Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/YHTcFxeYOGlccYiTcpiq8V3aUac.roa
File: YHTcFxeYOGlccYiTcpiq8V3aUac.roa (raw, json)
Hash identifier: 0aMXTwyZiIydzGd9hYyniPpBzFXdzus6tVkHyEAZo0s=
Subject key identifier: 60:74:DC:17:17:98:38:69:5C:71:88:93:72:98:AA:F1:5D:DA:51:A7
Certificate issuer: /CN=1b2c219f3c297b775880c3b651a2003f9be6de5e
Certificate serial: 018EF6754B77A9E2C51A9D2F6AE698D85BD6
Authority key identifier: 1B:2C:21:9F:3C:29:7B:77:58:80:C3:B6:51:A2:00:3F:9B:E6:DE:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gywhnzwpe3dYgMO2UaIAP5vm3l4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/YHTcFxeYOGlccYiTcpiq8V3aUac.roa
Signing time: Fri 19 Apr 2024 13:04:25 +0000
ROA not before: Fri 19 Apr 2024 13:04:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212165
IP address blocks: 109.120.150.0/24 maxlen: 24
109.120.151.0/24 maxlen: 24
109.120.152.0/24 maxlen: 24
109.120.153.0/24 maxlen: 24
109.120.154.0/24 maxlen: 24
109.120.156.0/24 maxlen: 24
109.120.158.0/24 maxlen: 24
109.120.159.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 27 May 2024 06:59:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:f6:75:4b:77:a9:e2:c5:1a:9d:2f:6a:e6:98:d8:5b:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b2c219f3c297b775880c3b651a2003f9be6de5e
Validity
Not Before: Apr 19 13:04:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6074dc17179838695c7188937298aaf15dda51a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:46:9f:21:e1:00:78:89:e4:4f:a2:17:51:01:
d2:93:41:fd:6c:25:32:77:83:67:5b:eb:f7:0e:8e:
11:df:19:ec:6e:f9:bc:f8:30:70:bd:1e:2c:1a:ac:
10:b5:73:46:19:82:26:eb:1c:ca:69:05:67:6e:7c:
04:37:fa:1d:8c:42:8e:b8:60:8d:d5:2f:3c:7b:76:
ab:d1:48:b7:6d:d2:a4:82:78:f5:cf:c5:04:d3:79:
b3:b9:0f:72:42:0e:82:9d:fb:de:0f:8f:93:aa:f8:
29:7b:ea:b9:b0:53:0b:49:7f:d1:e9:11:bb:1f:77:
52:78:c9:a3:ad:31:75:db:dc:53:51:e6:8f:5a:72:
f5:d2:c9:01:93:7b:d7:de:b4:81:79:98:b9:c5:4c:
b5:4a:c2:4e:25:e7:8c:ee:9f:9f:f5:2b:70:97:6e:
df:fd:c5:23:bb:6e:a4:9d:fa:ee:81:ad:35:75:3a:
68:73:b3:8f:4a:b0:76:2e:36:82:06:bc:48:3a:33:
77:46:73:73:60:8d:a5:18:97:34:44:06:d8:d7:bc:
3b:ec:b0:f4:99:50:b2:0d:71:e4:fb:34:3c:4c:e7:
25:eb:6a:de:ea:a4:06:4a:b8:1e:55:61:0e:7a:c2:
e4:56:f4:9f:6b:b6:2b:58:87:12:4d:9d:80:5b:7d:
9d:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:74:DC:17:17:98:38:69:5C:71:88:93:72:98:AA:F1:5D:DA:51:A7
X509v3 Authority Key Identifier:
keyid:1B:2C:21:9F:3C:29:7B:77:58:80:C3:B6:51:A2:00:3F:9B:E6:DE:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gywhnzwpe3dYgMO2UaIAP5vm3l4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/YHTcFxeYOGlccYiTcpiq8V3aUac.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/Gywhnzwpe3dYgMO2UaIAP5vm3l4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.120.150.0-109.120.154.255
