Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/219cae-264d-46a7-9e64-e604b61be0ea/1/7Q0rezUOIec8_i_QQtDUEaoH4P0.roa
File: 7Q0rezUOIec8_i_QQtDUEaoH4P0.roa (raw, json)
Hash identifier: SBESbEBsOh3jlDZUjICsne8wlm/t5VOfpMHnSj0jaNs=
Subject key identifier: ED:0D:2B:7B:35:0E:21:E7:3C:FE:2F:D0:42:D0:D4:11:AA:07:E0:FD
Certificate issuer: /CN=172537601a31697404922d957e74450f5a9cbe73
Certificate serial: 018C999D659BBAB49FD4969220FDEB2C13DB
Authority key identifier: 17:25:37:60:1A:31:69:74:04:92:2D:95:7E:74:45:0F:5A:9C:BE:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FyU3YBoxaXQEki2VfnRFD1qcvnM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/219cae-264d-46a7-9e64-e604b61be0ea/1/7Q0rezUOIec8_i_QQtDUEaoH4P0.roa
Signing time: Sun 24 Dec 2023 02:17:58 +0000
ROA not before: Sun 24 Dec 2023 02:17:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61185
IP address blocks: 109.238.168.0/21 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:99:9d:65:9b:ba:b4:9f:d4:96:92:20:fd:eb:2c:13:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=172537601a31697404922d957e74450f5a9cbe73
Validity
Not Before: Dec 24 02:17:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ed0d2b7b350e21e73cfe2fd042d0d411aa07e0fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:b8:48:45:dd:e0:63:f3:fb:d5:51:32:88:28:
fb:bb:a5:4b:f9:dc:5a:f5:83:bc:bb:d3:02:1a:10:
b2:e1:69:98:0b:bd:2c:35:39:7f:c2:0a:6c:58:d6:
d7:98:61:54:d5:7e:d2:06:15:7d:3c:8c:19:c3:f2:
c1:01:30:2f:65:14:d8:db:f0:0d:cd:12:d8:e9:9e:
a4:c9:e8:d7:6f:b1:64:24:f3:02:db:cd:8d:51:f9:
00:2c:1f:18:b4:33:67:11:47:0b:76:9f:27:39:6e:
fc:44:8b:e4:0c:a7:02:03:f3:44:4a:e7:01:fb:8f:
07:c6:e4:26:c2:62:22:cb:22:ea:df:00:6b:91:35:
2a:cb:2d:c8:d2:f3:62:a0:68:da:2b:8b:3e:5a:b0:
98:3b:db:5c:48:c9:88:b0:65:6a:06:58:98:f8:fe:
30:0e:30:29:e1:18:56:76:af:82:94:19:55:fd:c1:
6f:b3:28:4a:5f:e3:5e:b4:93:ce:96:72:e5:13:ca:
1e:ca:14:e4:11:80:a4:b0:00:e3:34:19:f6:4f:f6:
86:6d:9e:1b:34:f3:da:a1:ba:b0:68:ee:ea:50:0d:
df:72:e3:14:03:c1:e6:29:ef:f2:f0:99:e6:31:35:
47:2e:2c:e0:82:25:3c:bc:81:9b:47:fa:ce:ba:59:
2c:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:0D:2B:7B:35:0E:21:E7:3C:FE:2F:D0:42:D0:D4:11:AA:07:E0:FD
X509v3 Authority Key Identifier:
keyid:17:25:37:60:1A:31:69:74:04:92:2D:95:7E:74:45:0F:5A:9C:BE:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FyU3YBoxaXQEki2VfnRFD1qcvnM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/219cae-264d-46a7-9e64-e604b61be0ea/1/7Q0rezUOIec8_i_QQtDUEaoH4P0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/77/219cae-264d-46a7-9e64-e604b61be0ea/1/FyU3YBoxaXQEki2VfnRFD1qcvnM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.238.168.0/21
