Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/9Zy_qHhYeCfgVcIY2yd8PiMtZhY.roa
File: 9Zy_qHhYeCfgVcIY2yd8PiMtZhY.roa (raw, json)
Hash identifier: NYny5oeGwTwSrxF5iyLXO8V+RH9hm55ANGBgxSwxdzA=
Subject key identifier: F5:9C:BF:A8:78:58:78:27:E0:55:C2:18:DB:27:7C:3E:23:2D:66:16
Certificate issuer: /CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Certificate serial: 01928D9FC881A1E7C1141EBAF06263DD98EA
Authority key identifier: 6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/9Zy_qHhYeCfgVcIY2yd8PiMtZhY.roa
Signing time: Tue 15 Oct 2024 00:41:51 +0000
ROA not before: Tue 15 Oct 2024 00:41:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35372
IP address blocks: 109.122.246.0/23 maxlen: 24
109.122.249.0/24 maxlen: 24
185.239.1.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 03 Nov 2024 10:12:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:8d:9f:c8:81:a1:e7:c1:14:1e:ba:f0:62:63:dd:98:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Validity
Not Before: Oct 15 00:41:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f59cbfa878587827e055c218db277c3e232d6616
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:70:07:c7:a4:93:0f:59:b5:d8:e3:20:08:0f:
51:18:30:cb:e4:39:96:9c:43:36:09:1b:04:6d:ca:
2d:6a:c3:d9:e5:31:9b:01:39:ff:c8:4b:de:63:d8:
d9:0b:72:d8:3d:51:86:6e:21:b3:be:91:98:76:2b:
ae:63:9c:45:90:93:a2:74:7e:2c:1a:c3:19:78:a1:
25:df:b7:9a:41:22:ac:41:31:e1:18:7a:df:37:8e:
eb:71:dd:e9:08:2b:43:26:08:6a:d2:e4:18:4f:78:
6e:84:00:c7:37:71:8f:3e:52:96:5f:a7:1e:5f:1f:
35:ef:f7:9b:7a:01:98:64:5b:1e:7b:e1:99:f5:e3:
ca:99:db:63:70:26:ba:4a:00:0f:1d:1e:03:a3:e0:
62:db:95:c4:35:e1:35:10:6f:28:8c:56:b5:d7:c1:
13:c1:8c:b4:2e:5f:a6:d0:89:14:39:da:e9:d0:60:
6d:95:ce:fd:c8:97:fc:ef:c1:d8:a1:17:d0:2d:49:
9e:35:a6:43:52:71:83:3d:cf:e9:0f:bc:4c:5f:a1:
f1:f3:d2:1c:47:a8:19:3b:22:9b:3c:60:7b:08:dc:
58:2f:73:30:9c:e1:1d:bc:cb:17:6a:7a:5b:ca:6d:
24:ff:52:47:42:88:d8:35:0d:60:ca:a5:01:7a:25:
c3:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:9C:BF:A8:78:58:78:27:E0:55:C2:18:DB:27:7C:3E:23:2D:66:16
X509v3 Authority Key Identifier:
keyid:6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/9Zy_qHhYeCfgVcIY2yd8PiMtZhY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/bds4s0PaLRGTCe2qGceniHAyfr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.122.246.0/23
109.122.249.0/24
185.239.1.0/24
Signature Algorithm: sha256WithRSAEncryption
