Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/da2447-b252-4b6a-a82f-dcbe53da7860/1/9qcN2B_6_WMpbk53rPq3qkiJqb4.roa
File: 9qcN2B_6_WMpbk53rPq3qkiJqb4.roa (raw, json)
Hash identifier: ojd+J2sOs3Uxfvi53zLYaqkChhjaKJ5LKZ2q43o/qtc=
Subject key identifier: F6:A7:0D:D8:1F:FA:FD:63:29:6E:4E:77:AC:FA:B7:AA:48:89:A9:BE
Certificate issuer: /CN=9bc6fd3f32ca4594c96075659a7089b27ae3fef3
Certificate serial: 01857321D34CD96EAF8160CE49FAAEA1DC91
Authority key identifier: 9B:C6:FD:3F:32:CA:45:94:C9:60:75:65:9A:70:89:B2:7A:E3:FE:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m8b9PzLKRZTJYHVlmnCJsnrj_vM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/da2447-b252-4b6a-a82f-dcbe53da7860/1/9qcN2B_6_WMpbk53rPq3qkiJqb4.roa
Signing time: Mon 02 Jan 2023 15:37:54 +0000
ROA not before: Mon 02 Jan 2023 15:37:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3209
IP address blocks: 192.109.111.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:31:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:21:d3:4c:d9:6e:af:81:60:ce:49:fa:ae:a1:dc:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bc6fd3f32ca4594c96075659a7089b27ae3fef3
Validity
Not Before: Jan 2 15:37:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f6a70dd81ffafd63296e4e77acfab7aa4889a9be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:e4:72:bb:ec:bd:12:bb:f5:ae:eb:13:e1:6c:
fd:72:2d:ce:28:ce:f6:f2:54:bd:83:5b:11:2d:f3:
d3:86:8c:4d:14:28:a7:8c:ea:d0:28:87:91:a5:fa:
c2:a3:32:4e:f0:39:48:4c:fc:77:6f:55:44:ea:de:
4d:af:db:51:a3:1a:15:38:cd:e3:f7:00:b9:a7:22:
a2:52:52:37:92:f9:a1:00:11:84:f9:25:52:36:fb:
b4:87:92:13:8e:9d:4d:d3:c1:69:a6:c6:2c:70:70:
59:aa:8e:98:ac:58:95:6f:b2:64:d0:2e:a7:bc:22:
37:f8:45:c1:c1:3e:35:dd:6e:49:b2:2d:e9:49:f8:
df:7a:81:34:9a:bf:b9:c2:08:11:81:37:87:1e:2d:
35:26:61:88:0a:f2:08:27:d6:13:ee:8f:7c:80:85:
66:8c:3d:9f:b7:f0:ed:f0:5e:59:fb:99:99:c9:f8:
bb:aa:3d:da:99:3f:27:51:ff:18:a8:5e:f7:f2:3b:
e5:b5:e9:dc:49:df:7e:1c:ae:ba:8c:52:de:12:72:
c6:4d:9d:2a:b9:e0:e0:20:67:39:3b:2e:33:5f:02:
52:09:24:59:2b:ff:51:ac:de:8d:19:8c:8b:3b:47:
3d:76:f3:c2:88:b2:cb:0c:ec:c1:c7:4d:39:e1:c7:
fd:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:A7:0D:D8:1F:FA:FD:63:29:6E:4E:77:AC:FA:B7:AA:48:89:A9:BE
X509v3 Authority Key Identifier:
keyid:9B:C6:FD:3F:32:CA:45:94:C9:60:75:65:9A:70:89:B2:7A:E3:FE:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m8b9PzLKRZTJYHVlmnCJsnrj_vM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/da2447-b252-4b6a-a82f-dcbe53da7860/1/9qcN2B_6_WMpbk53rPq3qkiJqb4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/da2447-b252-4b6a-a82f-dcbe53da7860/1/m8b9PzLKRZTJYHVlmnCJsnrj_vM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.109.111.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:35:ea:b7:76:61:ea:63:fb:fd:67:22:b1:ab:ed:b9:57:fa:
