Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/bc9174-a3d1-4058-aa0a-7cfb19f6e133/1/p0MTafTbp4pjvyY3VEcZPqkxpKQ.roa
File: p0MTafTbp4pjvyY3VEcZPqkxpKQ.roa (raw, json)
Hash identifier: Wd7lFjhwGttNtjSE5UskAGMPLWFNxNevAPFJnxNJPtg=
Subject key identifier: A7:43:13:69:F4:DB:A7:8A:63:BF:26:37:54:47:19:3E:A9:31:A4:A4
Certificate issuer: /CN=67cc3a523bea224a74bc96a4af4164c24786b82e
Certificate serial: 018CC3B728987D49EBE96D35095594385FEE
Authority key identifier: 67:CC:3A:52:3B:EA:22:4A:74:BC:96:A4:AF:41:64:C2:47:86:B8:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z8w6UjvqIkp0vJakr0FkwkeGuC4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/bc9174-a3d1-4058-aa0a-7cfb19f6e133/1/p0MTafTbp4pjvyY3VEcZPqkxpKQ.roa
Signing time: Mon 01 Jan 2024 06:30:09 +0000
ROA not before: Mon 01 Jan 2024 06:30:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39305
IP address blocks: 109.206.228.0/22 maxlen: 22
2a0d:c440::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 02 Jan 2025 05:49:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b7:28:98:7d:49:eb:e9:6d:35:09:55:94:38:5f:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67cc3a523bea224a74bc96a4af4164c24786b82e
Validity
Not Before: Jan 1 06:30:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a7431369f4dba78a63bf26375447193ea931a4a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:c2:e8:1e:ce:10:01:dc:de:6e:3b:9a:f8:cf:
40:9b:f8:78:92:27:42:d2:16:0a:a2:55:b0:6e:2e:
b3:b4:65:39:80:b6:b0:d4:71:b5:ff:7c:a4:47:ae:
96:ae:a5:79:51:6a:7c:d8:35:01:34:e8:52:1e:dd:
cf:07:36:63:1c:ee:69:45:d2:cd:fb:eb:78:40:ab:
56:f1:fd:92:4f:19:6e:25:4c:54:89:db:95:a6:b7:
b0:44:45:92:47:cc:c5:81:c4:16:8c:fe:07:5e:17:
bc:55:3d:57:a4:d7:5e:80:50:07:7f:5e:f8:78:00:
2c:38:35:6f:1a:e9:c5:d7:49:57:2d:4a:cc:ec:48:
e7:df:69:9e:85:d6:1b:0f:ce:bf:12:24:60:73:b0:
07:6e:1c:75:64:23:2e:87:87:d4:24:8b:0a:91:c6:
6d:7c:95:96:04:06:87:6e:08:78:f2:90:29:cf:f6:
cc:f6:ea:d4:a9:e3:27:dd:cc:19:71:1b:e6:b6:f3:
92:a0:c7:9b:27:31:64:b7:66:16:f0:b3:a0:b9:b6:
13:f3:87:db:8d:81:24:8c:c8:b5:c0:74:95:8f:d5:
e4:4e:17:dd:70:01:37:69:61:81:04:3b:79:bb:73:
ba:49:3c:a0:3e:73:cb:ea:1b:55:7b:01:b2:12:5d:
a8:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:43:13:69:F4:DB:A7:8A:63:BF:26:37:54:47:19:3E:A9:31:A4:A4
X509v3 Authority Key Identifier:
keyid:67:CC:3A:52:3B:EA:22:4A:74:BC:96:A4:AF:41:64:C2:47:86:B8:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z8w6UjvqIkp0vJakr0FkwkeGuC4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/bc9174-a3d1-4058-aa0a-7cfb19f6e133/1/p0MTafTbp4pjvyY3VEcZPqkxpKQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/bc9174-a3d1-4058-aa0a-7cfb19f6e133/1/Z8w6UjvqIkp0vJakr0FkwkeGuC4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.206.228.0/22
