Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/1c60ac-ba3f-440b-868b-ea12ef9422ec/1/ayRIfERmoY0uzP54J2wCKY2Bs8o.roa
File: ayRIfERmoY0uzP54J2wCKY2Bs8o.roa (raw, json)
Hash identifier: C2A29P5IcyUVuvFLwgXMAzHNkxeoWlsIkOMmH4z85jI=
Subject key identifier: 6B:24:48:7C:44:66:A1:8D:2E:CC:FE:78:27:6C:02:29:8D:81:B3:CA
Certificate issuer: /CN=7222c5ab7db3dd3966192faafe07f3115b0c8ee5
Certificate serial: 018DF0971179AC987E9D0283A5E2EBF94E25
Authority key identifier: 72:22:C5:AB:7D:B3:DD:39:66:19:2F:AA:FE:07:F3:11:5B:0C:8E:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ciLFq32z3TlmGS-q_gfzEVsMjuU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6c/1c60ac-ba3f-440b-868b-ea12ef9422ec/1/ayRIfERmoY0uzP54J2wCKY2Bs8o.roa
Signing time: Wed 28 Feb 2024 16:40:48 +0000
ROA not before: Wed 28 Feb 2024 16:40:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39368
IP address blocks: 109.122.199.0/24 maxlen: 24
109.122.209.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 06 Mar 2024 14:32:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:f0:97:11:79:ac:98:7e:9d:02:83:a5:e2:eb:f9:4e:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7222c5ab7db3dd3966192faafe07f3115b0c8ee5
Validity
Not Before: Feb 28 16:40:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6b24487c4466a18d2eccfe78276c02298d81b3ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:6c:bb:39:e0:35:9b:bd:bc:35:78:55:3e:c0:
be:21:0b:72:37:45:ea:8e:1b:c9:cc:d3:9c:44:1f:
76:72:fc:b8:1b:b8:0f:43:df:be:aa:bf:28:ac:ad:
02:e5:18:a7:e4:a6:22:7e:3d:f2:8f:09:11:b5:1a:
b4:21:d6:0c:dd:08:a1:5e:e0:ec:33:9e:90:d3:49:
17:db:ab:ec:d8:d5:0f:bf:b5:a3:23:8f:e5:39:7a:
dc:76:8c:37:11:db:5f:d7:fc:59:ba:8a:4a:30:f6:
2e:c0:ce:dc:e2:5a:f5:84:11:d5:b9:ec:c9:67:ff:
90:29:e6:4b:a1:d5:05:b8:58:2d:00:b5:3c:b0:62:
20:d3:d2:23:59:3b:28:05:b0:bd:d5:7d:95:17:0d:
cc:60:de:b5:34:08:84:c2:d6:f4:97:47:3c:64:03:
7c:37:de:66:f0:51:68:55:e9:49:b5:57:6b:25:34:
2a:fb:fe:97:56:df:0a:f1:7a:29:9e:5a:bf:c7:33:
24:bf:16:84:1c:42:72:ed:02:b9:f0:f4:24:2c:b4:
f4:5d:46:21:4f:72:7f:53:c9:b8:d2:03:fe:80:40:
2b:08:9e:6e:59:ce:65:ad:ef:3c:55:7c:6a:bd:ce:
f4:84:91:16:50:30:78:0b:f1:b3:31:6f:cb:cd:52:
6e:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:24:48:7C:44:66:A1:8D:2E:CC:FE:78:27:6C:02:29:8D:81:B3:CA
X509v3 Authority Key Identifier:
keyid:72:22:C5:AB:7D:B3:DD:39:66:19:2F:AA:FE:07:F3:11:5B:0C:8E:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ciLFq32z3TlmGS-q_gfzEVsMjuU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/1c60ac-ba3f-440b-868b-ea12ef9422ec/1/ayRIfERmoY0uzP54J2wCKY2Bs8o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/1c60ac-ba3f-440b-868b-ea12ef9422ec/1/ciLFq32z3TlmGS-q_gfzEVsMjuU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.122.199.0/24
