Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/rvy9wg0tgX133xpLdg_TXOZem0k.roa
File: rvy9wg0tgX133xpLdg_TXOZem0k.roa (raw, json)
Hash identifier: L0bx2fZy/nJnrRB+Mm3nOGM7VthK1laho4rju9YuVxQ=
Subject key identifier: AE:FC:BD:C2:0D:2D:81:7D:77:DF:1A:4B:76:0F:D3:5C:E6:5E:9B:49
Certificate issuer: /CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Certificate serial: 0192F1829BE998A1486F9F6679C24128D883
Authority key identifier: 6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/rvy9wg0tgX133xpLdg_TXOZem0k.roa
Signing time: Sun 03 Nov 2024 10:12:01 +0000
ROA not before: Sun 03 Nov 2024 10:12:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35372
IP address blocks: 109.122.249.0/24 maxlen: 24
185.239.1.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 11 Nov 2024 11:40:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:f1:82:9b:e9:98:a1:48:6f:9f:66:79:c2:41:28:d8:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Validity
Not Before: Nov 3 10:12:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=aefcbdc20d2d817d77df1a4b760fd35ce65e9b49
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:68:7f:7e:d4:83:69:6e:68:ce:3a:0c:2e:82:
85:b8:26:57:8b:bd:82:fa:28:a8:78:5c:df:96:b2:
16:d3:c6:fa:9a:6c:f2:2c:24:4c:d0:5d:ab:2b:ee:
aa:18:4c:18:67:54:30:5e:21:d8:b0:b8:58:18:dc:
62:79:5c:e6:c0:95:69:fa:94:7e:7f:0c:c7:36:bd:
7a:85:c7:67:d4:e4:ee:1f:66:bf:f3:ec:a0:16:6f:
07:a3:c6:28:3a:32:16:a4:ab:2c:24:27:1e:d0:40:
1a:4f:5a:f2:1b:1c:61:fe:db:18:77:fb:e7:d9:8e:
01:48:da:31:82:e3:23:c9:8e:52:33:2a:90:13:41:
41:5a:eb:47:07:79:74:fa:24:a8:0e:06:51:df:3c:
94:0a:83:05:4a:9e:d3:d3:91:01:fa:59:a5:76:da:
01:8f:64:4e:28:13:b2:31:e3:28:8e:bd:bc:cd:7c:
4d:ed:51:6d:a9:c7:48:90:8e:2d:cb:6d:98:84:a3:
39:a6:c3:ed:ab:f0:a2:c8:35:a6:34:ab:2e:16:63:
39:a4:7c:00:3e:74:5a:50:f3:2a:30:25:b4:eb:88:
f0:f8:f1:89:66:31:2a:56:73:6d:f1:79:d1:7c:54:
76:79:8f:18:d6:56:86:fc:6b:33:b7:bf:ee:83:68:
1a:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:FC:BD:C2:0D:2D:81:7D:77:DF:1A:4B:76:0F:D3:5C:E6:5E:9B:49
X509v3 Authority Key Identifier:
keyid:6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/rvy9wg0tgX133xpLdg_TXOZem0k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/bds4s0PaLRGTCe2qGceniHAyfr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.122.249.0/24
185.239.1.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:9b:bb:b8:41:48:bf:4b:9e:be:6c:8a:f7:cc:3f:06:05:ae:
8b:f6:4b:ab:f5:42:95:c9:ac:1b:63:c5:ae:58:cb:00:0b:6b:
e5:85:38:f1:e0:8e:f0:33:a3:6c:8a:61:12:e8:76:57:8a:9e:
53:ae:4b:d6:5a:af:d7:09:c9:e7:29:1a:74:6c:74:f6:ff:f9:
b8:b9:13:c1:dc:b6:c3:91:6b:58:be:03:8e:e0:d4:f4:f4:cc:
7b:df:c8:ce:bd:de:00:15:c6:02:0c:8b:4b:42:71:a4:13:5f:
fa:c1:19:e7:f6:4f:d0:a7:63:60:93:1e:e5:81:67:79:8b:be:
c1:87:0e:3b:7d:fd:b9:f9:fb:a6:3a:d8:6f:50:61:fc:59:af:
20:b2:2e:2d:84:54:1b:eb:36:d1:57:a1:2e:cc:af:19:cc:1f:
64:5a:3e:ab:be:4d:8b:c7:d1:73:1f:e1:5e:b0:e7:6f:16:86:
f5:ac:fd:eb:d8:ad:2e:3e:56:fa:06:43:23:51:9c:a1:4f:86:
19:78:7c:e5:b2:1b:87:3a:31:72:e1:da:79:8b:52:40:33:82:
23:e5:fc:8b:34:32:d6:2b:00:34:2d:3f:d5:75:99:6f:af:13:
d9:09:05:c8:ca:ee:6a:33:1a:db:d0:16:05:be:b9:f8:7a:a7:
bb:6b:af:96
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZLxgpvpmKFIb59mecJBKNiDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkZGIzOGIzNDNkYTJkMTE5MzA5ZWRhYTE5YzdhNzg4NzAz
MjdlYmUwHhcNMjQxMTAzMTAxMjAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZWZjYmRjMjBkMmQ4MTdkNzdkZjFhNGI3NjBmZDM1Y2U2NWU5YjQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Gh/ftSDaW5ozjoMLoKFuCZXi72C
+iioeFzflrIW08b6mmzyLCRM0F2rK+6qGEwYZ1QwXiHYsLhYGNxieVzmwJVp+pR+
fwzHNr16hcdn1OTuH2a/8+ygFm8Ho8YoOjIWpKssJCce0EAaT1ryGxxh/tsYd/vn
2Y4BSNoxguMjyY5SMyqQE0FBWutHB3l0+iSoDgZR3zyUCoMFSp7T05EB+lmldtoB
j2ROKBOyMeMojr28zXxN7VFtqcdIkI4ty22YhKM5psPtq/CiyDWmNKsuFmM5pHwA
PnRaUPMqMCW064jw+PGJZjEqVnNt8XnRfFR2eY8Y1laG/Gszt7/ug2ga1QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFK78vcINLYF9d98aS3YP01zmXptJMB8GA1UdIwQY
MBaAFG3bOLND2i0RkwntqhnHp4hwMn6+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQt
M2RmYTUxMGQ2YjE2LzEvcnZ5OXdnMHRnWDEzM3hwTGRnX1RYT1plbTBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQtM2RmYTUxMGQ2YjE2
LzEvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAbXr5AwQA
ue8BMA0GCSqGSIb3DQEBCwUAA4IBAQBKm7u4QUi/S56+bIr3zD8GBa6L9kur9UKV
yawbY8WuWMsAC2vlhTjx4I7wM6NsimES6HZXip5TrkvWWq/XCcnnKRp0bHT2//m4
uRPB3LbDkWtYvgOO4NT09Mx738jOvd4AFcYCDItLQnGkE1/6wRnn9k/Qp2Ngkx7l
gWd5i77Bhw47ff25+fumOthvUGH8Wa8gsi4thFQb6zbRV6EuzK8ZzB9kWj6rvk2L
x9FzH+FesOdvFob1rP3r2K0uPlb6BkMjUZyhT4YZeHzlshuHOjFy4dp5i1JAM4Ij
5fyLNDLWKwA0LT/VdZlvrxPZCQXIyu5qMxrb0BYFvrn4eqe7a6+W
-----END CERTIFICATE-----
Generated at Mon Nov 11 17:00:12 2024 by rpki-client on console-ams.rpki-client.org