Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/2e8abe-8e70-4715-91ae-963d13fd09bb/1/_W5uS4Q8nMXSVM2aRnSZRss6ddU.roa
File: _W5uS4Q8nMXSVM2aRnSZRss6ddU.roa (raw, json)
Hash identifier: wrBB6kHNgOjLdsWiWnVcvPC1HOBzJ27OwCWeelAaSQM=
Subject key identifier: FD:6E:6E:4B:84:3C:9C:C5:D2:54:CD:9A:46:74:99:46:CB:3A:75:D5
Certificate issuer: /CN=f141d664698b70ffb2a26f684b47deb6c8d59a53
Certificate serial: 01856DA66C5858D9691B5A9D0B2F52514E50
Authority key identifier: F1:41:D6:64:69:8B:70:FF:B2:A2:6F:68:4B:47:DE:B6:C8:D5:9A:53
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8UHWZGmLcP-yom9oS0fetsjVmlM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/2e8abe-8e70-4715-91ae-963d13fd09bb/1/_W5uS4Q8nMXSVM2aRnSZRss6ddU.roa
Signing time: Sun 01 Jan 2023 14:05:01 +0000
ROA not before: Sun 01 Jan 2023 14:05:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201336
IP address blocks: 109.71.249.0/24 maxlen: 24
109.71.248.0/24 maxlen: 24
109.71.248.0/22 maxlen: 22
109.71.251.0/24 maxlen: 24
109.71.250.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:a6:6c:58:58:d9:69:1b:5a:9d:0b:2f:52:51:4e:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f141d664698b70ffb2a26f684b47deb6c8d59a53
Validity
Not Before: Jan 1 14:05:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fd6e6e4b843c9cc5d254cd9a46749946cb3a75d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:19:86:d9:47:da:3b:de:48:28:99:b7:ea:6b:
a3:eb:f2:30:70:45:6f:12:47:21:28:ef:59:d5:d9:
64:e6:d0:28:a9:9a:98:8c:b0:9c:aa:f9:cf:49:de:
01:e8:fa:ec:01:3e:a7:d6:dc:da:df:e0:28:6d:87:
5a:22:b7:eb:0f:b0:b6:5d:d5:57:23:60:29:16:98:
25:04:34:3f:79:93:9e:c7:49:5c:f0:3a:11:fa:27:
12:01:9e:50:da:4c:50:a2:74:d1:a3:3e:df:10:ce:
17:26:f8:4f:65:28:cc:7f:d0:59:52:a8:55:a1:2c:
0e:ae:66:e4:cf:cc:69:1d:57:50:99:0e:31:e6:16:
d7:6b:72:3a:49:db:fa:b0:b1:11:92:2a:16:f7:f9:
7f:6c:b9:d0:9a:99:07:be:cb:6b:92:88:51:ad:ec:
88:ae:82:c0:f4:f8:ed:58:f6:48:a0:f4:77:94:1f:
fe:be:cf:67:96:0f:ce:90:36:9f:c9:50:1c:66:8f:
22:b4:b0:8b:69:ec:76:10:73:e6:0f:2f:85:f5:59:
8b:79:72:8b:7a:30:4e:0e:0d:b8:e1:4f:08:8f:31:
de:66:a6:dc:66:fa:54:d6:01:7c:2d:8a:9f:d3:10:
ad:1b:d1:c1:f0:c1:7d:63:18:56:b5:4b:d9:3f:1b:
f2:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:6E:6E:4B:84:3C:9C:C5:D2:54:CD:9A:46:74:99:46:CB:3A:75:D5
X509v3 Authority Key Identifier:
keyid:F1:41:D6:64:69:8B:70:FF:B2:A2:6F:68:4B:47:DE:B6:C8:D5:9A:53
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8UHWZGmLcP-yom9oS0fetsjVmlM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/2e8abe-8e70-4715-91ae-963d13fd09bb/1/_W5uS4Q8nMXSVM2aRnSZRss6ddU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/2e8abe-8e70-4715-91ae-963d13fd09bb/1/8UHWZGmLcP-yom9oS0fetsjVmlM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.71.248.0/22
