Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/edea6e-66cc-4fb1-a454-fe837f98e026/1/i4olF47OpcVFDbnIY1sSp5D1MJI.roa
File: i4olF47OpcVFDbnIY1sSp5D1MJI.roa (raw, json)
Hash identifier: d62a/XhkhPE/ntqGNmJWJi1910SqLBLu9Y1BF9f10PU=
Subject key identifier: 8B:8A:25:17:8E:CE:A5:C5:45:0D:B9:C8:63:5B:12:A7:90:F5:30:92
Certificate issuer: /CN=63444210ea08ac529878d51917e3b30054d620d1
Certificate serial: 0188574D50967B4E20F539CCD9C2F398010C
Authority key identifier: 63:44:42:10:EA:08:AC:52:98:78:D5:19:17:E3:B3:00:54:D6:20:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y0RCEOoIrFKYeNUZF-OzAFTWINE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/edea6e-66cc-4fb1-a454-fe837f98e026/1/i4olF47OpcVFDbnIY1sSp5D1MJI.roa
Signing time: Fri 26 May 2023 09:04:24 +0000
ROA not before: Fri 26 May 2023 09:04:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 30722
IP address blocks: 109.114.0.0/15 maxlen: 15
109.115.192.0/19 maxlen: 19
109.115.96.0/19 maxlen: 19
109.112.0.0/15 maxlen: 15
109.115.224.0/19 maxlen: 19
Validation: Failed, certificate revoked on Fri 26 May 2023 09:32:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:57:4d:50:96:7b:4e:20:f5:39:cc:d9:c2:f3:98:01:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63444210ea08ac529878d51917e3b30054d620d1
Validity
Not Before: May 26 09:04:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8b8a25178ecea5c5450db9c8635b12a790f53092
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:7f:99:cf:39:c8:c0:c0:33:33:44:3e:97:44:
b7:35:f5:ae:9a:69:1f:13:bb:fa:ba:b6:fd:e6:e2:
62:d4:39:88:36:35:21:25:35:16:37:14:a1:db:f0:
83:a5:55:dc:8c:22:87:87:0a:f4:6e:d4:d8:f3:25:
8a:82:6b:a8:85:e3:34:5b:8c:67:34:6a:0c:9c:e4:
0d:c0:79:b5:86:6a:a9:ab:66:24:5a:51:4f:a3:c8:
73:9f:82:79:9d:2d:fb:b8:1a:6c:d9:a2:a5:97:a7:
50:c6:cf:47:ae:2f:a1:9f:73:76:33:8f:9c:bc:90:
54:d2:13:88:c4:53:97:ed:5f:71:be:67:f5:c0:e7:
23:8a:6e:9b:42:db:85:82:24:f6:e6:e6:8d:ca:bd:
cf:ef:83:64:a1:e8:51:43:95:73:62:e2:ad:bb:7a:
08:89:fa:b6:61:05:40:32:2a:64:c7:3f:38:e6:b4:
14:a1:52:69:81:7d:04:75:22:56:cb:fb:bb:0a:2d:
86:8b:aa:4d:bc:1b:36:67:14:37:6e:33:35:06:22:
66:1e:29:de:bf:fe:1e:06:4f:78:3f:cd:4c:ce:a1:
eb:5f:9a:86:89:6f:af:cb:89:c8:9c:4a:70:a5:a0:
9f:40:bd:d3:15:e3:1c:0f:6b:47:83:4d:a8:62:33:
9d:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:8A:25:17:8E:CE:A5:C5:45:0D:B9:C8:63:5B:12:A7:90:F5:30:92
X509v3 Authority Key Identifier:
keyid:63:44:42:10:EA:08:AC:52:98:78:D5:19:17:E3:B3:00:54:D6:20:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y0RCEOoIrFKYeNUZF-OzAFTWINE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/edea6e-66cc-4fb1-a454-fe837f98e026/1/i4olF47OpcVFDbnIY1sSp5D1MJI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/edea6e-66cc-4fb1-a454-fe837f98e026/1/Y0RCEOoIrFKYeNUZF-OzAFTWINE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.112.0.0/14
