Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/3e2b18-55c9-4180-8c6e-2c7086fded93/1/kOsiW_C2eyrPm7_33pbX3ZqLAFI.roa
File: kOsiW_C2eyrPm7_33pbX3ZqLAFI.roa (raw, json)
Hash identifier: 2kkTKKkEWSt18P3eTnAPXdaNG5HKglt3c33+wjHsi5k=
Subject key identifier: 90:EB:22:5B:F0:B6:7B:2A:CF:9B:BF:F7:DE:96:D7:DD:9A:8B:00:52
Certificate issuer: /CN=088465b37b2d4e9f413a31dc7b7e6cba2a33db96
Certificate serial: 018C68B11AAA62FFA8D00C1C25340A94C064
Authority key identifier: 08:84:65:B3:7B:2D:4E:9F:41:3A:31:DC:7B:7E:6C:BA:2A:33:DB:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIRls3stTp9BOjHce35suioz25Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/3e2b18-55c9-4180-8c6e-2c7086fded93/1/kOsiW_C2eyrPm7_33pbX3ZqLAFI.roa
Signing time: Thu 14 Dec 2023 14:18:06 +0000
ROA not before: Thu 14 Dec 2023 14:18:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34661
IP address blocks: 109.122.0.0/20 maxlen: 20
109.122.16.0/20 maxlen: 20
109.122.32.0/22 maxlen: 22
109.122.36.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:68:b1:1a:aa:62:ff:a8:d0:0c:1c:25:34:0a:94:c0:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=088465b37b2d4e9f413a31dc7b7e6cba2a33db96
Validity
Not Before: Dec 14 14:18:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=90eb225bf0b67b2acf9bbff7de96d7dd9a8b0052
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:3f:45:4f:eb:05:08:6a:e2:c8:d4:44:f7:56:
68:03:6a:97:63:32:da:bc:cb:e4:f6:4b:37:94:9c:
10:13:98:d4:61:78:d7:89:34:b9:6d:e6:5f:ad:08:
f3:7d:76:78:81:f1:f6:0a:df:6a:4c:f4:ca:29:6e:
c0:05:61:e8:ee:ec:86:92:8c:52:7f:71:e1:f0:be:
da:2b:0a:22:81:83:ca:32:a3:ae:09:e9:c6:fe:dd:
ac:db:57:cf:8c:13:af:3a:a9:99:85:38:d2:b5:28:
a5:86:9d:a8:dd:2a:b4:f9:00:8a:85:3c:03:5e:83:
aa:66:26:de:89:be:a5:1b:47:05:d2:7c:4d:18:07:
c0:37:a6:d0:07:5c:4b:ac:00:0e:0e:bf:96:2a:59:
f0:ad:e6:d5:fb:9e:3b:10:6c:fb:cf:f9:ae:9d:cc:
8e:cc:26:0f:46:ba:76:5c:27:44:dd:b2:14:5d:df:
d0:7b:80:10:95:5e:09:b6:3c:9d:18:67:c7:0b:93:
73:96:d4:99:cf:d0:f1:34:55:86:89:df:5c:48:b2:
bb:bf:84:81:27:1b:c2:f9:07:9f:e8:96:2f:34:0f:
dd:73:36:52:b0:8a:f4:6c:6e:53:44:7e:95:66:3f:
73:49:27:7c:94:da:34:c7:51:ad:6b:e4:be:6a:de:
d2:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:EB:22:5B:F0:B6:7B:2A:CF:9B:BF:F7:DE:96:D7:DD:9A:8B:00:52
X509v3 Authority Key Identifier:
keyid:08:84:65:B3:7B:2D:4E:9F:41:3A:31:DC:7B:7E:6C:BA:2A:33:DB:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRls3stTp9BOjHce35suioz25Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/3e2b18-55c9-4180-8c6e-2c7086fded93/1/kOsiW_C2eyrPm7_33pbX3ZqLAFI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/3e2b18-55c9-4180-8c6e-2c7086fded93/1/CIRls3stTp9BOjHce35suioz25Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.122.0.0-109.122.39.255