IPv6:
2a0d:c440::/29
Signature Algorithm: sha256WithRSAEncryption
17:2c:69:e9:cb:35:fa:b6:f7:4c:2d:43:30:04:ba:a1:00:0c:
04:2d:77:57:09:1b:f1:11:cf:e1:0e:0f:45:41:72:21:e7:c9:
92:e6:4c:80:68:f3:23:2f:41:3a:34:1d:cf:12:e7:37:e1:00:
49:1a:5b:3e:ea:31:8b:13:48:1a:cd:fa:79:22:4b:e4:c1:b4:
2a:54:9e:ca:9a:ef:f9:7b:fa:30:35:97:ae:f3:46:40:74:78:
2e:06:46:9d:e0:43:d8:67:16:5f:e0:61:7d:71:57:d0:f3:89:
0d:c0:5f:66:22:14:f1:3a:90:3c:a8:74:c4:40:35:52:7b:34:
43:36:3f:ff:50:e9:07:ac:19:3d:cb:a1:1e:e6:ca:c2:92:3e:
41:f2:41:5f:2d:83:4c:d3:b3:f5:47:3a:af:da:6d:be:f6:3d:
ed:9d:59:b3:d1:99:a5:ae:5f:6f:a0:db:c3:99:2f:bc:9c:25:
9b:81:f0:a5:39:db:a4:a6:49:49:74:65:c5:d8:5e:27:88:4f:
c4:fb:2f:c0:99:b6:5e:15:be:f6:2a:87:fa:60:f3:af:23:9a:
5a:b8:55:cc:5e:c6:79:d9:7d:0b:04:0b:07:e8:a5:df:df:f2:
92:08:2a:30:3d:da:7a:3d:ed:9a:2f:2c:64:0d:1f:cc:de:f1:
fa:ad:5b:c5
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzDtyiYfUnr6W01CVWUOF/uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3Y2MzYTUyM2JlYTIyNGE3NGJjOTZhNGFmNDE2NGMyNDc4
NmI4MmUwHhcNMjQwMTAxMDYzMDA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzQzMTM2OWY0ZGJhNzhhNjNiZjI2Mzc1NDQ3MTkzZWE5MzFhNGE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj8LoHs4QAdzebjua+M9Am/h4kidC
0hYKolWwbi6ztGU5gLaw1HG1/3ykR66WrqV5UWp82DUBNOhSHt3PBzZjHO5pRdLN
++t4QKtW8f2STxluJUxUiduVprewREWSR8zFgcQWjP4HXhe8VT1XpNdegFAHf174
eAAsODVvGunF10lXLUrM7Ejn32mehdYbD86/EiRgc7AHbhx1ZCMuh4fUJIsKkcZt
fJWWBAaHbgh48pApz/bM9urUqeMn3cwZcRvmtvOSoMebJzFkt2YW8LOgubYT84fb
jYEkjMi1wHSVj9XkThfdcAE3aWGBBDt5u3O6STygPnPL6htVewGyEl2o3QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKdDE2n026eKY78mN1RHGT6pMaSkMB8GA1UdIwQY
MBaAFGfMOlI76iJKdLyWpK9BZMJHhrguMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjh3NlVqdnFJa3Awdkpha3IwRmt3a2VHdUM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS9iYzkxNzQtYTNkMS00MDU4LWFhMGEt
N2NmYjE5ZjZlMTMzLzEvcDBNVGFmVGJwNHBqdnlZM1ZFY1pQcWt4cEtRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS9iYzkxNzQtYTNkMS00MDU4LWFhMGEtN2NmYjE5ZjZlMTMz
LzEvWjh3NlVqdnFJa3Awdkpha3IwRmt3a2VHdUM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCbc7kMA0E
AgACMAcDBQMqDcRAMA0GCSqGSIb3DQEBCwUAA4IBAQAXLGnpyzX6tvdMLUMwBLqh
AAwELXdXCRvxEc/hDg9FQXIh58mS5kyAaPMjL0E6NB3PEuc34QBJGls+6jGLE0ga
zfp5IkvkwbQqVJ7Kmu/5e/owNZeu80ZAdHguBkad4EPYZxZf4GF9cVfQ84kNwF9m
IhTxOpA8qHTEQDVSezRDNj//UOkHrBk9y6Ee5srCkj5B8kFfLYNM07P1Rzqv2m2+
9j3tnVmz0Zmlrl9voNvDmS+8nCWbgfClOdukpklJdGXF2F4niE/E+y/AmbZeFb72
Kof6YPOvI5pauFXMXsZ52X0LBAsH6KXf3/KSCCowPdp6Pe2aLyxkDR/M3vH6rVvF
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:24:24 2025 by rpki-client