Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/ef9f0d-d840-4371-adc4-75840661eaf5/1/boD9j7ccl0lQuzkzGFsxR4Q_5n8.roa
File: boD9j7ccl0lQuzkzGFsxR4Q_5n8.roa (raw, json)
Hash identifier: Ha/JtpWdQr9HywyWEq15aFve57J1aEYmmhdKOuKOCEU=
Subject key identifier: 6E:80:FD:8F:B7:1C:97:49:50:BB:39:33:18:5B:31:47:84:3F:E6:7F
Certificate issuer: /CN=2347aaab2206c08128f543730064a145a3effa14
Certificate serial: 018D87F7BA9EB91009A6A96D618F6F3CD840
Authority key identifier: 23:47:AA:AB:22:06:C0:81:28:F5:43:73:00:64:A1:45:A3:EF:FA:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I0eqqyIGwIEo9UNzAGShRaPv-hQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/ef9f0d-d840-4371-adc4-75840661eaf5/1/boD9j7ccl0lQuzkzGFsxR4Q_5n8.roa
Signing time: Thu 08 Feb 2024 09:06:15 +0000
ROA not before: Thu 08 Feb 2024 09:06:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 33885
IP address blocks: 109.104.0.0/19 maxlen: 19
185.86.100.0/22 maxlen: 22
2a01:3b8:4000::/35 maxlen: 35
Validation: Failed, certificate revoked on Fri 09 Feb 2024 07:49:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:87:f7:ba:9e:b9:10:09:a6:a9:6d:61:8f:6f:3c:d8:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2347aaab2206c08128f543730064a145a3effa14
Validity
Not Before: Feb 8 09:06:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6e80fd8fb71c974950bb3933185b3147843fe67f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:2f:be:2b:b9:e1:36:38:f0:35:dc:6e:b7:50:
35:e0:9e:a1:d5:79:fb:81:0c:67:e3:59:18:19:51:
6a:46:0e:89:13:12:97:5b:b4:28:5a:a5:38:06:07:
0b:71:4f:79:f7:73:1b:19:d2:95:16:be:5b:2e:e3:
69:bf:55:f7:e4:ef:d8:fd:b5:58:d7:8c:a5:3e:48:
78:17:0f:5c:87:25:ad:c5:cb:15:04:fb:be:92:f2:
6e:69:4e:22:97:ca:82:40:97:0b:b7:06:43:4c:9d:
58:5b:5e:50:6f:af:d1:2b:e8:52:26:49:4a:b9:6f:
ed:81:80:64:08:87:bf:86:db:86:39:6a:8b:d5:93:
99:49:bd:77:9c:c1:a0:0c:2a:7b:95:30:70:c3:08:
36:9b:aa:fb:d1:77:ab:42:0b:c5:3f:ae:3f:95:e9:
c4:6c:0f:81:4c:5f:32:67:b0:0e:2b:a4:7a:37:ec:
6c:10:a6:cd:eb:cb:9e:6e:54:cf:a6:e8:52:b8:ca:
29:d0:e1:d7:ae:ca:6d:9a:9d:aa:18:25:bb:92:c1:
82:0c:cd:77:30:a4:a2:4f:43:32:7e:78:82:90:bf:
96:75:a4:95:9b:fa:60:1f:4b:51:9d:85:1b:a1:c9:
52:3e:05:b6:9b:2d:92:7b:f4:ed:61:64:86:a5:fa:
18:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:80:FD:8F:B7:1C:97:49:50:BB:39:33:18:5B:31:47:84:3F:E6:7F
X509v3 Authority Key Identifier:
keyid:23:47:AA:AB:22:06:C0:81:28:F5:43:73:00:64:A1:45:A3:EF:FA:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I0eqqyIGwIEo9UNzAGShRaPv-hQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/ef9f0d-d840-4371-adc4-75840661eaf5/1/boD9j7ccl0lQuzkzGFsxR4Q_5n8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/ef9f0d-d840-4371-adc4-75840661eaf5/1/I0eqqyIGwIEo9UNzAGShRaPv-hQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.104.0.0/19
