Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/a21bbe-ba4d-4e03-bef8-baffe3b677df/1/saoN4-vWxakP-r9seZtfFD9xDyI.roa
File: saoN4-vWxakP-r9seZtfFD9xDyI.roa (raw, json)
Hash identifier: iXG9GAArgnw+sHp+0j1Q40fJdSGcSrauI1YtqpwF+ck=
Subject key identifier: B1:AA:0D:E3:EB:D6:C5:A9:0F:FA:BF:6C:79:9B:5F:14:3F:71:0F:22
Certificate issuer: /CN=607e13578c680ee98fdaad202370f10e3c282afc
Certificate serial: 01939669DA9A8D298458AF9FCE9C218869C3
Authority key identifier: 60:7E:13:57:8C:68:0E:E9:8F:DA:AD:20:23:70:F1:0E:3C:28:2A:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YH4TV4xoDumP2q0gI3DxDjwoKvw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/a21bbe-ba4d-4e03-bef8-baffe3b677df/1/saoN4-vWxakP-r9seZtfFD9xDyI.roa
Signing time: Thu 05 Dec 2024 10:42:19 +0000
ROA not before: Thu 05 Dec 2024 10:42:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44066
IP address blocks: 109.232.120.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 11:48:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:96:69:da:9a:8d:29:84:58:af:9f:ce:9c:21:88:69:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=607e13578c680ee98fdaad202370f10e3c282afc
Validity
Not Before: Dec 5 10:42:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b1aa0de3ebd6c5a90ffabf6c799b5f143f710f22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:7a:80:7a:8a:1f:b6:80:17:36:0b:a6:48:4e:
a2:bf:d2:10:25:0c:92:06:2f:61:05:22:b0:3b:7d:
0c:5b:1a:cd:6f:c9:40:ed:96:dd:11:28:9a:47:b4:
b5:02:e2:8d:1d:93:d2:cc:02:9a:fd:be:e1:71:8a:
56:3f:58:b6:18:92:b9:73:31:1b:de:42:d0:01:01:
2c:2a:7b:6d:26:61:93:19:ae:d7:f1:ce:e4:92:b0:
47:72:22:8e:ea:3a:17:42:57:56:15:fb:db:3e:3c:
5e:5d:28:b8:50:2c:94:d7:c8:66:68:f5:5e:ab:8b:
2d:02:ab:56:aa:e0:c3:41:25:6f:cb:12:30:6c:c5:
c3:12:21:c0:58:66:bf:d1:86:a8:22:ac:eb:35:9a:
2e:e3:04:7b:03:7f:8c:2f:e4:d7:d2:9b:f7:95:b1:
82:91:81:4c:61:db:70:f0:a7:a8:a6:09:32:ce:80:
b2:7d:9e:a2:55:bd:ff:9c:14:d7:b7:01:9a:15:b8:
ed:22:b8:08:b8:e2:9b:bf:9e:4a:03:9d:82:62:51:
08:eb:4a:78:07:95:cd:3a:2e:f6:14:fe:70:f1:8c:
30:b2:c2:d0:0b:8f:9b:9a:01:70:f2:6d:3f:cd:af:
31:a0:2b:25:fb:3e:50:0b:f3:b7:03:ec:20:06:11:
e7:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:AA:0D:E3:EB:D6:C5:A9:0F:FA:BF:6C:79:9B:5F:14:3F:71:0F:22
X509v3 Authority Key Identifier:
keyid:60:7E:13:57:8C:68:0E:E9:8F:DA:AD:20:23:70:F1:0E:3C:28:2A:FC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YH4TV4xoDumP2q0gI3DxDjwoKvw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/a21bbe-ba4d-4e03-bef8-baffe3b677df/1/saoN4-vWxakP-r9seZtfFD9xDyI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/a21bbe-ba4d-4e03-bef8-baffe3b677df/1/YH4TV4xoDumP2q0gI3DxDjwoKvw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.232.120.0/22
