Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/c16f55-b44d-40c3-9dac-cc2fafe3a8b4/1/mpV26fM6dh1pWPBRnGj8L_hED9o.roa
File: mpV26fM6dh1pWPBRnGj8L_hED9o.roa (raw, json)
Hash identifier: VwoBgE3MuCcgtMKb+pvF+O8r06j1rUyZoWUZEmfYSpc=
Subject key identifier: 9A:95:76:E9:F3:3A:76:1D:69:58:F0:51:9C:68:FC:2F:F8:44:0F:DA
Certificate issuer: /CN=5b698c4b612afee2cbb1cdd509e4f0246fbb80e1
Certificate serial: 018CCA2A2465512B3C8EC6C1D8B836FB5945
Authority key identifier: 5B:69:8C:4B:61:2A:FE:E2:CB:B1:CD:D5:09:E4:F0:24:6F:BB:80:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W2mMS2Eq_uLLsc3VCeTwJG-7gOE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/c16f55-b44d-40c3-9dac-cc2fafe3a8b4/1/mpV26fM6dh1pWPBRnGj8L_hED9o.roa
Signing time: Tue 02 Jan 2024 12:33:28 +0000
ROA not before: Tue 02 Jan 2024 12:33:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50591
IP address blocks: 109.230.77.0/24 maxlen: 24
109.230.75.0/24 maxlen: 24
109.230.73.0/24 maxlen: 24
109.230.76.0/24 maxlen: 24
109.230.74.0/24 maxlen: 24
109.230.78.0/24 maxlen: 24
109.230.72.0/24 maxlen: 24
109.230.79.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 20 Jul 2024 07:10:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:24:65:51:2b:3c:8e:c6:c1:d8:b8:36:fb:59:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5b698c4b612afee2cbb1cdd509e4f0246fbb80e1
Validity
Not Before: Jan 2 12:33:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9a9576e9f33a761d6958f0519c68fc2ff8440fda
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:16:e0:27:bb:e3:74:a8:46:9b:6d:c6:f2:ab:
d6:6c:fb:12:a6:83:67:ef:91:36:bc:b7:03:3c:bf:
44:f3:16:a6:b7:8e:8c:a4:48:95:0c:3e:3d:a4:ff:
27:b7:6b:c8:12:6a:63:4e:e4:90:d9:a2:c2:af:1b:
78:46:d2:76:23:17:63:55:ef:c2:0b:38:1c:22:54:
2b:52:41:6b:23:37:61:4c:db:0b:91:f0:06:ab:05:
41:df:2c:6c:f9:9b:d5:14:82:0d:b8:87:c4:c0:ea:
f6:d4:62:67:d4:70:70:02:d5:34:05:be:99:1c:cd:
db:16:89:67:61:20:cf:35:50:3c:62:52:ee:f1:57:
94:ec:24:8d:eb:b7:1e:cf:58:54:56:7f:79:0d:38:
74:ac:f5:d2:36:cf:73:c5:97:92:51:d9:3a:71:c9:
bf:23:19:d1:14:67:b8:19:40:4c:9b:73:a5:c9:5b:
3e:4a:e3:3b:6b:92:01:69:78:48:41:28:dc:94:b7:
04:bc:3d:c9:35:4b:39:5f:22:21:f6:49:4d:a5:3b:
eb:1a:2b:f6:82:d0:dd:d8:a2:50:21:3c:52:5c:96:
92:3c:e8:5d:9c:2f:1d:26:92:7b:98:23:57:aa:8c:
26:cd:f4:47:7c:88:17:59:7e:74:c0:0c:e5:85:06:
bc:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:95:76:E9:F3:3A:76:1D:69:58:F0:51:9C:68:FC:2F:F8:44:0F:DA
X509v3 Authority Key Identifier:
keyid:5B:69:8C:4B:61:2A:FE:E2:CB:B1:CD:D5:09:E4:F0:24:6F:BB:80:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W2mMS2Eq_uLLsc3VCeTwJG-7gOE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/c16f55-b44d-40c3-9dac-cc2fafe3a8b4/1/mpV26fM6dh1pWPBRnGj8L_hED9o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/c16f55-b44d-40c3-9dac-cc2fafe3a8b4/1/W2mMS2Eq_uLLsc3VCeTwJG-7gOE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.230.72.0/21
