Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/219cae-264d-46a7-9e64-e604b61be0ea/1/CAn7oswVMkAv4GtFiPniPWBlZPI.roa
File: CAn7oswVMkAv4GtFiPniPWBlZPI.roa (raw, json)
Hash identifier: 9/MiJztc8KrbocWAc9yDdqKu+TUCu3M8ySXzgjY2t20=
Subject key identifier: 08:09:FB:A2:CC:15:32:40:2F:E0:6B:45:88:F9:E2:3D:60:65:64:F2
Certificate issuer: /CN=172537601a31697404922d957e74450f5a9cbe73
Certificate serial: 018C8F687AF1BF84CCFED930B1EC1F8AF5A9
Authority key identifier: 17:25:37:60:1A:31:69:74:04:92:2D:95:7E:74:45:0F:5A:9C:BE:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FyU3YBoxaXQEki2VfnRFD1qcvnM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/219cae-264d-46a7-9e64-e604b61be0ea/1/CAn7oswVMkAv4GtFiPniPWBlZPI.roa
Signing time: Fri 22 Dec 2023 02:43:58 +0000
ROA not before: Fri 22 Dec 2023 02:43:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 109.238.160.0/21 maxlen: 24
109.238.168.0/21 maxlen: 24
Validation: Failed, certificate revoked on Sun 24 Dec 2023 02:17:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:8f:68:7a:f1:bf:84:cc:fe:d9:30:b1:ec:1f:8a:f5:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=172537601a31697404922d957e74450f5a9cbe73
Validity
Not Before: Dec 22 02:43:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0809fba2cc1532402fe06b4588f9e23d606564f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:16:46:27:9e:3d:b2:0b:3e:4b:5b:dd:b6:0b:
6f:97:15:43:76:9f:61:d3:17:89:d5:95:b1:23:e1:
92:a6:12:33:45:50:4c:92:89:6f:c6:58:61:c2:16:
6b:90:04:ab:d8:39:8a:b9:bc:ba:da:fe:cb:c2:26:
78:c1:c2:10:2c:ee:b6:36:96:48:f5:19:7c:d5:57:
f3:fc:96:7e:24:bc:cd:6a:e5:cf:36:73:f4:cc:dc:
4e:79:eb:72:a2:21:d3:17:8f:46:d3:89:2e:8d:0a:
9b:c3:42:5d:c8:35:62:a6:26:f3:28:95:a8:d5:13:
1a:a3:37:4f:83:32:8d:d1:72:61:53:e9:9c:f0:49:
7b:2e:8a:d1:88:b8:ad:bc:53:d2:ba:27:fe:ef:33:
11:e8:7e:d2:2e:18:13:af:34:16:d7:8f:73:03:9a:
aa:83:95:bf:22:08:44:55:60:0d:24:09:fb:80:39:
16:a4:31:54:1f:d7:37:7b:ed:90:f0:bb:1e:a5:d5:
47:07:5f:e5:61:26:4e:70:09:6e:09:13:0e:ca:45:
88:96:66:5f:6c:ef:31:81:c1:ac:06:12:37:ac:68:
52:f5:69:93:97:65:37:ce:67:b8:b2:f7:f1:9d:46:
38:a8:5c:ec:d1:73:7f:46:e8:77:6c:50:f7:90:69:
b7:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:09:FB:A2:CC:15:32:40:2F:E0:6B:45:88:F9:E2:3D:60:65:64:F2
X509v3 Authority Key Identifier:
keyid:17:25:37:60:1A:31:69:74:04:92:2D:95:7E:74:45:0F:5A:9C:BE:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FyU3YBoxaXQEki2VfnRFD1qcvnM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/219cae-264d-46a7-9e64-e604b61be0ea/1/CAn7oswVMkAv4GtFiPniPWBlZPI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/77/219cae-264d-46a7-9e64-e604b61be0ea/1/FyU3YBoxaXQEki2VfnRFD1qcvnM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.238.160.0/20
