Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/219cae-264d-46a7-9e64-e604b61be0ea/1/49FMplMJZLwsYo9qXral8idGjJE.roa
File: 49FMplMJZLwsYo9qXral8idGjJE.roa (raw, json)
Hash identifier: m6X3/QhTawcu67s9HXqYMp96B8xxP2RjpZ8CKLasukc=
Subject key identifier: E3:D1:4C:A6:53:09:64:BC:2C:62:8F:6A:5E:B6:A5:F2:27:46:8C:91
Certificate issuer: /CN=172537601a31697404922d957e74450f5a9cbe73
Certificate serial: 01874FB23ED7B056F98DE962494D2890EBAF
Authority key identifier: 17:25:37:60:1A:31:69:74:04:92:2D:95:7E:74:45:0F:5A:9C:BE:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FyU3YBoxaXQEki2VfnRFD1qcvnM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/219cae-264d-46a7-9e64-e604b61be0ea/1/49FMplMJZLwsYo9qXral8idGjJE.roa
Signing time: Wed 05 Apr 2023 04:34:54 +0000
ROA not before: Wed 05 Apr 2023 04:34:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2914
IP address blocks: 109.238.168.0/21 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:4f:b2:3e:d7:b0:56:f9:8d:e9:62:49:4d:28:90:eb:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=172537601a31697404922d957e74450f5a9cbe73
Validity
Not Before: Apr 5 04:34:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e3d14ca6530964bc2c628f6a5eb6a5f227468c91
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:95:36:c4:7b:db:15:44:59:b9:bf:08:34:84:
02:c4:8f:b4:bb:0b:8a:3b:97:39:dc:7c:7b:89:86:
cf:e3:e8:ce:ee:fe:2a:28:22:6a:2d:09:a4:a3:e9:
f0:eb:56:ac:ca:ea:43:c5:eb:f6:c5:14:f0:37:84:
6c:2c:55:3e:8b:51:bf:1f:7c:aa:3b:79:92:4a:d3:
6c:ad:0c:79:63:de:30:52:32:0f:6f:db:84:52:df:
e4:a6:9c:bb:46:19:44:56:18:68:38:17:85:5a:a8:
b1:bf:4b:fe:8e:99:68:da:17:be:d8:ff:5e:a2:93:
29:c3:f8:c2:2c:a2:25:cf:fb:a6:4a:99:30:a7:4e:
61:84:14:13:a7:bd:f6:37:52:b0:8c:cd:78:a8:d9:
7e:06:42:6e:19:64:d9:59:0c:ce:20:64:c4:c3:84:
33:21:df:1d:10:be:90:20:69:68:b4:4a:13:c9:c4:
d1:59:65:3b:dc:f3:a2:4e:46:e3:cb:22:4e:41:af:
40:75:0e:6f:4f:85:9d:24:45:20:60:41:f9:30:41:
21:f3:00:01:f0:ef:f1:e7:54:cd:ea:1c:e9:f8:8b:
69:5f:31:54:0c:54:63:ed:b2:dc:7b:61:a2:05:1c:
46:36:de:c1:ce:30:73:46:c8:5e:46:d9:72:eb:49:
41:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:D1:4C:A6:53:09:64:BC:2C:62:8F:6A:5E:B6:A5:F2:27:46:8C:91
X509v3 Authority Key Identifier:
keyid:17:25:37:60:1A:31:69:74:04:92:2D:95:7E:74:45:0F:5A:9C:BE:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FyU3YBoxaXQEki2VfnRFD1qcvnM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/219cae-264d-46a7-9e64-e604b61be0ea/1/49FMplMJZLwsYo9qXral8idGjJE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/77/219cae-264d-46a7-9e64-e604b61be0ea/1/FyU3YBoxaXQEki2VfnRFD1qcvnM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.238.168.0/21