14:ba:89:bb:d1:e8:9f:95:99:72:13:b4:75:35:90:03:d1:f8:
ca:c4:1f:3e:46:4c:2c:5b:24:9d:59:2f:82:e2:61:de:1f:fb:
84:25:9c:60:a9:bb:f6:a5:09:29:4d:cb:d2:79:1c:17:22:78:
2d:bc:b7:69:30:bb:1f:2e:41:a8:54:40:c8:a0:36:ec:eb:14:
f3:67:6a:64:47:11:b6:4b:d2:56:12:9b:ed:84:1a:f5:1e:b2:
48:41:66:da:98:1b:80:f8:3b:d1:5b:b3:b1:3a:94:f0:c4:a1:
15:59:d8:8d:dd:55:ca:b8:a1:f2:ac:e5:22:e6:4a:76:d3:53:
6b:bc:98:59:57:95:59:e4:eb:07:47:e7:7f:29:a7:1c:51:7a:
f3:e6:d6:70:71:da:88:b2:ca:04:96:c8:33:82:0e:8c:3f:3a:
73:c7:1d:ac:77:ce:a2:60:01:93:01:79:21:83:81:aa:dd:7f:
df:b9:9e:02:52:2e:d1:9d:22:dd:e2:9c:33:6a:de:67:69:5f:
f5:ab:ef:b2:1a:cb:0f:c4:84:73:86:b9:3f:ad:b0:e0:9a:9a:
56:d1:37:1f:5f:e1:b6:0a:0d:b7:ad:f2:2b:d0:1b:f7:79:26:
cd:d2:7a:68:b0:8b:e6:dc:f4:da:71:d3:25:6a:ca:8d:09:3f:
8c:51:8c:73
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZKNn8iBoefBFB668GJj3ZjqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkZGIzOGIzNDNkYTJkMTE5MzA5ZWRhYTE5YzdhNzg4NzAz
MjdlYmUwHhcNMjQxMDE1MDA0MTUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTljYmZhODc4NTg3ODI3ZTA1NWMyMThkYjI3N2MzZTIzMmQ2NjE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoHAHx6STD1m12OMgCA9RGDDL5DmW
nEM2CRsEbcotasPZ5TGbATn/yEveY9jZC3LYPVGGbiGzvpGYdiuuY5xFkJOidH4s
GsMZeKEl37eaQSKsQTHhGHrfN47rcd3pCCtDJghq0uQYT3huhADHN3GPPlKWX6ce
Xx817/ebegGYZFsee+GZ9ePKmdtjcCa6SgAPHR4Do+Bi25XENeE1EG8ojFa118ET
wYy0Ll+m0IkUOdrp0GBtlc79yJf878HYoRfQLUmeNaZDUnGDPc/pD7xMX6Hx89Ic
R6gZOyKbPGB7CNxYL3MwnOEdvMsXanpbym0k/1JHQojYNQ1gyqUBeiXDCQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFPWcv6h4WHgn4FXCGNsnfD4jLWYWMB8GA1UdIwQY
MBaAFG3bOLND2i0RkwntqhnHp4hwMn6+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQt
M2RmYTUxMGQ2YjE2LzEvOVp5X3FIaFllQ2ZnVmNJWTJ5ZDhQaU10WmhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQtM2RmYTUxMGQ2YjE2
LzEvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBbXr2AwQA
bXr5AwQAue8BMA0GCSqGSIb3DQEBCwUAA4IBAQAUuom70eiflZlyE7R1NZAD0fjK
xB8+RkwsWySdWS+C4mHeH/uEJZxgqbv2pQkpTcvSeRwXIngtvLdpMLsfLkGoVEDI
oDbs6xTzZ2pkRxG2S9JWEpvthBr1HrJIQWbamBuA+DvRW7OxOpTwxKEVWdiN3VXK
uKHyrOUi5kp201NrvJhZV5VZ5OsHR+d/KaccUXrz5tZwcdqIssoElsgzgg6MPzpz
xx2sd86iYAGTAXkhg4Gq3X/fuZ4CUi7RnSLd4pwzat5naV/1q++yGssPxIRzhrk/
rbDgmppW0TcfX+G2Cg23rfIr0Bv3eSbN0nposIvm3PTacdMlasqNCT+MUYxz
-----END CERTIFICATE-----
Generated at Sun Nov 3 13:47:07 2024 by rpki-client on console-fra.rpki-client.org