Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/3ed00a-15ee-4664-a7f1-a1b96b9b70f8/1/3X9RH6aMVwd57xxGwSGMoj901WQ.roa
File: 3X9RH6aMVwd57xxGwSGMoj901WQ.roa (raw, json)
Hash identifier: rhmp71MhKhzgyJXAVBBAl9quthQJX7CWMBHw5DCQH2k=
Subject key identifier: DD:7F:51:1F:A6:8C:57:07:79:EF:1C:46:C1:21:8C:A2:3F:74:D5:64
Certificate issuer: /CN=88add9b671f7a36eb2367e34fee4bcb13b8f66cc
Certificate serial: 018570CBE9852E97ED980C0A2D43407279DB
Authority key identifier: 88:AD:D9:B6:71:F7:A3:6E:B2:36:7E:34:FE:E4:BC:B1:3B:8F:66:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iK3ZtnH3o26yNn40_uS8sTuPZsw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/3ed00a-15ee-4664-a7f1-a1b96b9b70f8/1/3X9RH6aMVwd57xxGwSGMoj901WQ.roa
Signing time: Mon 02 Jan 2023 04:44:49 +0000
ROA not before: Mon 02 Jan 2023 04:44:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59993
IP address blocks: 109.197.209.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:30:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:cb:e9:85:2e:97:ed:98:0c:0a:2d:43:40:72:79:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88add9b671f7a36eb2367e34fee4bcb13b8f66cc
Validity
Not Before: Jan 2 04:44:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dd7f511fa68c570779ef1c46c1218ca23f74d564
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:c9:9a:bc:05:de:d4:87:44:44:1d:68:d1:48:
6c:ba:ef:e4:20:9a:4a:3e:6a:b2:6c:2a:f0:aa:54:
51:a5:c6:2f:4a:6c:01:3a:9c:50:5f:7e:00:f7:6f:
f9:d4:c3:cc:a0:07:ce:1e:8f:8e:25:ad:10:2f:07:
55:99:45:b9:cf:b0:1a:3f:e4:a3:1e:41:be:c1:13:
a2:23:49:70:b5:90:2a:2e:0c:e2:3c:07:42:26:5f:
75:de:d0:40:f9:b9:32:1c:56:e5:ac:31:7e:21:dc:
ae:03:5e:06:ce:c6:b6:19:95:14:82:8d:44:64:35:
76:87:c5:2e:5c:55:cf:93:47:8f:ec:0e:dc:77:cb:
e1:0f:0b:d3:4e:05:32:97:a6:30:c6:f4:4c:69:21:
94:0e:47:d3:d1:28:c4:a3:0b:c1:6c:e7:96:b9:a1:
01:0c:e6:c9:1b:72:d2:20:cd:8a:eb:28:e4:4a:54:
69:97:4d:60:be:74:b5:4a:05:ec:96:39:39:a9:90:
6b:1a:b3:6a:a7:86:7e:ae:aa:dd:a9:94:95:b6:e4:
61:11:7d:f0:7c:a9:27:f3:2b:41:67:4b:91:97:84:
71:90:0e:37:dd:b9:ae:a6:02:e1:b8:f5:d8:42:62:
03:16:89:dd:aa:65:bd:91:ce:bd:85:ca:05:a9:c4:
f4:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:7F:51:1F:A6:8C:57:07:79:EF:1C:46:C1:21:8C:A2:3F:74:D5:64
X509v3 Authority Key Identifier:
keyid:88:AD:D9:B6:71:F7:A3:6E:B2:36:7E:34:FE:E4:BC:B1:3B:8F:66:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iK3ZtnH3o26yNn40_uS8sTuPZsw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/3ed00a-15ee-4664-a7f1-a1b96b9b70f8/1/3X9RH6aMVwd57xxGwSGMoj901WQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/3ed00a-15ee-4664-a7f1-a1b96b9b70f8/1/iK3ZtnH3o26yNn40_uS8sTuPZsw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.197.209.0/24
