Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/JHHbiaqOH3BHiVxu4DACX5XH79M.roa
File: JHHbiaqOH3BHiVxu4DACX5XH79M.roa (raw, json)
Hash identifier: nCDdqTPPoPn63Ih1yfl18z4DLYm+B/xxrM4iX+1AkJ4=
Subject key identifier: 24:71:DB:89:AA:8E:1F:70:47:89:5C:6E:E0:30:02:5F:95:C7:EF:D3
Certificate issuer: /CN=ff87e0ab032b0c05eb5e74cc2c08698dd324d963
Certificate serial: 018B434C2CCF3F66ADF6C2E1FE77BB9F287D
Authority key identifier: FF:87:E0:AB:03:2B:0C:05:EB:5E:74:CC:2C:08:69:8D:D3:24:D9:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_4fgqwMrDAXrXnTMLAhpjdMk2WM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/JHHbiaqOH3BHiVxu4DACX5XH79M.roa
Signing time: Wed 18 Oct 2023 14:59:07 +0000
ROA not before: Wed 18 Oct 2023 14:59:07 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49999
IP address blocks: 109.122.192.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:43:4c:2c:cf:3f:66:ad:f6:c2:e1:fe:77:bb:9f:28:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff87e0ab032b0c05eb5e74cc2c08698dd324d963
Validity
Not Before: Oct 18 14:59:07 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2471db89aa8e1f7047895c6ee030025f95c7efd3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:97:31:46:e6:f6:1a:81:7e:b7:7b:d6:c3:6a:
e9:78:02:69:19:db:74:d4:6a:6d:fb:1f:7c:a1:55:
51:a1:ee:17:25:d5:7e:57:57:30:dc:64:01:20:73:
c1:2b:58:7e:36:ce:5f:48:19:bc:f0:24:64:8b:b6:
25:c4:dd:17:76:82:83:1e:ac:83:4c:62:1b:dd:78:
4b:ec:ed:67:60:27:dd:0d:ce:9f:19:18:2f:94:b0:
70:0a:e2:1e:a7:8b:8b:c6:65:f3:da:05:2e:18:28:
3c:fc:b5:81:ec:15:f0:85:fd:af:e3:69:1f:e7:41:
de:41:69:4b:86:ff:52:bd:a4:80:20:0c:b7:7a:d9:
c9:ba:17:54:ef:31:09:68:60:99:8f:54:48:8c:04:
19:c7:6e:71:c8:87:d0:65:bb:60:91:07:4b:b9:95:
e3:43:4b:8d:10:16:40:bf:90:17:e2:f3:9e:fc:3c:
fc:28:8c:99:3b:44:f7:4f:3c:65:69:2c:9a:f5:e0:
b2:d1:01:00:57:f9:1c:f3:7d:d4:50:a0:61:07:7e:
4c:41:b9:a5:9f:20:fd:06:3a:ca:fe:64:a6:c7:1f:
c3:e7:51:3d:a7:9e:35:05:6b:40:8c:f2:15:9f:70:
0b:cc:58:a0:01:fe:74:33:76:82:bd:b2:f7:db:8a:
bd:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:71:DB:89:AA:8E:1F:70:47:89:5C:6E:E0:30:02:5F:95:C7:EF:D3
X509v3 Authority Key Identifier:
keyid:FF:87:E0:AB:03:2B:0C:05:EB:5E:74:CC:2C:08:69:8D:D3:24:D9:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_4fgqwMrDAXrXnTMLAhpjdMk2WM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/JHHbiaqOH3BHiVxu4DACX5XH79M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/_4fgqwMrDAXrXnTMLAhpjdMk2WM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.122.192.0/24
Signature Algorithm: sha256WithRSAEncryption
