Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/7a6545-5277-40f3-b366-2ea87e6ea2a0/1/Yd_X6ccvVIaUKNgbY0gMBRdE4Aw.roa
File: Yd_X6ccvVIaUKNgbY0gMBRdE4Aw.roa (raw, json)
Hash identifier: wWcXQrm9WBOzsY39vsPrjer1vW+Wbi2ubiLdK5b8qXc=
Subject key identifier: 61:DF:D7:E9:C7:2F:54:86:94:28:D8:1B:63:48:0C:05:17:44:E0:0C
Certificate issuer: /CN=d356ae625d9506df4a3e577b24a86fce3c73a8f8
Certificate serial: 018570307781F91C623CE48025AF682DB3DE
Authority key identifier: D3:56:AE:62:5D:95:06:DF:4A:3E:57:7B:24:A8:6F:CE:3C:73:A8:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/01auYl2VBt9KPld7JKhvzjxzqPg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/7a6545-5277-40f3-b366-2ea87e6ea2a0/1/Yd_X6ccvVIaUKNgbY0gMBRdE4Aw.roa
Signing time: Mon 02 Jan 2023 01:55:02 +0000
ROA not before: Mon 02 Jan 2023 01:55:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1653
IP address blocks: 109.105.126.0/25 maxlen: 25
109.105.126.128/25 maxlen: 25
2001:948:58::/48 maxlen: 48
2001:948:59::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:29:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:30:77:81:f9:1c:62:3c:e4:80:25:af:68:2d:b3:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d356ae625d9506df4a3e577b24a86fce3c73a8f8
Validity
Not Before: Jan 2 01:55:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=61dfd7e9c72f54869428d81b63480c051744e00c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:69:46:8f:45:7e:3d:cd:83:c0:e0:48:6b:06:
74:0b:69:23:7a:e5:e5:50:7c:aa:c7:c8:18:c7:cf:
79:86:f2:53:58:a7:79:59:d6:bb:09:7d:75:13:b4:
f4:d2:c6:24:56:6b:a4:c7:f4:93:60:ef:08:4e:22:
bc:c4:43:34:ba:3a:88:b0:7c:65:55:c5:da:78:cd:
40:de:d4:67:cc:4c:36:d9:e5:b7:c8:29:a9:bc:8f:
31:ba:a3:96:86:7a:80:10:8a:78:58:d3:bc:e8:2c:
c0:e8:26:06:f5:9a:08:3d:cc:3d:a1:23:e4:b7:9c:
3b:9a:38:83:f2:81:dc:0c:65:54:56:5c:f2:e6:76:
ec:d9:99:28:90:d5:1d:e5:88:a6:85:8a:c3:f2:e2:
84:2e:27:90:9b:8a:22:c0:bd:2f:95:cd:10:c8:18:
97:f7:69:3b:89:6c:df:fb:01:81:a3:a1:f1:65:17:
aa:2f:47:50:44:11:74:29:fa:40:f0:d9:28:0e:8b:
89:64:c3:b1:b5:ec:17:43:8b:6a:85:b7:4d:d3:a7:
af:6d:1a:73:46:90:69:1f:8d:29:55:8f:09:d0:fa:
94:49:f2:b3:5c:63:75:0f:3a:37:ac:99:db:83:8b:
a9:b4:2e:9d:d6:6e:a4:1c:52:0f:cb:5b:e0:21:97:
28:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:DF:D7:E9:C7:2F:54:86:94:28:D8:1B:63:48:0C:05:17:44:E0:0C
X509v3 Authority Key Identifier:
keyid:D3:56:AE:62:5D:95:06:DF:4A:3E:57:7B:24:A8:6F:CE:3C:73:A8:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/01auYl2VBt9KPld7JKhvzjxzqPg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/7a6545-5277-40f3-b366-2ea87e6ea2a0/1/Yd_X6ccvVIaUKNgbY0gMBRdE4Aw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/7a6545-5277-40f3-b366-2ea87e6ea2a0/1/01auYl2VBt9KPld7JKhvzjxzqPg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.105.126.0/24
