Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/a7ca61-2e8d-4bbe-9c36-4e6d130bda0f/1/1-pfSNE8x0xbjNhT00jWCFcmrVXk.roa
File: 1-pfSNE8x0xbjNhT00jWCFcmrVXk.roa (raw, json)
Hash identifier: YCEblEMg81FF8g3WDpm/QETq18YrwZM0FNEIRvfo9Z8=
Subject key identifier: FA:97:D2:34:4F:31:D3:16:E3:36:14:F4:D2:35:82:15:C9:AB:55:79
Certificate issuer: /CN=09ea1d4531b071d6574699c12e5afa41f89bd409
Certificate serial: 018570950604D87C8A3FD9AD68AA0040A4A2
Authority key identifier: 09:EA:1D:45:31:B0:71:D6:57:46:99:C1:2E:5A:FA:41:F8:9B:D4:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CeodRTGwcdZXRpnBLlr6Qfib1Ak.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/a7ca61-2e8d-4bbe-9c36-4e6d130bda0f/1/1-pfSNE8x0xbjNhT00jWCFcmrVXk.roa
Signing time: Mon 02 Jan 2023 03:44:52 +0000
ROA not before: Mon 02 Jan 2023 03:44:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50245
IP address blocks: 109.206.160.0/19 maxlen: 24
91.229.94.0/24 maxlen: 24
62.122.168.0/21 maxlen: 24
Validation: Failed, certificate revoked on Mon 31 Jul 2023 13:33:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:95:06:04:d8:7c:8a:3f:d9:ad:68:aa:00:40:a4:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=09ea1d4531b071d6574699c12e5afa41f89bd409
Validity
Not Before: Jan 2 03:44:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fa97d2344f31d316e33614f4d2358215c9ab5579
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:b0:a5:12:7f:65:55:dc:bb:f5:50:f0:f4:9e:
1b:64:ac:a4:f4:ce:bc:38:4d:0b:f7:fb:bc:ee:1a:
4a:ce:86:65:9b:e1:3f:a3:70:7c:64:9f:66:bb:d9:
96:c0:0a:a1:21:84:c5:db:01:6a:d3:9a:0b:3a:54:
c1:8f:87:57:6d:ee:b1:fa:37:df:c3:63:6b:ed:14:
61:dc:83:27:86:ac:64:70:7f:5e:ec:ff:76:f1:ce:
de:12:ae:ec:fc:7c:27:4c:2d:b9:d0:cd:e3:49:28:
fc:3e:3e:bd:2b:d1:63:f3:58:e3:73:1b:b0:7e:df:
35:ec:f5:8a:f3:0f:89:a3:33:da:9c:d3:e4:e2:bb:
d7:2c:83:77:6d:87:25:55:4f:5e:2a:0b:86:eb:6d:
95:35:fa:b1:13:dc:f6:c2:4d:62:94:d5:7e:b7:cf:
a7:d5:18:a1:90:49:b9:a8:79:79:6d:eb:31:d8:13:
6c:0a:a1:d0:e5:5f:50:02:0f:27:08:89:57:d8:f7:
64:5e:db:f4:36:0f:39:8b:69:60:e7:cc:74:46:d9:
27:ac:cd:f0:83:c7:03:ac:e2:de:cb:29:dd:bc:8d:
b8:c3:cb:de:5b:91:68:c6:43:8e:9e:ba:c5:bc:6e:
01:81:7a:d5:c1:70:db:11:04:45:07:b9:61:b5:2d:
5e:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:97:D2:34:4F:31:D3:16:E3:36:14:F4:D2:35:82:15:C9:AB:55:79
X509v3 Authority Key Identifier:
keyid:09:EA:1D:45:31:B0:71:D6:57:46:99:C1:2E:5A:FA:41:F8:9B:D4:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CeodRTGwcdZXRpnBLlr6Qfib1Ak.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/a7ca61-2e8d-4bbe-9c36-4e6d130bda0f/1/1-pfSNE8x0xbjNhT00jWCFcmrVXk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/a7ca61-2e8d-4bbe-9c36-4e6d130bda0f/1/CeodRTGwcdZXRpnBLlr6Qfib1Ak.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.122.168.0/21
