Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/9952c8-2d40-41e2-ba70-61bc7ecc485c/1/Z7lN3gJrwMqOdN-XDcP3gLJYENw.roa
File: Z7lN3gJrwMqOdN-XDcP3gLJYENw.roa (raw, json)
Hash identifier: WmoZqEvGOD+Ih5fIHSu17S2RyxF+Ze4pVak6zjCcnoM=
Subject key identifier: 67:B9:4D:DE:02:6B:C0:CA:8E:74:DF:97:0D:C3:F7:80:B2:58:10:DC
Certificate issuer: /CN=84abf0c981701aba97e4fcd0bed4e4cdb8692047
Certificate serial: 01857169D5AEF94E6AB7D9FF23A4E413962B
Authority key identifier: 84:AB:F0:C9:81:70:1A:BA:97:E4:FC:D0:BE:D4:E4:CD:B8:69:20:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hKvwyYFwGrqX5PzQvtTkzbhpIEc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/9952c8-2d40-41e2-ba70-61bc7ecc485c/1/Z7lN3gJrwMqOdN-XDcP3gLJYENw.roa
Signing time: Mon 02 Jan 2023 07:37:19 +0000
ROA not before: Mon 02 Jan 2023 07:37:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12130
IP address blocks: 109.71.152.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:32:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:69:d5:ae:f9:4e:6a:b7:d9:ff:23:a4:e4:13:96:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84abf0c981701aba97e4fcd0bed4e4cdb8692047
Validity
Not Before: Jan 2 07:37:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=67b94dde026bc0ca8e74df970dc3f780b25810dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:1f:cd:09:e4:20:fe:46:d2:0f:13:50:42:12:
ec:1b:62:c8:ee:fa:a9:37:d9:f4:98:2c:9a:81:93:
04:7c:f4:7d:3f:d3:86:c3:bd:15:34:2b:89:fe:f2:
ac:32:03:35:c4:d7:03:f2:43:4c:20:b8:73:28:4d:
25:20:31:27:77:e7:f2:e3:b8:d6:32:47:e5:61:af:
56:d8:91:64:a4:bb:79:b1:d1:ba:90:8c:b6:d4:9f:
f6:a7:9d:be:22:47:99:cb:f5:58:cf:cc:cf:8d:f6:
35:cb:0e:09:bf:f9:ee:79:fe:68:6f:33:78:e1:bf:
3a:e7:c9:6d:d2:8d:b1:e2:d2:2d:28:52:8c:0c:d5:
e7:20:f2:77:e8:fd:63:33:78:4f:98:e2:2b:92:88:
88:7c:a2:35:c9:48:0e:a1:67:fa:e2:58:8a:7a:8a:
cd:7b:eb:33:b1:76:4a:d2:93:91:86:fa:00:71:7f:
de:66:99:a5:74:9e:7b:fd:c1:aa:ac:1c:01:92:d5:
95:e7:c7:b5:f1:48:dd:36:c9:74:f7:7c:ef:68:23:
3f:5c:8d:a8:b4:f2:70:a6:ae:3d:0c:db:6a:6f:fb:
0b:c4:95:b0:4b:72:93:91:36:c6:ef:07:09:17:9e:
84:d6:e7:5c:9a:82:40:38:b8:3c:3c:9e:00:9a:d5:
bf:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:B9:4D:DE:02:6B:C0:CA:8E:74:DF:97:0D:C3:F7:80:B2:58:10:DC
X509v3 Authority Key Identifier:
keyid:84:AB:F0:C9:81:70:1A:BA:97:E4:FC:D0:BE:D4:E4:CD:B8:69:20:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hKvwyYFwGrqX5PzQvtTkzbhpIEc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/9952c8-2d40-41e2-ba70-61bc7ecc485c/1/Z7lN3gJrwMqOdN-XDcP3gLJYENw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/9952c8-2d40-41e2-ba70-61bc7ecc485c/1/hKvwyYFwGrqX5PzQvtTkzbhpIEc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.71.152.0/22
