Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/469d47-01e2-4fcb-a68c-a30d82bd6219/1/C5rfCHo7MOhTuElLIxoQGOxAHYA.roa
File: C5rfCHo7MOhTuElLIxoQGOxAHYA.roa (raw, json)
Hash identifier: Y22ZHjKK2Qk/1ec+P7hwjRIpYvR619J4x5Km64jRpm4=
Subject key identifier: 0B:9A:DF:08:7A:3B:30:E8:53:B8:49:4B:23:1A:10:18:EC:40:1D:80
Certificate issuer: /CN=f7b9d97b97fd4cbaceda81c4406e74ad6d539326
Certificate serial: 01927042B185D054C2E35A116AA26744BEDE
Authority key identifier: F7:B9:D9:7B:97:FD:4C:BA:CE:DA:81:C4:40:6E:74:AD:6D:53:93:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/97nZe5f9TLrO2oHEQG50rW1TkyY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6c/469d47-01e2-4fcb-a68c-a30d82bd6219/1/C5rfCHo7MOhTuElLIxoQGOxAHYA.roa
Signing time: Wed 09 Oct 2024 07:51:11 +0000
ROA not before: Wed 09 Oct 2024 07:51:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214707
IP address blocks: 109.224.208.0/21 maxlen: 21
109.224.208.0/24 maxlen: 24
109.224.209.0/24 maxlen: 24
109.224.210.0/24 maxlen: 24
109.224.211.0/24 maxlen: 24
109.224.212.0/24 maxlen: 24
109.224.213.0/24 maxlen: 24
109.224.214.0/24 maxlen: 24
109.224.215.0/24 maxlen: 24
2a14:6540::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 02 Jan 2025 11:49:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:70:42:b1:85:d0:54:c2:e3:5a:11:6a:a2:67:44:be:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f7b9d97b97fd4cbaceda81c4406e74ad6d539326
Validity
Not Before: Oct 9 07:51:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0b9adf087a3b30e853b8494b231a1018ec401d80
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:2a:12:ba:e7:3c:53:c9:ae:cd:7a:8e:5c:2e:
ce:c6:ae:e9:46:c7:e5:33:52:2f:8a:f2:e7:06:52:
88:46:7e:c0:51:19:51:0c:3f:8f:0b:82:de:40:9e:
5a:bc:31:f6:53:69:e7:5b:40:a3:5e:0f:0f:6c:ca:
d0:fa:7b:38:82:55:57:26:4a:f6:28:f3:cf:ed:62:
a9:1a:9c:ac:9f:f9:65:6c:c1:85:3f:c1:f7:0f:a9:
c6:c1:51:24:c8:c7:a1:d0:e2:f0:70:57:f9:42:0d:
21:cd:f2:dd:1e:03:d0:ad:2d:2c:70:54:40:78:9b:
0e:fd:bb:f7:ec:08:e5:46:41:10:45:87:69:f5:64:
fe:88:dd:44:22:c2:61:50:35:06:fe:e3:f3:ce:6e:
5d:01:75:27:e9:62:62:f7:21:86:07:53:29:67:10:
9d:7f:33:37:94:74:76:08:85:0d:f7:96:0b:a0:72:
1f:a4:26:a7:b0:42:23:4d:a1:03:08:98:2d:2b:e6:
4d:92:9d:19:88:62:03:c3:8d:c4:4e:cc:03:08:1d:
87:62:c9:ce:00:60:86:f0:b5:c6:11:07:88:73:ff:
2d:09:72:45:2e:f0:68:07:1a:84:22:78:aa:6f:c2:
fc:3e:4e:94:df:80:4a:62:ce:51:24:f9:b9:07:14:
2b:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:9A:DF:08:7A:3B:30:E8:53:B8:49:4B:23:1A:10:18:EC:40:1D:80
X509v3 Authority Key Identifier:
keyid:F7:B9:D9:7B:97:FD:4C:BA:CE:DA:81:C4:40:6E:74:AD:6D:53:93:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/97nZe5f9TLrO2oHEQG50rW1TkyY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/469d47-01e2-4fcb-a68c-a30d82bd6219/1/C5rfCHo7MOhTuElLIxoQGOxAHYA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/469d47-01e2-4fcb-a68c-a30d82bd6219/1/97nZe5f9TLrO2oHEQG50rW1TkyY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.224.208.0/21
