Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/a21bbe-ba4d-4e03-bef8-baffe3b677df/1/d6b9DcO_WHGkuKRuauqj9_fN0yg.roa
File: d6b9DcO_WHGkuKRuauqj9_fN0yg.roa (raw, json)
Hash identifier: PKlGTxaheyi98EbfI0nb2wp4CM9aPT+c0avPFpoKfu0=
Subject key identifier: 77:A6:FD:0D:C3:BF:58:71:A4:B8:A4:6E:6A:EA:A3:F7:F7:CD:D3:28
Certificate issuer: /CN=607e13578c680ee98fdaad202370f10e3c282afc
Certificate serial: 01857142D93C056D22E1FF46F3BC8F76798E
Authority key identifier: 60:7E:13:57:8C:68:0E:E9:8F:DA:AD:20:23:70:F1:0E:3C:28:2A:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YH4TV4xoDumP2q0gI3DxDjwoKvw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/a21bbe-ba4d-4e03-bef8-baffe3b677df/1/d6b9DcO_WHGkuKRuauqj9_fN0yg.roa
Signing time: Mon 02 Jan 2023 06:54:44 +0000
ROA not before: Mon 02 Jan 2023 06:54:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197095
IP address blocks: 109.232.120.0/21 maxlen: 21
Validation: Failed, certificate revoked on Mon 01 Jan 2024 08:29:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:42:d9:3c:05:6d:22:e1:ff:46:f3:bc:8f:76:79:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=607e13578c680ee98fdaad202370f10e3c282afc
Validity
Not Before: Jan 2 06:54:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=77a6fd0dc3bf5871a4b8a46e6aeaa3f7f7cdd328
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:cd:b7:d4:51:04:87:95:18:c9:bc:95:e6:dc:
9a:2b:27:b9:42:0f:41:96:a0:20:d6:c6:cf:07:53:
15:77:09:68:29:ec:e4:c6:89:9a:5e:04:b3:3f:23:
28:a4:cb:c9:b0:52:5b:84:7e:dd:3a:11:97:55:a8:
24:9a:2f:d8:b0:78:0a:e7:7a:e6:5f:11:ab:79:63:
93:3c:95:fd:f5:23:23:c9:37:57:0c:d1:ce:57:c1:
71:b3:dd:b8:77:ec:5c:06:f2:ad:f2:58:39:54:be:
f2:d6:48:65:ca:43:19:04:06:27:37:09:56:c8:60:
2f:04:83:44:47:6b:3f:73:5f:68:be:56:2b:a1:d3:
6a:9c:ab:85:85:e0:ee:73:28:81:89:ce:73:2f:18:
79:0d:65:2f:30:07:63:0c:5a:3e:06:47:ef:16:83:
98:d1:90:54:f1:17:a5:46:86:76:35:13:bf:10:ce:
c0:41:fb:14:a9:91:7d:64:ed:07:23:1f:72:f8:d6:
3e:ca:94:a7:07:8b:b2:23:71:3c:c0:eb:7a:a0:f0:
8e:b8:ac:43:27:88:98:20:65:23:2a:96:67:fb:9f:
8f:ef:f8:94:ed:2e:c4:26:1b:22:3d:ff:51:0a:24:
bc:f2:23:3a:fa:5c:52:c4:7c:c8:76:03:cb:d2:84:
6c:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:A6:FD:0D:C3:BF:58:71:A4:B8:A4:6E:6A:EA:A3:F7:F7:CD:D3:28
X509v3 Authority Key Identifier:
keyid:60:7E:13:57:8C:68:0E:E9:8F:DA:AD:20:23:70:F1:0E:3C:28:2A:FC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YH4TV4xoDumP2q0gI3DxDjwoKvw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/a21bbe-ba4d-4e03-bef8-baffe3b677df/1/d6b9DcO_WHGkuKRuauqj9_fN0yg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/a21bbe-ba4d-4e03-bef8-baffe3b677df/1/YH4TV4xoDumP2q0gI3DxDjwoKvw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.232.120.0/21
