Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/ot3Y4WUV4u-P_HzBvjvO80lMqJ4.roa
File: ot3Y4WUV4u-P_HzBvjvO80lMqJ4.roa (raw, json)
Hash identifier: nZy/k7oAU7bueEGDY3unTpU3xp/jE5QNAK2beggKwP4=
Subject key identifier: A2:DD:D8:E1:65:15:E2:EF:8F:FC:7C:C1:BE:3B:CE:F3:49:4C:A8:9E
Certificate issuer: /CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Certificate serial: 018CCA2A33EF7168098F695D3EC1076DFC89
Authority key identifier: 6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/ot3Y4WUV4u-P_HzBvjvO80lMqJ4.roa
Signing time: Tue 02 Jan 2024 12:33:32 +0000
ROA not before: Tue 02 Jan 2024 12:33:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 22781
IP address blocks: 109.111.56.0/22 maxlen: 23
Validation: Failed, certificate revoked on Sun 11 Aug 2024 13:04:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:33:ef:71:68:09:8f:69:5d:3e:c1:07:6d:fc:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Validity
Not Before: Jan 2 12:33:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a2ddd8e16515e2ef8ffc7cc1be3bcef3494ca89e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:32:96:f7:89:25:b2:8f:bb:b6:66:9d:ff:c0:
29:fe:12:a7:a5:07:4c:22:1c:bc:f9:50:61:7f:c6:
07:1a:cd:0d:5b:73:3b:28:cd:62:30:89:ad:53:2c:
af:3b:31:99:71:16:d1:bb:f9:3c:bc:25:55:32:f3:
3c:3a:0d:6e:95:e7:9f:38:81:8e:e8:00:05:9c:fb:
c8:fa:01:75:e0:f5:4b:1b:1d:7e:13:85:6b:54:bc:
78:c6:b8:54:98:15:37:2d:fc:38:61:7f:ae:cc:74:
cd:09:57:8e:5b:1c:ae:29:21:d6:ad:39:81:6e:e7:
da:ad:52:75:3e:4d:c8:20:0b:af:1e:bf:e9:5c:06:
76:e9:ff:12:4c:99:f0:b8:b0:14:62:66:80:88:e0:
2f:2c:91:19:25:1e:b5:5e:8f:ba:06:ac:e4:0a:ba:
a0:73:16:ac:23:3e:b6:8d:8d:c9:d5:13:f0:b3:73:
b9:b8:24:f3:85:7c:f8:03:ee:37:bb:85:a2:a7:97:
ce:f9:a6:80:e7:c6:5f:dc:f4:a5:a4:3c:23:ca:b3:
e5:fe:65:79:22:45:85:86:2a:bb:00:87:a7:d8:26:
1f:da:e4:60:b5:1b:c8:57:4f:c0:56:01:19:5c:05:
0d:ea:4d:06:b1:82:6e:6b:73:c4:f9:ca:b7:ef:bc:
79:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:DD:D8:E1:65:15:E2:EF:8F:FC:7C:C1:BE:3B:CE:F3:49:4C:A8:9E
X509v3 Authority Key Identifier:
keyid:6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/ot3Y4WUV4u-P_HzBvjvO80lMqJ4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/b3Xk6Utct0UXt7AVaAFdqebuzbY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.111.56.0/22
Signature Algorithm: sha256WithRSAEncryption
0f:98:47:49:4c:01:9a:eb:ab:ad:ed:b8:b0:97:1d:dd:d5:2b:
76:16:6c:28:56:25:f2:2b:aa:89:9a:19:dc:05:90:0c:89:42:
28:29:6f:cd:d5:90:b6:2d:ce:3e:84:7b:e2:72:10:89:9c:27:
4b:a0:60:ce:eb:a7:b2:55:35:ca:2e:f2:e2:0b:db:0c:78:f7:
f4:8c:fc:0a:0b:bb:d7:82:78:7b:4f:79:1d:8e:34:9c:70:18:
de:b4:e2:0d:10:26:d4:e9:bf:ee:09:e7:0c:31:27:6f:c6:ac:
7d:40:e7:91:5e:7a:38:b4:fc:4e:f4:ae:32:96:a7:4d:06:73:
98:6d:e5:37:a7:b9:98:b2:a6:20:39:9e:c2:f1:24:36:25:80:
4a:0f:dd:06:13:c7:46:fd:7c:d4:30:e7:f4:1a:b0:75:04:f4:
c1:51:dd:b0:6c:a8:26:bf:c8:b1:2a:5a:3d:fe:41:2a:e4:90:
c3:5f:df:69:51:01:43:41:41:c7:5c:85:69:ef:75:f3:a3:a2:
8a:6e:0a:8a:b7:99:b0:2d:71:de:28:fb:ec:ab:6c:c8:07:09:
69:39:e1:b7:f4:6e:d9:1c:3b:fb:cd:75:9a:cf:5c:26:88:c9:
6a:c6:8d:a9:d9:0a:9d:bb:e2:d4:ea:a5:43:fc:15:53:4b:ad:
90:c1:df:bc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKKjPvcWgJj2ldPsEHbfyJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmNzVlNGU5NGI1Y2I3NDUxN2I3YjAxNTY4MDE1ZGE5ZTZl
ZWNkYjYwHhcNMjQwMTAyMTIzMzMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMmRkZDhlMTY1MTVlMmVmOGZmYzdjYzFiZTNiY2VmMzQ5NGNhODllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkDKW94klso+7tmad/8Ap/hKnpQdM
Ihy8+VBhf8YHGs0NW3M7KM1iMImtUyyvOzGZcRbRu/k8vCVVMvM8Og1uleefOIGO
6AAFnPvI+gF14PVLGx1+E4VrVLx4xrhUmBU3Lfw4YX+uzHTNCVeOWxyuKSHWrTmB
bufarVJ1Pk3IIAuvHr/pXAZ26f8STJnwuLAUYmaAiOAvLJEZJR61Xo+6BqzkCrqg
cxasIz62jY3J1RPws3O5uCTzhXz4A+43u4Wip5fO+aaA58Zf3PSlpDwjyrPl/mV5
IkWFhiq7AIen2CYf2uRgtRvIV0/AVgEZXAUN6k0GsYJua3PE+cq377x56QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKLd2OFlFeLvj/x8wb47zvNJTKieMB8GA1UdIwQY
MBaAFG915OlLXLdFF7ewFWgBXanm7s22MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzIt
NjY0NTc3MjRjMmQzLzEvb3QzWTRXVVY0dS1QX0h6QnZqdk84MGxNcUo0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzItNjY0NTc3MjRjMmQz
LzEvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCbW84MA0G
CSqGSIb3DQEBCwUAA4IBAQAPmEdJTAGa66ut7biwlx3d1St2FmwoViXyK6qJmhnc
BZAMiUIoKW/N1ZC2Lc4+hHvichCJnCdLoGDO66eyVTXKLvLiC9sMePf0jPwKC7vX
gnh7T3kdjjSccBjetOINECbU6b/uCecMMSdvxqx9QOeRXno4tPxO9K4ylqdNBnOY
beU3p7mYsqYgOZ7C8SQ2JYBKD90GE8dG/XzUMOf0GrB1BPTBUd2wbKgmv8ixKlo9
/kEq5JDDX99pUQFDQUHHXIVp73Xzo6KKbgqKt5mwLXHeKPvsq2zIBwlpOeG39G7Z
HDv7zXWaz1wmiMlqxo2p2Qqdu+LU6qVD/BVTS62Qwd+8
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:18:42 2025 by rpki-client