IPv6:
2a14:6540::/29
Signature Algorithm: sha256WithRSAEncryption
05:bd:6e:54:ca:20:d7:32:e8:5c:ef:16:21:cf:4a:59:b3:ca:
5e:39:1e:95:3b:fb:14:bb:91:57:3e:53:92:e7:35:17:ee:9f:
6d:96:60:31:82:36:74:cd:93:6b:32:25:45:45:b9:cf:92:05:
5a:a9:34:77:ab:7e:9f:ab:e2:57:2f:2d:56:8d:44:2a:e5:b6:
ee:d2:0f:9e:40:aa:b0:e3:a2:b9:36:ea:e3:6b:6e:18:d4:07:
bc:66:c0:c3:85:49:cd:fb:0f:c0:e9:e2:70:db:e8:90:cc:3e:
80:51:ee:37:bb:b1:0b:5e:86:ff:b2:8c:b6:97:9f:87:64:59:
93:a1:fc:18:5a:7c:a0:ba:77:a1:ae:e9:14:5c:15:5f:a4:ed:
5d:22:9c:40:e5:ab:ae:d0:57:6d:42:c4:0a:0c:24:b6:a8:99:
a9:41:e8:1d:0f:f9:a5:22:86:6f:bf:51:51:98:3c:cb:1c:7c:
1e:ef:88:27:73:43:5f:92:2b:df:58:5a:8c:7c:e3:02:00:2e:
31:cc:30:22:fe:e6:c9:76:2b:db:67:84:82:1b:9d:ad:88:6c:
8c:90:df:0e:b1:e1:23:0a:78:24:92:21:29:9a:88:4b:34:6d:
79:b2:5f:58:57:f6:60:4a:e1:ff:ea:7b:31:01:d9:ca:5a:2c:
de:c8:6f:23
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZJwQrGF0FTC41oRaqJnRL7eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3YjlkOTdiOTdmZDRjYmFjZWRhODFjNDQwNmU3NGFkNmQ1
MzkzMjYwHhcNMjQxMDA5MDc1MTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjlhZGYwODdhM2IzMGU4NTNiODQ5NGIyMzFhMTAxOGVjNDAxZDgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwSoSuuc8U8muzXqOXC7Oxq7pRsfl
M1IvivLnBlKIRn7AURlRDD+PC4LeQJ5avDH2U2nnW0CjXg8PbMrQ+ns4glVXJkr2
KPPP7WKpGpysn/llbMGFP8H3D6nGwVEkyMeh0OLwcFf5Qg0hzfLdHgPQrS0scFRA
eJsO/bv37AjlRkEQRYdp9WT+iN1EIsJhUDUG/uPzzm5dAXUn6WJi9yGGB1MpZxCd
fzM3lHR2CIUN95YLoHIfpCansEIjTaEDCJgtK+ZNkp0ZiGIDw43ETswDCB2HYsnO
AGCG8LXGEQeIc/8tCXJFLvBoBxqEIniqb8L8Pk6U34BKYs5RJPm5BxQrdQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFAua3wh6OzDoU7hJSyMaEBjsQB2AMB8GA1UdIwQY
MBaAFPe52XuX/Uy6ztqBxEBudK1tU5MmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOTduWmU1ZjlUTHJPMm9IRVFHNTByVzFUa3lZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy80NjlkNDctMDFlMi00ZmNiLWE2OGMt
YTMwZDgyYmQ2MjE5LzEvQzVyZkNIbzdNT2hUdUVsTEl4b1FHT3hBSFlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy80NjlkNDctMDFlMi00ZmNiLWE2OGMtYTMwZDgyYmQ2MjE5
LzEvOTduWmU1ZjlUTHJPMm9IRVFHNTByVzFUa3lZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDbeDQMA0E
AgACMAcDBQMqFGVAMA0GCSqGSIb3DQEBCwUAA4IBAQAFvW5UyiDXMuhc7xYhz0pZ
s8peOR6VO/sUu5FXPlOS5zUX7p9tlmAxgjZ0zZNrMiVFRbnPkgVaqTR3q36fq+JX
Ly1WjUQq5bbu0g+eQKqw46K5Nurja24Y1Ae8ZsDDhUnN+w/A6eJw2+iQzD6AUe43
u7ELXob/soy2l5+HZFmTofwYWnygunehrukUXBVfpO1dIpxA5auu0FdtQsQKDCS2
qJmpQegdD/mlIoZvv1FRmDzLHHwe74gnc0NfkivfWFqMfOMCAC4xzDAi/ubJdivb
Z4SCG52tiGyMkN8OseEjCngkkiEpmohLNG15sl9YV/ZgSuH/6nsxAdnKWizeyG8j
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:46:54 2025 by rpki-client