Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/mDrzhxG7dAYjBTxW34AtbNkNdzA.roa
File: mDrzhxG7dAYjBTxW34AtbNkNdzA.roa (raw, json)
Hash identifier: VnOR+0/Rvy+bEFKl+KqIVCOokHe8J89MlnyJCWo5gsA=
Subject key identifier: 98:3A:F3:87:11:BB:74:06:23:05:3C:56:DF:80:2D:6C:D9:0D:77:30
Certificate issuer: /CN=1b2c219f3c297b775880c3b651a2003f9be6de5e
Certificate serial: 0190BFD177A7E2E50C6E7DABBC9B18A903A0
Authority key identifier: 1B:2C:21:9F:3C:29:7B:77:58:80:C3:B6:51:A2:00:3F:9B:E6:DE:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gywhnzwpe3dYgMO2UaIAP5vm3l4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/mDrzhxG7dAYjBTxW34AtbNkNdzA.roa
Signing time: Wed 17 Jul 2024 08:31:34 +0000
ROA not before: Wed 17 Jul 2024 08:31:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212165
IP address blocks: 109.120.158.0/24 maxlen: 24
109.120.159.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 15 Aug 2024 14:46:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:bf:d1:77:a7:e2:e5:0c:6e:7d:ab:bc:9b:18:a9:03:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b2c219f3c297b775880c3b651a2003f9be6de5e
Validity
Not Before: Jul 17 08:31:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=983af38711bb740623053c56df802d6cd90d7730
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:cd:fe:6d:f7:37:42:d1:f6:dc:24:83:e5:cd:
4d:fe:85:01:7b:36:fa:96:1b:59:a1:58:63:34:5c:
9f:e7:3c:ad:11:cb:bf:45:a6:c6:c7:19:63:77:7f:
0c:f0:f0:6b:e4:f9:f7:4b:71:ce:0d:e2:8b:8e:26:
17:fa:5a:94:bd:1d:f0:92:42:6e:f0:a8:0f:f2:fc:
92:ae:09:84:48:4c:a2:16:23:4a:58:98:ff:7c:36:
34:df:11:e8:5f:79:be:29:76:4f:9a:ea:34:05:03:
e8:a2:72:fb:3d:4d:2e:64:90:80:3a:af:68:3e:c9:
ec:29:51:48:1b:bb:62:0b:cd:22:d8:56:ae:26:3b:
10:12:d7:e9:ea:7b:89:34:2f:97:af:97:00:5e:be:
7b:6e:35:84:2a:77:44:3e:39:4b:83:7b:23:a7:30:
b6:f8:18:76:2b:b5:d5:39:f6:69:23:bb:14:7a:75:
1c:90:ac:6b:a7:20:c7:38:ec:c2:69:ff:6f:a3:0e:
6a:71:10:49:09:88:c7:2f:07:63:ed:05:3b:9d:fd:
cc:c9:02:fa:9a:fe:e4:44:76:c3:b7:8e:6a:79:db:
eb:bc:28:6d:65:e5:b1:1e:91:ae:5c:39:19:24:75:
1f:78:a6:a5:89:74:b5:d5:7f:0c:db:64:52:9b:c8:
ad:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:3A:F3:87:11:BB:74:06:23:05:3C:56:DF:80:2D:6C:D9:0D:77:30
X509v3 Authority Key Identifier:
keyid:1B:2C:21:9F:3C:29:7B:77:58:80:C3:B6:51:A2:00:3F:9B:E6:DE:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gywhnzwpe3dYgMO2UaIAP5vm3l4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/mDrzhxG7dAYjBTxW34AtbNkNdzA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/Gywhnzwpe3dYgMO2UaIAP5vm3l4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.120.158.0/23
