Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/5ecfc2-da70-4333-8f96-5b87825c07ee/1/l9U2sNMtserA6rQ1kqPgj_nqrDw.roa
File: l9U2sNMtserA6rQ1kqPgj_nqrDw.roa (raw, json)
Hash identifier: +QTFjO09Eo74Wdd5Kcv0l4gke4DrpKyNmadwoS218nY=
Subject key identifier: 97:D5:36:B0:D3:2D:B1:EA:C0:EA:B4:35:92:A3:E0:8F:F9:EA:AC:3C
Certificate issuer: /CN=4456c14cd8724f9a909627b94e006cf69d12307b
Certificate serial: 018B9028D11D5A7F040C968EB12787ECB37D
Authority key identifier: 44:56:C1:4C:D8:72:4F:9A:90:96:27:B9:4E:00:6C:F6:9D:12:30:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RFbBTNhyT5qQlie5TgBs9p0SMHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/5ecfc2-da70-4333-8f96-5b87825c07ee/1/l9U2sNMtserA6rQ1kqPgj_nqrDw.roa
Signing time: Thu 02 Nov 2023 13:11:15 +0000
ROA not before: Thu 02 Nov 2023 13:11:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 30823
IP address blocks: 109.205.8.0/24 maxlen: 24
109.205.9.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 10:30:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:90:28:d1:1d:5a:7f:04:0c:96:8e:b1:27:87:ec:b3:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4456c14cd8724f9a909627b94e006cf69d12307b
Validity
Not Before: Nov 2 13:11:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=97d536b0d32db1eac0eab43592a3e08ff9eaac3c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:56:63:1d:b7:e4:c1:64:eb:8b:ed:42:f6:a5:
ce:96:25:0b:a7:00:19:44:9b:d8:de:a5:6c:f7:5e:
24:70:33:6e:74:3a:2f:3f:ba:45:50:25:31:cf:f1:
13:33:e4:91:10:57:d7:a8:dc:39:b4:15:62:4a:78:
cd:eb:cc:32:c6:af:43:80:1b:52:c0:d4:71:5d:8e:
c4:a6:97:25:51:1f:08:04:84:43:a0:df:a7:a6:1a:
6c:5e:b7:5b:52:31:57:86:62:1c:95:54:e3:c8:45:
c6:bd:85:83:31:64:76:1b:6a:a0:16:cd:d0:8b:b2:
99:76:78:ec:3a:ac:12:7f:9e:f9:35:06:bb:f8:5f:
69:bf:11:de:e2:ff:12:62:da:9a:5a:64:e0:68:06:
4e:61:9f:b9:f9:99:62:a5:35:52:c5:6b:a6:59:4f:
b2:bb:5c:2f:33:43:8d:70:b2:c7:55:2b:68:13:ce:
5d:6b:d1:58:3f:1f:3f:31:28:73:c3:be:74:7b:91:
fe:e8:47:da:f6:5b:6d:78:c3:f0:52:c9:21:cc:b1:
69:1c:0c:d0:41:f4:d5:8e:17:64:28:4d:01:8e:97:
ce:e9:8e:10:3b:88:35:97:8e:fc:fd:82:af:45:e2:
c2:40:1f:a6:29:77:d9:18:94:a3:72:dc:f4:31:7a:
37:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:D5:36:B0:D3:2D:B1:EA:C0:EA:B4:35:92:A3:E0:8F:F9:EA:AC:3C
X509v3 Authority Key Identifier:
keyid:44:56:C1:4C:D8:72:4F:9A:90:96:27:B9:4E:00:6C:F6:9D:12:30:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RFbBTNhyT5qQlie5TgBs9p0SMHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/5ecfc2-da70-4333-8f96-5b87825c07ee/1/l9U2sNMtserA6rQ1kqPgj_nqrDw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/5ecfc2-da70-4333-8f96-5b87825c07ee/1/RFbBTNhyT5qQlie5TgBs9p0SMHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.205.8.0/23
