Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/aZpeurq_P00cu7j8ea2Uexk3Opg.roa
File: aZpeurq_P00cu7j8ea2Uexk3Opg.roa (raw, json)
Hash identifier: 9LgPk4ZB4bZFyVxnNWxFW59xd5lXUdZpO0PaYQM4CIo=
Subject key identifier: 69:9A:5E:BA:BA:BF:3F:4D:1C:BB:B8:FC:79:AD:94:7B:19:37:3A:98
Certificate issuer: /CN=22f2c2e7bc1da54d919ca5b5941d378892b2ccb2
Certificate serial: 01856E0B0EA0ECDA8EC51B7C560066E31EAB
Authority key identifier: 22:F2:C2:E7:BC:1D:A5:4D:91:9C:A5:B5:94:1D:37:88:92:B2:CC:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IvLC57wdpU2RnKW1lB03iJKyzLI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/aZpeurq_P00cu7j8ea2Uexk3Opg.roa
Signing time: Sun 01 Jan 2023 15:54:56 +0000
ROA not before: Sun 01 Jan 2023 15:54:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9009
IP address blocks: 109.166.36.0/22 maxlen: 24
151.248.68.0/23 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:0b:0e:a0:ec:da:8e:c5:1b:7c:56:00:66:e3:1e:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22f2c2e7bc1da54d919ca5b5941d378892b2ccb2
Validity
Not Before: Jan 1 15:54:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=699a5ebababf3f4d1cbbb8fc79ad947b19373a98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:f7:55:bc:c0:e7:4c:94:cc:26:30:42:49:39:
c9:00:1e:ac:c9:6d:18:36:91:58:dc:b6:a6:da:40:
12:27:6b:7c:b7:84:fd:d5:ee:a6:ea:ad:8c:c9:1b:
fc:f0:c5:a8:4a:c1:41:bb:0d:dd:8b:18:e9:b7:69:
c6:28:ca:bc:d8:8a:ed:94:e6:16:31:a1:c5:a9:83:
0e:3b:35:86:a8:83:a9:aa:44:51:fe:fa:67:34:9e:
dd:51:d5:3d:44:f5:d8:8c:7b:38:62:5d:96:61:8e:
6d:86:a7:95:98:60:c3:1e:11:f5:28:36:e8:1d:e5:
c6:dc:60:da:76:3b:fa:53:95:43:80:a5:5c:bc:ad:
fb:6c:d3:be:c7:06:66:09:85:88:38:3a:41:de:65:
09:46:96:5b:66:cd:3a:c0:2a:5d:6f:be:f9:e0:ab:
9e:0a:b7:6a:d8:87:c4:fe:31:87:4d:b4:25:6b:16:
08:db:06:3c:ae:ce:0f:5c:f8:80:04:fc:c5:b7:d8:
7b:29:b6:60:bd:65:97:05:25:58:a9:4a:19:ad:b3:
13:91:35:5c:bf:1a:2a:f7:54:84:f4:2e:c5:f3:f8:
d2:65:48:50:19:7e:c5:fa:6b:6e:02:b0:f8:a2:47:
bd:f7:27:1a:d5:8a:59:35:6d:e0:68:fc:ff:64:07:
1c:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:9A:5E:BA:BA:BF:3F:4D:1C:BB:B8:FC:79:AD:94:7B:19:37:3A:98
X509v3 Authority Key Identifier:
keyid:22:F2:C2:E7:BC:1D:A5:4D:91:9C:A5:B5:94:1D:37:88:92:B2:CC:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IvLC57wdpU2RnKW1lB03iJKyzLI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/aZpeurq_P00cu7j8ea2Uexk3Opg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/IvLC57wdpU2RnKW1lB03iJKyzLI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.166.36.0/22
151.248.68.0/23
