Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/09db86-676d-4f9e-a2b4-0285c15fc51e/1/fMQyl1ZVD_gJ0wfWQvaJnZ7oO9I.roa
File: fMQyl1ZVD_gJ0wfWQvaJnZ7oO9I.roa (raw, json)
Hash identifier: EeTmO0igq3FuEse7qnI8Zptr77TgwFw8O5wPt1nW+j0=
Subject key identifier: 7C:C4:32:97:56:55:0F:F8:09:D3:07:D6:42:F6:89:9D:9E:E8:3B:D2
Certificate issuer: /CN=175f6e1ebb831935c8422c972bcab2e56d1d9e36
Certificate serial: 018572B411B80C9422FB0B0C190D3FD42E96
Authority key identifier: 17:5F:6E:1E:BB:83:19:35:C8:42:2C:97:2B:CA:B2:E5:6D:1D:9E:36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F19uHruDGTXIQiyXK8qy5W0dnjY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/09db86-676d-4f9e-a2b4-0285c15fc51e/1/fMQyl1ZVD_gJ0wfWQvaJnZ7oO9I.roa
Signing time: Mon 02 Jan 2023 13:38:01 +0000
ROA not before: Mon 02 Jan 2023 13:38:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50031
IP address blocks: 109.69.112.0/21 maxlen: 21
2a01:7300::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:b4:11:b8:0c:94:22:fb:0b:0c:19:0d:3f:d4:2e:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=175f6e1ebb831935c8422c972bcab2e56d1d9e36
Validity
Not Before: Jan 2 13:38:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7cc4329756550ff809d307d642f6899d9ee83bd2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:c2:bf:58:e0:ae:88:b9:c8:c3:f8:1c:5f:69:
1e:6e:62:0a:2c:3a:30:80:f8:13:a1:ff:70:40:b8:
5d:44:14:fb:de:c3:01:3f:00:e4:c3:0f:7d:d4:ef:
4d:e7:c7:d2:15:13:17:99:10:63:c8:9a:c1:a1:c2:
e3:27:b6:d8:a0:2b:94:c6:f7:35:bd:9a:03:15:45:
9e:a9:51:7d:14:9a:06:31:3b:a9:70:a7:50:c6:5c:
71:73:2e:ae:2d:07:fe:96:c6:b1:c3:10:6c:1e:b4:
5d:67:27:2d:57:b2:22:e4:d1:ad:ec:53:96:94:1f:
e7:1c:b8:e2:fb:6e:17:df:c8:2d:7f:44:bc:b9:6b:
c0:91:c6:f3:b0:46:2e:73:45:5c:bf:e4:e6:9a:2b:
15:47:26:b3:72:2a:ff:de:7b:49:b7:c4:0e:d9:cd:
a3:68:18:a6:0d:d8:fd:8e:7c:a5:c2:ce:74:30:eb:
2c:68:a5:13:b6:fe:93:e3:94:95:d4:6b:b5:7e:32:
26:38:46:3b:ec:eb:80:6c:d9:45:f9:ef:ce:07:8e:
eb:4a:40:1d:68:7c:8f:96:1f:a4:9f:47:66:10:54:
c7:8e:b3:f8:c5:e1:46:3e:2f:31:be:9b:26:d3:3d:
72:39:fa:e7:e8:48:93:da:57:e8:e4:b3:f2:8a:c8:
bd:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:C4:32:97:56:55:0F:F8:09:D3:07:D6:42:F6:89:9D:9E:E8:3B:D2
X509v3 Authority Key Identifier:
keyid:17:5F:6E:1E:BB:83:19:35:C8:42:2C:97:2B:CA:B2:E5:6D:1D:9E:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F19uHruDGTXIQiyXK8qy5W0dnjY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/09db86-676d-4f9e-a2b4-0285c15fc51e/1/fMQyl1ZVD_gJ0wfWQvaJnZ7oO9I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/09db86-676d-4f9e-a2b4-0285c15fc51e/1/F19uHruDGTXIQiyXK8qy5W0dnjY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.69.112.0/21
