Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/secl9xbEKrY7oZB0i-YVjVd0FMg.roa
File: secl9xbEKrY7oZB0i-YVjVd0FMg.roa (raw, json)
Hash identifier: gFOjkg0rNsNavDgCVRt+STingU6Rk0ILwLKzrxSaJ/A=
Subject key identifier: B1:E7:25:F7:16:C4:2A:B6:3B:A1:90:74:8B:E6:15:8D:57:74:14:C8
Certificate issuer: /CN=d8c60a0d2d70a9337d0bda56d1ad596ac1f69cda
Certificate serial: 018C17850F24E1C46415CF88D7652EA3F0D7
Authority key identifier: D8:C6:0A:0D:2D:70:A9:33:7D:0B:DA:56:D1:AD:59:6A:C1:F6:9C:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2MYKDS1wqTN9C9pW0a1ZasH2nNo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/secl9xbEKrY7oZB0i-YVjVd0FMg.roa
Signing time: Tue 28 Nov 2023 20:00:45 +0000
ROA not before: Tue 28 Nov 2023 20:00:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60949
IP address blocks: 109.105.199.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:17:85:0f:24:e1:c4:64:15:cf:88:d7:65:2e:a3:f0:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8c60a0d2d70a9337d0bda56d1ad596ac1f69cda
Validity
Not Before: Nov 28 20:00:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b1e725f716c42ab63ba190748be6158d577414c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:42:16:35:91:af:45:96:93:84:bb:61:02:c9:
af:2b:18:2b:85:19:77:0d:5a:4e:04:2f:b3:18:6f:
e1:8c:74:3e:53:12:3f:be:94:48:82:8b:98:a0:51:
2b:55:42:2c:d4:33:6c:bf:de:3d:7a:38:8e:40:47:
e7:c4:d0:6c:9d:6a:99:54:5e:b5:ad:95:80:ae:54:
ea:82:d0:b3:d8:be:e2:b3:32:02:a2:10:e7:b4:1b:
f2:78:fb:8d:58:35:49:8a:86:e8:7b:2f:33:ed:62:
0a:e5:a5:7d:be:16:b5:ee:97:66:44:6a:dc:22:ab:
6d:d4:5e:3e:32:2e:d5:19:77:ed:fd:1c:ed:95:86:
3b:56:50:e3:9c:16:f4:21:63:6a:35:72:a5:7a:0e:
35:34:e5:c6:39:4a:d0:4f:0f:72:93:1c:53:96:bb:
fa:b0:ef:01:2f:24:b1:a1:6b:25:90:33:ba:93:a7:
d6:60:f9:0b:1a:30:e7:57:91:41:dd:71:7a:f3:2e:
e5:65:af:b7:d0:a0:fe:22:1d:e7:21:a8:53:6a:d3:
37:08:3c:4b:94:90:39:b3:27:07:07:0a:54:0d:f7:
c0:91:04:0a:0a:2d:63:a9:01:7a:dd:51:c6:70:b4:
0d:13:87:ca:c9:4d:d6:23:3f:a7:e7:96:57:ee:a1:
ac:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:E7:25:F7:16:C4:2A:B6:3B:A1:90:74:8B:E6:15:8D:57:74:14:C8
X509v3 Authority Key Identifier:
keyid:D8:C6:0A:0D:2D:70:A9:33:7D:0B:DA:56:D1:AD:59:6A:C1:F6:9C:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2MYKDS1wqTN9C9pW0a1ZasH2nNo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/secl9xbEKrY7oZB0i-YVjVd0FMg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/2MYKDS1wqTN9C9pW0a1ZasH2nNo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.105.199.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:d8:14:4d:9f:23:bd:90:99:5f:09:f1:c0:61:82:b4:c6:eb:
