Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/1c60ac-ba3f-440b-868b-ea12ef9422ec/1/oU-6p8BCG6YCm1WPEbZb3Kczg30.roa
File: oU-6p8BCG6YCm1WPEbZb3Kczg30.roa (raw, json)
Hash identifier: xoifJySZi9rUy0I2IurWujCaXTqIkWH/2bFh+bRmYnY=
Subject key identifier: A1:4F:BA:A7:C0:42:1B:A6:02:9B:55:8F:11:B6:5B:DC:A7:33:83:7D
Certificate issuer: /CN=7222c5ab7db3dd3966192faafe07f3115b0c8ee5
Certificate serial: 018D0E0C23F916CB2DC99C73F1A5FB5EDD33
Authority key identifier: 72:22:C5:AB:7D:B3:DD:39:66:19:2F:AA:FE:07:F3:11:5B:0C:8E:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ciLFq32z3TlmGS-q_gfzEVsMjuU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6c/1c60ac-ba3f-440b-868b-ea12ef9422ec/1/oU-6p8BCG6YCm1WPEbZb3Kczg30.roa
Signing time: Mon 15 Jan 2024 16:54:53 +0000
ROA not before: Mon 15 Jan 2024 16:54:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49872
IP address blocks: 109.122.192.0/24 maxlen: 24
109.122.195.0/24 maxlen: 24
109.122.193.0/24 maxlen: 24
109.122.205.0/24 maxlen: 24
109.122.201.0/24 maxlen: 24
109.122.213.0/24 maxlen: 24
109.122.212.0/24 maxlen: 24
109.122.211.0/24 maxlen: 24
109.122.210.0/24 maxlen: 24
109.122.207.0/24 maxlen: 24
109.122.217.0/24 maxlen: 24
109.122.216.0/24 maxlen: 24
109.122.215.0/24 maxlen: 24
109.122.220.0/24 maxlen: 24
109.122.221.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 15 Feb 2024 11:07:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:0e:0c:23:f9:16:cb:2d:c9:9c:73:f1:a5:fb:5e:dd:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7222c5ab7db3dd3966192faafe07f3115b0c8ee5
Validity
Not Before: Jan 15 16:54:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a14fbaa7c0421ba6029b558f11b65bdca733837d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:d1:7e:f9:52:35:26:bc:d6:53:4e:bb:67:cb:
62:f5:76:2d:c2:41:4e:30:8f:51:4d:41:be:92:10:
ee:cd:24:03:14:64:e8:ae:54:da:9b:09:0b:b2:ee:
94:2d:e6:80:db:2d:ef:a3:e7:5d:d1:51:c1:11:ae:
37:2a:ce:16:fe:5c:e3:fa:c5:6c:ad:17:0c:2f:30:
34:39:08:94:57:98:ad:fc:ae:aa:92:ce:33:eb:89:
db:01:73:20:3f:91:ea:25:07:46:d1:09:5f:9a:4a:
97:d0:28:f9:63:27:6c:28:c4:fc:59:f7:19:d6:0d:
03:e9:2d:e5:98:f2:6c:24:9f:e5:66:9b:46:45:a3:
e0:c6:82:d5:f4:01:8a:53:2e:23:13:c4:38:46:6e:
98:75:5a:1e:0b:95:89:ce:d9:03:58:8a:b0:83:5e:
dd:9e:cb:32:29:16:c9:04:1c:e1:01:71:3e:b7:4c:
55:6d:4b:46:f2:c9:6f:90:f2:1e:7a:1a:ed:9e:3b:
12:59:9f:56:ff:f2:b8:4e:6b:68:96:51:03:c4:7b:
11:e0:72:1e:bc:9a:3e:f9:53:cf:1a:d4:a2:5f:ba:
d2:a9:62:63:f0:58:fd:ae:3f:34:f3:43:8f:5f:f0:
f4:23:c4:5d:c2:e8:a8:70:8e:b5:35:43:ea:56:de:
ad:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:4F:BA:A7:C0:42:1B:A6:02:9B:55:8F:11:B6:5B:DC:A7:33:83:7D
X509v3 Authority Key Identifier:
keyid:72:22:C5:AB:7D:B3:DD:39:66:19:2F:AA:FE:07:F3:11:5B:0C:8E:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ciLFq32z3TlmGS-q_gfzEVsMjuU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/1c60ac-ba3f-440b-868b-ea12ef9422ec/1/oU-6p8BCG6YCm1WPEbZb3Kczg30.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/1c60ac-ba3f-440b-868b-ea12ef9422ec/1/ciLFq32z3TlmGS-q_gfzEVsMjuU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.122.192.0/23