Signature Algorithm: sha256WithRSAEncryption
2c:6e:c9:82:d5:0f:37:5c:ed:65:95:c0:7c:75:72:fe:69:90:
98:4a:97:d9:81:f8:a4:8b:2c:9a:e2:4e:0a:7e:46:fd:8d:12:
35:18:7b:24:5f:0e:2d:30:b3:6d:b5:bc:12:d9:16:d7:37:cd:
6a:09:05:94:00:47:57:28:ed:94:68:91:61:b2:f8:61:05:ed:
f1:46:8d:f0:7c:d0:1e:5d:b6:55:17:f8:b2:a5:de:e5:a5:81:
d2:c1:3f:c8:a1:1d:41:f9:0b:25:61:72:60:d5:4a:7c:7e:d2:
21:81:73:8b:9f:b3:b9:e5:e6:0e:db:12:b9:8c:d5:ce:0c:7c:
4e:c5:d8:69:2c:eb:0b:f3:39:40:01:e2:a1:b2:71:90:4d:b1:
f5:11:ea:d7:fc:61:ec:37:77:fa:7b:84:e0:fc:9a:e0:bc:7e:
59:f0:79:e2:6c:47:09:08:04:a9:51:e1:ae:86:10:24:56:2e:
89:1a:d0:8b:98:c3:35:b1:ea:1a:8c:76:0d:1f:8e:e8:7e:6c:
ff:51:55:13:b1:3d:b4:5c:55:1f:c0:e6:93:b7:75:14:65:7f:
ed:31:1d:cd:41:fe:1b:d8:16:15:cb:cb:91:6e:32:bd:ac:ae:
f9:53:ac:04:3e:3b:24:01:44:7d:4b:4e:d8:8b:e5:b0:c5:03:
ea:68:4f:5b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZOWadqajSmEWK+fzpwhiGnDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwN2UxMzU3OGM2ODBlZTk4ZmRhYWQyMDIzNzBmMTBlM2My
ODJhZmMwHhcNMjQxMjA1MTA0MjE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMWFhMGRlM2ViZDZjNWE5MGZmYWJmNmM3OTliNWYxNDNmNzEwZjIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmnqAeooftoAXNgumSE6iv9IQJQyS
Bi9hBSKwO30MWxrNb8lA7ZbdESiaR7S1AuKNHZPSzAKa/b7hcYpWP1i2GJK5czEb
3kLQAQEsKnttJmGTGa7X8c7kkrBHciKO6joXQldWFfvbPjxeXSi4UCyU18hmaPVe
q4stAqtWquDDQSVvyxIwbMXDEiHAWGa/0YaoIqzrNZou4wR7A3+ML+TX0pv3lbGC
kYFMYdtw8KeopgkyzoCyfZ6iVb3/nBTXtwGaFbjtIrgIuOKbv55KA52CYlEI60p4
B5XNOi72FP5w8YwwssLQC4+bmgFw8m0/za8xoCsl+z5QC/O3A+wgBhHnKQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLGqDePr1sWpD/q/bHmbXxQ/cQ8iMB8GA1UdIwQY
MBaAFGB+E1eMaA7pj9qtICNw8Q48KCr8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUg0VFY0eG9EdW1QMnEwZ0kzRHhEandvS3Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi9hMjFiYmUtYmE0ZC00ZTAzLWJlZjgt
YmFmZmUzYjY3N2RmLzEvc2FvTjQtdld4YWtQLXI5c2VadGZGRDl4RHlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi9hMjFiYmUtYmE0ZC00ZTAzLWJlZjgtYmFmZmUzYjY3N2Rm
LzEvWUg0VFY0eG9EdW1QMnEwZ0kzRHhEandvS3Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCbeh4MA0G
CSqGSIb3DQEBCwUAA4IBAQAsbsmC1Q83XO1llcB8dXL+aZCYSpfZgfikiyya4k4K
fkb9jRI1GHskXw4tMLNttbwS2RbXN81qCQWUAEdXKO2UaJFhsvhhBe3xRo3wfNAe
XbZVF/iypd7lpYHSwT/IoR1B+QslYXJg1Up8ftIhgXOLn7O55eYO2xK5jNXODHxO
xdhpLOsL8zlAAeKhsnGQTbH1EerX/GHsN3f6e4Tg/JrgvH5Z8HnibEcJCASpUeGu
hhAkVi6JGtCLmMM1seoajHYNH47ofmz/UVUTsT20XFUfwOaTt3UUZX/tMR3NQf4b
2BYVy8uRbjK9rK75U6wEPjskAUR9S07Yi+WwxQPqaE9b
-----END CERTIFICATE-----
Generated at Sun Apr 20 18:12:19 2025 by rpki-client