Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/T6dxkJY1KWzsYE02Q-hj13x3gNA.roa
File: T6dxkJY1KWzsYE02Q-hj13x3gNA.roa (raw, json)
Hash identifier: yMKPIYMLW/JbBo9Y8Wx6DbhdHHbRvls0Pe1jODuuZD8=
Subject key identifier: 4F:A7:71:90:96:35:29:6C:EC:60:4D:36:43:E8:63:D7:7C:77:80:D0
Certificate issuer: /CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Certificate serial: 01922B52A2E1C9E2E0589769FD9B2ED1EC1D
Authority key identifier: 6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/T6dxkJY1KWzsYE02Q-hj13x3gNA.roa
Signing time: Wed 25 Sep 2024 22:34:48 +0000
ROA not before: Wed 25 Sep 2024 22:34:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62048
IP address blocks: 109.122.240.0/24 maxlen: 24
109.122.242.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 14 Dec 2024 10:48:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:2b:52:a2:e1:c9:e2:e0:58:97:69:fd:9b:2e:d1:ec:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Validity
Not Before: Sep 25 22:34:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4fa771909635296cec604d3643e863d77c7780d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:bf:9e:7a:d6:a4:ce:72:d9:74:92:75:cd:35:
e6:7d:a1:19:2e:93:6a:ed:cb:8d:3d:be:3a:d6:22:
a9:0c:4c:32:fe:e3:2b:28:ce:dc:ca:1b:f4:fc:70:
b3:83:e8:84:3a:cd:be:4d:5c:a5:06:5f:8d:6e:a3:
9a:96:71:7a:5c:72:19:a5:58:8d:69:6f:14:26:03:
c4:5e:6e:1f:15:c2:8e:50:78:38:74:ca:bb:b9:55:
07:a2:f3:a9:bf:8c:e0:f6:6c:17:45:c3:99:d7:e2:
ec:ac:da:3e:e2:83:bc:7c:6e:0b:27:89:dc:7f:06:
83:0e:b1:0e:88:c8:0d:e2:f4:84:63:60:8a:db:86:
e0:09:cb:3b:63:fc:2a:f3:50:bd:fa:22:22:dc:28:
ba:38:1e:b7:25:54:35:53:7e:b2:c4:7e:87:8c:cf:
50:3a:34:0e:72:90:28:bf:a0:43:d0:4c:10:ee:62:
bf:00:c2:73:97:1f:08:14:c8:7e:99:9e:ca:6c:c3:
19:aa:be:95:64:0d:c1:cd:ea:80:c5:5d:45:5b:a3:
a2:68:3c:5e:52:1c:3c:51:97:50:d3:ba:c8:3b:4f:
e8:35:04:72:ff:7e:ec:8e:12:b0:48:80:d8:a8:ac:
e7:40:ba:30:df:ba:0f:e1:21:5e:41:17:dd:e3:98:
7c:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:A7:71:90:96:35:29:6C:EC:60:4D:36:43:E8:63:D7:7C:77:80:D0
X509v3 Authority Key Identifier:
keyid:6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/T6dxkJY1KWzsYE02Q-hj13x3gNA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/bds4s0PaLRGTCe2qGceniHAyfr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.122.240.0/24
109.122.242.0/24
Signature Algorithm: sha256WithRSAEncryption
8b:31:3a:93:7f:77:41:31:6c:8e:bf:30:85:d0:08:bf:6d:f5:
79:8d:c7:f9:df:3d:67:9a:b2:1c:44:63:03:6c:f0:d3:1d:c7:
6b:88:c3:93:2b:7b:c0:b8:09:d5:38:d4:40:aa:d8:be:93:6c:
ba:fa:b0:00:61:e2:fc:79:eb:c9:d1:43:09:53:11:76:69:b7:
21:f1:4e:a3:2c:2d:ae:4f:ed:de:5a:c5:f8:0b:ca:67:d3:2c:
c6:75:cc:80:15:62:eb:39:f5:9f:34:7c:f4:5b:64:2f:9b:e0:
44:86:8d:1e:62:4f:14:7f:f4:a0:90:10:14:68:84:db:e4:cc:
64:ca:5e:5e:c3:63:d9:1e:c3:ef:e4:c9:ad:8c:38:52:de:94:
b2:f1:4c:86:91:64:fa:dd:65:84:71:bf:dd:bb:73:38:56:cd:
56:0d:96:7c:04:d7:0b:ec:f0:f3:43:6c:17:4a:ba:56:7c:ab:
33:95:c3:d8:eb:98:47:c5:03:80:0e:87:39:03:b4:39:8d:6c:
a4:f0:13:6c:be:c0:58:45:a4:8c:c4:8c:e4:0b:b9:87:44:19:
b4:5f:30:be:69:c1:a5:15:dd:74:38:44:15:c6:19:51:41:19:
32:f2:5e:03:ba:36:49:e1:39:78:5d:4b:68:8d:f2:33:62:a8:
10:bd:6f:6e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZIrUqLhyeLgWJdp/Zsu0ewdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkZGIzOGIzNDNkYTJkMTE5MzA5ZWRhYTE5YzdhNzg4NzAz
MjdlYmUwHhcNMjQwOTI1MjIzNDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZmE3NzE5MDk2MzUyOTZjZWM2MDRkMzY0M2U4NjNkNzdjNzc4MGQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtb+eetakznLZdJJ1zTXmfaEZLpNq
7cuNPb461iKpDEwy/uMrKM7cyhv0/HCzg+iEOs2+TVylBl+NbqOalnF6XHIZpViN
aW8UJgPEXm4fFcKOUHg4dMq7uVUHovOpv4zg9mwXRcOZ1+LsrNo+4oO8fG4LJ4nc
fwaDDrEOiMgN4vSEY2CK24bgCcs7Y/wq81C9+iIi3Ci6OB63JVQ1U36yxH6HjM9Q
OjQOcpAov6BD0EwQ7mK/AMJzlx8IFMh+mZ7KbMMZqr6VZA3BzeqAxV1FW6OiaDxe
Uhw8UZdQ07rIO0/oNQRy/37sjhKwSIDYqKznQLow37oP4SFeQRfd45h8MwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFE+ncZCWNSls7GBNNkPoY9d8d4DQMB8GA1UdIwQY
MBaAFG3bOLND2i0RkwntqhnHp4hwMn6+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQt
M2RmYTUxMGQ2YjE2LzEvVDZkeGtKWTFLV3pzWUUwMlEtaGoxM3gzZ05BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQtM2RmYTUxMGQ2YjE2
LzEvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAbXrwAwQA
bXryMA0GCSqGSIb3DQEBCwUAA4IBAQCLMTqTf3dBMWyOvzCF0Ai/bfV5jcf53z1n
mrIcRGMDbPDTHcdriMOTK3vAuAnVONRAqti+k2y6+rAAYeL8eevJ0UMJUxF2abch
8U6jLC2uT+3eWsX4C8pn0yzGdcyAFWLrOfWfNHz0W2Qvm+BEho0eYk8Uf/SgkBAU
aITb5Mxkyl5ew2PZHsPv5MmtjDhS3pSy8UyGkWT63WWEcb/du3M4Vs1WDZZ8BNcL
7PDzQ2wXSrpWfKszlcPY65hHxQOADoc5A7Q5jWyk8BNsvsBYRaSMxIzkC7mHRBm0
XzC+acGlFd10OEQVxhlRQRky8l4DujZJ4Tl4XUtojfIzYqgQvW9u
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:20:30 2025 by rpki-client