Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/CR6fNDnO4opBmbjZOi82tanlLeg.roa
File: CR6fNDnO4opBmbjZOi82tanlLeg.roa (raw, json)
Hash identifier: 7Dme5oIZG+Q6uHW/qigDVquY/JmMMxwS5aHeUKC6HJs=
Subject key identifier: 09:1E:9F:34:39:CE:E2:8A:41:99:B8:D9:3A:2F:36:B5:A9:E5:2D:E8
Certificate issuer: /CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Certificate serial: 0191538AA0E61118FA2EE411881EBA7B57CB
Authority key identifier: 6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/CR6fNDnO4opBmbjZOi82tanlLeg.roa
Signing time: Thu 15 Aug 2024 00:57:59 +0000
ROA not before: Thu 15 Aug 2024 00:57:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 151487
IP address blocks: 109.111.40.0/23 maxlen: 24
Validation: Failed, certificate revoked on Tue 05 Nov 2024 03:39:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:53:8a:a0:e6:11:18:fa:2e:e4:11:88:1e:ba:7b:57:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Validity
Not Before: Aug 15 00:57:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=091e9f3439cee28a4199b8d93a2f36b5a9e52de8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:c3:6e:aa:f6:bb:24:ce:ea:11:31:22:a7:a6:
77:b9:bf:b9:86:4f:f3:ad:23:a5:1e:3f:7c:44:03:
51:b7:ee:ae:17:01:81:d6:7b:85:0f:0c:7b:32:17:
c0:df:9c:90:78:7c:ed:b1:ca:9a:e2:b5:6f:c8:66:
6f:f8:3f:7f:0a:c6:02:aa:3a:f9:16:93:ed:d4:ea:
eb:15:9e:5d:99:30:b2:1d:b4:23:e3:f3:55:c7:8f:
3e:dc:ac:5d:3a:5c:ac:dd:3a:cd:58:b1:d4:60:e9:
2d:ef:35:81:8d:61:d4:02:a6:f4:c2:bc:b2:83:d9:
16:de:39:78:4b:9e:c3:c2:b9:5e:22:d1:14:c0:ea:
05:d6:a0:98:e5:ce:b1:c1:74:10:91:1d:a5:bf:ce:
1b:db:25:3f:7e:5f:a7:f8:5b:05:91:b2:0a:1f:a5:
15:fb:e7:16:8e:5a:3b:ea:de:e0:af:85:d5:96:73:
84:13:a8:59:59:67:89:5f:15:69:d4:6a:bf:02:2c:
b4:b1:c9:51:92:a7:97:38:a7:a9:1f:8f:59:ea:f9:
19:94:54:a4:f6:7a:ba:b0:1c:42:bd:03:ae:2a:86:
49:2c:ab:fc:d0:eb:1d:b3:54:35:d9:05:67:4e:02:
90:25:b2:40:d8:8b:06:71:a5:ca:ca:df:8a:54:fd:
5d:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:1E:9F:34:39:CE:E2:8A:41:99:B8:D9:3A:2F:36:B5:A9:E5:2D:E8
X509v3 Authority Key Identifier:
keyid:6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/CR6fNDnO4opBmbjZOi82tanlLeg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/b3Xk6Utct0UXt7AVaAFdqebuzbY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.111.40.0/23
Signature Algorithm: sha256WithRSAEncryption
8b:f6:7c:cf:1b:d8:c4:d2:07:13:c1:6c:75:d5:42:e6:f3:52:
78:7a:84:2f:02:9c:6b:29:48:4b:1c:be:44:e6:de:6d:27:07:
57:47:3d:70:a5:e9:4a:fa:8a:04:42:8e:fd:a3:36:64:67:57:
6b:17:77:4c:4d:0b:a8:09:a5:b8:31:9d:26:52:95:3a:41:8a:
ef:4f:72:86:45:98:36:79:de:df:f5:59:23:0f:08:52:82:74:
dc:16:83:d9:94:79:20:f0:58:12:fd:b9:08:08:b4:8c:77:54:
18:5e:16:07:6d:30:39:10:40:c5:29:23:af:08:67:de:4c:8f:
11:3d:87:d8:98:bf:2c:6f:d4:e4:51:bb:2b:e2:71:ed:47:f9:
98:f8:27:0a:05:a2:86:55:da:da:fe:18:c6:61:8d:21:51:80:
ee:51:02:1c:66:4f:13:b3:8a:06:de:7e:1a:4b:c3:a1:0a:5e:
59:50:95:ae:e7:94:14:5f:d1:c4:cb:f8:e8:df:43:b5:95:f8:
5f:8e:b3:c6:37:05:16:21:53:b7:1f:45:9f:2f:63:b9:63:24:
81:35:93:21:9d:62:c7:07:4e:6a:8b:aa:e2:46:69:1d:67:87:
43:a6:ef:09:16:30:5a:3a:57:0b:ef:e1:85:66:8c:a6:52:02:
26:1f:9f:ee
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZFTiqDmERj6LuQRiB66e1fLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmNzVlNGU5NGI1Y2I3NDUxN2I3YjAxNTY4MDE1ZGE5ZTZl
ZWNkYjYwHhcNMjQwODE1MDA1NzU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTFlOWYzNDM5Y2VlMjhhNDE5OWI4ZDkzYTJmMzZiNWE5ZTUyZGU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp8Nuqva7JM7qETEip6Z3ub+5hk/z
rSOlHj98RANRt+6uFwGB1nuFDwx7MhfA35yQeHztscqa4rVvyGZv+D9/CsYCqjr5
FpPt1OrrFZ5dmTCyHbQj4/NVx48+3KxdOlys3TrNWLHUYOkt7zWBjWHUAqb0wryy
g9kW3jl4S57DwrleItEUwOoF1qCY5c6xwXQQkR2lv84b2yU/fl+n+FsFkbIKH6UV
++cWjlo76t7gr4XVlnOEE6hZWWeJXxVp1Gq/Aiy0sclRkqeXOKepH49Z6vkZlFSk
9nq6sBxCvQOuKoZJLKv80Osds1Q12QVnTgKQJbJA2IsGcaXKyt+KVP1dqwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAkenzQ5zuKKQZm42TovNrWp5S3oMB8GA1UdIwQY
MBaAFG915OlLXLdFF7ewFWgBXanm7s22MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzIt
NjY0NTc3MjRjMmQzLzEvQ1I2Zk5Ebk80b3BCbWJqWk9pODJ0YW5sTGVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzItNjY0NTc3MjRjMmQz
LzEvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBbW8oMA0G
CSqGSIb3DQEBCwUAA4IBAQCL9nzPG9jE0gcTwWx11ULm81J4eoQvApxrKUhLHL5E
5t5tJwdXRz1wpelK+ooEQo79ozZkZ1drF3dMTQuoCaW4MZ0mUpU6QYrvT3KGRZg2
ed7f9VkjDwhSgnTcFoPZlHkg8FgS/bkICLSMd1QYXhYHbTA5EEDFKSOvCGfeTI8R
PYfYmL8sb9TkUbsr4nHtR/mY+CcKBaKGVdra/hjGYY0hUYDuUQIcZk8Ts4oG3n4a
S8OhCl5ZUJWu55QUX9HEy/jo30O1lfhfjrPGNwUWIVO3H0WfL2O5YySBNZMhnWLH
B05qi6riRmkdZ4dDpu8JFjBaOlcL7+GFZoymUgImH5/u
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:15:25 2025 by rpki-client