Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/7a6545-5277-40f3-b366-2ea87e6ea2a0/1/5z2DPFArGD7YSI1Sp9ttYOv9jU8.roa
File: 5z2DPFArGD7YSI1Sp9ttYOv9jU8.roa (raw, json)
Hash identifier: CZYFQbB5MkfIGIIVnA0uNWaTULzkfMcbC3PJKqBc/Ww=
Subject key identifier: E7:3D:83:3C:50:2B:18:3E:D8:48:8D:52:A7:DB:6D:60:EB:FD:8D:4F
Certificate issuer: /CN=d356ae625d9506df4a3e577b24a86fce3c73a8f8
Certificate serial: 01857030787B1F532D7152F35553702092EC
Authority key identifier: D3:56:AE:62:5D:95:06:DF:4A:3E:57:7B:24:A8:6F:CE:3C:73:A8:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/01auYl2VBt9KPld7JKhvzjxzqPg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/7a6545-5277-40f3-b366-2ea87e6ea2a0/1/5z2DPFArGD7YSI1Sp9ttYOv9jU8.roa
Signing time: Mon 02 Jan 2023 01:55:02 +0000
ROA not before: Mon 02 Jan 2023 01:55:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39590
IP address blocks: 109.105.124.0/22 maxlen: 24
2001:948:40::/42 maxlen: 42
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:29:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:30:78:7b:1f:53:2d:71:52:f3:55:53:70:20:92:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d356ae625d9506df4a3e577b24a86fce3c73a8f8
Validity
Not Before: Jan 2 01:55:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e73d833c502b183ed8488d52a7db6d60ebfd8d4f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:e4:1f:cf:01:1f:6c:14:b7:6e:b3:a9:81:6c:
ac:9d:29:94:c2:7d:f4:01:2c:27:d1:d1:53:2a:23:
0a:41:17:5a:18:0d:49:07:05:b9:87:c8:11:a9:ac:
24:1e:75:61:91:78:c2:db:4e:07:35:f5:3f:d9:48:
ae:84:31:c3:e3:b8:b8:f0:5b:db:be:5b:ee:f2:68:
8b:f4:0c:67:6f:a8:5c:e7:d1:2c:b3:c0:4b:45:c7:
35:26:39:f9:4b:1a:85:7b:8a:a7:4d:a7:bf:a3:a6:
81:cf:d6:ff:a5:e0:50:16:c5:07:66:cc:f7:fe:b7:
51:46:cf:09:7d:20:75:dd:f2:98:82:fe:fd:94:f2:
19:4c:5b:a3:67:06:92:21:2b:f4:68:c3:e0:d8:58:
d7:10:df:bc:cc:f1:fc:3c:3e:7e:67:f2:2f:96:64:
07:b3:3f:6e:66:13:3a:87:74:9f:1f:0f:1e:66:19:
39:bb:00:7f:4f:1b:13:c1:1d:eb:ff:4c:e3:98:90:
75:dd:aa:87:bb:c0:43:3f:de:62:45:4b:0e:b7:ab:
f5:dc:60:2c:18:9c:ce:5f:6c:2e:74:e4:0c:23:f7:
50:69:17:c0:a7:e7:bc:74:89:2b:19:e4:14:f7:99:
d1:59:26:d4:e3:d4:4e:a5:eb:f1:0e:7d:81:32:b2:
12:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:3D:83:3C:50:2B:18:3E:D8:48:8D:52:A7:DB:6D:60:EB:FD:8D:4F
X509v3 Authority Key Identifier:
keyid:D3:56:AE:62:5D:95:06:DF:4A:3E:57:7B:24:A8:6F:CE:3C:73:A8:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/01auYl2VBt9KPld7JKhvzjxzqPg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/7a6545-5277-40f3-b366-2ea87e6ea2a0/1/5z2DPFArGD7YSI1Sp9ttYOv9jU8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/7a6545-5277-40f3-b366-2ea87e6ea2a0/1/01auYl2VBt9KPld7JKhvzjxzqPg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.105.124.0/22
