Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/1-QLYzGYs8SME9gY1QZ6TiLKk_nQ.roa
File: 1-QLYzGYs8SME9gY1QZ6TiLKk_nQ.roa (raw, json)
Hash identifier: +6KeGwa1VlDSm7kEynnb1z5KmCffP8/tu2bMMykzBSQ=
Subject key identifier: F9:02:D8:CC:66:2C:F1:23:04:F6:06:35:41:9E:93:88:B2:A4:FE:74
Certificate issuer: /CN=885b857706dac54e20ca0d11bd6416cb634203b4
Certificate serial: 018CC794253E2F9A483D16AC4D5B26626726
Authority key identifier: 88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/1-QLYzGYs8SME9gY1QZ6TiLKk_nQ.roa
Signing time: Tue 02 Jan 2024 00:30:23 +0000
ROA not before: Tue 02 Jan 2024 00:30:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212487
IP address blocks: 109.248.61.0/24 maxlen: 24
46.8.219.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 02 Sep 2024 14:49:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:25:3e:2f:9a:48:3d:16:ac:4d:5b:26:62:67:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=885b857706dac54e20ca0d11bd6416cb634203b4
Validity
Not Before: Jan 2 00:30:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f902d8cc662cf12304f60635419e9388b2a4fe74
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:43:12:b0:69:84:a8:dd:14:45:a2:a1:77:d9:
12:df:a4:1f:c2:f8:1c:1d:8f:00:04:e2:c9:b2:d4:
7a:3a:54:4c:2a:57:85:e7:cc:91:90:10:6d:58:1e:
f3:c1:35:63:f6:83:09:9f:1d:f7:2b:23:01:96:ae:
ce:cf:21:74:cf:de:e5:6b:6d:88:e0:07:be:14:e9:
1c:91:1d:75:2c:c3:bf:c5:e0:d4:88:2d:6d:26:c9:
49:6e:5c:47:e6:48:d3:c7:ef:d8:82:1f:ef:c6:b3:
53:22:72:d6:63:48:6c:a3:b0:8e:72:91:9e:4f:cd:
0e:48:90:be:07:f2:72:e9:b6:59:93:77:3a:83:a5:
02:f3:6c:ab:b5:ea:bf:0d:b0:5e:df:da:c1:56:a9:
01:d7:2e:03:07:86:5d:c3:8d:b8:f7:af:86:10:c2:
11:fc:93:4a:c0:3a:10:d4:90:7e:4b:6e:7d:93:88:
46:fa:76:bd:45:27:52:0d:e1:54:63:c8:33:c2:37:
ec:1c:c8:27:d2:b6:e8:38:c5:c5:b6:a6:1b:03:a0:
8b:b7:94:af:64:30:d6:ca:e4:bd:e5:67:bc:09:b3:
cd:37:a7:ef:bb:57:92:ae:26:ee:e5:0d:0b:0d:b3:
68:22:a0:11:cc:de:f8:fd:f1:bc:21:d2:66:dd:11:
96:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:02:D8:CC:66:2C:F1:23:04:F6:06:35:41:9E:93:88:B2:A4:FE:74
X509v3 Authority Key Identifier:
keyid:88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/1-QLYzGYs8SME9gY1QZ6TiLKk_nQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.8.219.0/24
109.248.61.0/24
Signature Algorithm: sha256WithRSAEncryption
16:40:1d:91:5b:18:d4:25:5f:f7:0d:7d:3f:ed:37:9b:2c:21:
