Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/IW0CpZfUpx3uXmDDHIxst1_zocM.roa
File: IW0CpZfUpx3uXmDDHIxst1_zocM.roa (raw, json)
Hash identifier: orVGzVzGW5TwgxgBhzMrciNGQpg8Ox5n3YLPPq9J2Yc=
Subject key identifier: 21:6D:02:A5:97:D4:A7:1D:EE:5E:60:C3:1C:8C:6C:B7:5F:F3:A1:C3
Certificate issuer: /CN=ff87e0ab032b0c05eb5e74cc2c08698dd324d963
Certificate serial: 018CC50145A76C1125CC0E2D09015DF22FE4
Authority key identifier: FF:87:E0:AB:03:2B:0C:05:EB:5E:74:CC:2C:08:69:8D:D3:24:D9:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_4fgqwMrDAXrXnTMLAhpjdMk2WM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/IW0CpZfUpx3uXmDDHIxst1_zocM.roa
Signing time: Mon 01 Jan 2024 12:30:44 +0000
ROA not before: Mon 01 Jan 2024 12:30:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 399045
IP address blocks: 109.122.197.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:45:a7:6c:11:25:cc:0e:2d:09:01:5d:f2:2f:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff87e0ab032b0c05eb5e74cc2c08698dd324d963
Validity
Not Before: Jan 1 12:30:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=216d02a597d4a71dee5e60c31c8c6cb75ff3a1c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:45:20:09:4a:18:1a:58:92:6c:20:0e:53:29:
80:ab:68:f2:66:fc:a3:ac:bb:7f:87:10:5e:0e:d5:
05:c2:00:77:47:c6:57:98:45:b9:13:91:9d:6e:0a:
0e:80:08:5f:8b:f6:f6:8d:ed:a2:b1:2b:32:68:81:
ab:e8:97:d9:85:54:a9:ed:ff:ab:b1:ba:7d:4f:8c:
d8:0c:12:c1:d7:db:83:39:72:1a:be:04:bf:8e:2b:
e5:dc:7b:22:1a:c0:79:9e:2d:5a:2b:79:5d:6e:51:
0b:a6:89:04:56:9c:5e:11:4d:8d:c9:1b:42:e5:9c:
61:d9:15:8c:7f:6e:a1:c3:df:af:ab:5b:ba:49:7f:
21:ff:8d:38:6f:7c:03:89:06:c5:72:74:ff:44:f9:
02:1c:74:92:50:9c:97:56:d6:b1:d9:37:4b:56:36:
4c:3e:47:f8:7f:f8:51:e2:65:40:91:6a:0c:11:70:
3d:97:c5:59:2c:56:f7:9c:35:63:7c:13:00:2a:89:
d1:84:39:ef:a3:56:03:5f:40:d3:d1:b5:69:22:28:
80:ff:07:de:6a:78:9b:36:cc:3a:d3:a6:df:e2:df:
08:7b:e1:5c:2a:b8:92:de:b8:f7:c0:30:e6:5c:db:
95:a0:66:a2:92:0f:0d:fc:34:fa:ad:60:ab:04:f2:
c1:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:6D:02:A5:97:D4:A7:1D:EE:5E:60:C3:1C:8C:6C:B7:5F:F3:A1:C3
X509v3 Authority Key Identifier:
keyid:FF:87:E0:AB:03:2B:0C:05:EB:5E:74:CC:2C:08:69:8D:D3:24:D9:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_4fgqwMrDAXrXnTMLAhpjdMk2WM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/IW0CpZfUpx3uXmDDHIxst1_zocM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/_4fgqwMrDAXrXnTMLAhpjdMk2WM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.122.197.0/24
Signature Algorithm: sha256WithRSAEncryption
