Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/61VYh-duHVMSiaVEquL-isjKrAk.roa
File: 61VYh-duHVMSiaVEquL-isjKrAk.roa (raw, json)
Hash identifier: OZn93MWLGov6A5Nj7bSHe0ymY98Mf0cqWX3JyTdLbIk=
Subject key identifier: EB:55:58:87:E7:6E:1D:53:12:89:A5:44:AA:E2:FE:8A:C8:CA:AC:09
Certificate issuer: /CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Certificate serial: 01856D8ADB55E0B0A96B6C2226A5EBA3269E
Authority key identifier: 6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/61VYh-duHVMSiaVEquL-isjKrAk.roa
Signing time: Sun 01 Jan 2023 13:34:54 +0000
ROA not before: Sun 01 Jan 2023 13:34:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211584
IP address blocks: 109.111.52.0/22 maxlen: 24
109.111.60.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 30 Jan 2023 09:02:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:8a:db:55:e0:b0:a9:6b:6c:22:26:a5:eb:a3:26:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Validity
Not Before: Jan 1 13:34:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=eb555887e76e1d531289a544aae2fe8ac8caac09
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:87:6f:93:55:34:4b:cd:49:55:65:d7:b8:59:
60:3b:cf:44:73:e5:53:60:b4:fb:d4:3e:8b:ca:a1:
ce:67:39:13:27:04:22:ef:e3:98:47:d7:cb:fd:db:
29:a2:65:a7:f4:b8:2f:4f:d4:ce:8a:0f:87:e1:3c:
13:77:ae:cc:b5:a1:cb:4f:0c:e5:b3:d0:1e:6e:6d:
d9:5c:56:12:4a:00:4f:92:70:ab:e2:f8:8d:73:b2:
75:3f:c3:a7:08:74:4d:c2:0f:2f:ba:29:2c:cf:57:
25:36:dd:3e:ec:f9:0a:25:49:98:8b:44:63:09:55:
ba:f8:28:55:87:c9:b3:c9:85:f0:b9:b5:29:b5:7c:
af:80:94:b9:a7:8e:d2:89:32:cd:2f:f5:fb:1a:48:
5f:92:05:f9:98:f6:b3:80:93:ed:a6:b5:56:c0:b4:
9c:9d:2f:d3:fe:4e:29:14:56:25:1b:fa:6a:68:01:
ff:ba:76:a3:f0:38:9c:d1:2e:7d:78:0e:02:09:85:
3c:b6:0c:05:46:36:56:cf:d7:c9:71:a9:b7:dd:66:
13:3b:dd:f3:3c:86:43:e7:a7:33:67:74:f7:19:7d:
cb:34:2b:bb:cf:87:c5:31:f1:76:7a:a0:c6:18:87:
5d:46:ec:76:3e:8a:57:9f:5d:91:69:e2:7d:eb:f3:
5c:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:55:58:87:E7:6E:1D:53:12:89:A5:44:AA:E2:FE:8A:C8:CA:AC:09
X509v3 Authority Key Identifier:
keyid:6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/61VYh-duHVMSiaVEquL-isjKrAk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/b3Xk6Utct0UXt7AVaAFdqebuzbY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.111.52.0/22
109.111.60.0/22
Signature Algorithm: sha256WithRSAEncryption
25:ca:7a:30:c0:9c:72:c6:16:f5:4d:21:e2:d3:bb:bf:47:a1:
15:08:59:f9:a8:c1:76:47:19:5d:94:c2:84:9d:b6:6e:0e:28:
ee:b6:f1:6b:d2:1d:cf:5c:93:80:71:b4:6d:bf:30:f3:02:76:
42:b7:bb:61:78:2b:0d:ba:96:71:dd:30:f3:88:78:e0:fd:d6:
1e:e2:35:45:27:46:08:90:01:36:94:05:d2:5e:fe:72:80:38:
0f:47:b5:a3:f9:ad:91:d0:dc:f9:ee:bb:2c:a9:0c:10:93:3b:
e0:ea:67:fb:de:4a:72:b9:bc:88:47:dc:dc:b3:25:db:ca:9c:
bb:a0:f3:44:6d:1a:d8:1e:d1:d3:60:47:4b:26:83:c9:f6:b0:
f2:dc:b1:d4:4f:e7:4b:8a:79:76:44:1c:f0:7d:9b:f1:bd:57:
29:e8:a2:9b:41:dc:e3:31:4f:62:f9:1a:61:96:b3:a7:fc:9b:
b9:1e:ef:d2:8b:dc:18:33:74:d3:94:d1:d6:06:10:c1:fa:65:
e0:c6:3e:c0:38:89:31:0a:2c:a0:4d:94:85:b1:e7:0c:07:73:
52:bd:6e:95:42:18:df:49:30:4b:97:36:4a:98:49:6d:b3:1a:
9d:5c:29:2d:f0:fb:64:9a:d8:9a:09:f0:fb:87:16:fd:81:d4:
59:5b:b2:19
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVtittV4LCpa2wiJqXroyaeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmNzVlNGU5NGI1Y2I3NDUxN2I3YjAxNTY4MDE1ZGE5ZTZl
ZWNkYjYwHhcNMjMwMTAxMTMzNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYjU1NTg4N2U3NmUxZDUzMTI4OWE1NDRhYWUyZmU4YWM4Y2FhYzA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqYdvk1U0S81JVWXXuFlgO89Ec+VT
YLT71D6LyqHOZzkTJwQi7+OYR9fL/dspomWn9LgvT9TOig+H4TwTd67MtaHLTwzl
s9Aebm3ZXFYSSgBPknCr4viNc7J1P8OnCHRNwg8vuiksz1clNt0+7PkKJUmYi0Rj
CVW6+ChVh8mzyYXwubUptXyvgJS5p47SiTLNL/X7GkhfkgX5mPazgJPtprVWwLSc
nS/T/k4pFFYlG/pqaAH/unaj8Dic0S59eA4CCYU8tgwFRjZWz9fJcam33WYTO93z
PIZD56czZ3T3GX3LNCu7z4fFMfF2eqDGGIddRux2PopXn12RaeJ96/NcNwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOtVWIfnbh1TEomlRKri/orIyqwJMB8GA1UdIwQY
MBaAFG915OlLXLdFF7ewFWgBXanm7s22MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzIt
NjY0NTc3MjRjMmQzLzEvNjFWWWgtZHVIVk1TaWFWRXF1TC1pc2pLckFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzItNjY0NTc3MjRjMmQz
LzEvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCbW80AwQC
bW88MA0GCSqGSIb3DQEBCwUAA4IBAQAlynowwJxyxhb1TSHi07u/R6EVCFn5qMF2
RxldlMKEnbZuDijutvFr0h3PXJOAcbRtvzDzAnZCt7theCsNupZx3TDziHjg/dYe
4jVFJ0YIkAE2lAXSXv5ygDgPR7Wj+a2R0Nz57rssqQwQkzvg6mf73kpyubyIR9zc
syXbypy7oPNEbRrYHtHTYEdLJoPJ9rDy3LHUT+dLinl2RBzwfZvxvVcp6KKbQdzj
MU9i+RphlrOn/Ju5Hu/Si9wYM3TTlNHWBhDB+mXgxj7AOIkxCiygTZSFsecMB3NS
vW6VQhjfSTBLlzZKmEltsxqdXCkt8PtkmtiaCfD7hxb9gdRZW7IZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:04 2024 by rpki-client on console-fra.rpki-client.org