Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/upZGd3e6W_-dWz-wgGfkcumSwDY.roa
File: upZGd3e6W_-dWz-wgGfkcumSwDY.roa (raw, json)
Hash identifier: q79gotl40PI6VBfN+Wxu99KoaNBqVVTZwCSvJFq4xwc=
Subject key identifier: BA:96:46:77:77:BA:5B:FF:9D:5B:3F:B0:80:67:E4:72:E9:92:C0:36
Certificate issuer: /CN=885b857706dac54e20ca0d11bd6416cb634203b4
Certificate serial: 01884C8CFE811AE994540B4CA3A1F2D790E2
Authority key identifier: 88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/upZGd3e6W_-dWz-wgGfkcumSwDY.roa
Signing time: Wed 24 May 2023 06:58:08 +0000
ROA not before: Wed 24 May 2023 06:58:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50025
IP address blocks: 109.248.220.0/23 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:30:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:4c:8c:fe:81:1a:e9:94:54:0b:4c:a3:a1:f2:d7:90:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=885b857706dac54e20ca0d11bd6416cb634203b4
Validity
Not Before: May 24 06:58:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ba96467777ba5bff9d5b3fb08067e472e992c036
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:83:f0:23:00:88:3c:c1:d6:13:9a:2a:14:ce:
27:78:fe:2f:8b:67:3c:ad:da:cf:0b:b6:f4:7a:b8:
0e:c1:49:63:cd:d5:af:4b:2c:3b:82:42:0e:9a:88:
d0:07:c7:f1:da:a6:53:87:05:54:a9:d6:0a:aa:f8:
65:8e:17:35:7f:00:06:5d:74:4d:67:12:1f:38:fb:
6e:05:b7:06:af:30:cf:fb:1a:9b:c2:35:14:1e:fc:
5e:72:10:53:5b:0a:39:60:bc:39:df:a8:ee:12:7f:
01:27:19:16:f0:68:71:ed:86:0a:7c:f9:22:e7:28:
70:61:0a:30:fd:46:a7:07:27:7f:78:c6:27:5c:ab:
df:b5:d2:5d:37:01:0b:a7:d1:07:60:ef:14:6d:f5:
53:af:1d:b2:b1:98:d7:78:78:29:1d:e6:b1:7e:f2:
59:64:f8:81:6c:a6:f9:5b:fa:60:71:15:96:bd:33:
b1:12:64:c9:a9:20:af:ec:92:d2:65:90:5a:a7:37:
4c:bb:8c:45:d0:21:d8:ff:6c:d8:6c:f6:f3:39:f9:
69:d6:03:86:31:a1:60:9c:56:cb:2b:ef:0d:db:4f:
ea:e3:36:7a:d0:9c:14:11:ca:4d:aa:55:7b:27:f1:
a4:d3:f2:86:49:05:16:2b:80:11:2d:03:c7:b7:14:
96:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:96:46:77:77:BA:5B:FF:9D:5B:3F:B0:80:67:E4:72:E9:92:C0:36
X509v3 Authority Key Identifier:
keyid:88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/upZGd3e6W_-dWz-wgGfkcumSwDY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.248.220.0/23
Signature Algorithm: sha256WithRSAEncryption
a5:2f:e1:04:aa:1d:3f:9a:9a:d4:1a:97:92:9f:a7:30:f8:72:
93:93:e9:39:a3:c4:cd:ec:cd:6a:85:c9:47:8a:9f:2c:bb:f4:
a5:16:31:d5:0a:64:58:4e:bf:48:84:98:12:1e:d2:bf:54:78:
5d:32:ad:d4:ca:2e:93:f0:df:0a:89:4e:48:c2:55:b8:92:7b:
47:c5:3e:d3:06:49:7e:7c:a0:b3:a7:b2:31:12:2e:da:0a:b2:
24:eb:f3:03:cf:de:98:74:e9:80:78:71:27:1c:9c:75:f0:48:
2b:04:9c:17:8b:e8:0b:cb:1e:78:6b:16:7d:0c:31:5b:d2:96:
ec:0c:81:48:7a:7e:74:b9:3d:86:11:0f:a5:8c:97:81:80:2f:
85:1d:a2:08:fa:18:5a:12:a2:e2:db:28:7c:ce:7d:b5:95:43:
da:17:56:f3:c7:cd:76:37:33:0b:96:c5:19:8e:e5:58:2f:6a:
b7:40:cc:37:d7:1d:e8:7e:18:82:df:c9:84:b8:e6:9a:18:0a:
25:fc:c6:71:53:2c:22:95:5c:be:12:d4:4a:57:75:e3:6f:29:
73:12:21:93:55:c4:52:ad:96:b9:1b:93:cc:c9:e0:70:21:14:
20:77:fe:73:43:ef:e9:cd:70:eb:ee:47:cd:20:1d:78:24:df:
64:2e:95:39
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYhMjP6BGumUVAtMo6Hy15DiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4NWI4NTc3MDZkYWM1NGUyMGNhMGQxMWJkNjQxNmNiNjM0
MjAzYjQwHhcNMjMwNTI0MDY1ODA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTk2NDY3Nzc3YmE1YmZmOWQ1YjNmYjA4MDY3ZTQ3MmU5OTJjMDM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkYPwIwCIPMHWE5oqFM4neP4vi2c8
rdrPC7b0ergOwUljzdWvSyw7gkIOmojQB8fx2qZThwVUqdYKqvhljhc1fwAGXXRN
ZxIfOPtuBbcGrzDP+xqbwjUUHvxechBTWwo5YLw536juEn8BJxkW8Ghx7YYKfPki
5yhwYQow/UanByd/eMYnXKvftdJdNwELp9EHYO8UbfVTrx2ysZjXeHgpHeaxfvJZ
ZPiBbKb5W/pgcRWWvTOxEmTJqSCv7JLSZZBapzdMu4xF0CHY/2zYbPbzOflp1gOG
MaFgnFbLK+8N20/q4zZ60JwUEcpNqlV7J/Gk0/KGSQUWK4ARLQPHtxSWtwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLqWRnd3ulv/nVs/sIBn5HLpksA2MB8GA1UdIwQY
MBaAFIhbhXcG2sVOIMoNEb1kFstjQgO0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMt
MTY2OTljOTZkZDVlLzEvdXBaR2QzZTZXXy1kV3otd2dHZmtjdW1Td0RZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMtMTY2OTljOTZkZDVl
LzEvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBbfjcMA0G
CSqGSIb3DQEBCwUAA4IBAQClL+EEqh0/mprUGpeSn6cw+HKTk+k5o8TN7M1qhclH
ip8su/SlFjHVCmRYTr9IhJgSHtK/VHhdMq3Uyi6T8N8KiU5IwlW4kntHxT7TBkl+
fKCzp7IxEi7aCrIk6/MDz96YdOmAeHEnHJx18EgrBJwXi+gLyx54axZ9DDFb0pbs
DIFIen50uT2GEQ+ljJeBgC+FHaII+hhaEqLi2yh8zn21lUPaF1bzx812NzMLlsUZ
juVYL2q3QMw31x3ofhiC38mEuOaaGAol/MZxUywilVy+EtRKV3XjbylzEiGTVcRS
rZa5G5PMyeBwIRQgd/5zQ+/pzXDr7kfNIB14JN9kLpU5
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:00 2024 by rpki-client on console-ams.rpki-client.org