Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/my3b9fGnIR2yTxJRq4siby8Dol8.roa
File: my3b9fGnIR2yTxJRq4siby8Dol8.roa (raw, json)
Hash identifier: 9d4Nwc/cvl+Z+VrjSPkjJFSwT2XxGUVstTWuZSWgQJE=
Subject key identifier: 9B:2D:DB:F5:F1:A7:21:1D:B2:4F:12:51:AB:8B:22:6F:2F:03:A2:5F
Certificate issuer: /CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Certificate serial: 0193354710DEC5AEE57AB875D6E98CEEAA88
Authority key identifier: 6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/my3b9fGnIR2yTxJRq4siby8Dol8.roa
Signing time: Sat 16 Nov 2024 14:01:10 +0000
ROA not before: Sat 16 Nov 2024 14:01:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214526
IP address blocks: 109.122.240.0/20 maxlen: 24
109.122.249.0/24 maxlen: 24
109.122.252.0/24 maxlen: 24
188.212.99.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 21 Nov 2024 18:22:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:35:47:10:de:c5:ae:e5:7a:b8:75:d6:e9:8c:ee:aa:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Validity
Not Before: Nov 16 14:01:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9b2ddbf5f1a7211db24f1251ab8b226f2f03a25f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:09:85:5e:ab:98:c3:b0:d1:68:9f:d8:41:96:
26:43:d4:a6:9f:77:f6:10:22:07:8b:9e:e3:11:5c:
b9:65:4d:9f:a6:cc:6b:0f:d0:89:58:58:ad:30:fb:
35:82:de:7f:45:d5:cb:ae:4e:48:8a:fc:ef:73:ea:
30:94:38:2e:d7:de:2b:53:30:c2:66:dc:13:19:4d:
f0:24:6c:8f:84:2f:80:d7:b3:c4:67:9e:84:62:cc:
de:08:e6:6f:0d:ec:8a:0a:6a:d2:ef:eb:a5:26:0c:
17:24:c0:5a:1e:44:93:d7:94:91:d2:7b:a3:8c:53:
c3:05:54:6d:65:19:0d:82:0e:85:c3:17:a1:9c:95:
08:bb:2c:23:94:19:ed:3e:f1:b0:6f:69:82:8e:64:
01:db:9f:9c:f8:cb:97:72:84:67:f9:ed:57:e4:84:
6b:6c:36:76:cf:b9:df:27:79:d7:f3:49:e4:b0:18:
49:4d:06:0d:01:27:a3:b0:47:ca:f6:ce:0b:46:8b:
aa:ff:85:18:c0:a2:1f:55:67:ef:13:df:32:06:49:
c4:d6:6d:65:c0:2c:02:78:74:f0:43:84:01:8a:f7:
a0:e8:40:dc:b6:9f:fc:08:f0:ba:d2:73:fd:66:cf:
d2:5b:8e:a3:c9:f0:23:2a:6e:50:c7:af:72:a9:85:
e8:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:2D:DB:F5:F1:A7:21:1D:B2:4F:12:51:AB:8B:22:6F:2F:03:A2:5F
X509v3 Authority Key Identifier:
keyid:6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/my3b9fGnIR2yTxJRq4siby8Dol8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/bds4s0PaLRGTCe2qGceniHAyfr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.122.240.0/20
188.212.99.0/24
Signature Algorithm: sha256WithRSAEncryption
aa:8a:a0:1e:43:7c:a8:25:25:ba:54:95:17:1e:9b:8a:ac:c6:
8a:eb:9e:92:64:22:29:cf:d0:ab:a1:60:9d:e5:2e:2f:1b:bc:
1d:b2:b9:40:4c:8a:8f:1f:80:f8:f7:67:1c:36:99:c0:c1:e9:
f4:64:38:35:94:31:12:aa:e2:02:65:b4:3e:29:4f:70:42:94:
36:f7:a9:29:d4:d4:c2:d3:33:c6:11:12:08:c5:43:26:18:0a:
7c:3a:6f:ee:d0:ec:ac:39:d6:db:f5:54:39:2e:9b:23:b0:e9:
7d:0b:ad:5e:83:37:0e:b6:1b:22:f3:5e:c5:b3:86:4a:97:a8:
75:31:ad:6e:3e:ef:dd:0d:65:23:b7:da:8e:bb:33:6b:52:31:
ce:2e:b9:b5:bb:9b:1b:20:60:79:6e:2f:be:03:a3:d8:99:bf:
7e:fd:e5:a7:6e:c0:8f:eb:0f:5d:dd:ff:d1:83:87:63:a5:08:
e0:6a:5a:0b:7a:ae:ea:62:63:23:17:c7:f0:30:8a:fc:fe:c3:
f1:2c:d6:73:62:3b:5d:d1:2f:20:f7:e6:e1:41:e4:af:d9:b9:
af:57:db:db:c6:08:b5:be:a4:70:a9:ea:b8:8a:73:30:b5:26:
fd:fb:c9:b2:43:d5:40:ac:95:ac:13:65:7e:62:b4:2e:dc:9c:
23:d6:de:29
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZM1RxDexa7lerh11umM7qqIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkZGIzOGIzNDNkYTJkMTE5MzA5ZWRhYTE5YzdhNzg4NzAz
MjdlYmUwHhcNMjQxMTE2MTQwMTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YjJkZGJmNWYxYTcyMTFkYjI0ZjEyNTFhYjhiMjI2ZjJmMDNhMjVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApAmFXquYw7DRaJ/YQZYmQ9Smn3f2
ECIHi57jEVy5ZU2fpsxrD9CJWFitMPs1gt5/RdXLrk5Iivzvc+owlDgu194rUzDC
ZtwTGU3wJGyPhC+A17PEZ56EYszeCOZvDeyKCmrS7+ulJgwXJMBaHkST15SR0nuj
jFPDBVRtZRkNgg6FwxehnJUIuywjlBntPvGwb2mCjmQB25+c+MuXcoRn+e1X5IRr
bDZ2z7nfJ3nX80nksBhJTQYNASejsEfK9s4LRouq/4UYwKIfVWfvE98yBknE1m1l
wCwCeHTwQ4QBiveg6EDctp/8CPC60nP9Zs/SW46jyfAjKm5Qx69yqYXoDwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJst2/XxpyEdsk8SUauLIm8vA6JfMB8GA1UdIwQY
MBaAFG3bOLND2i0RkwntqhnHp4hwMn6+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQt
M2RmYTUxMGQ2YjE2LzEvbXkzYjlmR25JUjJ5VHhKUnE0c2lieThEb2w4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQtM2RmYTUxMGQ2YjE2
LzEvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQEbXrwAwQA
vNRjMA0GCSqGSIb3DQEBCwUAA4IBAQCqiqAeQ3yoJSW6VJUXHpuKrMaK656SZCIp
z9CroWCd5S4vG7wdsrlATIqPH4D492ccNpnAwen0ZDg1lDESquICZbQ+KU9wQpQ2
96kp1NTC0zPGERIIxUMmGAp8Om/u0OysOdbb9VQ5LpsjsOl9C61egzcOthsi817F
s4ZKl6h1Ma1uPu/dDWUjt9qOuzNrUjHOLrm1u5sbIGB5bi++A6PYmb9+/eWnbsCP
6w9d3f/Rg4djpQjgaloLeq7qYmMjF8fwMIr8/sPxLNZzYjtd0S8g9+bhQeSv2bmv
V9vbxgi1vqRwqeq4inMwtSb9+8myQ9VArJWsE2V+YrQu3Jwj1t4p
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:58:32 2024 by rpki-client on console-ams.rpki-client.org