Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/d2c08f-5ff3-4982-b57b-631c6d09e845/1/rNCiIYtzEDG8heCmwE2E_Gs0tNI.roa
File: rNCiIYtzEDG8heCmwE2E_Gs0tNI.roa (raw, json)
Hash identifier: vHcAdn1JbsY0eBAlL9xp4o93/XTjP28kHrpRLPYqrKY=
Subject key identifier: AC:D0:A2:21:8B:73:10:31:BC:85:E0:A6:C0:4D:84:FC:6B:34:B4:D2
Certificate issuer: /CN=5d0bbeb7833bdc9be725061157c039f2a10f1a80
Certificate serial: 01857295C207633177D9E315B3340FED0E0C
Authority key identifier: 5D:0B:BE:B7:83:3B:DC:9B:E7:25:06:11:57:C0:39:F2:A1:0F:1A:80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XQu-t4M73JvnJQYRV8A58qEPGoA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/d2c08f-5ff3-4982-b57b-631c6d09e845/1/rNCiIYtzEDG8heCmwE2E_Gs0tNI.roa
Signing time: Mon 02 Jan 2023 13:04:55 +0000
ROA not before: Mon 02 Jan 2023 13:04:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50471
IP address blocks: 109.95.216.0/21 maxlen: 21
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:30:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:95:c2:07:63:31:77:d9:e3:15:b3:34:0f:ed:0e:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d0bbeb7833bdc9be725061157c039f2a10f1a80
Validity
Not Before: Jan 2 13:04:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=acd0a2218b731031bc85e0a6c04d84fc6b34b4d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:92:a2:3b:ce:f3:b9:85:f1:ba:aa:be:e4:13:
5d:3d:bb:6a:c7:b5:c1:03:3d:b3:53:74:06:c2:a1:
bc:e9:e1:e2:c1:4a:f5:70:48:b7:1d:08:e5:0f:c2:
aa:c4:e4:d2:7c:63:a3:54:dd:b5:3e:76:1a:41:af:
f5:16:76:75:04:0d:79:91:11:40:c7:d9:c8:11:8a:
c1:37:20:73:56:d6:c6:a8:2f:97:aa:f9:6e:73:3c:
b0:5e:de:b1:fb:3b:cd:18:86:f5:d4:51:67:0b:b9:
db:bb:ac:17:54:8f:25:d9:0c:49:6b:e4:74:c7:3f:
e6:3a:ff:72:b9:c4:0f:88:a6:d6:77:51:2c:62:95:
41:3b:3e:52:b4:a6:8d:d5:a8:9a:49:af:63:b1:1a:
dd:3e:39:bb:f8:80:b0:31:e3:dd:f4:1f:c5:e0:4e:
0b:5f:0d:66:08:69:03:3a:44:bb:28:1b:55:28:64:
f5:4e:98:c3:59:ba:6f:37:b1:02:08:c5:3b:d9:d4:
00:2e:50:d2:44:ec:7e:79:02:0f:24:71:ea:24:fd:
08:aa:88:05:3b:be:58:4a:ec:b4:e9:60:70:1d:80:
c3:e1:38:15:90:32:68:7a:c6:01:66:9b:cc:f6:ed:
e4:a5:97:03:0d:9f:14:44:9d:b1:7d:9b:f6:6b:5a:
67:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:D0:A2:21:8B:73:10:31:BC:85:E0:A6:C0:4D:84:FC:6B:34:B4:D2
X509v3 Authority Key Identifier:
keyid:5D:0B:BE:B7:83:3B:DC:9B:E7:25:06:11:57:C0:39:F2:A1:0F:1A:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XQu-t4M73JvnJQYRV8A58qEPGoA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/d2c08f-5ff3-4982-b57b-631c6d09e845/1/rNCiIYtzEDG8heCmwE2E_Gs0tNI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/d2c08f-5ff3-4982-b57b-631c6d09e845/1/XQu-t4M73JvnJQYRV8A58qEPGoA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.95.216.0/21
