Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/Cd8Jgt3fl8Ha_k_YY166JXrOSo8.roa
File: Cd8Jgt3fl8Ha_k_YY166JXrOSo8.roa (raw, json)
Hash identifier: nGLcoL6mmESSCmBcjlsnEIJSw8C5Hq2CLYCveSNbBM0=
Subject key identifier: 09:DF:09:82:DD:DF:97:C1:DA:FE:4F:D8:63:5E:BA:25:7A:CE:4A:8F
Certificate issuer: /CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Certificate serial: 01928986E5EC24EF7DCDD13E62C5A0592B5B
Authority key identifier: 6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/Cd8Jgt3fl8Ha_k_YY166JXrOSo8.roa
Signing time: Mon 14 Oct 2024 05:36:12 +0000
ROA not before: Mon 14 Oct 2024 05:36:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35372
IP address blocks: 109.122.246.0/23 maxlen: 24
109.122.249.0/24 maxlen: 24
109.122.250.0/24 maxlen: 24
185.239.1.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 15 Oct 2024 00:41:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:89:86:e5:ec:24:ef:7d:cd:d1:3e:62:c5:a0:59:2b:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Validity
Not Before: Oct 14 05:36:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=09df0982dddf97c1dafe4fd8635eba257ace4a8f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:74:04:95:e3:ef:33:6d:92:9c:70:15:75:dc:
3f:97:6c:3f:a1:4e:40:63:d8:9e:21:5f:64:4c:07:
82:15:d2:12:8c:f6:7d:dd:63:b3:53:49:65:aa:0e:
0a:e8:f5:33:04:55:ef:f8:48:ec:d3:aa:70:86:d7:
fe:a8:03:3f:a5:fe:f9:f7:72:f5:a3:ff:70:2a:37:
9a:7c:f9:fe:02:d6:e3:5f:65:72:48:09:d4:2e:dc:
4b:a5:7d:e7:76:4c:0a:6d:91:61:7d:8a:fc:a1:18:
58:55:8b:42:a3:22:00:47:9a:62:bb:f0:a1:a6:98:
2c:85:e6:c3:27:3d:2f:b1:5b:bf:93:65:cd:35:21:
21:12:8c:a3:1a:8e:f4:58:2c:da:e4:bb:bc:b6:c8:
8c:98:5d:18:1e:2a:f3:d5:a2:0c:33:4f:a2:03:d9:
96:c6:c3:f9:ec:5a:2c:e3:e6:4e:93:7d:1c:4e:b8:
66:ef:8a:0e:cc:6c:b2:4a:51:22:f0:5c:90:0f:83:
b4:b7:72:87:20:26:ad:30:c1:98:bd:2a:72:60:b6:
8c:1d:d1:14:19:92:0f:c7:4d:34:2a:11:c7:ca:15:
3e:5c:59:fe:ce:61:4e:a0:85:5f:98:a1:48:c4:a4:
df:60:75:2f:23:48:12:e0:1e:79:ab:1e:c1:8c:9f:
5f:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:DF:09:82:DD:DF:97:C1:DA:FE:4F:D8:63:5E:BA:25:7A:CE:4A:8F
X509v3 Authority Key Identifier:
keyid:6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/Cd8Jgt3fl8Ha_k_YY166JXrOSo8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/bds4s0PaLRGTCe2qGceniHAyfr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.122.246.0/23
109.122.249.0-109.122.250.255
185.239.1.0/24