Signature Algorithm: sha256WithRSAEncryption
00:45:b3:7e:5f:65:c8:bc:02:d7:4f:c7:05:ed:b7:2b:75:f7:
1b:de:22:b4:0c:c4:96:ab:5e:c4:14:db:31:ec:d8:fe:6c:d3:
b1:a7:28:86:4a:44:52:1e:ba:90:a1:6c:7d:be:41:5d:e2:df:
62:97:b6:7d:5a:98:de:50:75:7d:0b:e5:33:a6:c8:89:db:16:
c4:5e:11:6c:7a:75:d0:e6:ca:7f:63:a2:e4:3d:8f:9b:d2:7c:
ef:a0:e5:3a:60:af:74:17:b2:d3:16:8f:a9:49:70:9e:d5:95:
6b:48:e8:5c:b7:53:45:8e:fc:ea:44:f7:64:04:c0:06:05:ba:
75:9a:a0:e4:a2:aa:6d:cd:6c:05:27:40:1d:ae:09:63:1d:f1:
ba:7f:a8:35:c7:45:dc:c0:74:d4:02:6c:72:4c:ed:61:49:2b:
4b:a2:4f:93:e2:c3:d8:c9:b5:35:48:90:ae:01:69:ef:e4:68:
5e:34:cf:49:93:25:73:d3:b2:8d:78:3c:33:aa:0f:1f:24:90:
ad:0b:c1:3d:9a:3a:2f:a8:48:62:7c:87:0f:87:ad:1d:41:32:
20:29:c0:40:dd:07:ca:d7:47:dd:88:6d:66:12:a5:d7:bb:12:
9c:c2:96:a8:e4:b6:df:63:ec:96:68:3d:fc:a5:23:77:b7:93:
74:b9:e0:89
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxQtk8BW0i4f9G87yPdnmOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwN2UxMzU3OGM2ODBlZTk4ZmRhYWQyMDIzNzBmMTBlM2My
ODJhZmMwHhcNMjMwMTAyMDY1NDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3N2E2ZmQwZGMzYmY1ODcxYTRiOGE0NmU2YWVhYTNmN2Y3Y2RkMzI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwc231FEEh5UYybyV5tyaKye5Qg9B
lqAg1sbPB1MVdwloKezkxomaXgSzPyMopMvJsFJbhH7dOhGXVagkmi/YsHgK53rm
XxGreWOTPJX99SMjyTdXDNHOV8Fxs924d+xcBvKt8lg5VL7y1khlykMZBAYnNwlW
yGAvBINER2s/c19ovlYrodNqnKuFheDucyiBic5zLxh5DWUvMAdjDFo+BkfvFoOY
0ZBU8RelRoZ2NRO/EM7AQfsUqZF9ZO0HIx9y+NY+ypSnB4uyI3E8wOt6oPCOuKxD
J4iYIGUjKpZn+5+P7/iU7S7EJhsiPf9RCiS88iM6+lxSxHzIdgPL0oRscQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHem/Q3Dv1hxpLikbmrqo/f3zdMoMB8GA1UdIwQY
MBaAFGB+E1eMaA7pj9qtICNw8Q48KCr8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUg0VFY0eG9EdW1QMnEwZ0kzRHhEandvS3Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi9hMjFiYmUtYmE0ZC00ZTAzLWJlZjgt
YmFmZmUzYjY3N2RmLzEvZDZiOURjT19XSEdrdUtSdWF1cWo5X2ZOMHlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi9hMjFiYmUtYmE0ZC00ZTAzLWJlZjgtYmFmZmUzYjY3N2Rm
LzEvWUg0VFY0eG9EdW1QMnEwZ0kzRHhEandvS3Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDbeh4MA0G
CSqGSIb3DQEBCwUAA4IBAQAARbN+X2XIvALXT8cF7bcrdfcb3iK0DMSWq17EFNsx
7Nj+bNOxpyiGSkRSHrqQoWx9vkFd4t9il7Z9WpjeUHV9C+UzpsiJ2xbEXhFsenXQ
5sp/Y6LkPY+b0nzvoOU6YK90F7LTFo+pSXCe1ZVrSOhct1NFjvzqRPdkBMAGBbp1
mqDkoqptzWwFJ0AdrgljHfG6f6g1x0XcwHTUAmxyTO1hSStLok+T4sPYybU1SJCu
AWnv5GheNM9JkyVz07KNeDwzqg8fJJCtC8E9mjovqEhifIcPh60dQTIgKcBA3QfK
10fdiG1mEqXXuxKcwpao5LbfY+yWaD38pSN3t5N0ueCJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:53 2024 by rpki-client on console-fra.rpki-client.org