Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/2171be-b083-479b-a580-6a06b7502bd7/1/tYVHN9O4nwPMies0-WDFhawTyWY.roa
File: tYVHN9O4nwPMies0-WDFhawTyWY.roa (raw, json)
Hash identifier: XtcYx4D0c4Uqqke8WBpZekCFt8a887H+3FLotwH1Pi4=
Subject key identifier: B5:85:47:37:D3:B8:9F:03:CC:89:EB:34:F9:60:C5:85:AC:13:C9:66
Certificate issuer: /CN=37ed49efac9795987771acdc77a0e228904277ad
Certificate serial: 018C1BF971EAC8381B81C114AB8BC9B8AE13
Authority key identifier: 37:ED:49:EF:AC:97:95:98:77:71:AC:DC:77:A0:E2:28:90:42:77:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/N-1J76yXlZh3cazcd6DiKJBCd60.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/2171be-b083-479b-a580-6a06b7502bd7/1/tYVHN9O4nwPMies0-WDFhawTyWY.roa
Signing time: Wed 29 Nov 2023 16:46:21 +0000
ROA not before: Wed 29 Nov 2023 16:46:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34665
IP address blocks: 109.172.87.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:1b:f9:71:ea:c8:38:1b:81:c1:14:ab:8b:c9:b8:ae:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=37ed49efac9795987771acdc77a0e228904277ad
Validity
Not Before: Nov 29 16:46:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b5854737d3b89f03cc89eb34f960c585ac13c966
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:6d:77:86:e1:7c:28:bd:07:c2:ce:42:f9:0a:
f8:ed:53:69:b4:b8:10:56:3f:0e:a7:0c:9e:89:9d:
e8:af:5f:00:82:66:83:9b:c9:98:5f:12:19:56:45:
f6:68:95:26:c0:10:ea:16:cb:1c:e6:b0:ab:0c:24:
8a:a8:11:c1:ea:bf:9f:6f:cb:44:e9:7b:54:8b:77:
db:fb:90:ae:17:c0:f6:a1:01:1a:f6:de:6d:6a:cc:
86:11:de:2d:83:c6:20:11:d3:dd:82:de:3b:0b:c4:
3e:0c:e3:2f:7d:55:70:27:41:16:26:30:09:72:b3:
02:a4:68:c9:15:54:b2:eb:8c:3d:55:f9:7b:78:76:
ee:31:51:3d:a7:e6:ba:e7:98:db:a6:77:c5:b8:42:
ff:fb:2b:c6:ab:af:7a:e3:12:90:c8:c2:dc:d5:9e:
c4:25:5c:a8:03:ef:37:3a:52:ef:98:75:27:d8:cd:
41:20:ac:4e:bd:4c:2a:ac:19:23:51:bb:77:10:0a:
2e:d1:b6:c4:e2:f7:f3:f3:87:33:3c:5d:8c:91:79:
d2:bc:bd:b4:ac:7c:e6:7e:15:3f:4a:db:6a:f9:5f:
ea:3c:26:cc:49:7e:92:45:4c:68:10:90:6a:b6:5f:
d4:ea:ae:9a:30:2b:ba:13:08:60:f4:e6:17:ce:87:
66:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:85:47:37:D3:B8:9F:03:CC:89:EB:34:F9:60:C5:85:AC:13:C9:66
X509v3 Authority Key Identifier:
keyid:37:ED:49:EF:AC:97:95:98:77:71:AC:DC:77:A0:E2:28:90:42:77:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N-1J76yXlZh3cazcd6DiKJBCd60.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/2171be-b083-479b-a580-6a06b7502bd7/1/tYVHN9O4nwPMies0-WDFhawTyWY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/2171be-b083-479b-a580-6a06b7502bd7/1/N-1J76yXlZh3cazcd6DiKJBCd60.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.172.87.0/24
