Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/2eed71-4665-4948-a3c5-b2a713d2eab2/1/yAU-_tYDl0CfKB8ExNq2LGJdNUs.roa
File: yAU-_tYDl0CfKB8ExNq2LGJdNUs.roa (raw, json)
Hash identifier: ttc3gaA4EnOOjf2QVw+EXHFLV7Xl9QnTRjH0lT7b4SE=
Subject key identifier: C8:05:3E:FE:D6:03:97:40:9F:28:1F:04:C4:DA:B6:2C:62:5D:35:4B
Certificate issuer: /CN=c1098a1905bbd3381533828f6b7fd227170431ef
Certificate serial: 0192BE7785D463CC8F11BBD5A88A0AF50B7B
Authority key identifier: C1:09:8A:19:05:BB:D3:38:15:33:82:8F:6B:7F:D2:27:17:04:31:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wQmKGQW70zgVM4KPa3_SJxcEMe8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/2eed71-4665-4948-a3c5-b2a713d2eab2/1/yAU-_tYDl0CfKB8ExNq2LGJdNUs.roa
Signing time: Thu 24 Oct 2024 12:19:16 +0000
ROA not before: Thu 24 Oct 2024 12:19:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212330
IP address blocks: 109.230.121.0/24 maxlen: 24
109.230.122.0/24 maxlen: 24
109.230.124.0/24 maxlen: 24
109.230.125.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 13:48:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:be:77:85:d4:63:cc:8f:11:bb:d5:a8:8a:0a:f5:0b:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c1098a1905bbd3381533828f6b7fd227170431ef
Validity
Not Before: Oct 24 12:19:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c8053efed60397409f281f04c4dab62c625d354b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:28:e4:0c:5f:70:97:77:a9:7f:ae:c2:87:bb:
fa:a4:a0:25:31:c1:a5:e2:c1:f3:44:ab:94:e0:0d:
be:45:ae:ba:cf:fe:45:23:d9:8e:aa:d0:b4:e7:b8:
08:58:93:93:3a:cb:36:b9:fe:88:6a:31:a8:13:e6:
cf:98:e5:0d:0d:94:23:1a:02:14:79:7b:2a:fe:03:
43:df:de:7b:af:01:7b:9c:1e:21:ad:f1:c5:3d:ee:
45:54:5c:73:e4:59:7c:e1:82:d3:e6:5b:87:e6:52:
22:1f:c8:3e:d5:81:cd:fc:88:dd:a7:e3:30:95:15:
b6:e8:c1:5b:57:85:f4:4d:ed:d5:c6:51:d5:a5:24:
b4:6b:3b:ed:e6:f6:1d:b1:f1:83:76:0c:e3:c7:d6:
39:31:a5:2f:20:c2:47:f7:20:90:1a:29:92:7d:c7:
f9:48:f6:23:dd:16:af:15:85:d9:08:10:be:47:cf:
f0:d7:60:d3:33:70:41:79:cf:da:a3:54:15:20:96:
4e:7b:d0:4f:de:47:0e:37:02:f1:70:13:17:18:9b:
0c:2b:d2:79:fb:fd:e6:52:14:09:f9:a2:54:e3:94:
3a:ba:c1:df:c7:7e:de:3c:9e:04:77:79:6e:0c:7a:
ba:71:08:84:64:8c:32:71:43:d0:a5:25:32:f2:2e:
37:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:05:3E:FE:D6:03:97:40:9F:28:1F:04:C4:DA:B6:2C:62:5D:35:4B
X509v3 Authority Key Identifier:
keyid:C1:09:8A:19:05:BB:D3:38:15:33:82:8F:6B:7F:D2:27:17:04:31:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wQmKGQW70zgVM4KPa3_SJxcEMe8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/2eed71-4665-4948-a3c5-b2a713d2eab2/1/yAU-_tYDl0CfKB8ExNq2LGJdNUs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/2eed71-4665-4948-a3c5-b2a713d2eab2/1/wQmKGQW70zgVM4KPa3_SJxcEMe8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.230.121.0-109.230.122.255
