Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/I5a_qxhBldr0oZjejCdL05tZwcM.roa
File: I5a_qxhBldr0oZjejCdL05tZwcM.roa (raw, json)
Hash identifier: FAyviPRp0MvIsTUguZ3pNCxK5Qw8lQAkYibxR1mP8fM=
Subject key identifier: 23:96:BF:AB:18:41:95:DA:F4:A1:98:DE:8C:27:4B:D3:9B:59:C1:C3
Certificate issuer: /CN=1b2c219f3c297b775880c3b651a2003f9be6de5e
Certificate serial: 018F9FD318067E01151FDEB2A7F657D31867
Authority key identifier: 1B:2C:21:9F:3C:29:7B:77:58:80:C3:B6:51:A2:00:3F:9B:E6:DE:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gywhnzwpe3dYgMO2UaIAP5vm3l4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/I5a_qxhBldr0oZjejCdL05tZwcM.roa
Signing time: Wed 22 May 2024 10:22:42 +0000
ROA not before: Wed 22 May 2024 10:22:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209224
IP address blocks: 109.120.138.0/24 maxlen: 24
109.120.139.0/24 maxlen: 24
109.120.140.0/24 maxlen: 24
109.120.149.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 27 May 2024 08:30:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:9f:d3:18:06:7e:01:15:1f:de:b2:a7:f6:57:d3:18:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b2c219f3c297b775880c3b651a2003f9be6de5e
Validity
Not Before: May 22 10:22:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2396bfab184195daf4a198de8c274bd39b59c1c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:f3:ea:ee:6b:b7:36:94:9e:72:7b:48:bb:1e:
2a:7a:6d:12:48:03:33:78:65:22:eb:9c:4a:53:24:
b0:c8:5e:4a:5a:61:5f:55:c1:e4:a6:29:9e:87:a5:
b8:67:85:65:72:04:95:ab:ed:99:f6:90:45:b4:a7:
01:23:7c:08:2a:ce:20:70:83:f3:87:7d:ca:5c:b4:
f6:4f:43:49:4a:23:2e:7d:c0:f5:51:c7:1d:88:d1:
7c:fb:69:c3:64:a9:3d:47:4b:e3:9b:39:15:d4:fe:
34:7c:fc:92:c3:21:d5:88:3f:95:da:15:11:0d:54:
24:7e:90:32:d1:34:62:dd:86:bc:a2:41:7d:25:94:
d8:31:d0:a8:ef:58:8c:4d:32:25:db:32:65:28:8a:
61:08:1a:6e:e0:25:bb:d4:7a:aa:cc:6e:d8:e7:d5:
5f:40:3f:97:2d:e0:32:f2:7d:ca:49:7b:ce:9f:2a:
54:ad:58:0e:43:29:41:36:0c:ea:d8:60:0c:a4:46:
a9:f1:6d:c8:8d:00:7e:6a:b1:1b:33:c5:b7:a8:18:
f0:86:65:62:a6:4a:9a:e7:44:9b:c7:7a:58:77:c6:
73:d3:1f:27:fc:49:e0:d1:19:40:14:45:80:4f:e5:
35:7d:6a:d7:08:37:7a:5d:64:b3:a5:0b:d6:af:11:
b7:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:96:BF:AB:18:41:95:DA:F4:A1:98:DE:8C:27:4B:D3:9B:59:C1:C3
X509v3 Authority Key Identifier:
keyid:1B:2C:21:9F:3C:29:7B:77:58:80:C3:B6:51:A2:00:3F:9B:E6:DE:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gywhnzwpe3dYgMO2UaIAP5vm3l4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/I5a_qxhBldr0oZjejCdL05tZwcM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/Gywhnzwpe3dYgMO2UaIAP5vm3l4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.120.138.0-109.120.140.255