5e:e3:04:66:5a:27:b6:70:6f:45:8e:4f:ec:76:ed:da:47:23:
a8:d4:3e:28:24:35:f3:8a:66:28:9d:e2:1c:03:03:0a:c7:e5:
3d:c2:3c:3c:5e:b2:4f:2b:f4:bb:03:8b:e7:48:17:73:23:2f:
34:bf:67:93:93:fe:80:c0:ad:b7:7b:18:74:45:5f:a4:18:c0:
2a:27:a6:39:3a:62:cf:88:3a:62:65:c9:ce:63:41:b9:f3:13:
b8:0a:41:ae:2a:79:3e:2b:7f:e7:bd:1a:b6:a6:a8:b9:c8:6f:
0e:05:0e:4d:cd:25:77:4e:50:71:6e:b7:48:38:9f:bb:27:77:
61:5d:27:04:07:3b:a4:57:bb:d8:53:7b:d9:1c:c7:9f:6d:42:
dc:d2:d7:84:ea:c8:41:a3:32:02:a0:0d:7a:b8:a4:f9:e6:62:
19:97:49:e8:5c:ff:99:dc:3c:b4:52:53:95:03:99:42:d7:05:
21:9e:f5:c6:e8:6d:20:47:0d:23:26:b9:24:2c:18:00:87:74:
8e:35:5f:66:2c:67:91:22:25:4e:c1:fc:a7:28:f5:46:aa:05:
11:1b:1d:67:1b:61:b4:9c:6e:a2:2e:07:81:c4:f8:9c:a3:79:
de:a5:2a:e6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYwXhQ8k4cRkFc+I12Uuo/DXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4YzYwYTBkMmQ3MGE5MzM3ZDBiZGE1NmQxYWQ1OTZhYzFm
NjljZGEwHhcNMjMxMTI4MjAwMDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMWU3MjVmNzE2YzQyYWI2M2JhMTkwNzQ4YmU2MTU4ZDU3NzQxNGM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl0IWNZGvRZaThLthAsmvKxgrhRl3
DVpOBC+zGG/hjHQ+UxI/vpRIgouYoFErVUIs1DNsv949ejiOQEfnxNBsnWqZVF61
rZWArlTqgtCz2L7iszICohDntBvyePuNWDVJioboey8z7WIK5aV9vha17pdmRGrc
Iqtt1F4+Mi7VGXft/RztlYY7VlDjnBb0IWNqNXKleg41NOXGOUrQTw9ykxxTlrv6
sO8BLySxoWslkDO6k6fWYPkLGjDnV5FB3XF68y7lZa+30KD+Ih3nIahTatM3CDxL
lJA5sycHBwpUDffAkQQKCi1jqQF63VHGcLQNE4fKyU3WIz+n55ZX7qGspwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLHnJfcWxCq2O6GQdIvmFY1XdBTIMB8GA1UdIwQY
MBaAFNjGCg0tcKkzfQvaVtGtWWrB9pzaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMk1ZS0RTMXdxVE45QzlwVzBhMVphc0gybk5vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC9iNTFhODUtZjk5Zi00MjNmLTlmYWUt
ZGQyOTRjMzc4ZjZjLzEvc2VjbDl4YkVLclk3b1pCMGktWVZqVmQwRk1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC9iNTFhODUtZjk5Zi00MjNmLTlmYWUtZGQyOTRjMzc4ZjZj
LzEvMk1ZS0RTMXdxVE45QzlwVzBhMVphc0gybk5vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbWnHMA0G
CSqGSIb3DQEBCwUAA4IBAQB+2BRNnyO9kJlfCfHAYYK0xute4wRmWie2cG9Fjk/s
du3aRyOo1D4oJDXzimYoneIcAwMKx+U9wjw8XrJPK/S7A4vnSBdzIy80v2eTk/6A
wK23exh0RV+kGMAqJ6Y5OmLPiDpiZcnOY0G58xO4CkGuKnk+K3/nvRq2pqi5yG8O
BQ5NzSV3TlBxbrdIOJ+7J3dhXScEBzukV7vYU3vZHMefbULc0teE6shBozICoA16
uKT55mIZl0noXP+Z3Dy0UlOVA5lC1wUhnvXG6G0gRw0jJrkkLBgAh3SONV9mLGeR
IiVOwfynKPVGqgURGx1nG2G0nG6iLgeBxPico3nepSrm
-----END CERTIFICATE-----
Generated at Mon Jan 1 17:25:29 2024 by rpki-client on console-fra.rpki-client.org