109.230.124.0/23
Signature Algorithm: sha256WithRSAEncryption
7c:cf:21:d6:aa:99:ac:2a:a3:c5:ed:c6:04:da:aa:f1:5a:f1:
c0:d9:90:e4:d1:88:f3:55:01:61:ed:c3:9b:f7:d5:80:af:b1:
e3:b3:c7:c7:c7:a5:bb:89:05:18:d5:c5:2f:b9:ef:ca:7b:3e:
6c:9f:6b:c3:25:b1:16:4f:21:8e:32:44:37:3e:22:ec:de:2c:
51:5f:58:f2:9a:74:b3:c8:1f:f2:06:16:70:51:8b:50:1b:a7:
4b:6d:bf:e1:2b:91:ac:a5:70:ba:f1:42:8c:9a:f6:3c:4b:fc:
11:f5:d2:cf:99:69:b6:cb:4c:1b:4d:1c:a7:e8:29:f2:b2:5c:
83:cd:2a:81:fd:1c:df:2e:2b:27:84:5e:e6:a8:cd:d9:54:d3:
f6:10:ac:a0:31:bf:42:a2:c1:cd:0c:51:00:a4:67:a2:55:d8:
a3:3c:1c:c6:d6:fe:2d:d8:6f:0f:e9:91:ed:8f:b6:0f:d5:ec:
37:08:2e:97:03:94:81:53:b7:f6:c9:12:80:bf:d2:f0:e5:9e:
9f:15:2c:c5:4e:da:ee:b3:df:9c:03:99:ca:77:83:1c:d0:15:
7b:fb:89:f3:53:82:d6:ad:25:03:6c:80:b0:5a:a3:d5:c6:f7:
e9:de:5f:07:dc:13:84:45:d7:4b:fe:67:38:3f:bd:f7:c8:4d:
8a:08:9d:0b
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZK+d4XUY8yPEbvVqIoK9Qt7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxMDk4YTE5MDViYmQzMzgxNTMzODI4ZjZiN2ZkMjI3MTcw
NDMxZWYwHhcNMjQxMDI0MTIxOTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODA1M2VmZWQ2MDM5NzQwOWYyODFmMDRjNGRhYjYyYzYyNWQzNTRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvyjkDF9wl3epf67Ch7v6pKAlMcGl
4sHzRKuU4A2+Ra66z/5FI9mOqtC057gIWJOTOss2uf6IajGoE+bPmOUNDZQjGgIU
eXsq/gND3957rwF7nB4hrfHFPe5FVFxz5Fl84YLT5luH5lIiH8g+1YHN/Ijdp+Mw
lRW26MFbV4X0Te3VxlHVpSS0azvt5vYdsfGDdgzjx9Y5MaUvIMJH9yCQGimSfcf5
SPYj3RavFYXZCBC+R8/w12DTM3BBec/ao1QVIJZOe9BP3kcONwLxcBMXGJsMK9J5
+/3mUhQJ+aJU45Q6usHfx37ePJ4Ed3luDHq6cQiEZIwycUPQpSUy8i431wIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFMgFPv7WA5dAnygfBMTatixiXTVLMB8GA1UdIwQY
MBaAFMEJihkFu9M4FTOCj2t/0icXBDHvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd1FtS0dRVzcwemdWTTRLUGEzX1NKeGNFTWU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi8yZWVkNzEtNDY2NS00OTQ4LWEzYzUt
YjJhNzEzZDJlYWIyLzEveUFVLV90WURsMENmS0I4RXhOcTJMR0pkTlVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi8yZWVkNzEtNDY2NS00OTQ4LWEzYzUtYjJhNzEzZDJlYWIy
LzEvd1FtS0dRVzcwemdWTTRLUGEzX1NKeGNFTWU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBABt5nkD
BABt5noDBAFt5nwwDQYJKoZIhvcNAQELBQADggEBAHzPIdaqmawqo8XtxgTaqvFa
8cDZkOTRiPNVAWHtw5v31YCvseOzx8fHpbuJBRjVxS+578p7Pmyfa8MlsRZPIY4y
RDc+IuzeLFFfWPKadLPIH/IGFnBRi1Abp0ttv+ErkaylcLrxQoya9jxL/BH10s+Z
abbLTBtNHKfoKfKyXIPNKoH9HN8uKyeEXuaozdlU0/YQrKAxv0Kiwc0MUQCkZ6JV
2KM8HMbW/i3Ybw/pke2Ptg/V7DcILpcDlIFTt/bJEoC/0vDlnp8VLMVO2u6z35wD
mcp3gxzQFXv7ifNTgtatJQNsgLBao9XG9+neXwfcE4RF10v+Zzg/vffITYoInQs=
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:41:16 2025 by rpki-client