8b:5f:e1:89:1d:76:bb:66:f2:2f:60:11:63:24:69:73:ee:75:
c2:e3:a2:fb:63:86:3b:fd:6f:d0:3b:8a:b5:0d:9d:04:76:1a:
c7:46:a9:57:5d:07:e1:d1:d0:f5:91:c4:db:32:40:6a:5c:b9:
2b:9e:06:4b:01:28:52:b7:1e:18:33:e6:fd:1d:80:d2:61:30:
8a:13:10:9d:76:8b:f9:0a:d4:f9:2b:78:e7:9f:16:d0:b4:7a:
e5:c2:93:52:de:9a:89:a9:02:1e:3b:2c:a9:f2:e6:0b:00:6f:
99:3b:64:6b:c4:a0:9e:f5:98:d4:81:27:7d:d9:e9:86:97:b1:
0b:52:90:17:48:2b:07:dd:29:bf:20:30:27:96:7c:1b:e7:b7:
b2:f0:48:fa:d3:6e:c3:15:ce:8a:c9:a4:37:dd:08:c9:8e:60:
5e:7f:84:f0:2b:f6:41:67:72:f8:57:16:25:7b:39:b8:f1:f9:
21:ba:79:99:a9:b7:9f:17:17:97:06:37:8e:7f:27:ec:c9:87:
9f:34:a2:6f:fb:13:d7:6d:90:28:9d:25:59:0c:3f:c9:ca:53:
14:05:34:1c:aa:2d:38:29:f0:18:9b:6a:dc:42:75:22:38:32:
44:3c:5b:24:74:67:ec:58:f2:47:c4:97:47:c7:48:39:43:4d:
91:dc:07:f1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFAUWnbBElzA4tCQFd8i/kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmODdlMGFiMDMyYjBjMDVlYjVlNzRjYzJjMDg2OThkZDMy
NGQ5NjMwHhcNMjQwMTAxMTIzMDQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTZkMDJhNTk3ZDRhNzFkZWU1ZTYwYzMxYzhjNmNiNzVmZjNhMWMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApEUgCUoYGliSbCAOUymAq2jyZvyj
rLt/hxBeDtUFwgB3R8ZXmEW5E5GdbgoOgAhfi/b2je2isSsyaIGr6JfZhVSp7f+r
sbp9T4zYDBLB19uDOXIavgS/jivl3HsiGsB5ni1aK3ldblELpokEVpxeEU2NyRtC
5Zxh2RWMf26hw9+vq1u6SX8h/404b3wDiQbFcnT/RPkCHHSSUJyXVtax2TdLVjZM
Pkf4f/hR4mVAkWoMEXA9l8VZLFb3nDVjfBMAKonRhDnvo1YDX0DT0bVpIiiA/wfe
anibNsw606bf4t8Ie+FcKriS3rj3wDDmXNuVoGaikg8N/DT6rWCrBPLBwQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCFtAqWX1Kcd7l5gwxyMbLdf86HDMB8GA1UdIwQY
MBaAFP+H4KsDKwwF6150zCwIaY3TJNljMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzRmZ3F3TXJEQVhyWG5UTUxBaHBqZE1rMldNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy8xZGYxOGUtNmM0ZC00MzRiLThlMzEt
NzFlYjk1ZjUwZTViLzEvSVcwQ3BaZlVweDN1WG1EREhJeHN0MV96b2NNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy8xZGYxOGUtNmM0ZC00MzRiLThlMzEtNzFlYjk1ZjUwZTVi
LzEvXzRmZ3F3TXJEQVhyWG5UTUxBaHBqZE1rMldNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbXrFMA0G
CSqGSIb3DQEBCwUAA4IBAQCLX+GJHXa7ZvIvYBFjJGlz7nXC46L7Y4Y7/W/QO4q1
DZ0EdhrHRqlXXQfh0dD1kcTbMkBqXLkrngZLAShStx4YM+b9HYDSYTCKExCddov5
CtT5K3jnnxbQtHrlwpNS3pqJqQIeOyyp8uYLAG+ZO2RrxKCe9ZjUgSd92emGl7EL
UpAXSCsH3Sm/IDAnlnwb57ey8Ej6027DFc6KyaQ33QjJjmBef4TwK/ZBZ3L4VxYl
ezm48fkhunmZqbefFxeXBjeOfyfsyYefNKJv+xPXbZAonSVZDD/JylMUBTQcqi04
KfAYm2rcQnUiODJEPFskdGfsWPJHxJdHx0g5Q02R3Afx
-----END CERTIFICATE-----
Generated at Thu Jan 4 21:38:11 2024 by rpki-client on console-ams.rpki-client.org