Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/1c60ac-ba3f-440b-868b-ea12ef9422ec/1/uIa-BaFLG_kTJmakHi13vR93-P0.roa
File: uIa-BaFLG_kTJmakHi13vR93-P0.roa (raw, json)
Hash identifier: A43B0b1ad96mLl1t3I0qK2FRkA58CCe+UnL9pwL3MsI=
Subject key identifier: B8:86:BE:05:A1:4B:1B:F9:13:26:66:A4:1E:2D:77:BD:1F:77:F8:FD
Certificate issuer: /CN=7222c5ab7db3dd3966192faafe07f3115b0c8ee5
Certificate serial: 018C6C5347367F39278666104D4324033EA6
Authority key identifier: 72:22:C5:AB:7D:B3:DD:39:66:19:2F:AA:FE:07:F3:11:5B:0C:8E:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ciLFq32z3TlmGS-q_gfzEVsMjuU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6c/1c60ac-ba3f-440b-868b-ea12ef9422ec/1/uIa-BaFLG_kTJmakHi13vR93-P0.roa
Signing time: Fri 15 Dec 2023 07:14:06 +0000
ROA not before: Fri 15 Dec 2023 07:14:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49872
IP address blocks: 109.122.192.0/24 maxlen: 24
109.122.193.0/24 maxlen: 24
109.122.217.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 15 Dec 2023 08:04:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:6c:53:47:36:7f:39:27:86:66:10:4d:43:24:03:3e:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7222c5ab7db3dd3966192faafe07f3115b0c8ee5
Validity
Not Before: Dec 15 07:14:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b886be05a14b1bf9132666a41e2d77bd1f77f8fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:39:94:33:98:d1:d9:47:f2:73:a7:3c:34:bb:
13:05:66:3b:80:cd:23:1a:80:1e:ee:e3:69:b6:8e:
1b:5d:96:9b:61:a8:42:bb:a8:ae:99:83:45:fa:cb:
ef:fe:3f:b8:11:21:64:85:35:fc:fb:37:f1:18:3d:
6f:7d:f1:e9:ef:e9:74:f6:2d:7d:49:9e:c4:8a:bc:
99:6e:c7:72:7b:0e:7b:37:ba:e4:5f:54:3a:ea:e1:
01:78:b4:18:00:4f:43:71:6b:61:ba:75:a4:12:81:
27:90:18:dc:01:07:bf:0f:69:9f:e6:f3:6c:cc:ed:
ea:1d:c6:4b:03:09:b0:5a:10:2e:e4:a8:29:28:55:
51:38:97:91:64:7b:08:93:9a:7d:f0:78:3f:f0:e3:
9c:f8:51:47:12:82:fa:1b:aa:4c:da:a0:57:55:42:
62:fc:d2:7c:f9:7e:16:38:d0:6c:a4:4d:55:cd:42:
65:2b:a9:63:33:ee:de:9a:d4:79:a8:19:a6:01:ca:
dd:ed:b3:ea:ce:17:53:ee:e1:e0:e6:90:ef:c6:2b:
da:a3:b4:6c:fa:43:8c:b5:aa:0c:8e:b1:12:eb:2e:
20:d1:15:da:79:ed:54:31:cd:12:c8:ac:c3:e8:5b:
08:1a:83:5a:d7:6a:c3:bb:a2:5c:ea:16:d0:7e:6d:
35:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:86:BE:05:A1:4B:1B:F9:13:26:66:A4:1E:2D:77:BD:1F:77:F8:FD
X509v3 Authority Key Identifier:
keyid:72:22:C5:AB:7D:B3:DD:39:66:19:2F:AA:FE:07:F3:11:5B:0C:8E:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ciLFq32z3TlmGS-q_gfzEVsMjuU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/1c60ac-ba3f-440b-868b-ea12ef9422ec/1/uIa-BaFLG_kTJmakHi13vR93-P0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/1c60ac-ba3f-440b-868b-ea12ef9422ec/1/ciLFq32z3TlmGS-q_gfzEVsMjuU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.122.192.0/23
