Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/6CzPZ6ljlW3nKbUJTqMqwPMCGvg.roa
File: 6CzPZ6ljlW3nKbUJTqMqwPMCGvg.roa (raw, json)
Hash identifier: Mo0Hn6s0L+Oqd2KvGUB3NVUneFHbOYYREaB/Mq8eK2A=
Subject key identifier: E8:2C:CF:67:A9:63:95:6D:E7:29:B5:09:4E:A3:2A:C0:F3:02:1A:F8
Certificate issuer: /CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Certificate serial: 01922B43FC567BFD37122FE05A6B3238A547
Authority key identifier: 6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/6CzPZ6ljlW3nKbUJTqMqwPMCGvg.roa
Signing time: Wed 25 Sep 2024 22:18:48 +0000
ROA not before: Wed 25 Sep 2024 22:18:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43395
IP address blocks: 109.122.241.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 31 Dec 2024 14:17:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:2b:43:fc:56:7b:fd:37:12:2f:e0:5a:6b:32:38:a5:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Validity
Not Before: Sep 25 22:18:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e82ccf67a963956de729b5094ea32ac0f3021af8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:4d:50:b3:64:18:d1:a5:87:a0:6a:bf:8d:b2:
42:dc:7b:16:bc:d9:9b:25:c1:4e:52:57:90:81:87:
f8:6d:de:73:4b:2c:8e:f4:ae:a2:7b:7d:f6:e5:17:
da:15:1e:39:46:3d:7e:37:bc:cf:6e:b0:4e:5f:56:
55:32:9a:ae:dd:ec:dd:04:d3:c9:20:58:0f:2c:ad:
76:ed:78:7a:32:39:90:3e:ff:d3:2f:01:9a:80:51:
f8:f4:83:2d:26:d5:e9:81:82:00:10:a6:95:af:89:
93:5d:79:fc:b2:2b:c2:1f:ec:6b:5a:ce:bd:25:95:
1b:13:7e:4c:6c:c6:81:2d:8c:7d:5b:5e:bb:46:89:
1c:e6:7d:c0:06:a4:51:d2:f7:c1:59:26:3c:07:75:
3b:f8:f2:d9:98:67:78:55:68:e6:ef:96:56:99:0c:
35:a1:b7:54:8e:a7:8b:a4:74:54:a5:07:d9:96:c2:
67:9e:b9:95:51:0d:6a:32:f0:37:a5:64:d8:fd:38:
52:db:a4:03:4b:ef:3d:82:16:10:7c:c9:64:85:b3:
1a:5f:3a:5a:e5:41:64:f1:29:89:47:39:fe:95:02:
f2:83:50:c1:dd:94:a6:e8:5c:b4:ce:c0:ad:c4:59:
3a:60:f5:5b:39:7d:13:a9:58:96:94:48:38:8e:4f:
26:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:2C:CF:67:A9:63:95:6D:E7:29:B5:09:4E:A3:2A:C0:F3:02:1A:F8
X509v3 Authority Key Identifier:
keyid:6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/6CzPZ6ljlW3nKbUJTqMqwPMCGvg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/bds4s0PaLRGTCe2qGceniHAyfr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.122.241.0/24
Signature Algorithm: sha256WithRSAEncryption
88:d1:76:3a:77:b4:c1:1d:a5:ea:93:c6:31:d1:4c:df:bc:37:
49:ca:48:6d:88:43:87:f5:27:8f:31:1f:25:b9:93:68:f6:0d:
cc:47:68:ae:66:16:28:09:40:d7:33:0b:fb:8d:aa:e5:fb:51:
aa:17:a3:bb:fb:da:76:85:28:5d:b1:cb:8c:3b:39:17:f1:dd:
e1:34:4a:74:f3:25:c9:8d:42:aa:15:90:aa:c9:a0:1d:3a:15:
be:d3:82:37:1d:b7:5e:24:dd:50:37:0f:5e:29:b6:72:7b:1e:
08:5c:45:cb:8a:8c:cd:e9:0b:a0:ed:3c:98:cb:77:ce:b7:a9:
eb:4d:8b:11:6b:c9:91:ac:2a:d9:cb:97:04:92:91:f3:21:43:
48:7d:49:98:0c:5a:d3:b1:a4:32:f2:fd:63:e9:91:6a:fd:73:
3d:14:06:1c:bc:80:5c:d5:8c:9c:e5:97:5f:68:0e:33:5b:89:
38:3f:43:f0:bd:4e:8d:5e:ba:24:bb:b4:77:72:33:67:27:4b:
39:fb:81:2a:47:67:30:fd:59:81:91:78:e4:61:4c:b8:69:b9:
5f:22:27:02:ef:f2:07:aa:bf:5b:52:98:e9:00:cc:1a:53:89:
e4:24:56:7a:80:00:e7:b6:87:74:97:ee:ab:60:85:18:e1:cd:
82:e5:46:25
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZIrQ/xWe/03Ei/gWmsyOKVHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkZGIzOGIzNDNkYTJkMTE5MzA5ZWRhYTE5YzdhNzg4NzAz
MjdlYmUwHhcNMjQwOTI1MjIxODQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlODJjY2Y2N2E5NjM5NTZkZTcyOWI1MDk0ZWEzMmFjMGYzMDIxYWY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvU1Qs2QY0aWHoGq/jbJC3HsWvNmb
JcFOUleQgYf4bd5zSyyO9K6ie3325RfaFR45Rj1+N7zPbrBOX1ZVMpqu3ezdBNPJ
IFgPLK127Xh6MjmQPv/TLwGagFH49IMtJtXpgYIAEKaVr4mTXXn8sivCH+xrWs69
JZUbE35MbMaBLYx9W167Rokc5n3ABqRR0vfBWSY8B3U7+PLZmGd4VWjm75ZWmQw1
obdUjqeLpHRUpQfZlsJnnrmVUQ1qMvA3pWTY/ThS26QDS+89ghYQfMlkhbMaXzpa
5UFk8SmJRzn+lQLyg1DB3ZSm6Fy0zsCtxFk6YPVbOX0TqViWlEg4jk8mfwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOgsz2epY5Vt5ym1CU6jKsDzAhr4MB8GA1UdIwQY
MBaAFG3bOLND2i0RkwntqhnHp4hwMn6+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQt
M2RmYTUxMGQ2YjE2LzEvNkN6UFo2bGpsVzNuS2JVSlRxTXF3UE1DR3ZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQtM2RmYTUxMGQ2YjE2
LzEvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbXrxMA0G
CSqGSIb3DQEBCwUAA4IBAQCI0XY6d7TBHaXqk8Yx0UzfvDdJykhtiEOH9SePMR8l
uZNo9g3MR2iuZhYoCUDXMwv7jarl+1GqF6O7+9p2hShdscuMOzkX8d3hNEp08yXJ
jUKqFZCqyaAdOhW+04I3HbdeJN1QNw9eKbZyex4IXEXLiozN6Qug7TyYy3fOt6nr
TYsRa8mRrCrZy5cEkpHzIUNIfUmYDFrTsaQy8v1j6ZFq/XM9FAYcvIBc1Yyc5Zdf
aA4zW4k4P0PwvU6NXroku7R3cjNnJ0s5+4EqR2cw/VmBkXjkYUy4ablfIicC7/IH
qr9bUpjpAMwaU4nkJFZ6gADntod0l+6rYIUY4c2C5UYl
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:12:57 2025 by rpki-client