Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/a21bbe-ba4d-4e03-bef8-baffe3b677df/1/sQV4wdyvxG_0t6Rp8SpevorTzI8.roa
File: sQV4wdyvxG_0t6Rp8SpevorTzI8.roa (raw, json)
Hash identifier: WnydA/2yG+LRmuSIOFPKMmORkj2QFRUb5ktr6aZpi/I=
Subject key identifier: B1:05:78:C1:DC:AF:C4:6F:F4:B7:A4:69:F1:2A:5E:BE:8A:D3:CC:8F
Certificate issuer: /CN=607e13578c680ee98fdaad202370f10e3c282afc
Certificate serial: 01939640810FB917630BB0978373FC099E33
Authority key identifier: 60:7E:13:57:8C:68:0E:E9:8F:DA:AD:20:23:70:F1:0E:3C:28:2A:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YH4TV4xoDumP2q0gI3DxDjwoKvw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/a21bbe-ba4d-4e03-bef8-baffe3b677df/1/sQV4wdyvxG_0t6Rp8SpevorTzI8.roa
Signing time: Thu 05 Dec 2024 09:57:09 +0000
ROA not before: Thu 05 Dec 2024 09:57:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44066
IP address blocks: 109.232.120.0/22 maxlen: 22
Validation: Failed, certificate revoked on Thu 05 Dec 2024 10:42:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:96:40:81:0f:b9:17:63:0b:b0:97:83:73:fc:09:9e:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=607e13578c680ee98fdaad202370f10e3c282afc
Validity
Not Before: Dec 5 09:57:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b10578c1dcafc46ff4b7a469f12a5ebe8ad3cc8f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:86:1b:8a:f4:10:f3:59:25:6c:74:ec:94:1b:
09:5b:ed:ea:91:a2:38:65:b9:66:73:93:47:1e:4c:
1b:37:9e:c6:3f:06:c6:18:b6:bd:9f:70:63:f5:9d:
83:42:12:54:19:20:a2:81:e0:ad:56:59:6b:1d:26:
a4:17:85:4b:a1:0d:04:24:8e:7b:93:1c:be:c0:74:
32:93:b7:ed:b5:58:ef:51:96:db:df:ba:c1:8c:ab:
b0:b7:47:43:56:77:9f:39:fa:cd:ca:03:b1:50:f8:
d9:03:bc:36:40:d3:4f:ca:1d:e4:ac:7f:82:dd:c6:
f9:89:e9:ba:9a:08:bc:52:ca:4c:5e:a8:2f:0f:81:
d3:e1:0a:d8:04:32:fe:a5:96:56:04:57:82:3e:24:
ec:fb:7a:c7:30:ed:79:1b:86:86:7b:94:c6:6f:67:
2b:42:1a:88:e3:a1:dc:e3:6f:e6:8e:a6:3e:e2:ed:
6e:25:7e:2e:4e:9e:0f:1b:b8:17:74:7e:43:4c:8a:
1a:8a:49:d7:51:c4:cb:96:c4:57:84:ae:8e:61:fe:
9f:e0:29:68:4c:f2:eb:c9:9b:26:69:99:2b:be:b1:
ed:04:7f:bd:dc:d3:67:99:e6:87:84:e4:43:14:f7:
19:41:b0:7f:a0:32:ca:eb:9c:83:b9:09:07:e8:3e:
ed:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:05:78:C1:DC:AF:C4:6F:F4:B7:A4:69:F1:2A:5E:BE:8A:D3:CC:8F
X509v3 Authority Key Identifier:
keyid:60:7E:13:57:8C:68:0E:E9:8F:DA:AD:20:23:70:F1:0E:3C:28:2A:FC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YH4TV4xoDumP2q0gI3DxDjwoKvw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/a21bbe-ba4d-4e03-bef8-baffe3b677df/1/sQV4wdyvxG_0t6Rp8SpevorTzI8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/a21bbe-ba4d-4e03-bef8-baffe3b677df/1/YH4TV4xoDumP2q0gI3DxDjwoKvw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.232.120.0/22
