Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/1c60ac-ba3f-440b-868b-ea12ef9422ec/1/Oc9NprofIViDsF2KV84U3TBaHP0.roa
File: Oc9NprofIViDsF2KV84U3TBaHP0.roa (raw, json)
Hash identifier: PaBgHxrIMBmkYbdlmIrxMG64m3v44IRCHFvjLTf9AUE=
Subject key identifier: 39:CF:4D:A6:BA:1F:21:58:83:B0:5D:8A:57:CE:14:DD:30:5A:1C:FD
Certificate issuer: /CN=7222c5ab7db3dd3966192faafe07f3115b0c8ee5
Certificate serial: 018EE8540D055082E47D08045009C67D9B60
Authority key identifier: 72:22:C5:AB:7D:B3:DD:39:66:19:2F:AA:FE:07:F3:11:5B:0C:8E:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ciLFq32z3TlmGS-q_gfzEVsMjuU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6c/1c60ac-ba3f-440b-868b-ea12ef9422ec/1/Oc9NprofIViDsF2KV84U3TBaHP0.roa
Signing time: Tue 16 Apr 2024 19:13:25 +0000
ROA not before: Tue 16 Apr 2024 19:13:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49872
IP address blocks: 109.122.192.0/24 maxlen: 24
109.122.193.0/24 maxlen: 24
109.122.195.0/24 maxlen: 24
109.122.196.0/24 maxlen: 24
109.122.197.0/24 maxlen: 24
109.122.201.0/24 maxlen: 24
109.122.203.0/24 maxlen: 24
109.122.205.0/24 maxlen: 24
109.122.207.0/24 maxlen: 24
109.122.208.0/24 maxlen: 24
109.122.210.0/24 maxlen: 24
109.122.211.0/24 maxlen: 24
109.122.212.0/24 maxlen: 24
109.122.213.0/24 maxlen: 24
109.122.215.0/24 maxlen: 24
109.122.216.0/24 maxlen: 24
109.122.217.0/24 maxlen: 24
109.122.218.0/24 maxlen: 24
109.122.219.0/24 maxlen: 24
109.122.220.0/24 maxlen: 24
109.122.221.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 30 Apr 2024 05:44:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:e8:54:0d:05:50:82:e4:7d:08:04:50:09:c6:7d:9b:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7222c5ab7db3dd3966192faafe07f3115b0c8ee5
Validity
Not Before: Apr 16 19:13:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=39cf4da6ba1f215883b05d8a57ce14dd305a1cfd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:82:94:fd:f3:70:3c:06:bc:a0:f0:e8:cf:47:
ef:e7:4e:7f:21:26:ed:13:e6:a0:15:6b:60:49:0f:
b3:fe:14:8d:7d:62:f5:62:82:2a:0e:8d:47:4b:53:
54:ae:0b:70:5a:b8:1d:60:46:96:52:04:59:ec:5b:
b7:63:c0:12:8f:03:aa:17:b7:bb:b6:23:91:63:73:
fb:e3:65:6f:3c:8b:ea:03:b5:f2:ba:2e:3a:72:98:
ab:cc:6d:c7:ef:c9:71:9c:1e:6e:65:71:6b:e9:17:
87:35:7e:6d:f4:82:fe:6b:5f:9f:ec:62:d8:14:57:
d4:4a:e2:86:2e:41:81:96:94:4b:7f:35:e7:8b:5d:
fa:37:85:b0:51:fe:da:69:9c:4d:d9:88:a3:15:ba:
88:b7:91:c1:f5:dc:47:7b:6f:0e:f0:04:95:33:63:
d4:cc:4c:74:fc:99:e8:15:73:0b:da:84:69:31:da:
e6:82:f0:e6:a8:4e:00:29:72:aa:d8:17:b7:1f:65:
32:6f:b3:f9:2b:f9:c3:1c:11:7b:cf:b7:79:aa:3a:
5c:43:b8:06:c6:28:40:da:c6:66:5c:6e:e8:2b:20:
07:43:2d:3f:03:2c:ac:4c:00:a7:dc:82:09:7d:6e:
e3:80:be:f3:3c:58:96:f4:66:bd:0e:a5:8b:06:3f:
b2:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:CF:4D:A6:BA:1F:21:58:83:B0:5D:8A:57:CE:14:DD:30:5A:1C:FD
X509v3 Authority Key Identifier:
keyid:72:22:C5:AB:7D:B3:DD:39:66:19:2F:AA:FE:07:F3:11:5B:0C:8E:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ciLFq32z3TlmGS-q_gfzEVsMjuU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/1c60ac-ba3f-440b-868b-ea12ef9422ec/1/Oc9NprofIViDsF2KV84U3TBaHP0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/1c60ac-ba3f-440b-868b-ea12ef9422ec/1/ciLFq32z3TlmGS-q_gfzEVsMjuU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.122.192.0/23