38:29:e5:22:6e:90:8f:ad:0b:db:73:8e:61:86:a0:7f:64:33:
de:7c:e3:ab:c6:8f:6e:c6:c2:f6:51:b7:00:3a:c8:f9:ef:0e:
3b:c7:f0:8e:16:c2:72:15:0e:81:be:36:82:53:72:a3:32:a6:
4c:97:67:9a:1f:27:c1:8c:12:7d:01:fc:b6:0b:51:22:ce:b9:
b8:54:7a:29:3e:5f:a0:7e:37:fb:c9:e0:02:31:3e:61:68:c8:
6a:6d:57:35:11:84:98:38:7b:b3:35:7a:41:cb:9d:7d:ec:3b:
5b:ca:61:43:33:8c:eb:0d:74:b3:da:c6:07:34:9a:85:6d:6e:
52:dd:e8:ac:e8:8a:57:7b:30:ec:dc:97:37:35:9e:55:16:48:
66:f5:3f:5e:0d:f3:78:fa:fa:9c:12:d2:41:7a:cc:c3:f8:4b:
b3:8e:a6:ac:60:53:75:14:c7:dc:84:6f:df:22:72:ee:c3:75:
32:51:4e:01:1a:e5:47:d9:83:fa:d8:1a:8c:65:a2:e4:bc:d5:
91:c0:1a:7e:68:4f:30:0f:b8:3b:e4:06:5e:82:54:21:c0:af:
4c:2b:af:96:ae:f5:af:d3:e7:71:b4:e6:b6:f3:9a:19:61:25:
6e:26:0d:99:6d:ed:84:d8:ab:89:8c:da:54:8e:5f:2d:ce:cf:
f6:27:f0:c4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYtDTCzPP2at9sLh/ne7nyh9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmODdlMGFiMDMyYjBjMDVlYjVlNzRjYzJjMDg2OThkZDMy
NGQ5NjMwHhcNMjMxMDE4MTQ1OTA3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNDcxZGI4OWFhOGUxZjcwNDc4OTVjNmVlMDMwMDI1Zjk1YzdlZmQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA15cxRub2GoF+t3vWw2rpeAJpGdt0
1Gpt+x98oVVRoe4XJdV+V1cw3GQBIHPBK1h+Ns5fSBm88CRki7YlxN0XdoKDHqyD
TGIb3XhL7O1nYCfdDc6fGRgvlLBwCuIep4uLxmXz2gUuGCg8/LWB7BXwhf2v42kf
50HeQWlLhv9SvaSAIAy3etnJuhdU7zEJaGCZj1RIjAQZx25xyIfQZbtgkQdLuZXj
Q0uNEBZAv5AX4vOe/Dz8KIyZO0T3TzxlaSya9eCy0QEAV/kc833UUKBhB35MQbml
nyD9BjrK/mSmxx/D51E9p541BWtAjPIVn3ALzFigAf50M3aCvbL324q9pwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCRx24mqjh9wR4lcbuAwAl+Vx+/TMB8GA1UdIwQY
MBaAFP+H4KsDKwwF6150zCwIaY3TJNljMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzRmZ3F3TXJEQVhyWG5UTUxBaHBqZE1rMldNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy8xZGYxOGUtNmM0ZC00MzRiLThlMzEt
NzFlYjk1ZjUwZTViLzEvSkhIYmlhcU9IM0JIaVZ4dTREQUNYNVhINzlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy8xZGYxOGUtNmM0ZC00MzRiLThlMzEtNzFlYjk1ZjUwZTVi
LzEvXzRmZ3F3TXJEQVhyWG5UTUxBaHBqZE1rMldNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbXrAMA0G
CSqGSIb3DQEBCwUAA4IBAQA4KeUibpCPrQvbc45hhqB/ZDPefOOrxo9uxsL2UbcA
Osj57w47x/COFsJyFQ6BvjaCU3KjMqZMl2eaHyfBjBJ9Afy2C1Eizrm4VHopPl+g
fjf7yeACMT5haMhqbVc1EYSYOHuzNXpBy5197DtbymFDM4zrDXSz2sYHNJqFbW5S
3eis6IpXezDs3Jc3NZ5VFkhm9T9eDfN4+vqcEtJBeszD+EuzjqasYFN1FMfchG/f
InLuw3UyUU4BGuVH2YP62BqMZaLkvNWRwBp+aE8wD7g75AZeglQhwK9MK6+WrvWv
0+dxtOa285oZYSVuJg2Zbe2E2KuJjNpUjl8tzs/2J/DE
-----END CERTIFICATE-----
Generated at Fri Oct 27 19:40:21 2023 by rpki-client on console-fra.rpki-client.org