3a:3e:43:e0:88:ec:df:32:51:84:c7:6e:49:69:bd:7a:53:8e:
2a:f3:fc:20:1f:a5:f4:66:77:23:c3:c2:fd:2e:55:ed:fb:a8:
16:d1:62:42:ac:86:fe:4f:4d:cf:97:00:b4:d0:60:49:63:e2:
0d:e6:7d:c6:37:52:64:eb:6c:5a:d2:4f:7e:ce:09:36:81:a0:
7b:72:4c:65:ba:3f:01:69:cb:bd:25:11:0f:16:e6:70:9f:00:
3e:81:69:8e:e3:ee:ed:70:a1:9f:e8:c3:48:a7:01:9b:c9:36:
e1:b9:aa:27:74:6a:36:aa:af:67:64:6a:a7:4f:07:05:27:2a:
64:95:4f:4c:32:f5:8b:82:c6:11:b1:31:47:6c:3b:26:ab:91:
8c:fd:90:46:82:47:3a:07:78:67:25:ce:fd:9c:7e:a5:ae:a9:
aa:d2:6d:3f:a3:f1:e3:e6:43:4f:f0:9c:a7:5f:87:8c:6b:81:
9c:94:ca:69:a6:1a:d5:cd:6a:60:7e:b2:34:4c:36:b2:e2:82:
32:50:00:a5:9f:66:1a:95:9a:e0:2b:45:fb:de:e3:8a:1d:71:
28:d1:4c:9d:a9:13:16:cf:fb:17:0a:1d:cc:ce:52:0a:50:83:
11:0e:69:58
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAYzHlCU+L5pIPRasTVsmYmcmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4NWI4NTc3MDZkYWM1NGUyMGNhMGQxMWJkNjQxNmNiNjM0
MjAzYjQwHhcNMjQwMTAyMDAzMDIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTAyZDhjYzY2MmNmMTIzMDRmNjA2MzU0MTllOTM4OGIyYTRmZTc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi0MSsGmEqN0URaKhd9kS36Qfwvgc
HY8ABOLJstR6OlRMKleF58yRkBBtWB7zwTVj9oMJnx33KyMBlq7OzyF0z97la22I
4Ae+FOkckR11LMO/xeDUiC1tJslJblxH5kjTx+/Ygh/vxrNTInLWY0hso7COcpGe
T80OSJC+B/Jy6bZZk3c6g6UC82yrteq/DbBe39rBVqkB1y4DB4Zdw42496+GEMIR
/JNKwDoQ1JB+S259k4hG+na9RSdSDeFUY8gzwjfsHMgn0rboOMXFtqYbA6CLt5Sv
ZDDWyuS95We8CbPNN6fvu1eSribu5Q0LDbNoIqARzN74/fG8IdJm3RGWrwIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFPkC2MxmLPEjBPYGNUGek4iypP50MB8GA1UdIwQY
MBaAFIhbhXcG2sVOIMoNEb1kFstjQgO0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMt
MTY2OTljOTZkZDVlLzEvMS1RTFl6R1lzOFNNRTlnWTFRWjZUaUxLa19uUS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNjUvMzIxY2RjLTIxNDMtNGI1Yy05NzMzLTE2Njk5Yzk2ZGQ1
ZS8xL2lGdUZkd2JheFU0Z3lnMFJ2V1FXeTJOQ0E3US5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAC4I2wME
AG34PTANBgkqhkiG9w0BAQsFAAOCAQEAFkAdkVsY1CVf9w19P+03mywhOj5D4Ijs
3zJRhMduSWm9elOOKvP8IB+l9GZ3I8PC/S5V7fuoFtFiQqyG/k9Nz5cAtNBgSWPi
DeZ9xjdSZOtsWtJPfs4JNoGge3JMZbo/AWnLvSURDxbmcJ8APoFpjuPu7XChn+jD
SKcBm8k24bmqJ3RqNqqvZ2Rqp08HBScqZJVPTDL1i4LGEbExR2w7JquRjP2QRoJH
Ogd4ZyXO/Zx+pa6pqtJtP6Px4+ZDT/Ccp1+HjGuBnJTKaaYa1c1qYH6yNEw2suKC
MlAApZ9mGpWa4CtF+97jih1xKNFMnakTFs/7FwodzM5SClCDEQ5pWA==
-----END CERTIFICATE-----
Generated at Mon Sep 2 17:08:26 2024 by rpki-client on console-fra.rpki-client.org