IPv6:
2001:948:40::/42
Signature Algorithm: sha256WithRSAEncryption
73:4c:49:ae:74:d1:cd:40:89:0a:b1:5b:dc:d4:64:6c:00:26:
65:15:f0:29:df:ff:2a:4a:08:84:d6:1f:77:b8:8b:5d:f7:1e:
99:d7:fd:fa:71:94:3e:00:a0:d9:7b:16:42:90:6b:86:78:54:
2c:c1:72:88:08:a0:e9:b9:e2:5d:66:5d:25:da:ee:d8:26:a6:
83:e3:f1:b4:64:2b:e3:72:65:11:a7:3d:47:34:51:55:8d:85:
e6:2b:42:54:71:cc:80:38:19:0a:e7:4b:4f:34:b0:5e:54:7c:
e0:30:d9:4b:b1:28:e5:e3:37:83:16:56:04:dd:0f:f6:f9:cc:
a9:a9:1f:50:44:3e:cb:f6:24:46:f2:86:53:71:23:27:7a:84:
54:ea:51:1d:4a:99:59:e5:b9:d6:fa:7c:5b:74:04:b5:86:4a:
3a:17:be:8d:ea:23:de:b0:cb:d0:e1:52:4c:20:4d:93:8d:bf:
6c:27:ae:12:23:28:7c:d5:9c:b6:3e:11:cf:09:6e:af:ec:28:
f5:32:3e:9d:bf:1a:7b:46:85:5c:ef:63:1b:44:63:0e:01:b0:
54:1b:21:d4:f4:6a:e3:88:93:32:e9:4f:5f:c0:ae:0d:f7:1a:
1b:c5:19:a1:3f:21:e0:98:16:02:3e:46:d0:48:91:15:53:1a:
a7:5c:5a:29
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVwMHh7H1MtcVLzVVNwIJLsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzNTZhZTYyNWQ5NTA2ZGY0YTNlNTc3YjI0YTg2ZmNlM2M3
M2E4ZjgwHhcNMjMwMTAyMDE1NTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNzNkODMzYzUwMmIxODNlZDg0ODhkNTJhN2RiNmQ2MGViZmQ4ZDRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr+QfzwEfbBS3brOpgWysnSmUwn30
ASwn0dFTKiMKQRdaGA1JBwW5h8gRqawkHnVhkXjC204HNfU/2UiuhDHD47i48Fvb
vlvu8miL9Axnb6hc59Ess8BLRcc1Jjn5SxqFe4qnTae/o6aBz9b/peBQFsUHZsz3
/rdRRs8JfSB13fKYgv79lPIZTFujZwaSISv0aMPg2FjXEN+8zPH8PD5+Z/IvlmQH
sz9uZhM6h3SfHw8eZhk5uwB/TxsTwR3r/0zjmJB13aqHu8BDP95iRUsOt6v13GAs
GJzOX2wudOQMI/dQaRfAp+e8dIkrGeQU95nRWSbU49ROpevxDn2BMrISoQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFOc9gzxQKxg+2EiNUqfbbWDr/Y1PMB8GA1UdIwQY
MBaAFNNWrmJdlQbfSj5XeySob848c6j4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDFhdVlsMlZCdDlLUGxkN0pLaHZ6anh6cVBnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS83YTY1NDUtNTI3Ny00MGYzLWIzNjYt
MmVhODdlNmVhMmEwLzEvNXoyRFBGQXJHRDdZU0kxU3A5dHRZT3Y5alU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS83YTY1NDUtNTI3Ny00MGYzLWIzNjYtMmVhODdlNmVhMmEw
LzEvMDFhdVlsMlZCdDlLUGxkN0pLaHZ6anh6cVBnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCbWl8MA8E
AgACMAkDBwYgAQlIAEAwDQYJKoZIhvcNAQELBQADggEBAHNMSa500c1AiQqxW9zU
ZGwAJmUV8Cnf/ypKCITWH3e4i133HpnX/fpxlD4AoNl7FkKQa4Z4VCzBcogIoOm5
4l1mXSXa7tgmpoPj8bRkK+NyZRGnPUc0UVWNheYrQlRxzIA4GQrnS080sF5UfOAw
2UuxKOXjN4MWVgTdD/b5zKmpH1BEPsv2JEbyhlNxIyd6hFTqUR1KmVnludb6fFt0
BLWGSjoXvo3qI96wy9DhUkwgTZONv2wnrhIjKHzVnLY+Ec8Jbq/sKPUyPp2/GntG
hVzvYxtEYw4BsFQbIdT0auOIkzLpT1/Arg33GhvFGaE/IeCYFgI+RtBIkRVTGqdc
Wik=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:59:42 2024 by rpki-client on console-ams.rpki-client.org