Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/1qAohas2w2KirrW-joyJZnirBOU.roa
File: 1qAohas2w2KirrW-joyJZnirBOU.roa (raw, json)
Hash identifier: 5ilbig1u2IB6FfgEfJP9rRKS9fMy/TXB9c/hF4HCWho=
Subject key identifier: D6:A0:28:85:AB:36:C3:62:A2:AE:B5:BE:8E:8C:89:66:78:AB:04:E5
Certificate issuer: /CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Certificate serial: 01872CB0AF62B6BBA0FA4ED04AE1850BC40D
Authority key identifier: 6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/1qAohas2w2KirrW-joyJZnirBOU.roa
Signing time: Wed 29 Mar 2023 09:26:29 +0000
ROA not before: Wed 29 Mar 2023 09:26:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49999
IP address blocks: 109.121.38.0/24 maxlen: 24
188.255.135.0/24 maxlen: 24
188.255.134.0/24 maxlen: 24
109.233.185.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 19 Apr 2023 10:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:2c:b0:af:62:b6:bb:a0:fa:4e:d0:4a:e1:85:0b:c4:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Validity
Not Before: Mar 29 09:26:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d6a02885ab36c362a2aeb5be8e8c896678ab04e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:f3:03:53:53:bf:1c:03:fd:10:14:ab:b9:b9:
f4:de:d0:dd:e4:b4:af:bb:e2:7c:45:77:9a:e8:e5:
20:e7:49:30:8a:d2:3a:00:8e:dc:78:c6:34:ef:47:
f3:9b:71:ec:9d:f2:61:a0:a1:b8:95:07:de:5b:df:
63:5b:73:a9:46:4e:6a:fb:40:5d:19:de:40:79:68:
ba:55:f9:da:74:74:d1:2b:8c:29:e9:1a:e0:8f:3f:
f2:b5:c7:be:2e:c6:2e:c7:1d:ed:26:59:6d:26:c0:
23:8e:2a:ee:fc:1b:08:98:61:17:b8:0b:d8:c4:c7:
9d:a5:fe:2c:0d:ad:7b:43:f7:40:2f:f4:fc:d1:c2:
dc:89:51:c7:59:c0:cc:19:73:ce:a7:88:92:b4:90:
a2:cb:a1:e5:fd:5d:3b:50:64:cd:7d:61:49:7d:c3:
85:93:39:de:a5:70:6e:8b:6f:fb:6b:63:bd:fa:83:
dd:58:19:f1:9a:97:40:3b:b1:2e:b0:27:77:2f:38:
23:8d:d5:c8:90:b6:7c:b6:91:20:c2:17:09:15:d2:
19:33:95:96:2e:5b:d1:30:5a:59:85:47:94:36:aa:
71:63:13:37:bd:af:bd:e3:e4:f0:64:22:4f:67:c1:
ae:40:66:66:55:d4:84:4f:4a:1c:d4:93:85:3d:50:
e7:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:A0:28:85:AB:36:C3:62:A2:AE:B5:BE:8E:8C:89:66:78:AB:04:E5
X509v3 Authority Key Identifier:
keyid:6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/1qAohas2w2KirrW-joyJZnirBOU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.121.38.0/24
109.233.185.0/24
188.255.134.0/23
Signature Algorithm: sha256WithRSAEncryption
31:93:c9:4a:3e:be:06:30:b6:e1:66:89:8b:ab:01:f8:1d:96:
61:83:6c:27:7d:17:be:27:cc:78:76:d3:d9:34:b3:6e:47:c8:
5d:9e:bf:40:20:06:25:42:d8:b3:74:cf:01:2c:16:ad:e1:02:
4e:5f:80:f2:e2:ca:07:1f:6f:8a:cd:fa:d3:10:76:68:ab:eb:
6f:1c:a5:53:cb:ff:c4:d0:a2:8f:42:84:df:ec:9d:ef:2e:a6:
47:50:a0:cb:2f:fb:46:fd:77:8e:b8:6b:b1:1d:54:9b:23:11:
06:c3:d6:37:b6:41:ca:91:a4:35:05:b2:fd:6a:61:02:14:3a:
be:48:f1:b6:c5:ef:0e:35:02:fb:63:4d:71:15:70:a6:60:d3:
33:87:1b:14:43:af:9a:12:d1:9f:35:72:93:d9:74:b3:a5:03:
c7:87:f4:c3:dc:89:64:eb:32:5b:b8:0d:5c:cd:e8:bf:80:4b:
d1:c7:ef:13:54:68:15:c6:53:43:96:1c:f8:c6:aa:dc:9b:42:
20:39:3d:67:7c:da:00:58:95:31:5c:98:f1:0f:10:7d:d2:99:
77:f2:d6:7e:9e:76:a6:7b:e1:fb:e8:1e:22:c7:45:e4:bf:7e:
eb:1b:76:8f:ec:18:19:8e:d4:bc:ea:d5:e3:46:c4:c1:c6:a7:
bd:30:6b:68
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYcssK9itrug+k7QSuGFC8QNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmODRlNDczOGE3MGVhMzljMDhjZWYyMTA0MzJhZTM5OWVj
N2U5MTUwHhcNMjMwMzI5MDkyNjI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNmEwMjg4NWFiMzZjMzYyYTJhZWI1YmU4ZThjODk2Njc4YWIwNGU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnvMDU1O/HAP9EBSrubn03tDd5LSv
u+J8RXea6OUg50kwitI6AI7ceMY070fzm3HsnfJhoKG4lQfeW99jW3OpRk5q+0Bd
Gd5AeWi6VfnadHTRK4wp6Rrgjz/ytce+LsYuxx3tJlltJsAjjiru/BsImGEXuAvY
xMedpf4sDa17Q/dAL/T80cLciVHHWcDMGXPOp4iStJCiy6Hl/V07UGTNfWFJfcOF
kznepXBui2/7a2O9+oPdWBnxmpdAO7EusCd3LzgjjdXIkLZ8tpEgwhcJFdIZM5WW
LlvRMFpZhUeUNqpxYxM3va+94+TwZCJPZ8GuQGZmVdSET0oc1JOFPVDnTwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNagKIWrNsNioq61vo6MiWZ4qwTlMB8GA1UdIwQY
MBaAFG+E5HOKcOo5wIzvIQQyrjmex+kVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYt
ZmFlNWRiZWQzYjFiLzEvMXFBb2hhczJ3MktpcnJXLWpveUpabmlyQk9VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYtZmFlNWRiZWQzYjFi
LzEvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAbXkmAwQA
bem5AwQBvP+GMA0GCSqGSIb3DQEBCwUAA4IBAQAxk8lKPr4GMLbhZomLqwH4HZZh
g2wnfRe+J8x4dtPZNLNuR8hdnr9AIAYlQtizdM8BLBat4QJOX4Dy4soHH2+KzfrT
EHZoq+tvHKVTy//E0KKPQoTf7J3vLqZHUKDLL/tG/XeOuGuxHVSbIxEGw9Y3tkHK
kaQ1BbL9amECFDq+SPG2xe8ONQL7Y01xFXCmYNMzhxsUQ6+aEtGfNXKT2XSzpQPH
h/TD3Ilk6zJbuA1czei/gEvRx+8TVGgVxlNDlhz4xqrcm0IgOT1nfNoAWJUxXJjx
DxB90pl38tZ+nname+H76B4ix0Xkv37rG3aP7BgZjtS86tXjRsTBxqe9MGto
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:03 2024 by rpki-client on console-ams.rpki-client.org