Signature Algorithm: sha256WithRSAEncryption
30:ad:ab:d7:1a:85:a3:fd:ca:e9:ff:b1:5a:80:57:c0:84:ea:
73:34:0e:c3:8e:7b:fd:1e:d4:0e:17:7c:6a:47:7d:53:aa:a9:
d3:dc:0d:eb:e4:39:83:c7:26:4a:a9:66:63:ee:1e:0d:d2:02:
7e:b4:71:b4:29:9a:e1:35:4e:65:e0:d6:95:4e:b5:37:05:91:
d4:1e:c7:75:fd:7f:2d:d2:54:52:d9:6b:af:e8:ac:73:af:67:
dd:75:da:17:48:d9:f2:27:52:73:cd:0d:f4:52:aa:9e:14:fc:
af:f3:7d:19:ad:63:a4:16:81:24:e2:ec:39:23:87:d1:da:e1:
cc:72:78:94:85:83:b1:18:ad:71:e8:16:aa:73:c3:00:b0:c7:
91:b8:a7:ed:68:47:10:d8:07:b0:00:28:5c:84:60:63:00:03:
46:09:f9:b4:ed:f1:99:1b:e9:2d:03:9b:66:0f:55:69:1d:b4:
f4:be:3d:f7:81:24:8f:9f:53:8a:4d:ed:92:83:35:61:8f:8f:
67:86:6c:76:e5:c3:f0:ac:c0:ec:c1:05:e2:cc:d0:b3:fe:a3:
7b:79:8a:60:27:45:fb:c4:9a:c1:63:1d:03:58:16:85:00:e1:
e1:4c:ab:be:a3:ac:a1:5d:31:e6:75:29:62:76:2a:36:b3:e3:
c7:7c:1f:3b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVylcIHYzF32eMVszQP7Q4MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkMGJiZWI3ODMzYmRjOWJlNzI1MDYxMTU3YzAzOWYyYTEw
ZjFhODAwHhcNMjMwMTAyMTMwNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhY2QwYTIyMThiNzMxMDMxYmM4NWUwYTZjMDRkODRmYzZiMzRiNGQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm5KiO87zuYXxuqq+5BNdPbtqx7XB
Az2zU3QGwqG86eHiwUr1cEi3HQjlD8KqxOTSfGOjVN21PnYaQa/1FnZ1BA15kRFA
x9nIEYrBNyBzVtbGqC+XqvluczywXt6x+zvNGIb11FFnC7nbu6wXVI8l2QxJa+R0
xz/mOv9yucQPiKbWd1EsYpVBOz5StKaN1aiaSa9jsRrdPjm7+ICwMePd9B/F4E4L
Xw1mCGkDOkS7KBtVKGT1TpjDWbpvN7ECCMU72dQALlDSROx+eQIPJHHqJP0IqogF
O75YSuy06WBwHYDD4TgVkDJoesYBZpvM9u3kpZcDDZ8URJ2xfZv2a1pnHQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKzQoiGLcxAxvIXgpsBNhPxrNLTSMB8GA1UdIwQY
MBaAFF0LvreDO9yb5yUGEVfAOfKhDxqAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFF1LXQ0TTczSnZuSlFZUlY4QTU4cUVQR29BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC9kMmMwOGYtNWZmMy00OTgyLWI1N2It
NjMxYzZkMDllODQ1LzEvck5DaUlZdHpFREc4aGVDbXdFMkVfR3MwdE5JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC9kMmMwOGYtNWZmMy00OTgyLWI1N2ItNjMxYzZkMDllODQ1
LzEvWFF1LXQ0TTczSnZuSlFZUlY4QTU4cUVQR29BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDbV/YMA0G
CSqGSIb3DQEBCwUAA4IBAQAwravXGoWj/crp/7FagFfAhOpzNA7Djnv9HtQOF3xq
R31TqqnT3A3r5DmDxyZKqWZj7h4N0gJ+tHG0KZrhNU5l4NaVTrU3BZHUHsd1/X8t
0lRS2Wuv6Kxzr2fdddoXSNnyJ1JzzQ30UqqeFPyv830ZrWOkFoEk4uw5I4fR2uHM
cniUhYOxGK1x6Baqc8MAsMeRuKftaEcQ2AewAChchGBjAANGCfm07fGZG+ktA5tm
D1VpHbT0vj33gSSPn1OKTe2SgzVhj49nhmx25cPwrMDswQXizNCz/qN7eYpgJ0X7
xJrBYx0DWBaFAOHhTKu+o6yhXTHmdSlidio2s+PHfB87
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:23:53 2024 by rpki-client on console-ams.rpki-client.org