Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/f9684e-09e2-49cc-851d-af4c06f31aff/1/cAQl5LZzHz6DMs4mFjvCulJKi6Y.roa
File: cAQl5LZzHz6DMs4mFjvCulJKi6Y.roa (raw, json)
Hash identifier: tmLV2y+P7vBUL4xtnYxxERyt0pPjUreVz4Ka+ViMH08=
Subject key identifier: 70:04:25:E4:B6:73:1F:3E:83:32:CE:26:16:3B:C2:BA:52:4A:8B:A6
Certificate issuer: /CN=2cb4291df97963c5a9b732b1396f0f1c887504d6
Certificate serial: 01856FF95DD1E67FC16F77EA3CD70C693585
Authority key identifier: 2C:B4:29:1D:F9:79:63:C5:A9:B7:32:B1:39:6F:0F:1C:88:75:04:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LLQpHfl5Y8WptzKxOW8PHIh1BNY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/f9684e-09e2-49cc-851d-af4c06f31aff/1/cAQl5LZzHz6DMs4mFjvCulJKi6Y.roa
Signing time: Mon 02 Jan 2023 00:54:51 +0000
ROA not before: Mon 02 Jan 2023 00:54:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8829
IP address blocks: 109.204.128.0/19 maxlen: 19
109.204.160.0/20 maxlen: 20
109.204.192.0/18 maxlen: 18
2a00:8780::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:32:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:f9:5d:d1:e6:7f:c1:6f:77:ea:3c:d7:0c:69:35:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2cb4291df97963c5a9b732b1396f0f1c887504d6
Validity
Not Before: Jan 2 00:54:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=700425e4b6731f3e8332ce26163bc2ba524a8ba6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:90:95:98:68:44:93:0b:de:3c:8f:2c:30:05:
e8:ed:99:b7:48:19:8d:75:29:10:64:fa:bc:08:3a:
29:48:dc:f7:c6:c9:71:5c:86:05:59:7c:1c:c6:12:
25:45:aa:11:7f:b5:bd:9c:02:10:e0:f9:96:22:57:
77:b1:0d:0d:92:7c:b0:e1:83:9d:fc:44:1e:e4:84:
87:05:fa:c5:b0:91:b2:5b:38:e8:88:1b:30:ba:e5:
52:86:d0:96:cb:8c:c2:94:0a:b6:3b:b4:c8:7b:3d:
06:07:0f:da:11:0a:bf:a0:51:75:df:e8:cd:84:98:
83:47:2d:74:f3:51:6e:b6:53:b8:fa:c4:5c:7a:37:
61:fd:32:14:5d:67:1a:b8:6c:02:b2:c1:a9:31:a9:
51:36:3b:25:1f:99:40:a3:75:18:78:54:12:fb:0c:
4c:6e:a0:1c:47:c9:3a:b3:4e:c8:cc:ec:d2:73:f8:
3e:de:34:07:8c:06:9d:67:12:f8:cf:68:97:59:a7:
0b:d2:90:e7:82:2f:84:15:10:cb:02:35:a4:c0:23:
91:91:31:d8:27:1a:24:a2:b2:f7:78:dd:b8:f2:1c:
a4:be:84:50:ee:d3:8b:eb:7a:5c:07:ab:1f:08:d6:
7b:19:17:8b:92:2e:93:96:9d:35:71:36:c1:d3:30:
4b:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:04:25:E4:B6:73:1F:3E:83:32:CE:26:16:3B:C2:BA:52:4A:8B:A6
X509v3 Authority Key Identifier:
keyid:2C:B4:29:1D:F9:79:63:C5:A9:B7:32:B1:39:6F:0F:1C:88:75:04:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LLQpHfl5Y8WptzKxOW8PHIh1BNY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/f9684e-09e2-49cc-851d-af4c06f31aff/1/cAQl5LZzHz6DMs4mFjvCulJKi6Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/f9684e-09e2-49cc-851d-af4c06f31aff/1/LLQpHfl5Y8WptzKxOW8PHIh1BNY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.204.128.0-109.204.175.255
