Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/KWKeb0vNf2h3QMjtzQjzayxk7u0.roa
File: KWKeb0vNf2h3QMjtzQjzayxk7u0.roa (raw, json)
Hash identifier: Vxg3cD34VcQG/Hzia0qw5CoWi3IN2cbii7aVf6rTDFk=
Subject key identifier: 29:62:9E:6F:4B:CD:7F:68:77:40:C8:ED:CD:08:F3:6B:2C:64:EE:ED
Certificate issuer: /CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Certificate serial: 01927BF38D9AB107501E8079CF5F449B200A
Authority key identifier: 6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/KWKeb0vNf2h3QMjtzQjzayxk7u0.roa
Signing time: Fri 11 Oct 2024 14:20:11 +0000
ROA not before: Fri 11 Oct 2024 14:20:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60808
IP address blocks: 109.122.240.0/20 maxlen: 24
109.122.246.0/23 maxlen: 23
109.122.246.0/24 maxlen: 24
109.122.249.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 03 Nov 2024 10:12:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:7b:f3:8d:9a:b1:07:50:1e:80:79:cf:5f:44:9b:20:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Validity
Not Before: Oct 11 14:20:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=29629e6f4bcd7f687740c8edcd08f36b2c64eeed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:ed:29:b4:0e:84:a8:a6:9d:33:21:42:f4:9f:
0e:7d:23:37:bf:cc:3d:3a:d1:aa:e4:5a:56:29:94:
21:0d:13:03:0b:83:c5:98:82:6f:18:9a:55:ec:74:
4c:2b:f8:5c:8c:b7:c3:e0:df:93:90:b4:07:d0:27:
58:d3:66:f7:78:41:fa:f5:e9:5d:15:e6:17:b7:69:
94:41:50:4c:6c:b6:3d:26:90:98:64:7d:a7:f9:bc:
ef:ea:a1:06:c8:49:c3:94:32:b1:61:61:bb:4a:13:
8a:8e:90:5b:f5:27:33:ac:c3:61:08:2f:1a:5d:8e:
4d:8e:9c:b9:c1:2f:41:62:f0:05:34:dd:80:0f:04:
c7:b2:dc:06:c6:9e:1b:66:98:68:0c:55:1e:2e:45:
6a:32:a0:92:6f:93:59:a5:9e:21:c0:fc:68:35:e9:
d0:08:99:84:c1:af:85:3c:a0:3d:de:2c:54:fe:dd:
79:66:ea:17:5a:29:81:af:39:fb:d9:20:2f:f9:89:
f1:72:07:f4:27:64:24:6b:15:40:77:fe:03:b7:46:
e9:31:4c:54:cb:40:cc:22:35:92:12:40:5d:fd:8d:
ca:31:7d:9b:55:66:ad:0a:49:09:e6:d9:73:62:67:
e9:34:80:00:eb:2a:31:e7:23:be:2d:88:fd:cc:f1:
fa:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:62:9E:6F:4B:CD:7F:68:77:40:C8:ED:CD:08:F3:6B:2C:64:EE:ED
X509v3 Authority Key Identifier:
keyid:6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/KWKeb0vNf2h3QMjtzQjzayxk7u0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/bds4s0PaLRGTCe2qGceniHAyfr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.122.240.0/20
Signature Algorithm: sha256WithRSAEncryption
b2:71:cb:14:16:60:82:68:37:bc:57:ad:17:fc:e3:f8:92:93:
3c:fd:a4:47:6d:b0:d0:fa:30:77:2b:4e:7d:b0:65:6e:57:1b:
12:db:dd:2e:a5:2c:2c:a4:31:d9:0a:6d:cb:0c:98:a1:e7:63:
de:d7:88:4d:51:b0:77:2e:2c:75:56:43:fe:b5:1f:eb:5c:a3:
ad:de:8c:17:9f:0c:f5:cf:49:c9:4f:b7:8e:ed:3d:5a:9e:bd:
a4:82:cc:8a:03:72:68:46:e2:7d:33:08:dd:8a:e5:0e:95:56:
ce:da:a9:af:6b:47:61:ef:60:ab:cc:f0:6d:a6:05:70:b2:cf:
fd:f6:03:db:09:7e:92:30:0f:0e:58:74:05:eb:53:2b:7b:66:
25:ed:5a:91:6e:14:a0:1a:8d:ee:fc:73:4c:a6:ab:3e:92:31:
3b:a7:83:39:e9:d4:6f:66:a8:cb:79:d8:8e:b4:c2:fe:b9:d6:
bf:73:d2:1c:7a:d1:df:d6:ac:d3:b9:59:9b:4b:f5:c7:d1:0b:
6f:d8:2e:8e:ad:d0:68:30:27:99:b1:25:58:2f:06:a9:aa:2f:
e8:2b:d8:77:35:6d:49:56:f3:06:ab:6c:5f:4a:af:1b:a4:85:
3f:8d:3b:c1:74:e1:ff:de:6e:9e:82:f4:6c:61:cc:87:c7:19:
77:a6:47:63
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZJ7842asQdQHoB5z19EmyAKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkZGIzOGIzNDNkYTJkMTE5MzA5ZWRhYTE5YzdhNzg4NzAz
MjdlYmUwHhcNMjQxMDExMTQyMDExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTYyOWU2ZjRiY2Q3ZjY4Nzc0MGM4ZWRjZDA4ZjM2YjJjNjRlZWVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAke0ptA6EqKadMyFC9J8OfSM3v8w9
OtGq5FpWKZQhDRMDC4PFmIJvGJpV7HRMK/hcjLfD4N+TkLQH0CdY02b3eEH69eld
FeYXt2mUQVBMbLY9JpCYZH2n+bzv6qEGyEnDlDKxYWG7ShOKjpBb9SczrMNhCC8a
XY5Njpy5wS9BYvAFNN2ADwTHstwGxp4bZphoDFUeLkVqMqCSb5NZpZ4hwPxoNenQ
CJmEwa+FPKA93ixU/t15ZuoXWimBrzn72SAv+Ynxcgf0J2QkaxVAd/4Dt0bpMUxU
y0DMIjWSEkBd/Y3KMX2bVWatCkkJ5tlzYmfpNIAA6yox5yO+LYj9zPH6XwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFClinm9LzX9od0DI7c0I82ssZO7tMB8GA1UdIwQY
MBaAFG3bOLND2i0RkwntqhnHp4hwMn6+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQt
M2RmYTUxMGQ2YjE2LzEvS1dLZWIwdk5mMmgzUU1qdHpRanpheXhrN3UwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQtM2RmYTUxMGQ2YjE2
LzEvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEbXrwMA0G
CSqGSIb3DQEBCwUAA4IBAQCyccsUFmCCaDe8V60X/OP4kpM8/aRHbbDQ+jB3K059
sGVuVxsS290upSwspDHZCm3LDJih52Pe14hNUbB3Lix1VkP+tR/rXKOt3owXnwz1
z0nJT7eO7T1anr2kgsyKA3JoRuJ9MwjdiuUOlVbO2qmva0dh72CrzPBtpgVwss/9
9gPbCX6SMA8OWHQF61Mre2Yl7VqRbhSgGo3u/HNMpqs+kjE7p4M56dRvZqjLediO
tML+uda/c9IcetHf1qzTuVmbS/XH0Qtv2C6OrdBoMCeZsSVYLwapqi/oK9h3NW1J
VvMGq2xfSq8bpIU/jTvBdOH/3m6egvRsYcyHxxl3pkdj
-----END CERTIFICATE-----
Generated at Sun Nov 3 13:47:08 2024 by rpki-client on console-fra.rpki-client.org