Signature Algorithm: sha256WithRSAEncryption
23:6e:50:b3:1b:07:2b:bf:06:24:9b:1a:0e:0b:08:95:4f:a3:
8e:14:6a:49:1c:0b:b8:ad:df:6d:9f:d3:21:db:d6:44:a3:04:
ad:bd:33:aa:75:e7:5b:bc:ed:bf:a7:ad:c3:e3:b9:08:a8:d6:
2c:da:10:0a:7e:16:01:98:10:04:2f:c4:4b:5a:95:f4:db:9f:
9a:1d:e8:53:7c:e6:10:8f:cd:22:7c:96:13:e8:cd:a4:8a:5b:
61:af:ad:93:25:57:30:c3:ce:f3:67:33:9c:52:f5:c2:80:6c:
24:e2:71:e8:1a:53:a5:36:c2:cd:1c:b7:c7:14:35:a7:83:f8:
22:48:cb:d5:6f:63:e0:91:78:90:3b:05:f7:5b:1f:95:79:4b:
25:4f:63:21:66:37:45:fb:60:7d:00:c9:ee:4e:0a:4b:78:0e:
3b:e2:01:37:fb:91:70:91:ed:af:17:5e:36:a2:40:dd:a1:0b:
d1:94:b2:62:4e:cd:a3:09:e3:e0:5b:55:91:fb:01:18:b0:e0:
00:7a:af:93:fa:dc:1f:c0:f9:3d:88:69:97:db:51:b8:c1:91:
55:65:3c:48:3d:73:63:f7:83:28:cb:89:02:a3:e1:b7:56:27:
2a:cb:2f:56:c6:a2:3f:d0:c3:12:97:28:30:37:95:46:de:dd:
c7:d0:f2:e5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwy+mFLpftmAwKLUNAcnnbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4YWRkOWI2NzFmN2EzNmViMjM2N2UzNGZlZTRiY2IxM2I4
ZjY2Y2MwHhcNMjMwMTAyMDQ0NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDdmNTExZmE2OGM1NzA3NzllZjFjNDZjMTIxOGNhMjNmNzRkNTY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkcmavAXe1IdERB1o0Uhsuu/kIJpK
PmqybCrwqlRRpcYvSmwBOpxQX34A92/51MPMoAfOHo+OJa0QLwdVmUW5z7AaP+Sj
HkG+wROiI0lwtZAqLgziPAdCJl913tBA+bkyHFblrDF+IdyuA14Gzsa2GZUUgo1E
ZDV2h8UuXFXPk0eP7A7cd8vhDwvTTgUyl6YwxvRMaSGUDkfT0SjEowvBbOeWuaEB
DObJG3LSIM2K6yjkSlRpl01gvnS1SgXsljk5qZBrGrNqp4Z+rqrdqZSVtuRhEX3w
fKkn8ytBZ0uRl4RxkA433bmupgLhuPXYQmIDFondqmW9kc69hcoFqcT0IwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN1/UR+mjFcHee8cRsEhjKI/dNVkMB8GA1UdIwQY
MBaAFIit2bZx96NusjZ+NP7kvLE7j2bMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUszWnRuSDNvMjZ5Tm40MF91UzhzVHVQWnN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy8zZWQwMGEtMTVlZS00NjY0LWE3ZjEt
YTFiOTZiOWI3MGY4LzEvM1g5Ukg2YU1Wd2Q1N3h4R3dTR01vajkwMVdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy8zZWQwMGEtMTVlZS00NjY0LWE3ZjEtYTFiOTZiOWI3MGY4
LzEvaUszWnRuSDNvMjZ5Tm40MF91UzhzVHVQWnN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbcXRMA0G
CSqGSIb3DQEBCwUAA4IBAQAjblCzGwcrvwYkmxoOCwiVT6OOFGpJHAu4rd9tn9Mh
29ZEowStvTOqdedbvO2/p63D47kIqNYs2hAKfhYBmBAEL8RLWpX025+aHehTfOYQ
j80ifJYT6M2kilthr62TJVcww87zZzOcUvXCgGwk4nHoGlOlNsLNHLfHFDWng/gi
SMvVb2PgkXiQOwX3Wx+VeUslT2MhZjdF+2B9AMnuTgpLeA474gE3+5Fwke2vF142
okDdoQvRlLJiTs2jCePgW1WR+wEYsOAAeq+T+twfwPk9iGmX21G4wZFVZTxIPXNj
94Moy4kCo+G3Vicqyy9WxqI/0MMSlygwN5VG3t3H0PLl
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:49 2024 by rpki-client on console-fra.rpki-client.org