IPv6:
2a01:7300::/32
Signature Algorithm: sha256WithRSAEncryption
7b:a5:7e:19:9e:a6:f9:e4:ff:4c:57:b5:66:05:38:ba:2a:0f:
0f:4a:c7:3b:3d:5b:6f:a9:5b:1e:2e:f0:5a:37:4f:a1:c0:c9:
45:b7:fd:eb:70:e7:33:6e:59:9d:55:fe:f7:ce:5b:f9:d2:32:
61:6a:e2:80:a7:c8:7b:a4:65:73:dc:67:5e:60:3c:2b:4f:78:
c1:ef:58:9c:80:34:81:44:48:a5:cd:24:8b:04:fa:e1:34:dc:
58:2f:d4:c0:08:27:da:4e:ee:23:54:36:1f:af:1b:38:3e:fd:
65:1b:29:a7:14:a4:c7:42:10:c8:19:6d:68:74:c3:82:f1:b4:
5c:d9:59:f1:b5:bc:50:02:2c:69:4c:3e:49:d9:3a:0c:0c:5f:
25:9c:6a:65:4a:1d:be:f3:c3:78:15:29:da:25:c4:c2:30:91:
d4:b0:96:20:a9:8e:f1:b2:a2:22:6f:f9:8d:67:1a:8d:e1:ea:
a0:fe:c7:ca:81:3a:c4:33:c0:88:91:60:e5:d8:1d:cd:44:f1:
e2:52:fc:28:81:d7:60:54:53:63:1a:80:49:84:6a:9c:e1:f6:
07:8d:23:7c:ce:cc:7c:d7:11:fa:99:ee:a2:d3:19:be:65:04:
41:8e:46:7f:58:e8:41:4e:d4:0b:aa:f6:4b:e2:92:8d:6d:19:
e3:f8:e9:ea
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVytBG4DJQi+wsMGQ0/1C6WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3NWY2ZTFlYmI4MzE5MzVjODQyMmM5NzJiY2FiMmU1NmQx
ZDllMzYwHhcNMjMwMTAyMTMzODAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Y2M0MzI5NzU2NTUwZmY4MDlkMzA3ZDY0MmY2ODk5ZDllZTgzYmQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkMK/WOCuiLnIw/gcX2kebmIKLDow
gPgTof9wQLhdRBT73sMBPwDkww991O9N58fSFRMXmRBjyJrBocLjJ7bYoCuUxvc1
vZoDFUWeqVF9FJoGMTupcKdQxlxxcy6uLQf+lsaxwxBsHrRdZyctV7Ii5NGt7FOW
lB/nHLji+24X38gtf0S8uWvAkcbzsEYuc0Vcv+TmmisVRyazcir/3ntJt8QO2c2j
aBimDdj9jnylws50MOssaKUTtv6T45SV1Gu1fjImOEY77OuAbNlF+e/OB47rSkAd
aHyPlh+kn0dmEFTHjrP4xeFGPi8xvpsm0z1yOfrn6EiT2lfo5LPyisi9JwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFHzEMpdWVQ/4CdMH1kL2iZ2e6DvSMB8GA1UdIwQY
MBaAFBdfbh67gxk1yEIslyvKsuVtHZ42MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjE5dUhydURHVFhJUWl5WEs4cXk1VzBkbmpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC8wOWRiODYtNjc2ZC00ZjllLWEyYjQt
MDI4NWMxNWZjNTFlLzEvZk1ReWwxWlZEX2dKMHdmV1F2YUpuWjdvTzlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC8wOWRiODYtNjc2ZC00ZjllLWEyYjQtMDI4NWMxNWZjNTFl
LzEvRjE5dUhydURHVFhJUWl5WEs4cXk1VzBkbmpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDbUVwMA0E
AgACMAcDBQAqAXMAMA0GCSqGSIb3DQEBCwUAA4IBAQB7pX4Znqb55P9MV7VmBTi6
Kg8PSsc7PVtvqVseLvBaN0+hwMlFt/3rcOczblmdVf73zlv50jJhauKAp8h7pGVz
3GdeYDwrT3jB71icgDSBREilzSSLBPrhNNxYL9TACCfaTu4jVDYfrxs4Pv1lGymn
FKTHQhDIGW1odMOC8bRc2VnxtbxQAixpTD5J2ToMDF8lnGplSh2+88N4FSnaJcTC
MJHUsJYgqY7xsqIib/mNZxqN4eqg/sfKgTrEM8CIkWDl2B3NRPHiUvwogddgVFNj
GoBJhGqc4fYHjSN8zsx81xH6me6i0xm+ZQRBjkZ/WOhBTtQLqvZL4pKNbRnj+Onq
-----END CERTIFICATE-----
Generated at Mon Jan 1 17:14:11 2024 by rpki-client on console-ams.rpki-client.org