109.122.195.0-109.122.197.255
109.122.201.0/24
109.122.203.0/24
109.122.205.0/24
109.122.207.0-109.122.208.255
109.122.210.0-109.122.213.255
109.122.215.0-109.122.221.255
Signature Algorithm: sha256WithRSAEncryption
25:d3:2b:14:1a:0d:fc:85:fd:30:f3:6e:28:bf:e2:94:04:31:
6c:7f:07:68:1d:78:f4:bb:54:a6:ff:36:fa:51:f9:7d:e5:e1:
f9:ec:7b:35:cc:46:48:11:ae:6d:b4:3e:78:3d:d9:86:0c:56:
14:6e:38:bc:cb:67:44:b1:f2:2d:29:16:c6:c8:18:34:6b:db:
ff:77:47:c7:bc:b8:ba:88:31:62:ba:2a:a2:85:fa:f7:88:ac:
bd:f5:7a:73:b7:04:1e:59:ef:32:2c:d6:e4:88:a0:91:6e:6f:
5b:f9:7e:f0:e2:f4:e4:89:98:d2:4a:c6:83:dd:d6:8a:ed:ee:
df:79:d5:a3:5d:dd:06:f8:35:ba:fc:98:f2:e6:d6:1c:8d:a8:
12:e8:dc:39:64:76:33:6f:dd:8b:f5:0d:d1:27:ec:53:59:5e:
73:3f:54:ba:1a:36:5d:70:03:81:21:e2:2d:54:e8:bd:e9:23:
f4:96:d2:5b:a2:1a:93:57:fa:d5:a2:51:ed:89:ad:db:31:7e:
a1:57:13:49:7f:92:03:4f:25:58:00:28:ea:6c:56:4b:59:9c:
8f:29:ff:bf:92:19:de:0c:4a:f0:c0:5b:38:f4:69:c2:7c:0b:
7c:50:eb:25:37:3a:2b:26:42:bd:96:ea:5b:de:97:72:d7:5f:
ef:45:55:d4
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgISAY7oVA0FUILkfQgEUAnGfZtgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMjJjNWFiN2RiM2RkMzk2NjE5MmZhYWZlMDdmMzExNWIw
YzhlZTUwHhcNMjQwNDE2MTkxMzI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOWNmNGRhNmJhMWYyMTU4ODNiMDVkOGE1N2NlMTRkZDMwNWExY2ZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAloKU/fNwPAa8oPDoz0fv505/ISbt
E+agFWtgSQ+z/hSNfWL1YoIqDo1HS1NUrgtwWrgdYEaWUgRZ7Fu3Y8ASjwOqF7e7
tiORY3P742VvPIvqA7Xyui46cpirzG3H78lxnB5uZXFr6ReHNX5t9IL+a1+f7GLY
FFfUSuKGLkGBlpRLfzXni136N4WwUf7aaZxN2YijFbqIt5HB9dxHe28O8ASVM2PU
zEx0/JnoFXML2oRpMdrmgvDmqE4AKXKq2Be3H2Uyb7P5K/nDHBF7z7d5qjpcQ7gG
xihA2sZmXG7oKyAHQy0/AyysTACn3IIJfW7jgL7zPFiW9Ga9DqWLBj+ysQIDAQAB
o4ICUzCCAk8wHQYDVR0OBBYEFDnPTaa6HyFYg7BdilfOFN0wWhz9MB8GA1UdIwQY
MBaAFHIixat9s905Zhkvqv4H8xFbDI7lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2lMRnEzMnozVGxtR1MtcV9nZnpFVnNNanVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy8xYzYwYWMtYmEzZi00NDBiLTg2OGIt
ZWExMmVmOTQyMmVjLzEvT2M5TnByb2ZJVmlEc0YyS1Y4NFUzVEJhSFAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy8xYzYwYWMtYmEzZi00NDBiLTg2OGItZWExMmVmOTQyMmVj
LzEvY2lMRnEzMnozVGxtR1MtcV9nZnpFVnNNanVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGkGCCsGAQUFBwEHAQH/BFowWDBWBAIAATBQAwQBbXrAMAwD
BABtesMDBAFtesQDBABteskDBABtessDBABtes0wDAMEAG16zwMEAG160DAMAwQB
bXrSAwQBbXrUMAwDBABtetcDBAFtetwwDQYJKoZIhvcNAQELBQADggEBACXTKxQa
DfyF/TDzbii/4pQEMWx/B2gdePS7VKb/NvpR+X3l4fnsezXMRkgRrm20Png92YYM
VhRuOLzLZ0Sx8i0pFsbIGDRr2/93R8e8uLqIMWK6KqKF+veIrL31enO3BB5Z7zIs
1uSIoJFub1v5fvDi9OSJmNJKxoPd1ort7t951aNd3Qb4Nbr8mPLm1hyNqBLo3Dlk
djNv3Yv1DdEn7FNZXnM/VLoaNl1wA4Eh4i1U6L3pI/SW0luiGpNX+tWiUe2Jrdsx
fqFXE0l/kgNPJVgAKOpsVktZnI8p/7+SGd4MSvDAWzj0acJ8C3xQ6yU3OismQr2W
6lvel3LXX+9FVdQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:16:27 2024 by rpki-client on console-ams.rpki-client.org