Signature Algorithm: sha256WithRSAEncryption
b2:f5:2c:d4:f3:c8:d5:c8:e3:c0:da:fd:b2:04:d6:ae:3b:87:
ac:10:fd:14:2e:e0:1f:f9:d8:59:b6:4b:a0:fd:21:94:b7:2e:
73:5f:88:b9:3d:e1:59:b9:94:2a:c9:af:f7:c1:e1:5c:48:69:
0d:c7:d2:e1:61:b4:64:16:49:fa:9f:fd:12:bc:7a:da:5e:21:
50:5d:b7:7b:ae:b8:97:ae:b8:c7:7d:3f:58:c7:4a:be:57:d0:
7c:1d:ca:87:97:fb:36:1a:cc:81:ab:0d:3d:d6:9a:b3:83:aa:
3e:03:99:ae:3f:3d:09:d4:99:ee:3e:90:ed:17:bb:97:1e:e6:
d7:b4:af:08:3d:92:50:f4:2a:f9:2d:ab:d6:b6:ac:2f:8e:72:
dd:a2:c5:d8:58:de:9a:25:86:1c:6d:09:5a:03:73:2b:dc:08:
cf:ed:5b:f0:c6:d8:51:de:65:d6:86:6c:eb:49:ee:bf:f8:7a:
84:54:7d:fb:b2:54:10:b9:da:b9:af:d4:dc:a8:9f:69:83:2b:
b6:1b:e2:ff:0b:e8:fa:b3:5e:52:cb:e0:73:17:3d:eb:78:9c:
fd:b2:41:11:cf:52:ae:58:7f:60:55:29:99:dc:d2:2f:f3:bb:
48:37:71:37:2f:30:d3:8e:a6:16:85:bf:9b:de:a7:fe:68:cb:
03:2b:80:a8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZOWQIEPuRdjC7CXg3P8CZ4zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwN2UxMzU3OGM2ODBlZTk4ZmRhYWQyMDIzNzBmMTBlM2My
ODJhZmMwHhcNMjQxMjA1MDk1NzA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTA1NzhjMWRjYWZjNDZmZjRiN2E0NjlmMTJhNWViZThhZDNjYzhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtYYbivQQ81klbHTslBsJW+3qkaI4
Zblmc5NHHkwbN57GPwbGGLa9n3Bj9Z2DQhJUGSCigeCtVllrHSakF4VLoQ0EJI57
kxy+wHQyk7fttVjvUZbb37rBjKuwt0dDVnefOfrNygOxUPjZA7w2QNNPyh3krH+C
3cb5iem6mgi8UspMXqgvD4HT4QrYBDL+pZZWBFeCPiTs+3rHMO15G4aGe5TGb2cr
QhqI46Hc42/mjqY+4u1uJX4uTp4PG7gXdH5DTIoaiknXUcTLlsRXhK6OYf6f4Clo
TPLryZsmaZkrvrHtBH+93NNnmeaHhORDFPcZQbB/oDLK65yDuQkH6D7tkwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLEFeMHcr8Rv9LekafEqXr6K08yPMB8GA1UdIwQY
MBaAFGB+E1eMaA7pj9qtICNw8Q48KCr8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUg0VFY0eG9EdW1QMnEwZ0kzRHhEandvS3Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi9hMjFiYmUtYmE0ZC00ZTAzLWJlZjgt
YmFmZmUzYjY3N2RmLzEvc1FWNHdkeXZ4R18wdDZScDhTcGV2b3JUekk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi9hMjFiYmUtYmE0ZC00ZTAzLWJlZjgtYmFmZmUzYjY3N2Rm
LzEvWUg0VFY0eG9EdW1QMnEwZ0kzRHhEandvS3Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCbeh4MA0G
CSqGSIb3DQEBCwUAA4IBAQCy9SzU88jVyOPA2v2yBNauO4esEP0ULuAf+dhZtkug
/SGUty5zX4i5PeFZuZQqya/3weFcSGkNx9LhYbRkFkn6n/0SvHraXiFQXbd7rriX
rrjHfT9Yx0q+V9B8HcqHl/s2GsyBqw091pqzg6o+A5muPz0J1JnuPpDtF7uXHubX
tK8IPZJQ9Cr5LavWtqwvjnLdosXYWN6aJYYcbQlaA3Mr3AjP7VvwxthR3mXWhmzr
Se6/+HqEVH37slQQudq5r9TcqJ9pgyu2G+L/C+j6s15Sy+BzFz3reJz9skERz1Ku
WH9gVSmZ3NIv87tIN3E3LzDTjqYWhb+b3qf+aMsDK4Co
-----END CERTIFICATE-----
Generated at Wed Apr 23 03:51:06 2025 by rpki-client