Signature Algorithm: sha256WithRSAEncryption
66:78:29:2b:aa:3e:d3:4e:07:5d:13:48:a6:21:a4:55:8f:cf:
89:af:ef:e2:58:21:30:de:6d:b8:28:48:6f:79:00:26:df:5c:
f6:b0:e3:46:fb:e1:fd:56:7e:17:15:51:70:f7:d8:8f:9d:08:
c5:9b:19:57:1e:3f:42:ec:79:68:6d:f0:e2:51:1b:a9:0c:ef:
8f:db:56:66:df:b9:fb:4b:1e:59:74:4f:71:07:c2:ea:40:54:
bd:ec:15:22:f3:b7:1b:7b:08:8e:26:7b:87:98:4e:70:22:ff:
d1:5a:36:9b:10:3f:52:e3:b6:45:1f:ca:60:31:c7:96:29:1e:
d7:4d:15:28:19:47:77:77:e9:83:d7:01:43:9f:73:93:5b:78:
c3:0c:28:9c:40:48:34:ae:e1:68:84:30:f2:70:ef:f3:65:1f:
72:71:6d:31:0d:e6:28:1b:ad:70:1d:6b:f7:40:6c:3e:c9:d6:
49:b4:e7:6f:81:38:3e:70:2c:08:40:51:d1:d8:51:d6:43:bf:
c1:a0:4c:31:57:77:39:da:b0:15:c5:04:f3:3c:7f:63:06:3e:
e4:c8:27:09:c1:5c:c6:bf:33:16:d6:bb:f4:b0:42:72:a2:a2:
15:99:7a:e4:70:d4:3c:8d:09:f6:fa:7f:a3:d8:c2:d1:70:92:
a8:6c:62:21
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYuQKNEdWn8EDJaOsSeH7LN9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0NTZjMTRjZDg3MjRmOWE5MDk2MjdiOTRlMDA2Y2Y2OWQx
MjMwN2IwHhcNMjMxMTAyMTMxMTE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5N2Q1MzZiMGQzMmRiMWVhYzBlYWI0MzU5MmEzZTA4ZmY5ZWFhYzNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl1ZjHbfkwWTri+1C9qXOliULpwAZ
RJvY3qVs914kcDNudDovP7pFUCUxz/ETM+SREFfXqNw5tBViSnjN68wyxq9DgBtS
wNRxXY7EppclUR8IBIRDoN+nphpsXrdbUjFXhmIclVTjyEXGvYWDMWR2G2qgFs3Q
i7KZdnjsOqwSf575NQa7+F9pvxHe4v8SYtqaWmTgaAZOYZ+5+ZlipTVSxWumWU+y
u1wvM0ONcLLHVStoE85da9FYPx8/MShzw750e5H+6Efa9ltteMPwUskhzLFpHAzQ
QfTVjhdkKE0BjpfO6Y4QO4g1l478/YKvReLCQB+mKXfZGJSjctz0MXo3AQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJfVNrDTLbHqwOq0NZKj4I/56qw8MB8GA1UdIwQY
MBaAFERWwUzYck+akJYnuU4AbPadEjB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkZiQlROaHlUNXFRbGllNVRnQnM5cDBTTUhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS81ZWNmYzItZGE3MC00MzMzLThmOTYt
NWI4NzgyNWMwN2VlLzEvbDlVMnNOTXRzZXJBNnJRMWtxUGdqX25xckR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS81ZWNmYzItZGE3MC00MzMzLThmOTYtNWI4NzgyNWMwN2Vl
LzEvUkZiQlROaHlUNXFRbGllNVRnQnM5cDBTTUhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBbc0IMA0G
CSqGSIb3DQEBCwUAA4IBAQBmeCkrqj7TTgddE0imIaRVj8+Jr+/iWCEw3m24KEhv
eQAm31z2sONG++H9Vn4XFVFw99iPnQjFmxlXHj9C7HlobfDiURupDO+P21Zm37n7
Sx5ZdE9xB8LqQFS97BUi87cbewiOJnuHmE5wIv/RWjabED9S47ZFH8pgMceWKR7X
TRUoGUd3d+mD1wFDn3OTW3jDDCicQEg0ruFohDDycO/zZR9ycW0xDeYoG61wHWv3
QGw+ydZJtOdvgTg+cCwIQFHR2FHWQ7/BoEwxV3c52rAVxQTzPH9jBj7kyCcJwVzG
vzMW1rv0sEJyoqIVmXrkcNQ8jQn2+n+j2MLRcJKobGIh
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:31 2024 by rpki-client on console-ams.rpki-client.org