Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/1-vb81NxeMafn2xb-uDL_A50ajpA.roa
File: 1-vb81NxeMafn2xb-uDL_A50ajpA.roa (raw, json)
Hash identifier: 0nYlFQLtAoEGIxdUi53hjTkPvknsP+vIH0iUu4LiYZA=
Subject key identifier: FA:F6:FC:D4:DC:5E:31:A7:E7:DB:16:FE:B8:32:FF:03:9D:1A:8E:90
Certificate issuer: /CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Certificate serial: 01924D269B6A4BA2829E1D6918B2683918A4
Authority key identifier: 6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/1-vb81NxeMafn2xb-uDL_A50ajpA.roa
Signing time: Wed 02 Oct 2024 12:13:48 +0000
ROA not before: Wed 02 Oct 2024 12:13:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51889
IP address blocks: 109.122.253.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 03 Nov 2024 10:06:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:4d:26:9b:6a:4b:a2:82:9e:1d:69:18:b2:68:39:18:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Validity
Not Before: Oct 2 12:13:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=faf6fcd4dc5e31a7e7db16feb832ff039d1a8e90
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:f6:3e:fc:52:07:6e:67:f6:31:7e:c5:4b:09:
2d:93:6c:a7:4c:ff:1a:1a:5c:93:4d:44:25:72:05:
3e:95:35:94:fd:2b:ec:a1:c9:ad:48:e4:ac:91:43:
b8:2c:e7:c4:84:54:c3:a7:d2:99:e3:c4:24:4b:74:
25:0f:4f:9a:de:18:c1:12:dd:28:2a:67:6f:6e:e8:
d9:b6:13:3f:60:bb:31:65:50:89:26:13:fb:00:38:
2f:04:b6:54:41:26:b5:a7:84:aa:9c:42:64:31:8d:
28:75:87:56:9f:c7:b4:40:67:43:da:40:a9:78:53:
f4:e4:27:cb:30:5a:36:b3:d7:cc:43:44:ad:78:43:
db:61:13:4d:45:33:13:df:dd:9b:2a:34:83:06:1e:
0a:f2:f3:0c:bc:52:89:90:fe:cf:d5:8d:89:14:e6:
3c:8a:3f:94:73:f7:3b:b3:07:51:48:13:57:84:ee:
5e:97:b8:3b:26:06:7a:25:eb:07:e0:e9:95:c5:fc:
cb:b8:83:da:81:7e:cb:49:94:08:58:41:3e:52:1f:
af:e9:74:2d:06:94:3d:8b:5b:46:3d:21:64:d5:eb:
ae:c3:a4:6b:44:72:af:71:3d:bb:3d:32:dc:66:46:
ba:5c:59:c6:67:49:a6:cf:06:98:ec:4b:cd:92:aa:
12:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:F6:FC:D4:DC:5E:31:A7:E7:DB:16:FE:B8:32:FF:03:9D:1A:8E:90
X509v3 Authority Key Identifier:
keyid:6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/1-vb81NxeMafn2xb-uDL_A50ajpA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/bds4s0PaLRGTCe2qGceniHAyfr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.122.253.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:d9:cd:14:b1:9a:de:1c:4d:e4:01:53:33:69:ef:6c:8b:7e:
4d:cb:bf:7f:28:c9:48:ba:8e:26:f5:ca:d7:08:85:f7:ee:c6:
67:a2:b6:11:9f:65:cb:3c:b3:86:0c:f8:d6:d9:df:e7:87:6e:
e8:84:02:ee:e9:49:28:1f:27:82:40:85:d3:57:dd:aa:a3:64:
05:53:b0:5a:98:75:44:a6:18:b4:d4:64:8e:00:a3:5a:a8:4b:
2d:28:d8:b2:20:d3:94:f5:51:eb:1c:d9:6e:c3:f6:6e:7d:ba:
50:f8:5f:e1:62:87:d4:38:fe:e7:c1:9d:02:24:08:f4:cf:ce:
52:5f:03:3a:6f:15:1f:cc:cd:e6:6a:41:a4:31:df:8d:ca:32:
8c:e5:7d:bf:0f:a9:e1:0d:26:dc:f3:cb:f1:5c:ea:25:3c:04:
d9:4d:f8:3f:db:03:a0:4e:7f:cc:c2:6d:2a:82:1b:c8:53:35:
cd:eb:10:c3:59:fc:00:20:ac:09:79:55:6b:ee:ba:04:be:e3:
47:1e:fb:f1:c2:9b:74:7a:32:52:23:10:af:31:92:75:30:7d:
ee:34:bd:14:bd:ba:9d:66:f5:00:14:65:cc:63:b0:d4:4f:e0:
8a:92:6a:d4:4f:82:8e:02:f4:9f:e7:b7:8b:9e:20:f0:c8:29:
05:a9:b8:ee
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZJNJptqS6KCnh1pGLJoORikMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkZGIzOGIzNDNkYTJkMTE5MzA5ZWRhYTE5YzdhNzg4NzAz
MjdlYmUwHhcNMjQxMDAyMTIxMzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYWY2ZmNkNGRjNWUzMWE3ZTdkYjE2ZmViODMyZmYwMzlkMWE4ZTkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy/Y+/FIHbmf2MX7FSwktk2ynTP8a
GlyTTUQlcgU+lTWU/SvsocmtSOSskUO4LOfEhFTDp9KZ48QkS3QlD0+a3hjBEt0o
KmdvbujZthM/YLsxZVCJJhP7ADgvBLZUQSa1p4SqnEJkMY0odYdWn8e0QGdD2kCp
eFP05CfLMFo2s9fMQ0SteEPbYRNNRTMT392bKjSDBh4K8vMMvFKJkP7P1Y2JFOY8
ij+Uc/c7swdRSBNXhO5el7g7JgZ6JesH4OmVxfzLuIPagX7LSZQIWEE+Uh+v6XQt
BpQ9i1tGPSFk1euuw6RrRHKvcT27PTLcZka6XFnGZ0mmzwaY7EvNkqoSlwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPr2/NTcXjGn59sW/rgy/wOdGo6QMB8GA1UdIwQY
MBaAFG3bOLND2i0RkwntqhnHp4hwMn6+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQt
M2RmYTUxMGQ2YjE2LzEvMS12YjgxTnhlTWFmbjJ4Yi11RExfQTUwYWpwQS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNTIvYzk2MWEwLTRmNTMtNDIyYS1iN2RkLTNkZmE1MTBkNmIx
Ni8xL2JkczRzMFBhTFJHVENlMnFHY2VuaUhBeWZyNC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAG16/TAN
BgkqhkiG9w0BAQsFAAOCAQEAL9nNFLGa3hxN5AFTM2nvbIt+Tcu/fyjJSLqOJvXK
1wiF9+7GZ6K2EZ9lyzyzhgz41tnf54du6IQC7ulJKB8ngkCF01fdqqNkBVOwWph1
RKYYtNRkjgCjWqhLLSjYsiDTlPVR6xzZbsP2bn26UPhf4WKH1Dj+58GdAiQI9M/O
Ul8DOm8VH8zN5mpBpDHfjcoyjOV9vw+p4Q0m3PPL8VzqJTwE2U34P9sDoE5/zMJt
KoIbyFM1zesQw1n8ACCsCXlVa+66BL7jRx778cKbdHoyUiMQrzGSdTB97jS9FL26
nWb1ABRlzGOw1E/gipJq1E+CjgL0n+e3i54g8MgpBam47g==
-----END CERTIFICATE-----
Generated at Sun Nov 3 13:47:07 2024 by rpki-client on console-fra.rpki-client.org