Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/_5TsgjlpyyatrNjT3kisglVDCpE.roa
File: _5TsgjlpyyatrNjT3kisglVDCpE.roa (raw, json)
Hash identifier: PA7LAAAeJJy5mn82+ZgtgSWJpmSTBV2jubdHbbQnD7E=
Subject key identifier: FF:94:EC:82:39:69:CB:26:AD:AC:D8:D3:DE:48:AC:82:55:43:0A:91
Certificate issuer: /CN=1b2c219f3c297b775880c3b651a2003f9be6de5e
Certificate serial: 018EF60DD7715C8F79C508B6E16DC5ED360F
Authority key identifier: 1B:2C:21:9F:3C:29:7B:77:58:80:C3:B6:51:A2:00:3F:9B:E6:DE:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gywhnzwpe3dYgMO2UaIAP5vm3l4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/_5TsgjlpyyatrNjT3kisglVDCpE.roa
Signing time: Fri 19 Apr 2024 11:11:25 +0000
ROA not before: Fri 19 Apr 2024 11:11:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209224
IP address blocks: 109.120.138.0/24 maxlen: 24
109.120.139.0/24 maxlen: 24
109.120.140.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 22 May 2024 10:22:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:f6:0d:d7:71:5c:8f:79:c5:08:b6:e1:6d:c5:ed:36:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b2c219f3c297b775880c3b651a2003f9be6de5e
Validity
Not Before: Apr 19 11:11:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ff94ec823969cb26adacd8d3de48ac8255430a91
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:80:de:8c:76:ba:cd:3e:2a:c4:13:dc:53:06:
34:67:b9:7c:4d:81:3a:ad:38:6d:30:20:c9:9c:ab:
52:bd:2f:f9:23:11:b6:cd:dd:05:f0:c5:62:fd:d8:
0e:81:e6:4a:33:4d:60:16:d3:56:4d:db:be:a9:2e:
08:60:64:a2:db:c5:00:29:67:4e:87:64:fc:e3:70:
12:a9:27:10:da:6a:e6:18:7e:92:b3:c6:0a:db:39:
51:0d:7f:82:ad:74:0d:3f:f2:b8:29:89:d8:39:17:
22:3b:01:a6:13:e7:63:52:87:57:6e:c0:25:b5:1f:
10:14:8e:2e:c4:b5:2e:f2:4c:f9:7e:b6:84:28:2a:
f2:9d:f3:38:26:8e:d1:68:85:ec:b2:ee:d5:88:af:
f3:aa:c6:8f:6f:62:15:73:fd:83:ff:82:3a:17:be:
f6:35:8a:1e:a0:2a:32:7d:24:88:ae:d0:48:9c:b2:
70:27:fb:a4:0f:6b:e8:ba:ba:c8:92:1c:d7:57:4c:
b2:49:76:0b:6e:df:80:42:79:25:8d:19:9c:4a:57:
f2:b2:1d:d2:31:61:81:5e:fa:c8:1a:68:25:7f:eb:
96:23:37:e1:8e:2b:00:26:6a:bf:21:95:a6:65:51:
aa:74:f9:72:8d:60:3c:a0:49:4e:57:3c:45:10:73:
31:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:94:EC:82:39:69:CB:26:AD:AC:D8:D3:DE:48:AC:82:55:43:0A:91
X509v3 Authority Key Identifier:
keyid:1B:2C:21:9F:3C:29:7B:77:58:80:C3:B6:51:A2:00:3F:9B:E6:DE:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gywhnzwpe3dYgMO2UaIAP5vm3l4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/_5TsgjlpyyatrNjT3kisglVDCpE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/Gywhnzwpe3dYgMO2UaIAP5vm3l4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.120.138.0-109.120.140.255