109.204.192.0/18
IPv6:
2a00:8780::/32
Signature Algorithm: sha256WithRSAEncryption
95:2a:0e:42:a1:3b:3d:bb:ec:fb:0c:a9:6e:91:ee:cb:18:43:
59:93:38:4d:f5:fd:40:94:d6:a3:c5:95:f4:52:a2:42:b5:51:
90:13:81:3d:69:ec:25:e2:ad:8a:52:ad:92:5d:a2:0f:3e:53:
84:c7:71:7c:fb:22:a8:f8:70:36:eb:a0:a4:ba:51:3b:6e:66:
f6:f0:af:18:f7:14:29:9c:6d:9c:0a:46:89:72:b9:2d:12:ea:
4c:40:d9:90:a4:3f:99:c6:a4:07:a4:c5:3e:76:fb:30:22:f1:
cf:a1:7b:2b:6a:e9:e5:83:21:60:71:4f:ce:53:04:36:6a:27:
92:6e:03:41:06:0c:3c:96:92:97:6b:ee:71:da:8d:88:ca:e8:
e8:aa:d3:25:08:8d:c9:c3:cd:3c:06:b5:39:ef:22:25:29:c4:
25:d1:01:ca:c4:09:f0:29:a7:0b:6c:82:eb:34:b1:21:89:28:
2d:a4:ba:bc:b7:89:6c:b8:84:10:71:7c:64:31:6a:d4:4a:33:
f8:87:26:fd:95:5d:89:d1:24:b6:95:33:86:cd:15:47:82:78:
0c:08:85:0e:4b:6e:6f:3a:93:6e:fa:10:bb:57:ed:ac:6b:27:
36:da:98:bd:12:b4:3e:d0:cc:fb:14:93:65:2a:cd:29:80:9a:
64:ff:54:41
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYVv+V3R5n/Bb3fqPNcMaTWFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjYjQyOTFkZjk3OTYzYzVhOWI3MzJiMTM5NmYwZjFjODg3
NTA0ZDYwHhcNMjMwMTAyMDA1NDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDA0MjVlNGI2NzMxZjNlODMzMmNlMjYxNjNiYzJiYTUyNGE4YmE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi5CVmGhEkwvePI8sMAXo7Zm3SBmN
dSkQZPq8CDopSNz3xslxXIYFWXwcxhIlRaoRf7W9nAIQ4PmWIld3sQ0Nknyw4YOd
/EQe5ISHBfrFsJGyWzjoiBswuuVShtCWy4zClAq2O7TIez0GBw/aEQq/oFF13+jN
hJiDRy1081FutlO4+sRcejdh/TIUXWcauGwCssGpMalRNjslH5lAo3UYeFQS+wxM
bqAcR8k6s07IzOzSc/g+3jQHjAadZxL4z2iXWacL0pDngi+EFRDLAjWkwCORkTHY
JxokorL3eN248hykvoRQ7tOL63pcB6sfCNZ7GReLki6Tlp01cTbB0zBLKQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFHAEJeS2cx8+gzLOJhY7wrpSSoumMB8GA1UdIwQY
MBaAFCy0KR35eWPFqbcysTlvDxyIdQTWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTExRcEhmbDVZOFdwdHpLeE9XOFBISWgxQk5ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS9mOTY4NGUtMDllMi00OWNjLTg1MWQt
YWY0YzA2ZjMxYWZmLzEvY0FRbDVMWnpIejZETXM0bUZqdkN1bEpLaTZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS9mOTY4NGUtMDllMi00OWNjLTg1MWQtYWY0YzA2ZjMxYWZm
LzEvTExRcEhmbDVZOFdwdHpLeE9XOFBISWgxQk5ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUMAwDBAdtzIAD
BARtzKADBAZtzMAwDQQCAAIwBwMFACoAh4AwDQYJKoZIhvcNAQELBQADggEBAJUq
DkKhOz277PsMqW6R7ssYQ1mTOE31/UCU1qPFlfRSokK1UZATgT1p7CXirYpSrZJd
og8+U4THcXz7Iqj4cDbroKS6UTtuZvbwrxj3FCmcbZwKRolyuS0S6kxA2ZCkP5nG
pAekxT52+zAi8c+heytq6eWDIWBxT85TBDZqJ5JuA0EGDDyWkpdr7nHajYjK6Oiq
0yUIjcnDzTwGtTnvIiUpxCXRAcrECfAppwtsgus0sSGJKC2kury3iWy4hBBxfGQx
atRKM/iHJv2VXYnRJLaVM4bNFUeCeAwIhQ5Lbm86k276ELtX7axrJzbamL0StD7Q
zPsUk2UqzSmAmmT/VEE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:42 2024 by rpki-client on console-ams.rpki-client.org