109.122.217.0/24
Signature Algorithm: sha256WithRSAEncryption
31:41:32:76:71:fe:0c:6b:65:64:39:f2:f5:27:30:c7:50:a0:
f8:08:9c:aa:ac:08:b1:48:c5:4c:2d:cd:79:d3:61:24:c7:32:
6f:20:5d:93:e7:18:a6:07:08:70:c4:d9:0f:c8:1f:dd:23:4f:
f8:41:5f:01:c6:49:db:db:a0:4b:74:31:2e:c2:fa:79:e2:8e:
5f:a1:fe:97:e0:42:36:f4:b6:af:e4:ca:ab:eb:f2:d5:77:97:
05:3e:c8:8f:04:f1:c7:58:09:b1:1d:2a:a0:df:b3:15:fa:22:
1a:ca:e1:36:1f:6c:c9:b8:16:fc:e7:8e:92:d1:60:76:5e:27:
66:df:89:40:0f:ce:50:d4:5e:94:07:4d:05:2d:7f:18:14:13:
5b:c6:62:eb:42:af:a5:75:5f:98:85:ff:be:c9:cd:30:1a:c3:
0a:af:c0:7a:ee:1a:c0:f2:01:ef:95:0e:e2:dd:0a:1b:65:d9:
71:3c:9c:49:4e:12:2b:5e:51:dd:ca:73:7a:30:11:5b:e5:52:
57:9e:10:37:5b:e4:7e:fb:8f:fd:b4:4c:54:23:5e:9e:8d:10:
89:6f:54:13:d6:a5:66:03:12:4c:23:df:52:14:71:ff:11:29:
b9:d0:1f:aa:21:83:c5:b4:68:ca:22:c8:d1:dd:d6:6e:b9:ab:
a6:53:8d:4f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYxsU0c2fzknhmYQTUMkAz6mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMjJjNWFiN2RiM2RkMzk2NjE5MmZhYWZlMDdmMzExNWIw
YzhlZTUwHhcNMjMxMjE1MDcxNDA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiODg2YmUwNWExNGIxYmY5MTMyNjY2YTQxZTJkNzdiZDFmNzdmOGZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnDmUM5jR2Ufyc6c8NLsTBWY7gM0j
GoAe7uNpto4bXZabYahCu6iumYNF+svv/j+4ESFkhTX8+zfxGD1vffHp7+l09i19
SZ7EiryZbsdyew57N7rkX1Q66uEBeLQYAE9DcWthunWkEoEnkBjcAQe/D2mf5vNs
zO3qHcZLAwmwWhAu5KgpKFVROJeRZHsIk5p98Hg/8OOc+FFHEoL6G6pM2qBXVUJi
/NJ8+X4WONBspE1VzUJlK6ljM+7emtR5qBmmAcrd7bPqzhdT7uHg5pDvxivao7Rs
+kOMtaoMjrES6y4g0RXaee1UMc0SyKzD6FsIGoNa12rDu6Jc6hbQfm01LwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLiGvgWhSxv5EyZmpB4td70fd/j9MB8GA1UdIwQY
MBaAFHIixat9s905Zhkvqv4H8xFbDI7lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2lMRnEzMnozVGxtR1MtcV9nZnpFVnNNanVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy8xYzYwYWMtYmEzZi00NDBiLTg2OGIt
ZWExMmVmOTQyMmVjLzEvdUlhLUJhRkxHX2tUSm1ha0hpMTN2UjkzLVAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy8xYzYwYWMtYmEzZi00NDBiLTg2OGItZWExMmVmOTQyMmVj
LzEvY2lMRnEzMnozVGxtR1MtcV9nZnpFVnNNanVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBbXrAAwQA
bXrZMA0GCSqGSIb3DQEBCwUAA4IBAQAxQTJ2cf4Ma2VkOfL1JzDHUKD4CJyqrAix
SMVMLc1502EkxzJvIF2T5ximBwhwxNkPyB/dI0/4QV8Bxknb26BLdDEuwvp54o5f
of6X4EI29Lav5Mqr6/LVd5cFPsiPBPHHWAmxHSqg37MV+iIayuE2H2zJuBb8546S
0WB2Xidm34lAD85Q1F6UB00FLX8YFBNbxmLrQq+ldV+Yhf++yc0wGsMKr8B67hrA
8gHvlQ7i3QobZdlxPJxJThIrXlHdynN6MBFb5VJXnhA3W+R++4/9tExUI16ejRCJ
b1QT1qVmAxJMI99SFHH/ESm50B+qIYPFtGjKIsjR3dZuuaumU41P
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:16:27 2024 by rpki-client on console-ams.rpki-client.org