Signature Algorithm: sha256WithRSAEncryption
ab:ff:f9:ba:7b:b7:15:c0:ad:26:7d:ad:0d:ef:1f:40:90:aa:
f7:fd:49:63:77:f9:dc:c8:3a:8b:dc:c8:ae:6b:f4:39:f7:02:
f3:e1:c0:ed:ef:3c:89:a2:c2:60:f1:4a:cc:61:cd:3b:2d:e1:
ea:09:96:94:a4:89:41:bf:f2:55:25:1c:31:25:08:2c:63:bc:
d9:7c:30:f9:35:cb:e1:f9:5a:ea:c5:cf:7b:55:4b:7e:d7:f5:
74:ef:7e:ba:8d:26:15:ad:87:6b:71:55:9e:86:58:4d:7a:ab:
af:84:75:05:11:31:c0:0f:f2:40:cc:0d:47:9d:db:27:29:e2:
c2:03:2b:24:c8:df:f9:d2:ab:08:9f:8d:86:71:e8:6f:49:c5:
5e:f1:ea:2f:fb:55:7b:9e:4e:17:e1:84:22:ee:bc:9b:b9:c4:
14:93:05:30:fd:ef:7b:64:b6:fd:c2:74:ae:3e:e8:67:06:68:
39:cd:90:6b:fc:69:7c:96:66:17:f5:d5:28:47:c6:fe:da:62:
56:16:16:59:b3:42:77:43:87:85:b9:ac:be:96:56:c0:2c:23:
cb:a1:fd:8e:92:77:c2:ae:ab:2c:ab:1b:db:bc:74:5c:c2:eb:
6b:b6:cb:84:31:30:2d:e1:f4:7d:30:68:ad:08:9e:bc:eb:42:
27:b3:b4:55
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYyZnWWburSf1JaSIP3rLBPbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3MjUzNzYwMWEzMTY5NzQwNDkyMmQ5NTdlNzQ0NTBmNWE5
Y2JlNzMwHhcNMjMxMjI0MDIxNzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZDBkMmI3YjM1MGUyMWU3M2NmZTJmZDA0MmQwZDQxMWFhMDdlMGZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAirhIRd3gY/P71VEyiCj7u6VL+dxa
9YO8u9MCGhCy4WmYC70sNTl/wgpsWNbXmGFU1X7SBhV9PIwZw/LBATAvZRTY2/AN
zRLY6Z6kyejXb7FkJPMC282NUfkALB8YtDNnEUcLdp8nOW78RIvkDKcCA/NESucB
+48HxuQmwmIiyyLq3wBrkTUqyy3I0vNioGjaK4s+WrCYO9tcSMmIsGVqBliY+P4w
DjAp4RhWdq+ClBlV/cFvsyhKX+NetJPOlnLlE8oeyhTkEYCksADjNBn2T/aGbZ4b
NPPaobqwaO7qUA3fcuMUA8HmKe/y8JnmMTVHLizggiU8vIGbR/rOulksBwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFO0NK3s1DiHnPP4v0ELQ1BGqB+D9MB8GA1UdIwQY
MBaAFBclN2AaMWl0BJItlX50RQ9anL5zMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRnlVM1lCb3hhWFFFa2kyVmZuUkZEMXFjdm5NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny8yMTljYWUtMjY0ZC00NmE3LTllNjQt
ZTYwNGI2MWJlMGVhLzEvN1EwcmV6VU9JZWM4X2lfUVF0RFVFYW9INFAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny8yMTljYWUtMjY0ZC00NmE3LTllNjQtZTYwNGI2MWJlMGVh
LzEvRnlVM1lCb3hhWFFFa2kyVmZuUkZEMXFjdm5NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDbe6oMA0G
CSqGSIb3DQEBCwUAA4IBAQCr//m6e7cVwK0mfa0N7x9AkKr3/Uljd/ncyDqL3Miu
a/Q59wLz4cDt7zyJosJg8UrMYc07LeHqCZaUpIlBv/JVJRwxJQgsY7zZfDD5Ncvh
+Vrqxc97VUt+1/V07366jSYVrYdrcVWehlhNequvhHUFETHAD/JAzA1HndsnKeLC
AyskyN/50qsIn42GcehvScVe8eov+1V7nk4X4YQi7rybucQUkwUw/e97ZLb9wnSu
PuhnBmg5zZBr/Gl8lmYX9dUoR8b+2mJWFhZZs0J3Q4eFuay+llbALCPLof2OknfC
rqssqxvbvHRcwutrtsuEMTAt4fR9MGitCJ6860Ins7RV
-----END CERTIFICATE-----
Generated at Mon Jan 1 11:39:50 2024 by rpki-client on console-fra.rpki-client.org