Signature Algorithm: sha256WithRSAEncryption
62:f0:3e:c0:01:25:99:0f:76:fb:a8:4a:29:58:5f:c9:92:ca:
a7:be:07:d3:69:7b:95:f2:bf:eb:3f:ce:af:22:07:e7:43:54:
1a:37:d3:cd:b6:78:4f:e1:c0:e1:6a:e1:fa:d5:1b:0a:98:69:
5f:f2:31:fe:8f:8a:77:d2:4c:41:f8:c5:60:ad:0d:de:90:b0:
3c:0a:ae:4b:da:38:1d:86:9f:7a:7a:fb:01:85:3f:26:cf:c4:
ae:87:27:4b:a6:c8:d8:fc:77:ff:bb:90:6c:12:0c:cd:8a:a7:
c0:f6:dc:af:64:c8:7f:6f:e3:2e:2e:d4:f2:ef:50:76:80:10:
5b:c0:30:a0:52:9d:c7:a4:a7:6f:f1:f1:10:1d:00:4e:55:8b:
ed:cf:ad:7c:d8:f8:ff:85:66:43:18:92:28:be:56:42:44:4f:
c6:4e:c0:49:83:d8:21:50:49:84:af:6e:98:bd:d6:bf:da:68:
14:d4:36:50:d4:2e:2a:8e:0e:5f:27:7e:e0:5f:b1:cc:fc:7c:
2f:bb:cc:ad:a9:e4:d5:7b:61:4d:fb:a4:15:86:8b:c4:b7:ea:
41:dc:b4:31:69:b3:17:55:59:18:58:d4:92:08:a0:0b:d6:98:
96:f1:8c:48:5d:69:16:b6:dc:89:e5:eb:82:b3:a8:47:22:8e:
f2:64:5b:15
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYyPaHrxv4TM/tkwsewfivWpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3MjUzNzYwMWEzMTY5NzQwNDkyMmQ5NTdlNzQ0NTBmNWE5
Y2JlNzMwHhcNMjMxMjIyMDI0MzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODA5ZmJhMmNjMTUzMjQwMmZlMDZiNDU4OGY5ZTIzZDYwNjU2NGYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkBZGJ549sgs+S1vdtgtvlxVDdp9h
0xeJ1ZWxI+GSphIzRVBMkolvxlhhwhZrkASr2DmKuby62v7LwiZ4wcIQLO62NpZI
9Rl81Vfz/JZ+JLzNauXPNnP0zNxOeetyoiHTF49G04kujQqbw0JdyDVipibzKJWo
1RMaozdPgzKN0XJhU+mc8El7LorRiLitvFPSuif+7zMR6H7SLhgTrzQW149zA5qq
g5W/IghEVWANJAn7gDkWpDFUH9c3e+2Q8LsepdVHB1/lYSZOcAluCRMOykWIlmZf
bO8xgcGsBhI3rGhS9WmTl2U3zme4svfxnUY4qFzs0XN/Ruh3bFD3kGm3swIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAgJ+6LMFTJAL+BrRYj54j1gZWTyMB8GA1UdIwQY
MBaAFBclN2AaMWl0BJItlX50RQ9anL5zMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRnlVM1lCb3hhWFFFa2kyVmZuUkZEMXFjdm5NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny8yMTljYWUtMjY0ZC00NmE3LTllNjQt
ZTYwNGI2MWJlMGVhLzEvQ0FuN29zd1ZNa0F2NEd0RmlQbmlQV0JsWlBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny8yMTljYWUtMjY0ZC00NmE3LTllNjQtZTYwNGI2MWJlMGVh
LzEvRnlVM1lCb3hhWFFFa2kyVmZuUkZEMXFjdm5NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEbe6gMA0G
CSqGSIb3DQEBCwUAA4IBAQBi8D7AASWZD3b7qEopWF/JksqnvgfTaXuV8r/rP86v
IgfnQ1QaN9PNtnhP4cDhauH61RsKmGlf8jH+j4p30kxB+MVgrQ3ekLA8Cq5L2jgd
hp96evsBhT8mz8SuhydLpsjY/Hf/u5BsEgzNiqfA9tyvZMh/b+MuLtTy71B2gBBb
wDCgUp3HpKdv8fEQHQBOVYvtz6182Pj/hWZDGJIovlZCRE/GTsBJg9ghUEmEr26Y
vda/2mgU1DZQ1C4qjg5fJ37gX7HM/Hwvu8ytqeTVe2FN+6QVhovEt+pB3LQxabMX
VVkYWNSSCKAL1piW8YxIXWkWttyJ5euCs6hHIo7yZFsV
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:32 2024 by rpki-client on console-ams.rpki-client.org