Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/2171be-b083-479b-a580-6a06b7502bd7/1/_MH7EgUTYIr1AfcsPMQ_U-WnuqI.roa
File: _MH7EgUTYIr1AfcsPMQ_U-WnuqI.roa (raw, json)
Hash identifier: YCon3bsOIt5aAF0I20qoAPOc4W67AFArg3aq40zb/8w=
Subject key identifier: FC:C1:FB:12:05:13:60:8A:F5:01:F7:2C:3C:C4:3F:53:E5:A7:BA:A2
Certificate issuer: /CN=37ed49efac9795987771acdc77a0e228904277ad
Certificate serial: 0185EF684B5F8CE4AA2FB8D2A6EBE6384359
Authority key identifier: 37:ED:49:EF:AC:97:95:98:77:71:AC:DC:77:A0:E2:28:90:42:77:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/N-1J76yXlZh3cazcd6DiKJBCd60.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/2171be-b083-479b-a580-6a06b7502bd7/1/_MH7EgUTYIr1AfcsPMQ_U-WnuqI.roa
Signing time: Thu 26 Jan 2023 18:47:47 +0000
ROA not before: Thu 26 Jan 2023 18:47:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 54339
IP address blocks: 109.172.74.0/23 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:ef:68:4b:5f:8c:e4:aa:2f:b8:d2:a6:eb:e6:38:43:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=37ed49efac9795987771acdc77a0e228904277ad
Validity
Not Before: Jan 26 18:47:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fcc1fb120513608af501f72c3cc43f53e5a7baa2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:0d:92:8b:33:5b:1f:c1:8f:c1:80:b8:15:d7:
53:9e:d6:84:c9:7a:4c:19:b6:50:fa:34:c0:4e:ae:
c6:e2:c5:b3:e8:ec:4d:36:ed:04:da:4b:b0:45:96:
1f:ba:25:0a:32:18:7b:22:56:d7:00:63:1c:4a:cf:
cc:e7:ca:b1:ba:a7:f5:d4:ed:74:1d:40:ea:bf:b9:
41:1c:8a:c7:be:2c:06:5c:95:70:22:b8:c1:2b:41:
0e:41:d0:1c:b2:0f:29:39:73:08:be:6f:32:2f:98:
85:31:99:b6:f9:ca:97:65:1a:d2:66:45:46:06:df:
00:de:0f:1e:59:ba:6c:ad:34:09:29:1a:81:81:32:
fb:25:35:70:8d:84:57:ce:d5:cb:cf:36:c1:34:6b:
22:9f:bc:9e:b9:47:23:c0:bd:8e:bc:d1:fb:fa:38:
45:50:2d:4d:32:8b:21:05:56:b2:e3:cc:ff:99:f2:
34:1c:fa:91:fb:2a:a6:06:06:c6:00:83:02:71:0d:
50:f1:10:7b:f4:7a:6a:cc:1f:d4:aa:73:f6:fa:80:
41:f8:0d:35:a0:df:3c:5c:8d:7f:48:24:5e:56:12:
c8:35:a1:9e:88:79:da:07:ad:f7:ac:71:43:3f:45:
eb:16:5e:2a:97:07:21:2f:06:be:01:02:0d:f5:cf:
a0:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:C1:FB:12:05:13:60:8A:F5:01:F7:2C:3C:C4:3F:53:E5:A7:BA:A2
X509v3 Authority Key Identifier:
keyid:37:ED:49:EF:AC:97:95:98:77:71:AC:DC:77:A0:E2:28:90:42:77:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N-1J76yXlZh3cazcd6DiKJBCd60.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/2171be-b083-479b-a580-6a06b7502bd7/1/_MH7EgUTYIr1AfcsPMQ_U-WnuqI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/2171be-b083-479b-a580-6a06b7502bd7/1/N-1J76yXlZh3cazcd6DiKJBCd60.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.172.74.0/23