185.86.100.0/22
IPv6:
2a01:3b8:4000::/35
Signature Algorithm: sha256WithRSAEncryption
62:92:47:39:25:f2:04:07:e2:7b:b2:70:4d:ac:da:47:8f:1b:
df:3d:74:e5:f8:0b:70:72:bf:23:fd:85:78:d0:1c:22:61:16:
a0:36:d7:6e:49:a7:c2:33:10:2a:c0:06:1a:cd:67:7e:33:66:
e8:b9:5e:3b:5d:e8:e4:22:89:84:62:52:68:62:80:31:b3:dc:
58:2c:1c:96:88:73:b9:06:37:86:20:e6:ea:9e:c6:2e:82:5e:
bb:e5:de:5a:3e:93:bd:6f:01:2d:35:9f:66:d7:a3:de:5e:a8:
17:b2:38:ea:45:3e:93:f4:82:20:90:03:4b:66:91:9f:66:25:
7e:07:7e:48:77:d1:ea:c7:29:d1:4d:0c:b9:b6:73:64:17:57:
20:eb:59:93:f8:90:ee:37:1f:f8:df:61:db:48:eb:25:c3:b7:
6b:da:a0:5e:5b:33:18:3f:3d:ee:fe:97:b5:0a:c0:07:8f:38:
6c:52:ee:17:8c:0d:ed:04:40:3c:a0:60:07:bb:9d:01:83:05:
28:12:11:72:8f:ac:3f:5d:ca:a5:62:9e:1b:0a:2b:1f:c6:37:
5a:a1:c6:c7:08:05:14:3f:e0:91:03:68:dd:65:cf:06:00:82:
58:38:98:8f:1a:ae:45:aa:bd:81:03:62:fe:0d:3b:0e:d1:ae:
ae:79:b1:c7
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAY2H97qeuRAJpqltYY9vPNhAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzNDdhYWFiMjIwNmMwODEyOGY1NDM3MzAwNjRhMTQ1YTNl
ZmZhMTQwHhcNMjQwMjA4MDkwNjE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTgwZmQ4ZmI3MWM5NzQ5NTBiYjM5MzMxODViMzE0Nzg0M2ZlNjdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkC++K7nhNjjwNdxut1A14J6h1Xn7
gQxn41kYGVFqRg6JExKXW7QoWqU4BgcLcU9593MbGdKVFr5bLuNpv1X35O/Y/bVY
14ylPkh4Fw9chyWtxcsVBPu+kvJuaU4il8qCQJcLtwZDTJ1YW15Qb6/RK+hSJklK
uW/tgYBkCIe/htuGOWqL1ZOZSb13nMGgDCp7lTBwwwg2m6r70XerQgvFP64/lenE
bA+BTF8yZ7AOK6R6N+xsEKbN68ueblTPpuhSuMop0OHXrsptmp2qGCW7ksGCDM13
MKSiT0MyfniCkL+WdaSVm/pgH0tRnYUboclSPgW2my2Se/TtYWSGpfoYzwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFG6A/Y+3HJdJULs5MxhbMUeEP+Z/MB8GA1UdIwQY
MBaAFCNHqqsiBsCBKPVDcwBkoUWj7/oUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTBlcXF5SUd3SUVvOVVOekFHU2hSYVB2LWhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC9lZjlmMGQtZDg0MC00MzcxLWFkYzQt
NzU4NDA2NjFlYWY1LzEvYm9EOWo3Y2NsMGxRdXprekdGc3hSNFFfNW44LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC9lZjlmMGQtZDg0MC00MzcxLWFkYzQtNzU4NDA2NjFlYWY1
LzEvSTBlcXF5SUd3SUVvOVVOekFHU2hSYVB2LWhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDASBAIAATAMAwQFbWgAAwQC
uVZkMA4EAgACMAgDBgUqAQO4QDANBgkqhkiG9w0BAQsFAAOCAQEAYpJHOSXyBAfi
e7JwTazaR48b3z105fgLcHK/I/2FeNAcImEWoDbXbkmnwjMQKsAGGs1nfjNm6Lle
O13o5CKJhGJSaGKAMbPcWCwclohzuQY3hiDm6p7GLoJeu+XeWj6TvW8BLTWfZtej
3l6oF7I46kU+k/SCIJADS2aRn2Ylfgd+SHfR6scp0U0MubZzZBdXIOtZk/iQ7jcf
+N9h20jrJcO3a9qgXlszGD897v6XtQrAB484bFLuF4wN7QRAPKBgB7udAYMFKBIR
co+sP13KpWKeGworH8Y3WqHGxwgFFD/gkQNo3WXPBgCCWDiYjxquRaq9gQNi/g07
DtGurnmxxw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:23:54 2024 by rpki-client on console-ams.rpki-client.org