Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/bc9174-a3d1-4058-aa0a-7cfb19f6e133/1/dgNd5nq7OPAVy79vHhEuEOdlNVg.roa
File: dgNd5nq7OPAVy79vHhEuEOdlNVg.roa (raw, json)
Hash identifier: einTgU/+E8qjRCqI3u/wY6QYbgVlrePbgYXd1LHNSJc=
Subject key identifier: 76:03:5D:E6:7A:BB:38:F0:15:CB:BF:6F:1E:11:2E:10:E7:65:35:58
Certificate issuer: /CN=67cc3a523bea224a74bc96a4af4164c24786b82e
Certificate serial: 0185727A19226FAFF12670C4E0C26A2C3211
Authority key identifier: 67:CC:3A:52:3B:EA:22:4A:74:BC:96:A4:AF:41:64:C2:47:86:B8:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z8w6UjvqIkp0vJakr0FkwkeGuC4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/bc9174-a3d1-4058-aa0a-7cfb19f6e133/1/dgNd5nq7OPAVy79vHhEuEOdlNVg.roa
Signing time: Mon 02 Jan 2023 12:34:42 +0000
ROA not before: Mon 02 Jan 2023 12:34:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39305
IP address blocks: 109.206.228.0/22 maxlen: 22
2a0d:c440::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:30:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:7a:19:22:6f:af:f1:26:70:c4:e0:c2:6a:2c:32:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67cc3a523bea224a74bc96a4af4164c24786b82e
Validity
Not Before: Jan 2 12:34:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=76035de67abb38f015cbbf6f1e112e10e7653558
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:a7:24:0a:1a:1d:17:4e:0e:82:67:8e:49:62:
6a:ec:0a:ad:7b:32:a1:c6:57:54:19:97:b2:e3:e6:
2e:bd:a1:97:e2:0f:23:ae:c2:71:bf:b6:cb:78:c5:
26:46:a8:21:e8:62:69:41:99:ef:f1:dc:7f:df:c7:
b6:17:15:e3:ca:39:3e:d6:1b:fd:2e:70:d1:05:1c:
cc:97:d5:a8:63:ad:a3:00:d1:d8:c3:da:c0:5c:2e:
f2:e0:e7:b5:31:f8:b2:e0:a7:f4:ca:a8:78:92:5e:
15:3a:42:58:0e:93:f4:0a:63:0a:c5:f1:63:28:85:
27:69:9c:39:73:6b:63:8a:72:ff:b3:c4:43:c6:96:
12:ba:23:47:2c:df:fe:32:59:9d:d4:7e:76:57:26:
0a:46:ae:77:8b:68:6b:3c:6d:b7:aa:ce:18:e3:6e:
84:5a:d3:91:14:11:d7:7d:9c:dc:b0:2b:74:b9:9e:
9c:95:dc:0e:4d:f1:9a:7d:f1:71:aa:1c:ff:36:30:
30:b6:54:22:f2:fa:1b:d2:19:79:e6:07:90:b9:30:
e0:64:7f:53:ef:9b:cf:7b:ab:57:22:9c:12:bd:8b:
e6:74:30:6a:f6:6a:30:82:36:bb:26:58:d7:e7:72:
d8:90:66:58:1f:08:15:36:b0:54:92:39:80:5f:d5:
1d:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:03:5D:E6:7A:BB:38:F0:15:CB:BF:6F:1E:11:2E:10:E7:65:35:58
X509v3 Authority Key Identifier:
keyid:67:CC:3A:52:3B:EA:22:4A:74:BC:96:A4:AF:41:64:C2:47:86:B8:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z8w6UjvqIkp0vJakr0FkwkeGuC4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/bc9174-a3d1-4058-aa0a-7cfb19f6e133/1/dgNd5nq7OPAVy79vHhEuEOdlNVg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/bc9174-a3d1-4058-aa0a-7cfb19f6e133/1/Z8w6UjvqIkp0vJakr0FkwkeGuC4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.206.228.0/22