Signature Algorithm: sha256WithRSAEncryption
63:e7:07:dc:58:6f:2e:7b:a7:c6:9d:41:d7:60:eb:c4:a3:d1:
96:90:74:f9:9c:c6:6a:73:f0:eb:64:78:83:15:bb:a6:e8:0a:
28:67:d1:8f:44:36:8c:6d:eb:72:83:93:92:36:6e:73:d4:53:
1d:74:b0:8f:9a:96:f8:b5:f4:99:cd:8f:4b:68:40:a8:4d:28:
ee:07:82:e7:49:19:30:1f:03:00:38:43:e2:a7:29:e4:be:ee:
1e:9a:18:bc:ec:2e:2f:54:6b:58:08:7e:b5:80:1e:a6:a9:34:
a4:22:fc:e3:d9:4a:46:6c:83:00:2c:79:ce:2b:20:c2:c8:9b:
45:41:fc:10:12:da:0a:e8:a0:26:45:69:4e:ee:68:3b:c5:a5:
db:00:c4:dc:a7:cd:c0:45:59:e1:ab:af:af:65:f2:af:b1:9d:
40:32:d1:d4:6b:72:ed:95:e8:05:4c:90:f9:57:ff:81:6b:00:
89:f5:35:a3:d9:04:78:ab:52:2a:e9:0f:81:12:8c:a8:8e:b0:
c9:dd:66:4c:7f:41:cf:d6:28:d2:b0:e4:83:d0:6e:b5:e8:8d:
cb:f6:4e:33:d8:e7:ab:02:5f:ec:6d:5c:ca:dd:d3:74:c3:97:
e8:27:ac:57:dc:d6:cd:35:ca:ad:12:c0:4f:55:a1:3f:51:51:
ee:3b:9c:c0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYXvaEtfjOSqL7jSpuvmOENZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3ZWQ0OWVmYWM5Nzk1OTg3NzcxYWNkYzc3YTBlMjI4OTA0
Mjc3YWQwHhcNMjMwMTI2MTg0NzQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmY2MxZmIxMjA1MTM2MDhhZjUwMWY3MmMzY2M0M2Y1M2U1YTdiYWEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAug2SizNbH8GPwYC4FddTntaEyXpM
GbZQ+jTATq7G4sWz6OxNNu0E2kuwRZYfuiUKMhh7IlbXAGMcSs/M58qxuqf11O10
HUDqv7lBHIrHviwGXJVwIrjBK0EOQdAcsg8pOXMIvm8yL5iFMZm2+cqXZRrSZkVG
Bt8A3g8eWbpsrTQJKRqBgTL7JTVwjYRXztXLzzbBNGsin7yeuUcjwL2OvNH7+jhF
UC1NMoshBVay48z/mfI0HPqR+yqmBgbGAIMCcQ1Q8RB79HpqzB/UqnP2+oBB+A01
oN88XI1/SCReVhLINaGeiHnaB633rHFDP0XrFl4qlwchLwa+AQIN9c+gmwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPzB+xIFE2CK9QH3LDzEP1Plp7qiMB8GA1UdIwQY
MBaAFDftSe+sl5WYd3Gs3Heg4iiQQnetMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTi0xSjc2eVhsWmgzY2F6Y2Q2RGlLSkJDZDYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi8yMTcxYmUtYjA4My00NzliLWE1ODAt
NmEwNmI3NTAyYmQ3LzEvX01IN0VnVVRZSXIxQWZjc1BNUV9VLVdudXFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi8yMTcxYmUtYjA4My00NzliLWE1ODAtNmEwNmI3NTAyYmQ3
LzEvTi0xSjc2eVhsWmgzY2F6Y2Q2RGlLSkJDZDYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBbaxKMA0G
CSqGSIb3DQEBCwUAA4IBAQBj5wfcWG8ue6fGnUHXYOvEo9GWkHT5nMZqc/DrZHiD
Fbum6AooZ9GPRDaMbetyg5OSNm5z1FMddLCPmpb4tfSZzY9LaECoTSjuB4LnSRkw
HwMAOEPipynkvu4emhi87C4vVGtYCH61gB6mqTSkIvzj2UpGbIMALHnOKyDCyJtF
QfwQEtoK6KAmRWlO7mg7xaXbAMTcp83ARVnhq6+vZfKvsZ1AMtHUa3LtlegFTJD5
V/+BawCJ9TWj2QR4q1Iq6Q+BEoyojrDJ3WZMf0HP1ijSsOSD0G616I3L9k4z2Oer
Al/sbVzK3dN0w5foJ6xX3NbNNcqtEsBPVaE/UVHuO5zA
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:47 2023 by rpki-client on console-ams.rpki-client.org