Signature Algorithm: sha256WithRSAEncryption
5b:fa:c9:05:fd:e1:5a:34:07:3a:88:49:14:84:da:64:2c:d8:
5a:ed:bb:2a:eb:df:38:9a:fc:9f:f4:69:ac:90:b3:63:0e:09:
fd:93:58:4f:0b:c7:8e:bc:ca:c1:66:2a:ef:76:b2:00:36:06:
e7:dc:44:d9:38:f0:3e:92:98:55:9d:27:4b:6b:c5:3d:37:4d:
06:0d:99:50:f6:8b:a1:1f:77:03:8d:78:ab:41:6b:0e:d6:e2:
b6:64:83:65:7c:de:a1:c0:2e:96:55:c3:2b:e6:56:06:98:b2:
05:26:79:f2:82:03:21:03:d3:2c:ea:9c:1d:eb:52:dc:a3:5c:
a0:96:6d:6a:e5:05:df:b5:85:74:e6:c2:5e:1f:f4:fb:c7:fa:
c8:eb:a3:f8:c3:62:79:7b:97:6c:ac:68:a0:6f:42:55:87:d1:
37:38:de:8e:44:ac:cf:a0:c7:8e:8b:26:5d:62:14:1a:23:8f:
b9:b6:0f:7b:fc:cc:15:08:d6:46:12:42:21:9f:59:22:26:43:
20:40:6c:19:68:eb:93:c9:ce:62:29:2a:92:3b:b6:a9:c6:f2:
1c:c3:a9:6f:06:2f:3e:50:78:19:83:f8:9e:61:1a:43:e2:30:
16:9e:5b:f5:1e:32:e7:71:b3:79:0e:ee:6a:84:cc:ca:31:42:
3c:d9:e3:8f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtpmxYWNlpG1qdCy9SUU5QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxNDFkNjY0Njk4YjcwZmZiMmEyNmY2ODRiNDdkZWI2Yzhk
NTlhNTMwHhcNMjMwMTAxMTQwNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDZlNmU0Yjg0M2M5Y2M1ZDI1NGNkOWE0Njc0OTk0NmNiM2E3NWQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlxmG2UfaO95IKJm36muj6/IwcEVv
EkchKO9Z1dlk5tAoqZqYjLCcqvnPSd4B6PrsAT6n1tza3+AobYdaIrfrD7C2XdVX
I2ApFpglBDQ/eZOex0lc8DoR+icSAZ5Q2kxQonTRoz7fEM4XJvhPZSjMf9BZUqhV
oSwOrmbkz8xpHVdQmQ4x5hbXa3I6Sdv6sLERkioW9/l/bLnQmpkHvstrkohRreyI
roLA9PjtWPZIoPR3lB/+vs9nlg/OkDafyVAcZo8itLCLaex2EHPmDy+F9VmLeXKL
ejBODg244U8IjzHeZqbcZvpU1gF8LYqf0xCtG9HB8MF9YxhWtUvZPxvy3wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP1ubkuEPJzF0lTNmkZ0mUbLOnXVMB8GA1UdIwQY
MBaAFPFB1mRpi3D/sqJvaEtH3rbI1ZpTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFVIV1pHbUxjUC15b205b1MwZmV0c2pWbWxNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny8yZThhYmUtOGU3MC00NzE1LTkxYWUt
OTYzZDEzZmQwOWJiLzEvX1c1dVM0UThuTVhTVk0yYVJuU1pSc3M2ZGRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny8yZThhYmUtOGU3MC00NzE1LTkxYWUtOTYzZDEzZmQwOWJi
LzEvOFVIV1pHbUxjUC15b205b1MwZmV0c2pWbWxNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCbUf4MA0G
CSqGSIb3DQEBCwUAA4IBAQBb+skF/eFaNAc6iEkUhNpkLNha7bsq6984mvyf9Gms
kLNjDgn9k1hPC8eOvMrBZirvdrIANgbn3ETZOPA+kphVnSdLa8U9N00GDZlQ9ouh
H3cDjXirQWsO1uK2ZINlfN6hwC6WVcMr5lYGmLIFJnnyggMhA9Ms6pwd61Lco1yg
lm1q5QXftYV05sJeH/T7x/rI66P4w2J5e5dsrGigb0JVh9E3ON6ORKzPoMeOiyZd
YhQaI4+5tg97/MwVCNZGEkIhn1kiJkMgQGwZaOuTyc5iKSqSO7apxvIcw6lvBi8+
UHgZg/ieYRpD4jAWnlv1HjLncbN5Du5qhMzKMUI82eOP
-----END CERTIFICATE-----
Generated at Tue Jan 2 04:23:05 2024 by rpki-client on console-fra.rpki-client.org