109.120.149.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:5a:59:7f:0b:ec:e3:35:22:e7:b6:08:8b:0b:24:4d:b3:75:
c0:59:e5:ca:ba:61:18:a7:bc:80:12:5a:17:53:38:e0:6b:dd:
29:b9:f5:ef:fe:2d:e8:09:33:4d:6a:33:06:12:2b:e0:56:04:
c2:6a:9a:e0:e1:42:5b:1b:90:e5:78:9f:5d:1e:84:0b:ba:22:
84:72:27:b7:16:2e:18:81:ac:f2:87:a1:b8:4b:45:87:06:0c:
4e:a1:a3:3c:c1:ec:ad:85:91:b7:d8:22:82:f4:d6:c6:57:b0:
ef:90:e1:9d:5f:f3:57:ef:7a:41:4f:fa:71:79:ff:63:34:fb:
42:b7:43:b8:54:69:c0:db:47:b2:9d:5e:2d:af:dd:d4:79:ba:
63:4b:45:08:f8:00:72:cd:1f:b9:50:35:84:32:f7:e4:d9:a3:
2a:6e:35:6d:c2:9e:ce:2e:c9:12:b8:1d:1a:ef:a2:9a:b8:7c:
54:b4:32:82:fb:ca:f8:2d:17:7a:cc:09:69:56:c0:1f:08:07:
e8:0b:21:bd:a9:5b:c4:63:c1:98:1d:6a:aa:cd:43:76:aa:42:
0e:06:d0:29:74:8b:31:a3:23:bc:6a:60:51:2e:51:49:68:a5:
9e:1e:1b:27:e6:dc:40:28:51:f1:d0:aa:0e:ff:41:9d:43:6a:
7a:5a:f3:20
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAY+f0xgGfgEVH96yp/ZX0xhnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMmMyMTlmM2MyOTdiNzc1ODgwYzNiNjUxYTIwMDNmOWJl
NmRlNWUwHhcNMjQwNTIyMTAyMjQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzk2YmZhYjE4NDE5NWRhZjRhMTk4ZGU4YzI3NGJkMzliNTljMWMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuPPq7mu3NpSecntIux4qem0SSAMz
eGUi65xKUySwyF5KWmFfVcHkpimeh6W4Z4VlcgSVq+2Z9pBFtKcBI3wIKs4gcIPz
h33KXLT2T0NJSiMufcD1UccdiNF8+2nDZKk9R0vjmzkV1P40fPySwyHViD+V2hUR
DVQkfpAy0TRi3Ya8okF9JZTYMdCo71iMTTIl2zJlKIphCBpu4CW71HqqzG7Y59Vf
QD+XLeAy8n3KSXvOnypUrVgOQylBNgzq2GAMpEap8W3IjQB+arEbM8W3qBjwhmVi
pkqa50Sbx3pYd8Zz0x8n/Eng0RlAFEWAT+U1fWrXCDd6XWSzpQvWrxG3ZwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFCOWv6sYQZXa9KGY3ownS9ObWcHDMB8GA1UdIwQY
MBaAFBssIZ88KXt3WIDDtlGiAD+b5t5eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3l3aG56d3BlM2RZZ01PMlVhSUFQNXZtM2w0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi9iMTFhNDAtNDhlOS00ZTA2LWJmMTEt
OTJjODFmMjJlNzEyLzEvSTVhX3F4aEJsZHIwb1pqZWpDZEwwNXRad2NNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi9iMTFhNDAtNDhlOS00ZTA2LWJmMTEtOTJjODFmMjJlNzEy
LzEvR3l3aG56d3BlM2RZZ01PMlVhSUFQNXZtM2w0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAFteIoD
BABteIwDBABteJUwDQYJKoZIhvcNAQELBQADggEBAC9aWX8L7OM1Iue2CIsLJE2z
dcBZ5cq6YRinvIASWhdTOOBr3Sm59e/+LegJM01qMwYSK+BWBMJqmuDhQlsbkOV4
n10ehAu6IoRyJ7cWLhiBrPKHobhLRYcGDE6hozzB7K2FkbfYIoL01sZXsO+Q4Z1f
81fvekFP+nF5/2M0+0K3Q7hUacDbR7KdXi2v3dR5umNLRQj4AHLNH7lQNYQy9+TZ
oypuNW3Cns4uyRK4HRrvopq4fFS0MoL7yvgtF3rMCWlWwB8IB+gLIb2pW8RjwZgd
aqrNQ3aqQg4G0Cl0izGjI7xqYFEuUUlopZ4eGyfm3EAoUfHQqg7/QZ1Danpa8yA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:17:02 2024 by rpki-client on console-ams.rpki-client.org