Signature Algorithm: sha256WithRSAEncryption
48:b4:9e:c8:3f:b1:74:76:49:48:e9:6e:0d:a8:2a:5b:ff:bc:
85:29:41:7f:7d:d1:d3:50:89:9b:a7:58:d6:5c:86:1a:70:b1:
e3:76:24:d4:b1:b4:89:da:03:3d:be:2a:e2:b7:80:44:bf:3a:
6d:a2:6d:a5:0b:e2:46:29:29:dc:98:c8:ff:b1:87:42:40:ff:
f8:a2:94:bb:a4:ae:8c:91:bd:27:3f:67:d7:0c:ce:49:9d:48:
5a:8a:02:4a:b0:3e:bb:3f:11:39:08:d1:b7:36:3c:b3:9b:5b:
a4:af:13:e7:12:9e:11:09:c0:2c:16:50:2c:7c:73:c1:81:b9:
a3:d7:c1:38:d6:61:58:44:c4:53:48:59:50:b0:4e:0d:92:40:
4e:f1:2b:fd:87:3f:b8:b0:59:fe:1e:8d:f2:95:9e:04:ac:24:
77:e1:a7:20:2e:38:f2:96:6c:fd:63:c9:9e:b7:83:4a:d7:1e:
f0:12:b7:04:e6:12:1e:20:29:b5:b0:8f:f4:b4:ba:f9:7f:84:
77:36:e3:2c:0e:4f:18:1d:53:cd:4d:a4:fc:63:20:8e:4f:2c:
a8:e0:f9:16:e2:c2:66:90:8a:46:b7:3a:ac:52:e4:e5:33:80:
0a:4a:d7:bc:74:78:49:50:2a:ec:49:ff:3c:5b:b6:fc:60:a8:
45:a4:87:0d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYdPsj7XsFb5jeliSU0okOuvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3MjUzNzYwMWEzMTY5NzQwNDkyMmQ5NTdlNzQ0NTBmNWE5
Y2JlNzMwHhcNMjMwNDA1MDQzNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlM2QxNGNhNjUzMDk2NGJjMmM2MjhmNmE1ZWI2YTVmMjI3NDY4YzkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlJU2xHvbFURZub8INIQCxI+0uwuK
O5c53Hx7iYbP4+jO7v4qKCJqLQmko+nw61asyupDxev2xRTwN4RsLFU+i1G/H3yq
O3mSStNsrQx5Y94wUjIPb9uEUt/kppy7RhlEVhhoOBeFWqixv0v+jplo2he+2P9e
opMpw/jCLKIlz/umSpkwp05hhBQTp732N1KwjM14qNl+BkJuGWTZWQzOIGTEw4Qz
Id8dEL6QIGlotEoTycTRWWU73POiTkbjyyJOQa9AdQ5vT4WdJEUgYEH5MEEh8wAB
8O/x51TN6hzp+ItpXzFUDFRj7bLce2GiBRxGNt7BzjBzRsheRtly60lBRwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOPRTKZTCWS8LGKPal62pfInRoyRMB8GA1UdIwQY
MBaAFBclN2AaMWl0BJItlX50RQ9anL5zMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRnlVM1lCb3hhWFFFa2kyVmZuUkZEMXFjdm5NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny8yMTljYWUtMjY0ZC00NmE3LTllNjQt
ZTYwNGI2MWJlMGVhLzEvNDlGTXBsTUpaTHdzWW85cVhyYWw4aWRHakpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny8yMTljYWUtMjY0ZC00NmE3LTllNjQtZTYwNGI2MWJlMGVh
LzEvRnlVM1lCb3hhWFFFa2kyVmZuUkZEMXFjdm5NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDbe6oMA0G
CSqGSIb3DQEBCwUAA4IBAQBItJ7IP7F0dklI6W4NqCpb/7yFKUF/fdHTUImbp1jW
XIYacLHjdiTUsbSJ2gM9virit4BEvzptom2lC+JGKSncmMj/sYdCQP/4opS7pK6M
kb0nP2fXDM5JnUhaigJKsD67PxE5CNG3Njyzm1ukrxPnEp4RCcAsFlAsfHPBgbmj
18E41mFYRMRTSFlQsE4NkkBO8Sv9hz+4sFn+Ho3ylZ4ErCR34acgLjjylmz9Y8me
t4NK1x7wErcE5hIeICm1sI/0tLr5f4R3NuMsDk8YHVPNTaT8YyCOTyyo4PkW4sJm
kIpGtzqsUuTlM4AKSte8dHhJUCrsSf88W7b8YKhFpIcN
-----END CERTIFICATE-----
Generated at Tue Sep 5 02:03:42 2023 by rpki-client on console-fra.rpki-client.org