Signature Algorithm: sha256WithRSAEncryption
7c:32:44:68:a0:3b:e2:69:4d:b6:a4:59:ac:86:12:9d:a9:25:
a6:94:cd:55:e3:5a:a7:9d:5e:a9:9a:a2:33:56:54:4c:f3:02:
43:8d:59:0e:da:fd:fc:4a:9e:0a:83:95:07:5f:3c:42:cf:66:
44:92:0a:2a:1d:e0:8b:98:4d:38:73:51:f7:d0:5b:95:3e:ff:
3c:f9:0d:ee:f0:e3:00:9a:4e:9f:c6:21:0d:b4:6c:9b:65:13:
36:98:86:d1:76:0f:80:0d:7f:15:07:68:ed:48:5d:b8:d3:02:
58:89:4c:77:3e:d5:ff:5d:81:87:c3:af:c0:14:a2:cb:af:b1:
b4:da:3f:6b:ac:b5:ca:51:67:08:de:2c:c9:8a:05:74:0b:e0:
6c:28:12:f0:c9:35:5d:cd:e3:83:90:95:b4:81:8d:db:6f:1f:
30:8a:b5:92:84:0d:d4:38:3c:5c:35:d6:1c:08:16:b1:cc:15:
ae:44:d3:5a:74:87:73:b1:be:47:0b:4b:16:07:67:98:a6:aa:
dc:92:19:b8:a9:0a:9e:1b:34:f2:49:fa:df:4d:84:7c:e8:78:
be:b9:4d:f7:33:90:78:a5:7b:f2:d3:03:21:97:20:67:b9:fa:
bf:f4:6d:f2:cd:85:31:db:db:35:6f:52:47:fb:77:47:2e:0b:
8a:0d:a5:da
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZKJhuXsJO99zdE+YsWgWStbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkZGIzOGIzNDNkYTJkMTE5MzA5ZWRhYTE5YzdhNzg4NzAz
MjdlYmUwHhcNMjQxMDE0MDUzNjEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOWRmMDk4MmRkZGY5N2MxZGFmZTRmZDg2MzVlYmEyNTdhY2U0YThmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkXQElePvM22SnHAVddw/l2w/oU5A
Y9ieIV9kTAeCFdISjPZ93WOzU0llqg4K6PUzBFXv+Ejs06pwhtf+qAM/pf7593L1
o/9wKjeafPn+AtbjX2VySAnULtxLpX3ndkwKbZFhfYr8oRhYVYtCoyIAR5piu/Ch
ppgshebDJz0vsVu/k2XNNSEhEoyjGo70WCza5Lu8tsiMmF0YHirz1aIMM0+iA9mW
xsP57Fos4+ZOk30cTrhm74oOzGyySlEi8FyQD4O0t3KHICatMMGYvSpyYLaMHdEU
GZIPx000KhHHyhU+XFn+zmFOoIVfmKFIxKTfYHUvI0gS4B55qx7BjJ9fFwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFAnfCYLd35fB2v5P2GNeuiV6zkqPMB8GA1UdIwQY
MBaAFG3bOLND2i0RkwntqhnHp4hwMn6+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQt
M2RmYTUxMGQ2YjE2LzEvQ2Q4Smd0M2ZsOEhhX2tfWVkxNjZKWHJPU284LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQtM2RmYTUxMGQ2YjE2
LzEvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQBbXr2MAwD
BABtevkDBABtevoDBAC57wEwDQYJKoZIhvcNAQELBQADggEBAHwyRGigO+JpTbak
WayGEp2pJaaUzVXjWqedXqmaojNWVEzzAkONWQ7a/fxKngqDlQdfPELPZkSSCiod
4IuYTThzUffQW5U+/zz5De7w4wCaTp/GIQ20bJtlEzaYhtF2D4ANfxUHaO1IXbjT
AliJTHc+1f9dgYfDr8AUosuvsbTaP2ustcpRZwjeLMmKBXQL4GwoEvDJNV3N44OQ
lbSBjdtvHzCKtZKEDdQ4PFw11hwIFrHMFa5E01p0h3OxvkcLSxYHZ5imqtySGbip
Cp4bNPJJ+t9NhHzoeL65TfczkHile/LTAyGXIGe5+r/0bfLNhTHb2zVvUkf7d0cu
C4oNpdo=
-----END CERTIFICATE-----
Generated at Tue Oct 15 02:17:11 2024 by rpki-client on console-fra.rpki-client.org