Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/kKHUtEIUiNCSIjaD003rEbnlImY.roa
File: kKHUtEIUiNCSIjaD003rEbnlImY.roa (raw, json)
Hash identifier: pDp6dvANHJlhZOEgS/T823I2Vew9/C/0jIKCDyAfz9E=
Subject key identifier: 90:A1:D4:B4:42:14:88:D0:92:22:36:83:D3:4D:EB:11:B9:E5:22:66
Certificate issuer: /CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Certificate serial: 01927BCC2F748541EA1AB698E9B155E6FC86
Authority key identifier: 6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/kKHUtEIUiNCSIjaD003rEbnlImY.roa
Signing time: Fri 11 Oct 2024 13:37:11 +0000
ROA not before: Fri 11 Oct 2024 13:37:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35372
IP address blocks: 109.122.246.0/23 maxlen: 24
109.122.249.0/24 maxlen: 24
109.122.250.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 14 Oct 2024 05:36:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:7b:cc:2f:74:85:41:ea:1a:b6:98:e9:b1:55:e6:fc:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Validity
Not Before: Oct 11 13:37:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=90a1d4b4421488d092223683d34deb11b9e52266
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:79:88:db:cd:01:b5:0f:59:f2:b0:93:af:19:
dd:99:aa:08:d2:45:8d:23:56:e2:32:f0:c1:03:3a:
f6:a3:23:50:0a:5d:bf:8a:73:ff:28:3b:64:10:7d:
05:f6:b9:32:6e:22:9e:fb:ae:73:79:1f:c0:5a:06:
14:43:34:6f:2b:8a:44:37:bf:ee:1e:92:ff:2e:d8:
e8:66:52:3b:f1:82:c7:a8:1e:bb:81:aa:11:f1:b5:
e9:f4:00:d4:a9:73:c6:14:bb:63:cd:9d:00:9b:4e:
7f:f6:51:41:c5:df:2b:61:26:a6:c0:1c:4e:81:4c:
96:e9:ef:b5:66:3b:ed:c5:04:7c:b1:9a:36:cb:3a:
d1:3e:0f:f8:aa:6c:91:84:12:35:d7:56:5e:36:6f:
62:01:68:b6:84:7c:43:5f:89:f7:4b:20:b6:93:0f:
0e:7b:86:b9:26:68:e5:99:56:91:0d:2b:a0:ed:87:
27:5d:fe:bd:18:36:e2:35:f8:56:bc:a6:da:57:f8:
d7:ea:b6:db:6c:e6:7d:37:94:c4:c1:95:9f:20:79:
fa:2e:fc:5c:09:06:49:bc:77:e9:ee:cf:46:c2:f8:
ef:8e:15:91:e8:ab:91:38:d9:6e:7d:e7:ca:c3:4c:
23:96:d0:68:b4:24:1e:5a:90:cf:68:46:ea:62:c0:
eb:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:A1:D4:B4:42:14:88:D0:92:22:36:83:D3:4D:EB:11:B9:E5:22:66
X509v3 Authority Key Identifier:
keyid:6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/kKHUtEIUiNCSIjaD003rEbnlImY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/bds4s0PaLRGTCe2qGceniHAyfr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.122.246.0/23
109.122.249.0-109.122.250.255
Signature Algorithm: sha256WithRSAEncryption
3e:1d:1a:59:48:0c:92:47:a7:06:df:3f:1e:de:8c:02:34:04:
e1:e4:4f:b5:0f:e1:3a:a6:a4:68:17:e0:ae:88:73:ee:c9:82:
33:4b:c5:37:93:d9:cf:09:68:7a:9f:0e:3b:d0:26:a1:16:15:
74:2b:43:d0:6e:2b:56:fb:f9:86:bc:fd:e8:2d:d7:b9:85:6b:
5d:a5:48:67:30:de:12:f6:26:67:cb:26:32:8e:d1:a6:a8:08:
db:42:7e:5e:98:eb:5e:1f:72:d1:0d:f2:45:9a:0f:1b:06:98:
82:57:98:27:c3:b5:42:b7:3a:86:3c:4b:78:3f:5d:61:74:71:
74:ee:7c:22:b2:81:2b:44:a8:68:ff:02:ad:95:b4:47:6c:00:
db:91:09:36:56:25:df:ea:69:4b:35:61:d9:a6:02:98:68:c1:
21:d8:2f:bf:8f:be:9e:87:83:3d:c6:1e:a8:01:b1:ab:44:d2:
48:1e:84:46:ae:be:18:92:f7:3c:9a:03:67:92:0d:80:02:53:
6b:19:9f:47:82:f4:88:f5:bb:3c:79:90:8a:a3:8c:cf:3f:a5:
6d:ad:d5:5b:12:38:44:bd:4d:1e:ce:24:a4:48:86:2a:14:ff:
00:f9:24:17:9a:19:66:70:78:2f:2f:94:24:f6:3d:e1:07:10:
60:e7:1a:50
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZJ7zC90hUHqGraY6bFV5vyGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkZGIzOGIzNDNkYTJkMTE5MzA5ZWRhYTE5YzdhNzg4NzAz
MjdlYmUwHhcNMjQxMDExMTMzNzExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MGExZDRiNDQyMTQ4OGQwOTIyMjM2ODNkMzRkZWIxMWI5ZTUyMjY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwHmI280BtQ9Z8rCTrxndmaoI0kWN
I1biMvDBAzr2oyNQCl2/inP/KDtkEH0F9rkybiKe+65zeR/AWgYUQzRvK4pEN7/u
HpL/LtjoZlI78YLHqB67gaoR8bXp9ADUqXPGFLtjzZ0Am05/9lFBxd8rYSamwBxO
gUyW6e+1ZjvtxQR8sZo2yzrRPg/4qmyRhBI111ZeNm9iAWi2hHxDX4n3SyC2kw8O
e4a5JmjlmVaRDSug7YcnXf69GDbiNfhWvKbaV/jX6rbbbOZ9N5TEwZWfIHn6Lvxc
CQZJvHfp7s9GwvjvjhWR6KuRONlufefKw0wjltBotCQeWpDPaEbqYsDrrQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFJCh1LRCFIjQkiI2g9NN6xG55SJmMB8GA1UdIwQY
MBaAFG3bOLND2i0RkwntqhnHp4hwMn6+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQt
M2RmYTUxMGQ2YjE2LzEva0tIVXRFSVVpTkNTSWphRDAwM3JFYm5sSW1ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQtM2RmYTUxMGQ2YjE2
LzEvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQBbXr2MAwD
BABtevkDBABtevowDQYJKoZIhvcNAQELBQADggEBAD4dGllIDJJHpwbfPx7ejAI0
BOHkT7UP4TqmpGgX4K6Ic+7JgjNLxTeT2c8JaHqfDjvQJqEWFXQrQ9BuK1b7+Ya8
/egt17mFa12lSGcw3hL2JmfLJjKO0aaoCNtCfl6Y614fctEN8kWaDxsGmIJXmCfD
tUK3OoY8S3g/XWF0cXTufCKygStEqGj/Aq2VtEdsANuRCTZWJd/qaUs1YdmmApho
wSHYL7+Pvp6Hgz3GHqgBsatE0kgehEauvhiS9zyaA2eSDYACU2sZn0eC9Ij1uzx5
kIqjjM8/pW2t1VsSOES9TR7OJKRIhioU/wD5JBeaGWZweC8vlCT2PeEHEGDnGlA=
-----END CERTIFICATE-----
Generated at Mon Oct 14 07:27:47 2024 by rpki-client on console-ams.rpki-client.org