109.120.156.0/24
109.120.158.0/23
Signature Algorithm: sha256WithRSAEncryption
22:2a:ef:21:4c:e6:97:39:dd:f6:83:e8:3d:25:8d:6e:32:73:
10:41:60:2a:f8:b8:27:33:8c:c8:9c:74:ed:8f:57:29:59:9c:
32:51:5b:f3:98:30:8b:51:91:b1:c6:2b:e6:5c:f6:bd:34:f1:
6f:0f:6c:06:55:91:1a:84:ce:6a:ce:44:40:18:b6:4a:e2:42:
24:75:e0:63:0f:46:1b:66:bc:52:86:df:5d:94:9f:e7:46:89:
af:54:d4:fb:30:49:b6:7f:40:32:11:67:58:66:c9:3d:f9:7d:
0d:c8:2f:6b:27:49:ab:3c:9a:da:1e:e3:da:1e:37:46:cb:2e:
16:cc:72:7b:b6:2c:51:0f:c8:48:b3:97:8e:d6:47:86:b1:f2:
63:0b:1d:49:34:50:78:77:cd:ec:7f:ee:d5:61:98:79:c8:2c:
89:e3:c7:66:3d:5c:47:bb:55:1f:aa:74:3a:f2:de:03:a3:46:
69:a1:55:7c:61:f1:eb:88:64:8b:1d:5c:72:83:c7:71:ce:bd:
fc:ab:17:48:cc:bb:d2:b2:ed:0d:b1:e6:ae:89:f8:39:cb:70:
b1:89:78:cf:b2:74:bb:23:fa:0c:bd:de:ec:bc:a7:3a:b7:e6:
1c:5d:0c:8d:6f:4d:7e:12:6c:83:65:67:b1:52:6c:0a:f9:83:
88:9c:72:43
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAY72dUt3qeLFGp0vauaY2FvWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMmMyMTlmM2MyOTdiNzc1ODgwYzNiNjUxYTIwMDNmOWJl
NmRlNWUwHhcNMjQwNDE5MTMwNDI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDc0ZGMxNzE3OTgzODY5NWM3MTg4OTM3Mjk4YWFmMTVkZGE1MWE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxEafIeEAeInkT6IXUQHSk0H9bCUy
d4NnW+v3Do4R3xnsbvm8+DBwvR4sGqwQtXNGGYIm6xzKaQVnbnwEN/odjEKOuGCN
1S88e3ar0Ui3bdKkgnj1z8UE03mzuQ9yQg6CnfveD4+Tqvgpe+q5sFMLSX/R6RG7
H3dSeMmjrTF129xTUeaPWnL10skBk3vX3rSBeZi5xUy1SsJOJeeM7p+f9Stwl27f
/cUju26knfruga01dTpoc7OPSrB2LjaCBrxIOjN3RnNzYI2lGJc0RAbY17w77LD0
mVCyDXHk+zQ8TOcl62re6qQGSrgeVWEOesLkVvSfa7YrWIcSTZ2AW32dZwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFGB03BcXmDhpXHGIk3KYqvFd2lGnMB8GA1UdIwQY
MBaAFBssIZ88KXt3WIDDtlGiAD+b5t5eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3l3aG56d3BlM2RZZ01PMlVhSUFQNXZtM2w0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi9iMTFhNDAtNDhlOS00ZTA2LWJmMTEt
OTJjODFmMjJlNzEyLzEvWUhUY0Z4ZVlPR2xjY1lpVGNwaXE4VjNhVWFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi9iMTFhNDAtNDhlOS00ZTA2LWJmMTEtOTJjODFmMjJlNzEy
LzEvR3l3aG56d3BlM2RZZ01PMlVhSUFQNXZtM2w0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAFteJYD
BABteJoDBABteJwDBAFteJ4wDQYJKoZIhvcNAQELBQADggEBACIq7yFM5pc53faD
6D0ljW4ycxBBYCr4uCczjMicdO2PVylZnDJRW/OYMItRkbHGK+Zc9r008W8PbAZV
kRqEzmrOREAYtkriQiR14GMPRhtmvFKG312Un+dGia9U1PswSbZ/QDIRZ1hmyT35
fQ3IL2snSas8mtoe49oeN0bLLhbMcnu2LFEPyEizl47WR4ax8mMLHUk0UHh3zex/
7tVhmHnILInjx2Y9XEe7VR+qdDry3gOjRmmhVXxh8euIZIsdXHKDx3HOvfyrF0jM
u9Ky7Q2x5q6J+DnLcLGJeM+ydLsj+gy93uy8pzq35hxdDI1vTX4SbINlZ7FSbAr5
g4icckM=
-----END CERTIFICATE-----
Generated at Mon May 27 07:46:12 2024 by rpki-client on console-fra.rpki-client.org