91.229.94.0/24
109.206.160.0/19
Signature Algorithm: sha256WithRSAEncryption
87:f2:e6:09:ee:01:c6:e7:06:69:4e:87:66:a3:6a:20:0e:4d:
cb:95:c6:b4:b8:fe:57:81:60:62:86:a2:e3:df:14:a6:ad:0a:
98:6a:b8:f0:b3:11:97:8c:51:b4:02:a5:97:3c:de:e9:35:22:
96:70:78:20:21:02:cf:4b:99:a7:b3:ea:b4:f3:3d:24:a8:a3:
0b:f5:5a:94:e5:eb:b1:15:13:0a:af:ed:68:41:81:0a:1e:03:
38:3c:d8:58:b5:74:b2:fa:a5:45:db:3f:5d:11:e8:80:7b:4c:
06:12:c5:ca:7e:3a:d4:2f:ab:c9:b4:18:48:3f:16:61:0b:3b:
b6:f8:37:c7:72:8e:20:8c:f2:d5:23:92:6c:e9:75:08:d9:d0:
3c:4b:a2:72:58:f0:51:a8:e5:af:21:20:53:7a:5a:a4:cc:05:
7c:3a:33:82:3f:66:4a:23:57:04:b3:6a:0d:80:42:a8:09:a9:
93:96:61:eb:a1:99:f3:be:af:85:8c:44:da:84:ff:eb:6e:fb:
19:f4:b9:d5:ac:4d:25:cf:ed:80:8c:4b:cb:fe:b4:8d:2a:2e:
35:70:7e:2d:a2:51:de:1d:23:8b:1d:9f:ed:a0:7b:cc:d5:bb:
cb:18:78:70:41:62:7d:e1:1b:c2:cb:af:0a:c7:8a:e5:f2:13:
5f:e8:9f:99
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAYVwlQYE2HyKP9mtaKoAQKSiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5ZWExZDQ1MzFiMDcxZDY1NzQ2OTljMTJlNWFmYTQxZjg5
YmQ0MDkwHhcNMjMwMTAyMDM0NDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTk3ZDIzNDRmMzFkMzE2ZTMzNjE0ZjRkMjM1ODIxNWM5YWI1NTc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwrClEn9lVdy79VDw9J4bZKyk9M68
OE0L9/u87hpKzoZlm+E/o3B8ZJ9mu9mWwAqhIYTF2wFq05oLOlTBj4dXbe6x+jff
w2Nr7RRh3IMnhqxkcH9e7P928c7eEq7s/HwnTC250M3jSSj8Pj69K9Fj81jjcxuw
ft817PWK8w+JozPanNPk4rvXLIN3bYclVU9eKguG622VNfqxE9z2wk1ilNV+t8+n
1RihkEm5qHl5besx2BNsCqHQ5V9QAg8nCIlX2PdkXtv0Ng85i2lg58x0RtknrM3w
g8cDrOLeyyndvI24w8veW5FoxkOOnrrFvG4BgXrVwXDbEQRFB7lhtS1ehQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFPqX0jRPMdMW4zYU9NI1ghXJq1V5MB8GA1UdIwQY
MBaAFAnqHUUxsHHWV0aZwS5a+kH4m9QJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2VvZFJUR3djZFpYUnBuQkxscjZRZmliMUFrLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi9hN2NhNjEtMmU4ZC00YmJlLTljMzYt
NGU2ZDEzMGJkYTBmLzEvMS1wZlNORTh4MHhiak5oVDAwaldDRmNtclZYay5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNGIvYTdjYTYxLTJlOGQtNGJiZS05YzM2LTRlNmQxMzBiZGEw
Zi8xL0Nlb2RSVEd3Y2RaWFJwbkJMbHI2UWZpYjFBay5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjArBggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAz56qAME
AFvlXgMEBW3OoDANBgkqhkiG9w0BAQsFAAOCAQEAh/LmCe4BxucGaU6HZqNqIA5N
y5XGtLj+V4FgYoai498Upq0KmGq48LMRl4xRtAKllzze6TUilnB4ICECz0uZp7Pq
tPM9JKijC/ValOXrsRUTCq/taEGBCh4DODzYWLV0svqlRds/XRHogHtMBhLFyn46
1C+rybQYSD8WYQs7tvg3x3KOIIzy1SOSbOl1CNnQPEuicljwUajlryEgU3papMwF
fDozgj9mSiNXBLNqDYBCqAmpk5Zh66GZ876vhYxE2oT/6277GfS51axNJc/tgIxL
y/60jSouNXB+LaJR3h0jix2f7aB7zNW7yxh4cEFifeEbwsuvCseK5fITX+ifmQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:22 2024 by rpki-client on console-fra.rpki-client.org