Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/gB2u2Vr1FUQnpNaV23cneKxSGfE.roa
File: gB2u2Vr1FUQnpNaV23cneKxSGfE.roa (raw, json)
Hash identifier: WIDCbmCvq9rHXi+YhTSahKqNv2o+1PXDJDCv423svwI=
Subject key identifier: 80:1D:AE:D9:5A:F5:15:44:27:A4:D6:95:DB:77:27:78:AC:52:19:F1
Certificate issuer: /CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Certificate serial: 018E331B1F03270A30764D334F5B9AC21CF0
Authority key identifier: C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/gB2u2Vr1FUQnpNaV23cneKxSGfE.roa
Signing time: Tue 12 Mar 2024 14:39:59 +0000
ROA not before: Tue 12 Mar 2024 14:39:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215340
IP address blocks: 109.236.49.0/24 maxlen: 24
109.236.50.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 25 Mar 2024 07:55:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:33:1b:1f:03:27:0a:30:76:4d:33:4f:5b:9a:c2:1c:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Validity
Not Before: Mar 12 14:39:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=801daed95af5154427a4d695db772778ac5219f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:17:b6:19:7d:7c:32:84:57:ac:23:a2:33:7d:
9a:d8:ad:63:6b:2c:23:4e:c0:b1:6b:b0:11:17:53:
b5:9c:e4:73:fa:0b:cd:4f:3f:0d:e3:3e:61:f2:ed:
13:94:18:af:c0:f0:b4:13:5b:38:2d:61:a3:f4:2b:
46:86:05:18:78:fc:57:3d:5c:79:ca:44:6f:a5:70:
1e:45:e0:fc:f9:47:8e:b4:f7:37:77:54:cf:4e:a0:
01:81:1d:75:8e:47:c1:2c:70:d3:04:e1:48:fc:07:
e0:d3:8b:c0:5a:2b:37:7c:9e:ce:25:e7:ed:3d:a9:
b4:65:9d:44:34:d0:19:7a:e0:9b:90:24:0c:68:97:
39:ff:74:c8:dc:27:cb:8c:24:db:45:d0:68:5e:5c:
9c:52:50:8d:48:11:a9:78:95:2c:ad:84:68:05:cf:
04:9e:65:58:e4:1a:87:4d:06:41:10:5d:da:3b:95:
2f:29:5a:36:30:a7:b7:66:cb:48:7b:c5:a8:96:86:
3c:17:ad:eb:1f:a4:b5:6b:4b:70:23:8c:f0:91:50:
f3:ff:83:13:98:15:e0:6e:b6:6d:bf:ae:72:8e:ad:
db:61:ab:42:a0:4d:38:48:83:04:aa:f9:4f:bb:6f:
0e:bd:82:85:95:48:3b:29:65:32:73:3a:89:1c:4c:
e0:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:1D:AE:D9:5A:F5:15:44:27:A4:D6:95:DB:77:27:78:AC:52:19:F1
X509v3 Authority Key Identifier:
keyid:C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/gB2u2Vr1FUQnpNaV23cneKxSGfE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.236.49.0-109.236.50.255
Signature Algorithm: sha256WithRSAEncryption
a5:3a:34:1c:d6:fe:a7:30:d5:d6:39:2a:14:1a:5d:ad:9f:f6:
de:bd:c1:a5:88:20:2f:01:20:8f:0d:58:44:7a:3a:dd:b1:1e:
58:f6:28:42:75:c8:41:2d:02:c2:d9:a3:c2:b6:05:65:ef:62:
49:17:42:f5:74:18:c6:f0:e8:4f:8d:49:6f:8c:c4:3a:7d:b2:
91:b8:ad:85:70:51:dc:c2:88:69:7c:bc:a7:fd:37:55:94:ce:
e2:8d:c8:e9:70:0c:37:06:05:60:ef:a4:40:1a:03:ff:8a:e7:
37:70:5e:21:9f:a4:f0:5f:c5:c1:31:a4:e6:9a:45:ff:db:be:
47:b4:50:63:7e:ed:e6:e1:ad:b7:5e:85:0f:96:34:a4:96:89:
31:3c:b2:21:3c:fe:8c:80:a2:3d:f2:2f:dd:20:63:48:11:8e:
f8:70:54:d6:68:41:19:05:8e:47:00:cf:03:ce:6e:7d:1b:d7:
ee:6d:de:25:0a:77:aa:b4:f1:23:08:50:6b:e5:24:0c:43:aa:
76:99:71:97:c1:b5:c9:d3:d5:fc:05:77:b2:92:74:ec:72:7c:
eb:4e:b8:a4:80:5d:ec:c1:25:2f:61:da:ce:1a:69:16:cc:30:
fa:ac:86:ff:01:ab:ed:88:99:a3:ab:be:cb:36:e7:b6:74:1e:
ce:6c:9e:2d
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAY4zGx8DJwowdk0zT1uawhzwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2MTZjNDE5NTE1MmVmZmVkYmY3YjNhZmVlMmFhNzJlMTkw
OTBlNGQwHhcNMjQwMzEyMTQzOTU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDFkYWVkOTVhZjUxNTQ0MjdhNGQ2OTVkYjc3Mjc3OGFjNTIxOWYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlRe2GX18MoRXrCOiM32a2K1jaywj
TsCxa7ARF1O1nORz+gvNTz8N4z5h8u0TlBivwPC0E1s4LWGj9CtGhgUYePxXPVx5
ykRvpXAeReD8+UeOtPc3d1TPTqABgR11jkfBLHDTBOFI/Afg04vAWis3fJ7OJeft
Pam0ZZ1ENNAZeuCbkCQMaJc5/3TI3CfLjCTbRdBoXlycUlCNSBGpeJUsrYRoBc8E
nmVY5BqHTQZBEF3aO5UvKVo2MKe3ZstIe8WoloY8F63rH6S1a0twI4zwkVDz/4MT
mBXgbrZtv65yjq3bYatCoE04SIMEqvlPu28OvYKFlUg7KWUyczqJHEzgHwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFIAdrtla9RVEJ6TWldt3J3isUhnxMB8GA1UdIwQY
MBaAFMYWxBlRUu/+2/ezr+4qpy4ZCQ5NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjkt
MzlmZGI5ODZmMDU5LzEvZ0IydTJWcjFGVVFucE5hVjIzY25lS3hTR2ZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjktMzlmZGI5ODZmMDU5
LzEveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBABt7DED
BABt7DIwDQYJKoZIhvcNAQELBQADggEBAKU6NBzW/qcw1dY5KhQaXa2f9t69waWI
IC8BII8NWER6Ot2xHlj2KEJ1yEEtAsLZo8K2BWXvYkkXQvV0GMbw6E+NSW+MxDp9
spG4rYVwUdzCiGl8vKf9N1WUzuKNyOlwDDcGBWDvpEAaA/+K5zdwXiGfpPBfxcEx
pOaaRf/bvke0UGN+7ebhrbdehQ+WNKSWiTE8siE8/oyAoj3yL90gY0gRjvhwVNZo
QRkFjkcAzwPObn0b1+5t3iUKd6q08SMIUGvlJAxDqnaZcZfBtcnT1fwFd7KSdOxy
fOtOuKSAXezBJS9h2s4aaRbMMPqshv8Bq+2ImaOrvss257Z0Hs5sni0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:49 2024 by rpki-client on console-fra.rpki-client.org