Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/uq8-RsPE9AXLdUHFLkSCvUGfECQ.roa
File: uq8-RsPE9AXLdUHFLkSCvUGfECQ.roa (raw, json)
Hash identifier: FjTaU75b9Fse9gqm5MHepJQf8yScnLcOXa6pOwEKuu0=
Subject key identifier: BA:AF:3E:46:C3:C4:F4:05:CB:75:41:C5:2E:44:82:BD:41:9F:10:24
Certificate issuer: /CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Certificate serial: 01928D9FC7FABDF264CFFCD81A1F0B588971
Authority key identifier: 6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/uq8-RsPE9AXLdUHFLkSCvUGfECQ.roa
Signing time: Tue 15 Oct 2024 00:41:51 +0000
ROA not before: Tue 15 Oct 2024 00:41:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 109.122.240.0/20 maxlen: 24
109.122.250.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 21 Oct 2024 11:10:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:8d:9f:c7:fa:bd:f2:64:cf:fc:d8:1a:1f:0b:58:89:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Validity
Not Before: Oct 15 00:41:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=baaf3e46c3c4f405cb7541c52e4482bd419f1024
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:f2:40:96:4a:23:14:2f:0e:65:4f:af:39:03:
e3:b2:15:0d:48:35:5f:0c:e5:d9:df:42:a9:a0:b3:
48:30:db:e7:a5:34:85:83:ff:d7:2e:6a:ce:33:5c:
04:18:9e:f6:71:66:9f:18:49:c8:15:e0:0d:6f:85:
d9:82:2a:ec:fc:40:ea:6a:6e:1f:62:1f:0c:8b:19:
25:8c:b6:21:d2:3a:18:cf:99:46:da:83:fc:41:cc:
fc:0b:22:e9:e5:e4:3c:e9:9e:be:47:a8:6e:9d:3a:
db:f6:1d:63:b8:8a:15:0d:0c:28:9f:0f:69:41:f5:
b9:30:4f:d3:a9:7b:0c:a6:e3:cd:3b:11:82:3f:f1:
6c:7b:03:29:57:a0:d5:20:e3:07:e5:2f:fc:cc:be:
0f:2e:30:fa:c2:3e:fc:98:16:cd:fd:bf:df:42:51:
2a:ac:f3:4a:d7:69:d5:06:0f:66:98:51:5c:2d:21:
a1:0d:38:88:93:45:3a:06:e1:7d:77:71:d4:a1:fb:
02:b9:11:57:6a:e3:f6:91:0d:45:9f:eb:fc:4e:ff:
fa:1e:83:84:3c:9a:5c:22:81:55:b2:c4:04:34:de:
1a:f6:15:f7:17:65:82:0e:29:66:4f:d0:56:10:7c:
52:9d:56:e6:26:05:0b:50:49:e7:c8:dc:74:08:85:
10:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:AF:3E:46:C3:C4:F4:05:CB:75:41:C5:2E:44:82:BD:41:9F:10:24
X509v3 Authority Key Identifier:
keyid:6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/uq8-RsPE9AXLdUHFLkSCvUGfECQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/bds4s0PaLRGTCe2qGceniHAyfr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.122.240.0/20
Signature Algorithm: sha256WithRSAEncryption
0e:e4:e1:ca:12:05:78:8f:4e:e7:fa:bd:bb:32:85:78:fc:b6:
f3:6c:a2:43:c6:b9:53:93:d2:c9:e7:01:f4:35:49:28:9d:0c:
c8:68:ca:43:75:16:18:05:4a:d3:82:62:74:03:ba:78:53:d0:
37:77:e2:e4:d6:1c:75:67:30:63:79:ca:04:b7:99:92:90:52:
23:92:a3:18:fb:da:ef:32:e9:98:13:c5:14:50:e2:66:fb:b5:
d3:15:f8:6e:ad:dc:83:d8:7a:5e:73:29:ec:bf:a4:39:e0:2e:
d6:2e:96:8f:cc:59:18:b3:40:9f:62:87:02:5a:fe:06:51:07:
1e:ce:c1:ed:80:15:f0:43:f4:58:5c:fb:72:c9:81:2f:a1:b6:
16:23:3d:10:b5:36:72:f3:d7:18:b4:c3:90:a2:12:77:55:97:
de:1a:96:ca:12:7b:51:b0:e8:70:2f:dd:08:2c:90:24:2c:6d:
f9:fe:d6:89:2f:5d:ba:11:8e:4b:a5:50:cb:60:c7:10:9f:66:
62:f6:e3:76:68:0a:b8:f5:cc:50:84:fb:29:cc:c0:fe:16:cb:
96:a4:79:ad:34:b6:14:6b:bf:c8:f8:bd:bd:6b:09:1b:e9:ae:
24:59:fa:f6:0c:41:3b:08:45:ed:bc:bb:e9:6b:92:21:7d:3b:
89:a1:47:42
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZKNn8f6vfJkz/zYGh8LWIlxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkZGIzOGIzNDNkYTJkMTE5MzA5ZWRhYTE5YzdhNzg4NzAz
MjdlYmUwHhcNMjQxMDE1MDA0MTUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYWFmM2U0NmMzYzRmNDA1Y2I3NTQxYzUyZTQ0ODJiZDQxOWYxMDI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwPJAlkojFC8OZU+vOQPjshUNSDVf
DOXZ30KpoLNIMNvnpTSFg//XLmrOM1wEGJ72cWafGEnIFeANb4XZgirs/EDqam4f
Yh8MixkljLYh0joYz5lG2oP8Qcz8CyLp5eQ86Z6+R6hunTrb9h1juIoVDQwonw9p
QfW5ME/TqXsMpuPNOxGCP/FsewMpV6DVIOMH5S/8zL4PLjD6wj78mBbN/b/fQlEq
rPNK12nVBg9mmFFcLSGhDTiIk0U6BuF9d3HUofsCuRFXauP2kQ1Fn+v8Tv/6HoOE
PJpcIoFVssQENN4a9hX3F2WCDilmT9BWEHxSnVbmJgULUEnnyNx0CIUQ/wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLqvPkbDxPQFy3VBxS5Egr1BnxAkMB8GA1UdIwQY
MBaAFG3bOLND2i0RkwntqhnHp4hwMn6+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQt
M2RmYTUxMGQ2YjE2LzEvdXE4LVJzUEU5QVhMZFVIRkxrU0N2VUdmRUNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQtM2RmYTUxMGQ2YjE2
LzEvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEbXrwMA0G
CSqGSIb3DQEBCwUAA4IBAQAO5OHKEgV4j07n+r27MoV4/LbzbKJDxrlTk9LJ5wH0
NUkonQzIaMpDdRYYBUrTgmJ0A7p4U9A3d+Lk1hx1ZzBjecoEt5mSkFIjkqMY+9rv
MumYE8UUUOJm+7XTFfhurdyD2Hpecynsv6Q54C7WLpaPzFkYs0CfYocCWv4GUQce
zsHtgBXwQ/RYXPtyyYEvobYWIz0QtTZy89cYtMOQohJ3VZfeGpbKEntRsOhwL90I
LJAkLG35/taJL126EY5LpVDLYMcQn2Zi9uN2aAq49cxQhPspzMD+FsuWpHmtNLYU
a7/I+L29awkb6a4kWfr2DEE7CEXtvLvpa5IhfTuJoUdC
-----END CERTIFICATE-----
Generated at Mon Oct 21 13:26:14 2024 by rpki-client on console-fra.rpki-client.org