Signature Algorithm: sha256WithRSAEncryption
7c:f6:84:3f:d2:dc:c4:25:64:c9:1f:02:a4:1f:ab:30:09:50:
f1:bc:a7:bd:7f:e3:93:90:77:5d:b8:b6:cc:4d:33:91:f5:a2:
8a:4d:74:3b:27:84:0e:5f:7a:cb:87:17:ff:0c:4d:b6:e8:97:
d8:28:d4:77:bf:7f:65:ea:45:17:8b:00:0f:0c:7d:c5:18:40:
2d:bb:aa:47:21:35:b5:12:ea:4e:0c:6f:bc:ef:e5:62:fc:b3:
17:1d:1c:e7:a6:2e:a9:6a:bd:94:7b:19:3c:7e:dc:43:94:01:
da:86:48:df:d8:9f:ac:57:b6:df:69:5d:a1:40:5f:c5:27:b8:
dc:58:b1:50:84:8a:7d:19:ff:67:ae:ea:f8:0e:d5:d2:5f:ec:
3c:e0:b0:f2:37:2f:17:14:b1:89:bd:db:7a:47:0a:6d:2f:ce:
a0:ff:9c:2a:27:55:10:99:6a:99:e7:bb:68:d8:ef:f5:df:60:
92:b2:b0:d4:ca:6f:35:fb:17:12:04:0f:fd:c7:05:1e:b8:be:
58:2f:c0:47:7e:bd:f5:1d:eb:18:25:af:b2:9c:9f:84:43:37:
c9:3d:a9:a3:12:94:ac:b2:49:1d:3c:78:09:b5:d1:de:16:93:
8a:56:4b:d7:84:3d:b4:58:d0:fd:08:81:0f:51:e1:8d:5a:1f:
65:79:29:52
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKKiRlUSs8jsbB2Lg2+1lFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViNjk4YzRiNjEyYWZlZTJjYmIxY2RkNTA5ZTRmMDI0NmZi
YjgwZTEwHhcNMjQwMTAyMTIzMzI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTk1NzZlOWYzM2E3NjFkNjk1OGYwNTE5YzY4ZmMyZmY4NDQwZmRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArBbgJ7vjdKhGm23G8qvWbPsSpoNn
75E2vLcDPL9E8xamt46MpEiVDD49pP8nt2vIEmpjTuSQ2aLCrxt4RtJ2IxdjVe/C
CzgcIlQrUkFrIzdhTNsLkfAGqwVB3yxs+ZvVFIINuIfEwOr21GJn1HBwAtU0Bb6Z
HM3bFolnYSDPNVA8YlLu8VeU7CSN67cez1hUVn95DTh0rPXSNs9zxZeSUdk6ccm/
IxnRFGe4GUBMm3OlyVs+SuM7a5IBaXhIQSjclLcEvD3JNUs5XyIh9klNpTvrGiv2
gtDd2KJQITxSXJaSPOhdnC8dJpJ7mCNXqowmzfRHfIgXWX50wAzlhQa8kwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJqVdunzOnYdaVjwUZxo/C/4RA/aMB8GA1UdIwQY
MBaAFFtpjEthKv7iy7HN1Qnk8CRvu4DhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVzJtTVMyRXFfdUxMc2MzVkNlVHdKRy03Z09FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9jMTZmNTUtYjQ0ZC00MGMzLTlkYWMt
Y2MyZmFmZTNhOGI0LzEvbXBWMjZmTTZkaDFwV1BCUm5HajhMX2hFRDlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS9jMTZmNTUtYjQ0ZC00MGMzLTlkYWMtY2MyZmFmZTNhOGI0
LzEvVzJtTVMyRXFfdUxMc2MzVkNlVHdKRy03Z09FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDbeZIMA0G
CSqGSIb3DQEBCwUAA4IBAQB89oQ/0tzEJWTJHwKkH6swCVDxvKe9f+OTkHdduLbM
TTOR9aKKTXQ7J4QOX3rLhxf/DE226JfYKNR3v39l6kUXiwAPDH3FGEAtu6pHITW1
EupODG+87+Vi/LMXHRznpi6par2Uexk8ftxDlAHahkjf2J+sV7bfaV2hQF/FJ7jc
WLFQhIp9Gf9nrur4DtXSX+w84LDyNy8XFLGJvdt6RwptL86g/5wqJ1UQmWqZ57to
2O/132CSsrDUym81+xcSBA/9xwUeuL5YL8BHfr31HesYJa+ynJ+EQzfJPamjEpSs
skkdPHgJtdHeFpOKVkvXhD20WND9CIEPUeGNWh9leSlS
-----END CERTIFICATE-----
Generated at Sat Jul 20 08:46:00 2024 by rpki-client on console-fra.rpki-client.org