Signature Algorithm: sha256WithRSAEncryption
46:b2:d0:4b:eb:62:2a:e6:fd:0d:43:f1:08:e3:59:c2:e0:9c:
1b:4e:ed:7c:18:04:59:27:09:b0:f7:39:72:bb:b9:b8:10:c1:
eb:77:1d:a1:e3:d8:3b:cc:58:ff:bd:ff:c9:52:8f:38:28:c8:
26:1d:a9:24:b2:dc:5f:a9:09:a2:4e:19:e5:ad:53:a7:8a:35:
b1:bb:1f:b7:b4:16:0b:99:43:dd:34:f0:58:dd:ce:ab:50:20:
95:89:56:b9:e4:d5:21:37:cf:2e:26:67:d0:4c:6e:41:a9:25:
0b:60:64:4d:29:61:b2:f7:5a:27:db:bf:a9:b4:f3:35:13:de:
0b:43:86:50:19:99:66:c4:40:21:22:9a:a7:1c:16:d5:44:48:
58:3f:e8:3f:e1:22:49:4c:e5:fe:65:0b:46:2c:6e:8a:80:47:
c3:b7:d6:5d:d5:e9:08:1d:68:e2:1d:74:f3:e6:fb:ce:5f:61:
04:d3:4d:f0:43:26:81:44:aa:29:6e:95:73:53:11:67:9e:f1:
5b:10:79:20:dd:ad:5b:58:8f:61:c6:6a:cc:ac:22:60:a6:40:
21:83:34:e3:34:bc:67:a3:6c:71:83:56:15:b3:95:29:3a:d0:
6b:ff:20:c9:2c:95:aa:3a:f0:da:11:29:ae:71:b8:e9:d0:0f:
7c:e1:c8:40
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAYxosRqqYv+o0AwcJTQKlMBkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4ODQ2NWIzN2IyZDRlOWY0MTNhMzFkYzdiN2U2Y2JhMmEz
M2RiOTYwHhcNMjMxMjE0MTQxODA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MGViMjI1YmYwYjY3YjJhY2Y5YmJmZjdkZTk2ZDdkZDlhOGIwMDUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0T9FT+sFCGriyNRE91ZoA2qXYzLa
vMvk9ks3lJwQE5jUYXjXiTS5beZfrQjzfXZ4gfH2Ct9qTPTKKW7ABWHo7uyGkoxS
f3Hh8L7aKwoigYPKMqOuCenG/t2s21fPjBOvOqmZhTjStSilhp2o3Sq0+QCKhTwD
XoOqZibeib6lG0cF0nxNGAfAN6bQB1xLrAAODr+WKlnwrebV+547EGz7z/muncyO
zCYPRrp2XCdE3bIUXd/Qe4AQlV4JtjydGGfHC5NzltSZz9DxNFWGid9cSLK7v4SB
JxvC+Qef6JYvNA/dczZSsIr0bG5TRH6VZj9zSSd8lNo0x1Gta+S+at7SDwIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFJDrIlvwtnsqz5u/996W192aiwBSMB8GA1UdIwQY
MBaAFAiEZbN7LU6fQTox3Ht+bLoqM9uWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0lSbHMzc3RUcDlCT2pIY2UzNXN1aW96MjVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC8zZTJiMTgtNTVjOS00MTgwLThjNmUt
MmM3MDg2ZmRlZDkzLzEva09zaVdfQzJleXJQbTdfMzNwYlgzWnFMQUZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC8zZTJiMTgtNTVjOS00MTgwLThjNmUtMmM3MDg2ZmRlZDkz
LzEvQ0lSbHMzc3RUcDlCT2pIY2UzNXN1aW96MjVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCYGCCsGAQUFBwEHAQH/BBcwFTATBAIAATANMAsDAwFtegME
A216IDANBgkqhkiG9w0BAQsFAAOCAQEARrLQS+tiKub9DUPxCONZwuCcG07tfBgE
WScJsPc5cru5uBDB63cdoePYO8xY/73/yVKPOCjIJh2pJLLcX6kJok4Z5a1Tp4o1
sbsft7QWC5lD3TTwWN3Oq1AglYlWueTVITfPLiZn0ExuQaklC2BkTSlhsvdaJ9u/
qbTzNRPeC0OGUBmZZsRAISKapxwW1URIWD/oP+EiSUzl/mULRixuioBHw7fWXdXp
CB1o4h108+b7zl9hBNNN8EMmgUSqKW6Vc1MRZ57xWxB5IN2tW1iPYcZqzKwiYKZA
IYM04zS8Z6NscYNWFbOVKTrQa/8gySyVqjrw2hEprnG46dAPfOHIQA==
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:02:36 2024 by rpki-client on console-ams.rpki-client.org