109.122.209.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:10:6e:33:18:fb:2f:54:4d:fe:b0:db:1c:e6:86:9d:e3:5a:
03:37:27:08:63:a1:a5:1b:7e:36:58:9e:b4:64:8d:17:2a:de:
b6:55:07:aa:ce:9b:64:f7:04:f3:dd:d8:2b:6b:94:07:09:a7:
8d:c2:3a:33:65:a3:6e:04:f5:d6:f6:35:f6:16:fc:27:0c:67:
e7:a1:5b:6e:26:9a:73:cb:ae:f0:9e:73:4b:a4:c6:00:77:a8:
f3:ae:d6:c6:55:de:5f:e8:08:6a:db:c1:7d:6f:e0:c6:ea:d1:
23:a7:59:4c:2f:70:d0:35:13:eb:6c:5f:0d:47:0a:2e:2e:15:
5f:f3:54:71:cd:7e:0f:12:dc:70:21:7b:0e:26:74:f7:d7:7a:
08:25:02:0d:9f:7a:6f:d0:dc:11:78:47:97:75:e3:b6:1f:e5:
c2:cb:c0:4b:4d:c5:bc:1d:21:ea:2a:51:5c:1b:77:3a:46:7d:
ce:77:6c:12:58:47:1a:ba:b8:bd:13:fd:9e:e7:fd:d6:f3:f0:
58:4a:a5:33:22:d2:2c:0a:68:b1:34:c7:b1:49:56:38:13:84:
f2:33:b3:2b:8e:af:09:76:55:df:a7:05:93:29:06:b1:73:27:
8c:d9:11:4d:17:c0:95:fd:f4:c0:52:45:81:e6:5e:e9:e2:66:
ea:07:67:c6
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY3wlxF5rJh+nQKDpeLr+U4lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMjJjNWFiN2RiM2RkMzk2NjE5MmZhYWZlMDdmMzExNWIw
YzhlZTUwHhcNMjQwMjI4MTY0MDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YjI0NDg3YzQ0NjZhMThkMmVjY2ZlNzgyNzZjMDIyOThkODFiM2NhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgWy7OeA1m728NXhVPsC+IQtyN0Xq
jhvJzNOcRB92cvy4G7gPQ9++qr8orK0C5Rin5KYifj3yjwkRtRq0IdYM3QihXuDs
M56Q00kX26vs2NUPv7WjI4/lOXrcdow3Edtf1/xZuopKMPYuwM7c4lr1hBHVuezJ
Z/+QKeZLodUFuFgtALU8sGIg09IjWTsoBbC91X2VFw3MYN61NAiEwtb0l0c8ZAN8
N95m8FFoVelJtVdrJTQq+/6XVt8K8Xopnlq/xzMkvxaEHEJy7QK58PQkLLT0XUYh
T3J/U8m40gP+gEArCJ5uWc5lre88VXxqvc70hJEWUDB4C/GzMW/LzVJu+QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGskSHxEZqGNLsz+eCdsAimNgbPKMB8GA1UdIwQY
MBaAFHIixat9s905Zhkvqv4H8xFbDI7lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2lMRnEzMnozVGxtR1MtcV9nZnpFVnNNanVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy8xYzYwYWMtYmEzZi00NDBiLTg2OGIt
ZWExMmVmOTQyMmVjLzEvYXlSSWZFUm1vWTB1elA1NEoyd0NLWTJCczhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy8xYzYwYWMtYmEzZi00NDBiLTg2OGItZWExMmVmOTQyMmVj
LzEvY2lMRnEzMnozVGxtR1MtcV9nZnpFVnNNanVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAbXrHAwQA
bXrRMA0GCSqGSIb3DQEBCwUAA4IBAQB/EG4zGPsvVE3+sNsc5oad41oDNycIY6Gl
G342WJ60ZI0XKt62VQeqzptk9wTz3dgra5QHCaeNwjozZaNuBPXW9jX2FvwnDGfn
oVtuJppzy67wnnNLpMYAd6jzrtbGVd5f6Ahq28F9b+DG6tEjp1lML3DQNRPrbF8N
RwouLhVf81RxzX4PEtxwIXsOJnT313oIJQINn3pv0NwReEeXdeO2H+XCy8BLTcW8
HSHqKlFcG3c6Rn3Od2wSWEcauri9E/2e5/3W8/BYSqUzItIsCmixNMexSVY4E4Ty
M7Mrjq8JdlXfpwWTKQaxcyeM2RFNF8CV/fTAUkWB5l7p4mbqB2fG
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:16:27 2024 by rpki-client on console-ams.rpki-client.org