Signature Algorithm: sha256WithRSAEncryption
93:3d:3e:f6:c6:2d:f6:16:65:94:1c:88:3b:51:ba:51:9b:7b:
e3:73:9e:35:fc:5a:4c:be:34:bd:18:bf:d3:a4:32:00:1f:f7:
92:4f:ea:75:64:90:32:75:5c:53:ef:47:87:5e:41:98:33:7b:
63:0c:fa:5f:37:d5:82:a4:e0:e0:0b:ac:76:23:32:d5:64:fd:
e8:bb:aa:8b:92:b8:91:f7:78:b5:fa:c3:1a:46:aa:92:f5:d6:
96:8d:9d:e6:27:4e:f8:90:7a:a6:0a:fe:77:c9:e5:51:f1:53:
f3:dc:fe:64:81:41:0b:2d:0d:96:30:ae:07:93:c7:6e:eb:58:
c8:47:54:a7:7f:1a:69:62:41:de:80:8c:ef:09:6e:0c:c0:30:
ee:13:cb:10:31:7a:e0:01:30:bf:aa:c0:3e:d3:5f:ed:05:3b:
09:80:69:4b:ab:fd:e9:a1:72:de:17:7f:a7:fe:96:c5:ce:6c:
3f:b9:fb:b4:0e:b7:28:20:1c:ea:c6:64:e8:a6:62:20:76:51:
e8:89:fc:e6:da:f7:e6:c0:52:0c:28:8a:d0:2a:f2:cb:b6:b3:
42:37:cd:56:f9:72:e2:9f:08:a9:46:03:5c:55:6a:43:17:c4:
31:5a:d9:cc:13:33:46:2b:6f:a8:2d:4c:d8:45:da:1b:17:36:
2c:d9:75:4e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxadWu+U5qt9n/I6TkE5YrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0YWJmMGM5ODE3MDFhYmE5N2U0ZmNkMGJlZDRlNGNkYjg2
OTIwNDcwHhcNMjMwMTAyMDczNzE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2N2I5NGRkZTAyNmJjMGNhOGU3NGRmOTcwZGMzZjc4MGIyNTgxMGRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAux/NCeQg/kbSDxNQQhLsG2LI7vqp
N9n0mCyagZMEfPR9P9OGw70VNCuJ/vKsMgM1xNcD8kNMILhzKE0lIDEnd+fy47jW
MkflYa9W2JFkpLt5sdG6kIy21J/2p52+IkeZy/VYz8zPjfY1yw4Jv/nuef5obzN4
4b8658lt0o2x4tItKFKMDNXnIPJ36P1jM3hPmOIrkoiIfKI1yUgOoWf64liKeorN
e+szsXZK0pORhvoAcX/eZpmldJ57/cGqrBwBktWV58e18UjdNsl093zvaCM/XI2o
tPJwpq49DNtqb/sLxJWwS3KTkTbG7wcJF56E1udcmoJAOLg8PJ4AmtW/AQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGe5Td4Ca8DKjnTflw3D94CyWBDcMB8GA1UdIwQY
MBaAFISr8MmBcBq6l+T80L7U5M24aSBHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEt2d3lZRndHcnFYNVB6UXZ0VGt6YmhwSUVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC85OTUyYzgtMmQ0MC00MWUyLWJhNzAt
NjFiYzdlY2M0ODVjLzEvWjdsTjNnSnJ3TXFPZE4tWERjUDNnTEpZRU53LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC85OTUyYzgtMmQ0MC00MWUyLWJhNzAtNjFiYzdlY2M0ODVj
LzEvaEt2d3lZRndHcnFYNVB6UXZ0VGt6YmhwSUVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCbUeYMA0G
CSqGSIb3DQEBCwUAA4IBAQCTPT72xi32FmWUHIg7UbpRm3vjc541/FpMvjS9GL/T
pDIAH/eST+p1ZJAydVxT70eHXkGYM3tjDPpfN9WCpODgC6x2IzLVZP3ou6qLkriR
93i1+sMaRqqS9daWjZ3mJ074kHqmCv53yeVR8VPz3P5kgUELLQ2WMK4Hk8du61jI
R1SnfxppYkHegIzvCW4MwDDuE8sQMXrgATC/qsA+01/tBTsJgGlLq/3poXLeF3+n
/pbFzmw/ufu0DrcoIBzqxmTopmIgdlHoifzm2vfmwFIMKIrQKvLLtrNCN81W+XLi
nwipRgNcVWpDF8QxWtnMEzNGK2+oLUzYRdobFzYs2XVO
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:07 2024 by rpki-client on console-fra.rpki-client.org