Signature Algorithm: sha256WithRSAEncryption
81:85:8d:24:0e:dc:66:8f:fc:ce:1b:5f:69:92:2a:26:e4:b2:
7c:db:59:18:ea:0f:6d:b5:91:5e:cd:92:b5:f5:e3:cd:ec:20:
0c:f0:40:e7:e1:9e:5b:51:c2:c4:09:89:e3:9b:94:db:09:21:
77:0f:02:29:4f:f7:5b:19:5a:07:a6:a4:2b:79:c2:37:8d:d8:
11:fd:0c:80:2a:6e:ca:ae:75:fe:d3:f3:74:4a:b5:e3:4d:d0:
dc:a2:03:5a:5a:8c:e5:c3:17:45:10:fc:54:29:5a:52:8f:b2:
d7:5f:3a:bd:46:31:e0:2b:5a:71:26:06:0a:f2:4f:ae:f5:bf:
59:f5:97:f7:3f:09:4f:56:f4:2f:79:25:db:2c:c1:4b:40:7f:
4f:36:cd:7b:4b:b6:4b:5a:d7:30:71:ef:e3:29:9e:86:f6:b0:
fa:a7:ad:7d:ed:38:0b:99:42:ee:76:7d:a3:05:d3:f4:77:84:
49:6a:dc:3d:a1:59:7b:27:78:76:c1:de:58:45:30:9c:f5:41:
f1:87:22:90:b8:71:43:ca:a9:d0:6f:e0:89:ce:4d:d1:d5:70:
6a:aa:a7:4c:84:45:b7:48:03:ed:ca:4b:30:27:cc:ee:c0:9f:
29:0b:0d:13:e7:f1:df:01:b2:20:f3:e3:8f:82:3f:e1:7a:6e:
9c:3c:e2:dc
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVuCw6g7NqOxRt8VgBm4x6rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyZjJjMmU3YmMxZGE1NGQ5MTljYTViNTk0MWQzNzg4OTJi
MmNjYjIwHhcNMjMwMTAxMTU1NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTlhNWViYWJhYmYzZjRkMWNiYmI4ZmM3OWFkOTQ3YjE5MzczYTk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmPdVvMDnTJTMJjBCSTnJAB6syW0Y
NpFY3Lam2kASJ2t8t4T91e6m6q2MyRv88MWoSsFBuw3dixjpt2nGKMq82IrtlOYW
MaHFqYMOOzWGqIOpqkRR/vpnNJ7dUdU9RPXYjHs4Yl2WYY5thqeVmGDDHhH1KDbo
HeXG3GDadjv6U5VDgKVcvK37bNO+xwZmCYWIODpB3mUJRpZbZs06wCpdb7754Kue
Crdq2IfE/jGHTbQlaxYI2wY8rs4PXPiABPzFt9h7KbZgvWWXBSVYqUoZrbMTkTVc
vxoq91SE9C7F8/jSZUhQGX7F+mtuArD4oke99yca1YpZNW3gaPz/ZAccwwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGmaXrq6vz9NHLu4/HmtlHsZNzqYMB8GA1UdIwQY
MBaAFCLywue8HaVNkZyltZQdN4iSssyyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXZMQzU3d2RwVTJSbktXMWxCMDNpSkt5ekxJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi82MDI1MzAtNmQyMi00NmYxLThlMDUt
MDJkZWY2ZTg0YzkxLzEvYVpwZXVycV9QMDBjdTdqOGVhMlVleGszT3BnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi82MDI1MzAtNmQyMi00NmYxLThlMDUtMDJkZWY2ZTg0Yzkx
LzEvSXZMQzU3d2RwVTJSbktXMWxCMDNpSkt5ekxJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCbaYkAwQB
l/hEMA0GCSqGSIb3DQEBCwUAA4IBAQCBhY0kDtxmj/zOG19pkiom5LJ821kY6g9t
tZFezZK19ePN7CAM8EDn4Z5bUcLECYnjm5TbCSF3DwIpT/dbGVoHpqQrecI3jdgR
/QyAKm7KrnX+0/N0SrXjTdDcogNaWozlwxdFEPxUKVpSj7LXXzq9RjHgK1pxJgYK
8k+u9b9Z9Zf3PwlPVvQveSXbLMFLQH9PNs17S7ZLWtcwce/jKZ6G9rD6p6197TgL
mULudn2jBdP0d4RJatw9oVl7J3h2wd5YRTCc9UHxhyKQuHFDyqnQb+CJzk3R1XBq
qqdMhEW3SAPtykswJ8zuwJ8pCw0T5/HfAbIg8+OPgj/hem6cPOLc
Generated at Mon Aug 28 14:57:29 2023 by rpki-client on console-fra.rpki-client.org