzrCPZwq6Ry1U
Xdkma6a3ueU1kKn3zQ/aN4q6SAPmq0Vp8Wxo8ySucip8ok0LJeAl8pgwWQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHT57hJqZokoXPMt6S3QChb8HA5KMB8GA1UdIwQY
MBaAFNjGCg0tcKkzfQvaVtGtWWrB9pzaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMk1ZS0RTMXdxVE45QzlwVzBhMVphc0gybk5vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC9iNTFhODUtZjk5Zi00MjNmLTlmYWUt
ZGQyOTRjMzc4ZjZjLzEvZFBudUVtcG1pU2hjOHkzcExkQUtGdndjRGtvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC9iNTFhODUtZjk5Zi00MjNmLTlmYWUtZGQyOTRjMzc4ZjZj
LzEvMk1ZS0RTMXdxVE45QzlwVzBhMVphc0gybk5vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbWnEMA0G
CSqGSIb3DQEBCwUAA4IBAQB9NbATwGYjdUKc8VSc7XMqKBINffQw1leho3AUtdiV
PKkyihr2oJ7w3mQFQXsAp40j8szMJ6HEWWRmBQJZvYXaQAKm7xEJJYxNzDTQhEmT
XpCpp9kRLVsTeJs90OvuIWGGjb5kx11z4q0smCNaOz7NLEv+yEqGzOKn+cE+I7TL
RDhcRff05GDVzCW0wkN1HKCWM2gdx4hBjZPQdQ5poSBx3bTT0FqXAx2vAF4uaeIV
2oFZizcN4ApALvMQeGsDkwTsOvovlmCxtyX6UwqyuXY2t7Gzs4GgCuog2HmbMo9T
QmQgFtzCNOzRiiA1jB/yN2RmJdOjuIPBhKvUryDcXYm/
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:28 2024 by rpki-client on console-ams.rpki-client.org