Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/fxd8tNkzt1miVfyJpNnClfCbGV0.roa
File: fxd8tNkzt1miVfyJpNnClfCbGV0.roa (raw, json)
Hash identifier: MmIhfn0du0gUdZV7yOAkS2Q5wgUJPLJ7ZHu3HE4PPXo=
Subject key identifier: 7F:17:7C:B4:D9:33:B7:59:A2:55:FC:89:A4:D9:C2:95:F0:9B:19:5D
Certificate issuer: /CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Certificate serial: 01931B062EAEA6151E51F763F4D20496D2C2
Authority key identifier: 6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/fxd8tNkzt1miVfyJpNnClfCbGV0.roa
Signing time: Mon 11 Nov 2024 11:40:10 +0000
ROA not before: Mon 11 Nov 2024 11:40:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214526
IP address blocks: 109.122.249.0/24 maxlen: 24
109.122.252.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 13 Nov 2024 11:01:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:1b:06:2e:ae:a6:15:1e:51:f7:63:f4:d2:04:96:d2:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Validity
Not Before: Nov 11 11:40:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7f177cb4d933b759a255fc89a4d9c295f09b195d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:f1:02:db:10:48:25:b5:c0:4d:11:71:f7:3e:
6f:5f:30:2d:cf:06:12:5b:73:68:78:d9:2c:2a:ac:
2b:19:51:d5:13:00:80:51:ac:4f:d8:e2:0a:10:d4:
80:ae:eb:fd:55:6e:9f:27:84:7e:62:81:a9:a7:8a:
8a:79:ca:54:41:24:cc:63:a7:f8:9d:7a:12:59:01:
64:57:91:a7:a3:99:a0:03:a5:c3:db:11:99:77:b3:
04:ec:5f:b2:e9:73:47:79:c1:a4:aa:0c:df:16:15:
bc:20:fc:83:90:09:01:77:0a:ab:13:5e:cd:c6:78:
9b:93:7b:4d:ec:8a:ad:5e:fc:96:ca:b2:64:c9:d8:
0b:bb:a9:ed:25:8e:2c:f1:83:4a:ff:4f:d1:3a:61:
b1:9f:c3:67:68:ae:a1:71:e5:cb:cd:67:ab:cd:66:
de:7e:70:1e:4b:7d:e3:39:1c:27:e9:29:9a:52:f7:
01:68:e5:7a:95:8e:68:66:f0:c6:38:a4:66:e8:96:
80:1e:7d:c8:ce:a5:6a:76:a6:6d:5f:5b:24:c9:d3:
cc:53:29:b7:4e:e6:03:05:f2:fc:b8:b9:1c:27:f8:
b1:38:2b:b0:6b:1d:4e:d1:44:8f:3f:4b:a7:99:e6:
f5:fe:bd:68:fa:51:eb:8e:6f:68:13:44:3c:96:38:
6f:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:17:7C:B4:D9:33:B7:59:A2:55:FC:89:A4:D9:C2:95:F0:9B:19:5D
X509v3 Authority Key Identifier:
keyid:6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/fxd8tNkzt1miVfyJpNnClfCbGV0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/bds4s0PaLRGTCe2qGceniHAyfr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.122.249.0/24
109.122.252.0/24
Signature Algorithm: sha256WithRSAEncryption
3a:ee:9f:ee:1a:4b:e3:98:03:fe:1e:77:2d:be:03:9e:e0:c1:
c8:90:0b:97:d6:d6:a4:73:c8:45:49:ff:e3:8e:5b:20:1f:50:
55:03:1c:98:81:ef:00:67:8a:90:1f:3e:a8:78:de:95:7e:76:
00:12:14:7f:6e:78:ef:01:2e:8b:83:f2:46:2c:f9:00:86:cb:
e0:48:37:d5:7e:1a:8d:5d:6e:1e:57:ba:2c:ee:3b:51:a9:a1:
dc:ba:40:d0:ef:33:33:fc:2b:9b:3e:20:9f:d4:e4:7f:7b:49:
81:bf:23:95:c5:df:db:f7:1b:58:46:ed:0e:f6:d5:7c:81:5c:
82:81:6d:51:10:f7:28:c3:ce:d7:5c:04:66:15:0f:bc:3c:dd:
ad:a3:8e:69:d2:9d:e4:73:03:ae:ab:15:35:02:03:ae:0e:50:
b7:da:1a:51:7f:8f:bc:26:2c:d6:1a:8e:e3:3b:29:b5:e1:e9:
1e:5b:c9:70:a7:41:6f:8c:94:72:e7:35:7c:b7:3b:8e:b5:8d:
a7:15:b8:aa:d6:7a:9d:db:c1:cb:ce:cd:b7:a0:dd:15:77:dd:
8f:71:c0:97:47:22:00:ef:db:9e:9c:12:01:15:c2:ea:ea:55:
4e:67:a0:29:be:fc:49:43:00:f8:4f:cf:2a:8d:fc:ad:a7:75:
db:94:00:bc
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZMbBi6uphUeUfdj9NIEltLCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkZGIzOGIzNDNkYTJkMTE5MzA5ZWRhYTE5YzdhNzg4NzAz
MjdlYmUwHhcNMjQxMTExMTE0MDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZjE3N2NiNGQ5MzNiNzU5YTI1NWZjODlhNGQ5YzI5NWYwOWIxOTVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu/EC2xBIJbXATRFx9z5vXzAtzwYS
W3NoeNksKqwrGVHVEwCAUaxP2OIKENSAruv9VW6fJ4R+YoGpp4qKecpUQSTMY6f4
nXoSWQFkV5Gno5mgA6XD2xGZd7ME7F+y6XNHecGkqgzfFhW8IPyDkAkBdwqrE17N
xnibk3tN7IqtXvyWyrJkydgLu6ntJY4s8YNK/0/ROmGxn8NnaK6hceXLzWerzWbe
fnAeS33jORwn6SmaUvcBaOV6lY5oZvDGOKRm6JaAHn3IzqVqdqZtX1skydPMUym3
TuYDBfL8uLkcJ/ixOCuwax1O0USPP0unmeb1/r1o+lHrjm9oE0Q8ljhvtwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFH8XfLTZM7dZolX8iaTZwpXwmxldMB8GA1UdIwQY
MBaAFG3bOLND2i0RkwntqhnHp4hwMn6+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQt
M2RmYTUxMGQ2YjE2LzEvZnhkOHROa3p0MW1pVmZ5SnBObkNsZkNiR1YwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQtM2RmYTUxMGQ2YjE2
LzEvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAbXr5AwQA
bXr8MA0GCSqGSIb3DQEBCwUAA4IBAQA67p/uGkvjmAP+HnctvgOe4MHIkAuX1tak
c8hFSf/jjlsgH1BVAxyYge8AZ4qQHz6oeN6VfnYAEhR/bnjvAS6Lg/JGLPkAhsvg
SDfVfhqNXW4eV7os7jtRqaHcukDQ7zMz/CubPiCf1OR/e0mBvyOVxd/b9xtYRu0O
9tV8gVyCgW1REPcow87XXARmFQ+8PN2to45p0p3kcwOuqxU1AgOuDlC32hpRf4+8
JizWGo7jOym14ekeW8lwp0FvjJRy5zV8tzuOtY2nFbiq1nqd28HLzs23oN0Vd92P
ccCXRyIA79uenBIBFcLq6lVOZ6ApvvxJQwD4T88qjfytp3XblAC8
-----END CERTIFICATE-----
Generated at Wed Nov 13 14:06:16 2024 by rpki-client on console-ams.rpki-client.org