IPv6:
2a0d:c440::/29
Signature Algorithm: sha256WithRSAEncryption
43:82:a1:ec:6c:04:e7:d5:05:42:b1:05:07:81:fc:11:32:4a:
27:db:71:3e:1d:ba:4b:a0:aa:17:85:05:2f:94:85:00:36:e6:
83:46:47:0b:22:d2:88:ca:97:86:03:d9:4c:f7:32:12:45:7d:
fb:a5:21:97:3f:7a:e4:d8:73:d6:56:48:a7:35:82:f5:06:fe:
e7:55:85:b1:34:7a:29:3d:d8:d6:da:f6:e5:bf:64:40:ed:70:
59:02:2b:9d:76:24:c6:33:99:e2:5f:d7:6a:20:80:56:f5:ea:
0a:31:db:57:75:44:fd:3d:fb:19:a9:9e:63:48:87:4c:73:0e:
e5:c2:22:df:29:6e:8e:70:c9:a0:8a:cc:8d:eb:c8:55:52:a5:
77:b5:ff:db:3a:cf:22:e2:e1:9f:4a:87:84:7d:98:84:1f:bb:
49:fe:cd:3e:08:d2:8e:b5:a5:16:2d:61:2d:e8:bf:06:6f:65:
b1:bb:e9:30:e0:51:9c:56:32:12:72:d3:5d:e7:5b:4f:4d:79:
27:0f:a6:51:d1:06:48:42:4b:49:9d:97:08:c8:a4:6c:f3:84:
ed:c5:63:ea:23:f0:9a:22:8d:d6:86:e6:c9:1a:a5:cf:fa:e4:
f6:3f:31:ac:0d:60:be:12:8f:c7:34:6b:c6:89:a0:e2:12:66:
b8:2c:72:68
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVyehkib6/xJnDE4MJqLDIRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3Y2MzYTUyM2JlYTIyNGE3NGJjOTZhNGFmNDE2NGMyNDc4
NmI4MmUwHhcNMjMwMTAyMTIzNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NjAzNWRlNjdhYmIzOGYwMTVjYmJmNmYxZTExMmUxMGU3NjUzNTU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlackChodF04OgmeOSWJq7AqtezKh
xldUGZey4+YuvaGX4g8jrsJxv7bLeMUmRqgh6GJpQZnv8dx/38e2FxXjyjk+1hv9
LnDRBRzMl9WoY62jANHYw9rAXC7y4Oe1Mfiy4Kf0yqh4kl4VOkJYDpP0CmMKxfFj
KIUnaZw5c2tjinL/s8RDxpYSuiNHLN/+Mlmd1H52VyYKRq53i2hrPG23qs4Y426E
WtORFBHXfZzcsCt0uZ6cldwOTfGaffFxqhz/NjAwtlQi8vob0hl55geQuTDgZH9T
75vPe6tXIpwSvYvmdDBq9mowgja7JljX53LYkGZYHwgVNrBUkjmAX9UdVQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFHYDXeZ6uzjwFcu/bx4RLhDnZTVYMB8GA1UdIwQY
MBaAFGfMOlI76iJKdLyWpK9BZMJHhrguMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjh3NlVqdnFJa3Awdkpha3IwRmt3a2VHdUM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS9iYzkxNzQtYTNkMS00MDU4LWFhMGEt
N2NmYjE5ZjZlMTMzLzEvZGdOZDVucTdPUEFWeTc5dkhoRXVFT2RsTlZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS9iYzkxNzQtYTNkMS00MDU4LWFhMGEtN2NmYjE5ZjZlMTMz
LzEvWjh3NlVqdnFJa3Awdkpha3IwRmt3a2VHdUM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCbc7kMA0E
AgACMAcDBQMqDcRAMA0GCSqGSIb3DQEBCwUAA4IBAQBDgqHsbATn1QVCsQUHgfwR
Mkon23E+HbpLoKoXhQUvlIUANuaDRkcLItKIypeGA9lM9zISRX37pSGXP3rk2HPW
VkinNYL1Bv7nVYWxNHopPdjW2vblv2RA7XBZAiuddiTGM5niX9dqIIBW9eoKMdtX
dUT9PfsZqZ5jSIdMcw7lwiLfKW6OcMmgisyN68hVUqV3tf/bOs8i4uGfSoeEfZiE
H7tJ/s0+CNKOtaUWLWEt6L8Gb2Wxu+kw4FGcVjISctNd51tPTXknD6ZR0QZIQktJ
nZcIyKRs84TtxWPqI/CaIo3WhubJGqXP+uT2PzGsDWC+Eo/HNGvGiaDiEma4LHJo
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:02 2024 by rpki-client on console-fra.rpki-client.org