Signature Algorithm: sha256WithRSAEncryption
26:d2:17:c7:1e:aa:cb:89:d0:c0:d9:f7:eb:36:10:17:58:d6:
8a:7d:22:92:d2:b0:19:7c:2d:30:96:31:94:82:1a:75:f4:f0:
65:be:13:f8:81:40:b8:e1:7c:3d:26:12:da:17:7a:f1:01:94:
bb:3c:e8:4e:0c:7f:90:39:d9:1b:ef:d7:54:05:39:a4:fa:87:
fc:74:5b:dd:ec:a9:d7:99:ab:ba:3b:f8:06:e2:3c:fb:95:25:
f9:56:5a:1b:a6:36:5e:9d:9f:3f:35:9a:93:2e:b4:72:a0:77:
00:bc:74:5e:b3:d2:54:7e:39:28:5d:66:a7:2c:31:1d:e0:cb:
27:ac:0a:6a:af:94:ac:49:25:9f:ce:2e:5c:86:d6:28:64:20:
9b:9d:32:69:6e:22:ca:0a:9f:83:a9:44:a1:1e:a3:72:5d:bd:
b1:a6:f8:58:22:8d:ea:af:2f:ed:ab:d1:21:45:85:c7:fd:d3:
cd:ba:5b:33:d7:a7:de:a0:8b:c0:8b:02:c8:26:88:35:a2:18:
d1:e6:7c:c8:e5:eb:a9:43:70:f1:8d:06:28:8b:da:b8:26:0e:
6b:36:d9:db:29:e2:ba:93:ed:ae:8c:97:d3:5c:d0:f0:27:01:
06:38:6c:d0:71:45:73:25:e4:e3:f7:ac:4c:3f:0f:1c:27:7d:
8f:e2:97:cd
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAY72DddxXI95xQi24W3F7TYPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMmMyMTlmM2MyOTdiNzc1ODgwYzNiNjUxYTIwMDNmOWJl
NmRlNWUwHhcNMjQwNDE5MTExMTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjk0ZWM4MjM5NjljYjI2YWRhY2Q4ZDNkZTQ4YWM4MjU1NDMwYTkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApIDejHa6zT4qxBPcUwY0Z7l8TYE6
rThtMCDJnKtSvS/5IxG2zd0F8MVi/dgOgeZKM01gFtNWTdu+qS4IYGSi28UAKWdO
h2T843ASqScQ2mrmGH6Ss8YK2zlRDX+CrXQNP/K4KYnYORciOwGmE+djUodXbsAl
tR8QFI4uxLUu8kz5fraEKCrynfM4Jo7RaIXssu7ViK/zqsaPb2IVc/2D/4I6F772
NYoeoCoyfSSIrtBInLJwJ/ukD2vourrIkhzXV0yySXYLbt+AQnkljRmcSlfysh3S
MWGBXvrIGmglf+uWIzfhjisAJmq/IZWmZVGqdPlyjWA8oElOVzxFEHMxxwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFP+U7II5acsmrazY095IrIJVQwqRMB8GA1UdIwQY
MBaAFBssIZ88KXt3WIDDtlGiAD+b5t5eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3l3aG56d3BlM2RZZ01PMlVhSUFQNXZtM2w0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi9iMTFhNDAtNDhlOS00ZTA2LWJmMTEt
OTJjODFmMjJlNzEyLzEvXzVUc2dqbHB5eWF0ck5qVDNraXNnbFZEQ3BFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi9iMTFhNDAtNDhlOS00ZTA2LWJmMTEtOTJjODFmMjJlNzEy
LzEvR3l3aG56d3BlM2RZZ01PMlVhSUFQNXZtM2w0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAFteIoD
BABteIwwDQYJKoZIhvcNAQELBQADggEBACbSF8ceqsuJ0MDZ9+s2EBdY1op9IpLS
sBl8LTCWMZSCGnX08GW+E/iBQLjhfD0mEtoXevEBlLs86E4Mf5A52Rvv11QFOaT6
h/x0W93sqdeZq7o7+AbiPPuVJflWWhumNl6dnz81mpMutHKgdwC8dF6z0lR+OShd
ZqcsMR3gyyesCmqvlKxJJZ/OLlyG1ihkIJudMmluIsoKn4OpRKEeo3JdvbGm+Fgi
jeqvL+2r0SFFhcf90826WzPXp96gi8CLAsgmiDWiGNHmfMjl66lDcPGNBiiL2rgm
Dms22dsp4rqT7a6Ml9Nc0PAnAQY4bNBxRXMl5OP3rEw/DxwnfY/il80=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:22 2024 by rpki-client on console-fra.rpki-client.org