IPv6:
2001:948:58::/47
Signature Algorithm: sha256WithRSAEncryption
7a:01:4e:42:a3:16:a2:29:c6:92:b4:d6:0d:d0:f7:70:32:b7:
fb:9b:2c:df:58:93:ca:03:fc:40:a6:c5:21:76:9d:c3:9b:6c:
33:55:07:4d:ac:5c:f0:f5:a6:1c:ef:b5:02:9d:bf:5e:aa:e1:
e3:29:c4:e9:1e:f4:08:77:ad:99:02:fa:8a:a9:4e:10:bf:14:
d2:de:9a:7b:d4:ce:1c:d0:29:e6:82:1c:cf:14:2d:1c:f5:1c:
02:07:77:e9:aa:7d:a5:dc:49:cf:ce:2b:da:2a:90:44:08:a4:
32:ea:de:33:9e:79:82:a1:8e:67:bd:15:0b:27:fd:a4:e4:e8:
83:6e:73:e0:97:b3:15:e2:a0:cd:60:a2:b8:8d:9a:4b:38:5b:
bb:e6:a5:77:93:ad:80:79:f1:6c:de:92:1e:42:2d:df:96:1e:
b8:70:e5:99:84:cb:04:6c:39:00:4d:e1:ef:ea:dc:be:22:3e:
a2:cf:ed:e7:71:f4:75:07:75:72:fb:72:e3:ed:3b:4a:e1:35:
03:ef:46:27:58:e0:7e:de:22:0c:5c:43:b5:73:c3:81:1f:63:
b1:a0:eb:5e:f9:4e:d1:ee:57:40:43:43:c3:5d:10:17:72:01:
36:df:19:66:aa:f9:30:2b:4b:c9:d5:05:99:37:56:fb:06:a6:
34:39:9f:68
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVwMHeB+RxiPOSAJa9oLbPeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzNTZhZTYyNWQ5NTA2ZGY0YTNlNTc3YjI0YTg2ZmNlM2M3
M2E4ZjgwHhcNMjMwMTAyMDE1NTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MWRmZDdlOWM3MmY1NDg2OTQyOGQ4MWI2MzQ4MGMwNTE3NDRlMDBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6WlGj0V+Pc2DwOBIawZ0C2kjeuXl
UHyqx8gYx895hvJTWKd5Wda7CX11E7T00sYkVmukx/STYO8ITiK8xEM0ujqIsHxl
VcXaeM1A3tRnzEw22eW3yCmpvI8xuqOWhnqAEIp4WNO86CzA6CYG9ZoIPcw9oSPk
t5w7mjiD8oHcDGVUVlzy5nbs2ZkokNUd5YimhYrD8uKELieQm4oiwL0vlc0QyBiX
92k7iWzf+wGBo6HxZReqL0dQRBF0KfpA8NkoDouJZMOxtewXQ4tqhbdN06evbRpz
RpBpH40pVY8J0PqUSfKzXGN1Dzo3rJnbg4uptC6d1m6kHFIPy1vgIZcozwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGHf1+nHL1SGlCjYG2NIDAUXROAMMB8GA1UdIwQY
MBaAFNNWrmJdlQbfSj5XeySob848c6j4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDFhdVlsMlZCdDlLUGxkN0pLaHZ6anh6cVBnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS83YTY1NDUtNTI3Ny00MGYzLWIzNjYt
MmVhODdlNmVhMmEwLzEvWWRfWDZjY3ZWSWFVS05nYlkwZ01CUmRFNEF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS83YTY1NDUtNTI3Ny00MGYzLWIzNjYtMmVhODdlNmVhMmEw
LzEvMDFhdVlsMlZCdDlLUGxkN0pLaHZ6anh6cVBnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAbWl+MA8E
AgACMAkDBwEgAQlIAFgwDQYJKoZIhvcNAQELBQADggEBAHoBTkKjFqIpxpK01g3Q
93Ayt/ubLN9Yk8oD/ECmxSF2ncObbDNVB02sXPD1phzvtQKdv16q4eMpxOke9Ah3
rZkC+oqpThC/FNLemnvUzhzQKeaCHM8ULRz1HAIHd+mqfaXcSc/OK9oqkEQIpDLq
3jOeeYKhjme9FQsn/aTk6INuc+CXsxXioM1goriNmks4W7vmpXeTrYB58Wzekh5C
Ld+WHrhw5ZmEywRsOQBN4e/q3L4iPqLP7edx9HUHdXL7cuPtO0rhNQPvRidY4H7e
IgxcQ7Vzw4EfY7Gg6175TtHuV0BDQ8NdEBdyATbfGWaq+TArS8nVBZk3VvsGpjQ5
n2g=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:59:42 2024 by rpki-client on console-ams.rpki-client.org