109.122.195.0/24
109.122.201.0/24
109.122.205.0/24
109.122.207.0/24
109.122.210.0-109.122.213.255
109.122.215.0-109.122.217.255
109.122.220.0/23
Signature Algorithm: sha256WithRSAEncryption
0a:47:b3:0b:a1:72:18:d8:31:f5:ca:73:fb:c2:1d:83:16:70:
5b:62:93:a0:15:1d:26:e6:84:87:9e:07:a8:cc:09:60:ee:ff:
c7:26:37:6f:81:ab:91:9e:34:29:bd:95:e9:e6:3b:42:28:89:
57:89:f2:4c:25:0b:48:ec:2d:eb:d3:47:22:42:15:73:f6:01:
71:a1:e9:ac:fb:1f:fe:f0:06:35:b0:2d:6f:50:d8:14:fb:61:
a5:a3:1f:c9:3f:64:16:73:21:b7:03:9d:4d:dc:24:62:20:9b:
a6:0b:80:74:10:bc:fe:67:a1:50:a7:2a:b4:98:dd:91:0d:fa:
82:ef:27:39:8b:c5:9d:9f:0f:b9:8a:12:e8:3d:e2:66:be:86:
78:f0:f1:a9:9d:cc:ed:fc:c5:b9:22:c9:68:dd:64:52:ff:1d:
04:d7:db:07:fb:fd:65:d2:2c:fa:16:91:23:0d:fa:e3:d6:b8:
6a:7f:e7:d4:63:0d:e5:ef:56:4b:d7:cb:38:5b:37:95:ce:f7:
68:ce:f9:3b:9e:de:f3:0a:13:12:02:6c:bd:ac:fa:b3:6d:75:
81:46:61:57:cf:a9:25:59:20:65:f6:03:fd:a7:fc:40:45:09:
af:71:0a:9b:63:bb:b4:ab:7e:63:8f:fd:58:4f:79:7e:86:d4:
cf:04:85:62
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISAY0ODCP5FsstyZxz8aX7Xt0zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMjJjNWFiN2RiM2RkMzk2NjE5MmZhYWZlMDdmMzExNWIw
YzhlZTUwHhcNMjQwMTE1MTY1NDUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTRmYmFhN2MwNDIxYmE2MDI5YjU1OGYxMWI2NWJkY2E3MzM4MzdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvdF++VI1JrzWU067Z8ti9XYtwkFO
MI9RTUG+khDuzSQDFGTorlTamwkLsu6ULeaA2y3vo+dd0VHBEa43Ks4W/lzj+sVs
rRcMLzA0OQiUV5it/K6qks4z64nbAXMgP5HqJQdG0QlfmkqX0Cj5YydsKMT8WfcZ
1g0D6S3lmPJsJJ/lZptGRaPgxoLV9AGKUy4jE8Q4Rm6YdVoeC5WJztkDWIqwg17d
nssyKRbJBBzhAXE+t0xVbUtG8slvkPIeehrtnjsSWZ9W//K4TmtollEDxHsR4HIe
vJo++VPPGtSiX7rSqWJj8Fj9rj8080OPX/D0I8RdwuiocI61NUPqVt6tawIDAQAB
o4ICQzCCAj8wHQYDVR0OBBYEFKFPuqfAQhumAptVjxG2W9ynM4N9MB8GA1UdIwQY
MBaAFHIixat9s905Zhkvqv4H8xFbDI7lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2lMRnEzMnozVGxtR1MtcV9nZnpFVnNNanVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy8xYzYwYWMtYmEzZi00NDBiLTg2OGIt
ZWExMmVmOTQyMmVjLzEvb1UtNnA4QkNHNllDbTFXUEViWmIzS2N6ZzMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy8xYzYwYWMtYmEzZi00NDBiLTg2OGItZWExMmVmOTQyMmVj
LzEvY2lMRnEzMnozVGxtR1MtcV9nZnpFVnNNanVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFkGCCsGAQUFBwEHAQH/BEowSDBGBAIAATBAAwQBbXrAAwQA
bXrDAwQAbXrJAwQAbXrNAwQAbXrPMAwDBAFtetIDBAFtetQwDAMEAG161wMEAW16
2AMEAW163DANBgkqhkiG9w0BAQsFAAOCAQEACkezC6FyGNgx9cpz+8IdgxZwW2KT
oBUdJuaEh54HqMwJYO7/xyY3b4GrkZ40Kb2V6eY7QiiJV4nyTCULSOwt69NHIkIV
c/YBcaHprPsf/vAGNbAtb1DYFPthpaMfyT9kFnMhtwOdTdwkYiCbpguAdBC8/meh
UKcqtJjdkQ36gu8nOYvFnZ8PuYoS6D3iZr6GePDxqZ3M7fzFuSLJaN1kUv8dBNfb
B/v9ZdIs+haRIw3649a4an/n1GMN5e9WS9fLOFs3lc73aM75O57e8woTEgJsvaz6
s211gUZhV8+pJVkgZfYD/af8QEUJr3EKm2O7tKt+Y4/9WE95fobUzwSFYg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:16:27 2024 by rpki-client on console-ams.rpki-client.org