Signature Algorithm: sha256WithRSAEncryption
41:fa:e9:6d:45:be:e9:1d:81:e0:8e:d5:21:75:09:e3:cc:9d:
b6:55:a7:a2:33:c0:ed:e6:14:0b:b5:b7:2e:29:cb:94:e6:9f:
6f:3d:22:43:c9:84:77:36:d5:da:6a:17:24:58:73:25:6d:04:
bb:a8:37:ca:77:39:a9:61:14:fd:7d:3c:b0:d1:95:f4:1f:67:
94:f8:67:26:1c:ef:d7:9a:ca:82:f2:4e:bc:53:6d:ac:88:32:
d9:6b:be:d3:6b:95:be:10:18:e0:f8:e1:9c:3f:84:8e:c8:39:
af:7e:c7:8f:42:e4:bc:82:bc:87:73:3b:6b:49:5c:52:ae:49:
de:d4:70:31:53:5d:0a:0f:30:f9:64:1c:80:de:96:c0:ee:dc:
d9:c3:41:d3:f8:82:9a:ab:b4:89:05:f6:4b:86:6b:4b:11:98:
10:17:2b:57:0b:c0:e8:8d:95:37:17:97:65:6a:a7:2e:d7:6f:
a0:cb:2e:56:1e:0b:29:25:50:17:9c:7b:87:fc:4e:d0:5e:a1:
0c:6f:3a:68:a1:ca:76:21:ad:9a:d5:f9:fa:78:57:18:fc:2a:
9a:e2:16:f3:23:de:0b:a3:d5:b4:c6:70:28:83:f4:1e:e7:4e:
39:6b:97:1a:1e:8f:5c:af:6c:f8:a2:53:cf:a6:1e:e2:b0:ac:
34:fa:0b:a8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYwb+XHqyDgbgcEUq4vJuK4TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3ZWQ0OWVmYWM5Nzk1OTg3NzcxYWNkYzc3YTBlMjI4OTA0
Mjc3YWQwHhcNMjMxMTI5MTY0NjIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTg1NDczN2QzYjg5ZjAzY2M4OWViMzRmOTYwYzU4NWFjMTNjOTY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArG13huF8KL0Hws5C+Qr47VNptLgQ
Vj8OpwyeiZ3or18AgmaDm8mYXxIZVkX2aJUmwBDqFssc5rCrDCSKqBHB6r+fb8tE
6XtUi3fb+5CuF8D2oQEa9t5tasyGEd4tg8YgEdPdgt47C8Q+DOMvfVVwJ0EWJjAJ
crMCpGjJFVSy64w9Vfl7eHbuMVE9p+a655jbpnfFuEL/+yvGq6964xKQyMLc1Z7E
JVyoA+83OlLvmHUn2M1BIKxOvUwqrBkjUbt3EAou0bbE4vfz84czPF2MkXnSvL20
rHzmfhU/Sttq+V/qPCbMSX6SRUxoEJBqtl/U6q6aMCu6Ewhg9OYXzodm+wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLWFRzfTuJ8DzInrNPlgxYWsE8lmMB8GA1UdIwQY
MBaAFDftSe+sl5WYd3Gs3Heg4iiQQnetMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTi0xSjc2eVhsWmgzY2F6Y2Q2RGlLSkJDZDYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi8yMTcxYmUtYjA4My00NzliLWE1ODAt
NmEwNmI3NTAyYmQ3LzEvdFlWSE45TzRud1BNaWVzMC1XREZoYXdUeVdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi8yMTcxYmUtYjA4My00NzliLWE1ODAtNmEwNmI3NTAyYmQ3
LzEvTi0xSjc2eVhsWmgzY2F6Y2Q2RGlLSkJDZDYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbaxXMA0G
CSqGSIb3DQEBCwUAA4IBAQBB+ultRb7pHYHgjtUhdQnjzJ22VaeiM8Dt5hQLtbcu
KcuU5p9vPSJDyYR3NtXaahckWHMlbQS7qDfKdzmpYRT9fTyw0ZX0H2eU+GcmHO/X
msqC8k68U22siDLZa77Ta5W+EBjg+OGcP4SOyDmvfsePQuS8gryHcztrSVxSrkne
1HAxU10KDzD5ZByA3pbA7tzZw0HT+IKaq7SJBfZLhmtLEZgQFytXC8DojZU3F5dl
aqcu12+gyy5WHgspJVAXnHuH/E7QXqEMbzpoocp2Ia2a1fn6eFcY/Cqa4hbzI94L
o9W0xnAog/Qe5045a5caHo9cr2z4olPPph7isKw0+guo
-----END CERTIFICATE-----
Generated at Mon Jan 1 06:16:18 2024 by rpki-client on console-ams.rpki-client.org