Signature Algorithm: sha256WithRSAEncryption
38:bd:51:4e:f2:72:f0:bb:7b:68:72:af:d0:98:60:49:51:5f:
2b:5b:82:4d:62:e0:73:0e:c6:0a:6a:de:c1:56:0c:65:85:54:
23:cc:ec:6e:95:21:49:dd:3e:b0:06:7e:ec:f7:04:ec:aa:80:
7d:24:73:a7:4d:84:05:f9:5b:1e:e1:37:a7:68:06:39:53:be:
2a:f3:83:a5:bd:0d:27:30:87:29:28:25:03:18:ca:91:77:34:
18:f7:e2:b6:37:3d:57:6c:f3:21:10:b0:59:94:16:0d:af:c9:
af:bf:2c:79:59:47:1a:c8:02:42:9a:e0:aa:aa:65:a7:60:51:
5b:f6:c0:2b:74:b5:63:81:9c:b0:0b:fb:cc:76:88:83:10:f7:
01:0b:25:ab:53:d9:8d:94:cd:d8:a7:a4:f3:4c:2a:c3:2a:64:
67:22:8a:db:b8:8d:12:95:bf:d8:6a:a6:03:0a:62:0e:87:63:
16:b3:60:6b:03:3b:a5:61:5b:b5:56:2c:8e:23:9d:47:3b:e9:
2e:43:d3:a9:f8:76:f8:d5:77:03:03:02:b0:31:bf:9e:61:03:
9a:42:86:01:d2:30:ae:6b:e9:6b:0d:7d:06:64:f6:2a:0a:2f:
ee:9e:a8:2c:26:04:24:45:d1:e7:e2:c5:fc:1d:ad:16:57:ad:
84:20:9c:87
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZC/0Xen4uUMbn2rvJsYqQOgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMmMyMTlmM2MyOTdiNzc1ODgwYzNiNjUxYTIwMDNmOWJl
NmRlNWUwHhcNMjQwNzE3MDgzMTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODNhZjM4NzExYmI3NDA2MjMwNTNjNTZkZjgwMmQ2Y2Q5MGQ3NzMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw83+bfc3QtH23CSD5c1N/oUBezb6
lhtZoVhjNFyf5zytEcu/RabGxxljd38M8PBr5Pn3S3HODeKLjiYX+lqUvR3wkkJu
8KgP8vySrgmESEyiFiNKWJj/fDY03xHoX3m+KXZPmuo0BQPoonL7PU0uZJCAOq9o
PsnsKVFIG7tiC80i2FauJjsQEtfp6nuJNC+Xr5cAXr57bjWEKndEPjlLg3sjpzC2
+Bh2K7XVOfZpI7sUenUckKxrpyDHOOzCaf9vow5qcRBJCYjHLwdj7QU7nf3MyQL6
mv7kRHbDt45qedvrvChtZeWxHpGuXDkZJHUfeKaliXS11X8M22RSm8itawIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJg684cRu3QGIwU8Vt+ALWzZDXcwMB8GA1UdIwQY
MBaAFBssIZ88KXt3WIDDtlGiAD+b5t5eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3l3aG56d3BlM2RZZ01PMlVhSUFQNXZtM2w0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi9iMTFhNDAtNDhlOS00ZTA2LWJmMTEt
OTJjODFmMjJlNzEyLzEvbURyemh4RzdkQVlqQlR4VzM0QXRiTmtOZHpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi9iMTFhNDAtNDhlOS00ZTA2LWJmMTEtOTJjODFmMjJlNzEy
LzEvR3l3aG56d3BlM2RZZ01PMlVhSUFQNXZtM2w0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBbXieMA0G
CSqGSIb3DQEBCwUAA4IBAQA4vVFO8nLwu3tocq/QmGBJUV8rW4JNYuBzDsYKat7B
VgxlhVQjzOxulSFJ3T6wBn7s9wTsqoB9JHOnTYQF+Vse4TenaAY5U74q84OlvQ0n
MIcpKCUDGMqRdzQY9+K2Nz1XbPMhELBZlBYNr8mvvyx5WUcayAJCmuCqqmWnYFFb
9sArdLVjgZywC/vMdoiDEPcBCyWrU9mNlM3Yp6TzTCrDKmRnIorbuI0Slb/YaqYD
CmIOh2MWs2BrAzulYVu1ViyOI51HO+kuQ9Op+Hb41XcDAwKwMb+eYQOaQoYB0jCu
a+lrDX0GZPYqCi/unqgsJgQkRdHn4sX8Ha0WV62EIJyH
-----END CERTIFICATE-----
Generated at Thu Aug 15 19:31:58 2024 by rpki-client on console-ams.rpki-client.org