Signature Algorithm: sha256WithRSAEncryption
25:97:38:d7:61:73:19:55:2b:40:4c:38:c6:9a:fa:5f:d1:4d:
5f:77:48:ba:c7:88:88:4b:ae:62:25:4c:40:92:96:70:e9:57:
05:45:e1:cc:50:12:f8:43:4e:e9:2d:6d:67:43:7f:1c:c0:a2:
d3:a8:7f:01:53:50:0d:68:e5:24:5a:7a:bd:34:0e:12:88:b9:
50:24:c0:bb:0c:3c:be:16:17:7c:51:2a:eb:78:b5:9a:bf:43:
5c:e7:dc:6d:02:97:7b:be:aa:62:00:75:53:d1:b8:80:51:ab:
57:98:32:c8:51:0c:01:40:f6:e2:f4:a3:56:b2:81:e7:a3:ec:
fa:7a:fd:47:91:77:5a:03:24:7f:27:5a:d7:9b:1f:4a:45:68:
62:13:df:b6:57:ba:8e:86:ad:62:bd:09:27:d4:54:01:ec:93:
ed:40:ca:af:69:48:1e:1d:1f:76:7b:df:72:52:55:6e:18:e7:
f6:61:39:37:60:b9:8b:6e:cd:b1:52:64:0b:35:d0:ed:a0:57:
31:f5:c0:a3:e2:98:89:16:55:61:33:d2:ad:2c:eb:d2:b9:30:
4f:70:e9:58:f2:64:3a:0b:f4:f8:8f:76:14:b5:4b:c8:c0:fa:
8e:fe:a7:d6:c1:b2:c2:85:05:40:7b:8a:3c:3a:56:0a:a6:88:
a6:4b:92:80
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAYhXTVCWe04g9TnM2cLzmAEMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzNDQ0MjEwZWEwOGFjNTI5ODc4ZDUxOTE3ZTNiMzAwNTRk
NjIwZDEwHhcNMjMwNTI2MDkwNDI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjhhMjUxNzhlY2VhNWM1NDUwZGI5Yzg2MzViMTJhNzkwZjUzMDkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjH+ZzznIwMAzM0Q+l0S3NfWummkf
E7v6urb95uJi1DmINjUhJTUWNxSh2/CDpVXcjCKHhwr0btTY8yWKgmuoheM0W4xn
NGoMnOQNwHm1hmqpq2YkWlFPo8hzn4J5nS37uBps2aKll6dQxs9Hri+hn3N2M4+c
vJBU0hOIxFOX7V9xvmf1wOcjim6bQtuFgiT25uaNyr3P74NkoehRQ5VzYuKtu3oI
ifq2YQVAMipkxz845rQUoVJpgX0EdSJWy/u7Ci2Gi6pNvBs2ZxQ3bjM1BiJmHine
v/4eBk94P81MzqHrX5qGiW+vy4nInEpwpaCfQL3TFeMcD2tHg02oYjOdpwIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFIuKJReOzqXFRQ25yGNbEqeQ9TCSMB8GA1UdIwQY
MBaAFGNEQhDqCKxSmHjVGRfjswBU1iDRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWTBSQ0VPb0lyRktZZU5VWkYtT3pBRlRXSU5FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS9lZGVhNmUtNjZjYy00ZmIxLWE0NTQt
ZmU4MzdmOThlMDI2LzEvaTRvbEY0N09wY1ZGRGJuSVkxc1NwNUQxTUpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS9lZGVhNmUtNjZjYy00ZmIxLWE0NTQtZmU4MzdmOThlMDI2
LzEvWTBSQ0VPb0lyRktZZU5VWkYtT3pBRlRXSU5FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMCbXAwDQYJ
KoZIhvcNAQELBQADggEBACWXONdhcxlVK0BMOMaa+l/RTV93SLrHiIhLrmIlTECS
lnDpVwVF4cxQEvhDTuktbWdDfxzAotOofwFTUA1o5SRaer00DhKIuVAkwLsMPL4W
F3xRKut4tZq/Q1zn3G0Cl3u+qmIAdVPRuIBRq1eYMshRDAFA9uL0o1aygeej7Pp6
/UeRd1oDJH8nWtebH0pFaGIT37ZXuo6GrWK9CSfUVAHsk+1Ayq9pSB4dH3Z733JS
VW4Y5/ZhOTdguYtuzbFSZAs10O2gVzH1wKPimIkWVWEz0q0s69K5ME9w6VjyZDoL
9PiPdhS1S8jA+o7+p9bBssKFBUB7ijw6VgqmiKZLkoA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:41 2024 by rpki-client on console-ams.rpki-client.org