Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/XEKR7E2FsAlCAwZqLd1Kn-xjZ3I.roa
File: XEKR7E2FsAlCAwZqLd1Kn-xjZ3I.roa (raw, json)
Hash identifier: quAqAUV7SAoCpFj7usZWc892+5kSKm0RbDy2MqT26Rs=
Subject key identifier: 5C:42:91:EC:4D:85:B0:09:42:03:06:6A:2D:DD:4A:9F:EC:63:67:72
Certificate issuer: /CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Certificate serial: 0192F1838704D69E2932C1E9C780F670FC54
Authority key identifier: 6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/XEKR7E2FsAlCAwZqLd1Kn-xjZ3I.roa
Signing time: Sun 03 Nov 2024 10:13:01 +0000
ROA not before: Sun 03 Nov 2024 10:13:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60808
IP address blocks: 109.122.240.0/20 maxlen: 24
109.122.249.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 05 Nov 2024 13:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:f1:83:87:04:d6:9e:29:32:c1:e9:c7:80:f6:70:fc:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Validity
Not Before: Nov 3 10:13:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5c4291ec4d85b0094203066a2ddd4a9fec636772
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:ed:2f:33:6d:0b:5e:7d:fe:12:a8:f6:f1:24:
a1:5f:ae:37:46:18:fe:1d:3e:cb:f4:57:f0:3d:bb:
c1:78:41:fa:fb:3b:c7:ec:7b:3f:d1:99:eb:d0:15:
5b:da:f7:c1:bc:3b:e3:0d:80:54:b2:84:1b:8a:19:
08:78:cf:0b:f3:f6:4f:91:79:02:fe:e9:2e:34:b1:
e2:d3:a7:a6:4b:14:5b:78:40:c7:e3:23:6e:54:39:
9a:fa:e4:b9:ed:7c:c0:83:68:bd:55:65:df:68:60:
03:90:b7:31:1c:4d:9d:0d:2d:4b:46:ba:00:2b:d3:
91:45:de:dd:c4:47:21:c3:3c:7f:dd:19:05:61:8a:
d0:a6:cf:2c:31:52:a3:b6:b1:14:a1:9a:57:31:21:
b8:4b:1c:24:e2:b6:08:4f:d7:2e:b0:7a:0d:7a:af:
ee:92:c2:03:e2:a4:d8:ee:59:06:a8:ac:4d:c3:d3:
9f:e6:88:91:a5:a8:7f:94:1f:9f:d0:bb:cc:a0:1c:
74:f1:aa:d6:a9:71:06:a1:7d:20:e3:9f:09:cf:ea:
05:a5:25:19:00:55:8b:00:2b:4d:9f:15:3f:23:f0:
74:a5:ab:19:45:ea:6e:9a:64:8c:2f:df:22:40:69:
6f:93:92:c4:8d:e5:f5:72:8b:05:41:f1:69:fc:c1:
c9:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:42:91:EC:4D:85:B0:09:42:03:06:6A:2D:DD:4A:9F:EC:63:67:72
X509v3 Authority Key Identifier:
keyid:6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/XEKR7E2FsAlCAwZqLd1Kn-xjZ3I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/bds4s0PaLRGTCe2qGceniHAyfr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.122.240.0/20
Signature Algorithm: sha256WithRSAEncryption
91:c8:aa:4a:e8:83:31:cf:75:10:b0:55:4d:a8:61:e4:13:d5:
3a:8f:51:ab:02:3b:ef:ae:6f:c9:9e:ce:8e:99:bc:1b:95:5c:
f1:ae:dc:23:cc:06:22:6a:07:10:27:9f:e8:a2:5f:bd:ca:07:
5e:f5:60:09:c3:74:ed:da:b9:1b:25:61:da:77:f0:7f:60:82:
91:f6:ea:d2:64:3d:e5:01:78:0c:99:95:29:e7:a0:1f:ad:9c:
f3:ae:c8:2d:14:7f:51:bc:ea:29:d0:74:e1:56:0d:3a:8e:12:
c8:51:13:f6:ec:21:af:34:da:e3:b6:9e:eb:b5:c7:b4:0f:8e:
b4:e8:80:f0:33:af:36:70:a6:82:d8:dd:b4:be:53:08:7c:3b:
2a:29:97:fc:9a:35:d0:1b:da:55:bf:bd:a6:c1:68:cb:30:48:
9d:92:f4:4e:63:d1:c6:bd:d6:c7:fd:94:fb:a7:04:59:dc:78:
4d:46:18:25:2a:cd:9b:2d:ef:8a:b6:7a:a3:63:d5:f4:53:1b:
f5:6e:49:54:0e:96:01:00:d2:37:17:95:88:45:f5:4c:96:12:
d0:36:a7:9d:3e:4b:09:f4:4b:57:14:d1:c6:28:2f:eb:64:e1:
3b:27:04:37:83:80:d6:a6:51:ab:73:18:62:9f:9f:8c:65:91:
5e:33:67:87
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZLxg4cE1p4pMsHpx4D2cPxUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkZGIzOGIzNDNkYTJkMTE5MzA5ZWRhYTE5YzdhNzg4NzAz
MjdlYmUwHhcNMjQxMTAzMTAxMzAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzQyOTFlYzRkODViMDA5NDIwMzA2NmEyZGRkNGE5ZmVjNjM2NzcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAre0vM20LXn3+Eqj28SShX643Rhj+
HT7L9FfwPbvBeEH6+zvH7Hs/0Znr0BVb2vfBvDvjDYBUsoQbihkIeM8L8/ZPkXkC
/ukuNLHi06emSxRbeEDH4yNuVDma+uS57XzAg2i9VWXfaGADkLcxHE2dDS1LRroA
K9ORRd7dxEchwzx/3RkFYYrQps8sMVKjtrEUoZpXMSG4Sxwk4rYIT9cusHoNeq/u
ksID4qTY7lkGqKxNw9Of5oiRpah/lB+f0LvMoBx08arWqXEGoX0g458Jz+oFpSUZ
AFWLACtNnxU/I/B0pasZRepummSML98iQGlvk5LEjeX1cosFQfFp/MHJNwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFxCkexNhbAJQgMGai3dSp/sY2dyMB8GA1UdIwQY
MBaAFG3bOLND2i0RkwntqhnHp4hwMn6+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQt
M2RmYTUxMGQ2YjE2LzEvWEVLUjdFMkZzQWxDQXdacUxkMUtuLXhqWjNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQtM2RmYTUxMGQ2YjE2
LzEvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEbXrwMA0G
CSqGSIb3DQEBCwUAA4IBAQCRyKpK6IMxz3UQsFVNqGHkE9U6j1GrAjvvrm/Jns6O
mbwblVzxrtwjzAYiagcQJ5/ool+9ygde9WAJw3Tt2rkbJWHad/B/YIKR9urSZD3l
AXgMmZUp56AfrZzzrsgtFH9RvOop0HThVg06jhLIURP27CGvNNrjtp7rtce0D460
6IDwM682cKaC2N20vlMIfDsqKZf8mjXQG9pVv72mwWjLMEidkvROY9HGvdbH/ZT7
pwRZ3HhNRhglKs2bLe+KtnqjY9X0Uxv1bklUDpYBANI3F5WIRfVMlhLQNqedPksJ
9EtXFNHGKC/rZOE7JwQ3g4DWplGrcxhin5+MZZFeM2eH
-----END CERTIFICATE-----
Generated at Tue Nov 5 16:38:35 2024 by rpki-client on console-fra.rpki-client.org