34:00:c0:07:c4:8e:4e:1a:1a:36:ae:db:02:3b:e6:3c:56:0e:
b8:07:21:ad:87:9a:02:22:62:e3:c6:f2:0a:18:b4:ff:46:1c:
d7:04:83:48:aa:ee:c2:ad:26:d7:3c:0e:8a:3e:d7:67:0a:ab:
b6:c0:dd:e3:d0:e9:36:d5:12:59:90:9c:91:36:c0:0f:42:df:
63:ad:1c:31:c8:5c:f3:fc:01:b3:4a:09:3a:d6:5d:ab:68:02:
9f:b7:fb:b2:4a:b3:39:24:6a:94:24:91:e3:48:04:50:9a:fc:
bc:bd:40:62:e3:dc:4b:fd:5d:8e:16:35:57:d3:31:b3:93:27:
4f:3f:85:89:24:64:0d:79:10:8c:5f:b5:8a:0b:0b:6f:67:f7:
06:ab:aa:76:4c:08:32:ce:50:89:0f:02:76:eb:c4:53:7b:1c:
a1:e2:fb:dd:c7:09:24:87:52:97:c3:3e:4b:ba:61:26:d0:6d:
90:1f:0d:35:c3:52:c8:d0:07:1e:64:8e:9f:1d:88:e9:55:60:
ba:f1:7c:7c:00:54:af:ff:a0:ca:90:91:e3:ea:3d:f2:70:70:
41:e1:18:ae:05:ce:8c:fd:85:7a:13:5e:3a:68:2d:7f:0e:a0:
70:9b:cc:da
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVzIdNM2W6vgWDOSfquodyRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliYzZmZDNmMzJjYTQ1OTRjOTYwNzU2NTlhNzA4OWIyN2Fl
M2ZlZjMwHhcNMjMwMTAyMTUzNzU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNmE3MGRkODFmZmFmZDYzMjk2ZTRlNzdhY2ZhYjdhYTQ4ODlhOWJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyeRyu+y9Erv1rusT4Wz9ci3OKM72
8lS9g1sRLfPThoxNFCinjOrQKIeRpfrCozJO8DlITPx3b1VE6t5Nr9tRoxoVOM3j
9wC5pyKiUlI3kvmhABGE+SVSNvu0h5ITjp1N08FppsYscHBZqo6YrFiVb7Jk0C6n
vCI3+EXBwT413W5Jsi3pSfjfeoE0mr+5wggRgTeHHi01JmGICvIIJ9YT7o98gIVm
jD2ft/Dt8F5Z+5mZyfi7qj3amT8nUf8YqF738jvltencSd9+HK66jFLeEnLGTZ0q
ueDgIGc5Oy4zXwJSCSRZK/9RrN6NGYyLO0c9dvPCiLLLDOzBx0054cf9awIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPanDdgf+v1jKW5Od6z6t6pIiam+MB8GA1UdIwQY
MBaAFJvG/T8yykWUyWB1ZZpwibJ64/7zMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbThiOVB6TEtSWlRKWUhWbG1uQ0pzbnJqX3ZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi9kYTI0NDctYjI1Mi00YjZhLWE4MmYt
ZGNiZTUzZGE3ODYwLzEvOXFjTjJCXzZfV01wYms1M3JQcTNxa2lKcWI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi9kYTI0NDctYjI1Mi00YjZhLWE4MmYtZGNiZTUzZGE3ODYw
LzEvbThiOVB6TEtSWlRKWUhWbG1uQ0pzbnJqX3ZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwG1vMA0G
CSqGSIb3DQEBCwUAA4IBAQAPNeq3dmHqY/v9ZyKxq+25V/o0AMAHxI5OGho2rtsC
O+Y8Vg64ByGth5oCImLjxvIKGLT/RhzXBINIqu7CrSbXPA6KPtdnCqu2wN3j0Ok2
1RJZkJyRNsAPQt9jrRwxyFzz/AGzSgk61l2raAKft/uySrM5JGqUJJHjSARQmvy8
vUBi49xL/V2OFjVX0zGzkydPP4WJJGQNeRCMX7WKCwtvZ/cGq6p2TAgyzlCJDwJ2
68RTexyh4vvdxwkkh1KXwz5LumEm0G2QHw01w1LI0AceZI6fHYjpVWC68Xx8AFSv
/6DKkJHj6j3ycHBB4RiuBc6M/YV6E146aC1/DqBwm8za
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:53 2024 by rpki-client on console-fra.rpki-client.org