Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/EKSjcJ0vsHZ2A2fpKi2bftoZpFs.roa
File: EKSjcJ0vsHZ2A2fpKi2bftoZpFs.roa (raw, json)
Hash identifier: yFUjM636sVCh/4Bumjj0BDLoVG3CGPAuZT7kt0ZNkz0=
Subject key identifier: 10:A4:A3:70:9D:2F:B0:76:76:03:67:E9:2A:2D:9B:7E:DA:19:A4:5B
Certificate issuer: /CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
Certificate serial: 018F8167F3D539DDB02A42E7BF156EF500EB
Authority key identifier: 44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/EKSjcJ0vsHZ2A2fpKi2bftoZpFs.roa
Signing time: Thu 16 May 2024 12:37:04 +0000
ROA not before: Thu 16 May 2024 12:37:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9123
IP address blocks: 109.172.80.0/24 maxlen: 24
109.172.81.0/24 maxlen: 24
109.172.82.0/24 maxlen: 24
109.172.83.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 17 May 2024 07:45:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:81:67:f3:d5:39:dd:b0:2a:42:e7:bf:15:6e:f5:00:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
Validity
Not Before: May 16 12:37:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=10a4a3709d2fb076760367e92a2d9b7eda19a45b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:ce:37:32:65:f5:99:e4:bd:83:c6:3b:79:fb:
60:b7:03:29:c2:c0:93:46:4d:0f:85:c2:27:b8:46:
dc:db:d7:37:83:86:d1:ab:cf:2d:84:ba:82:10:29:
fd:17:b7:90:96:25:93:ab:26:72:0c:4c:52:c6:0c:
73:75:3f:5b:61:60:8f:fb:46:8f:0d:f6:ad:d4:a3:
fa:8d:01:0b:db:15:9d:7b:95:31:44:e2:12:18:87:
e3:ae:16:59:65:65:58:2c:c3:9c:86:37:26:e3:3a:
0f:64:9e:fb:d2:69:75:a0:be:61:bb:65:64:87:d8:
07:51:dd:8d:bc:2b:6a:73:d0:5b:18:b9:cd:ca:41:
b0:68:35:0f:68:4b:d3:ea:be:10:68:69:d2:ad:09:
41:d3:43:e6:a3:7b:62:47:7f:9e:97:fe:32:89:01:
12:d1:ea:7d:fd:6e:b5:bd:4e:89:33:86:0a:e4:1b:
c7:46:92:38:01:a6:a0:ee:5f:56:51:21:f7:db:56:
2d:cf:dd:23:e0:82:65:04:1c:58:ff:7d:e8:24:11:
31:4e:dd:1c:91:ef:99:a8:fb:74:0a:ae:f1:55:6f:
ab:ef:ee:d4:7a:a2:16:5f:1c:c8:57:8f:73:22:c1:
09:85:79:dd:5c:d8:4e:2e:2c:46:46:97:fb:9b:4f:
02:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:A4:A3:70:9D:2F:B0:76:76:03:67:E9:2A:2D:9B:7E:DA:19:A4:5B
X509v3 Authority Key Identifier:
keyid:44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/EKSjcJ0vsHZ2A2fpKi2bftoZpFs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/RFnsKl_VOQnFI59MyNbTKaJ3m7E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.172.80.0/22
Signature Algorithm: sha256WithRSAEncryption
ac:3b:98:7e:e4:8b:b8:e5:67:b1:fc:33:2c:9e:9d:73:82:8f:
aa:f9:ac:32:69:84:df:66:f8:26:1c:91:8c:36:22:42:e5:2c:
25:60:c0:46:27:be:9e:b3:9c:e0:7c:97:2a:b1:f5:0d:44:e7:
fb:55:1f:c6:de:ac:0d:bc:78:c0:7f:23:a1:b3:78:b5:6c:60:
37:05:31:35:0a:18:50:46:f5:63:cb:0b:84:36:c7:be:3b:5a:
ce:52:d2:d0:20:b4:91:1e:0b:5c:7f:2f:4f:9b:71:a7:12:40:
7a:2b:ab:fb:a9:43:f1:28:da:e0:36:da:94:a7:23:c0:99:90:
ee:66:f8:92:79:c3:61:91:20:a6:79:f6:9a:d0:c8:68:88:22:
ff:24:8e:67:b9:06:e6:74:0b:44:12:7f:79:74:03:a7:21:8f:
51:b7:bf:8d:53:11:fb:b4:98:5b:b6:cf:33:e0:23:ee:3e:68:
00:80:77:c4:21:35:26:70:15:51:b0:e5:d7:73:72:82:34:8b:
cb:dc:2a:14:97:25:07:cd:21:41:57:65:cb:0a:6a:26:64:27:
2a:4e:6a:3d:1c:64:8f:c6:25:4f:ce:a7:9c:a6:80:d5:67:1a:
fd:d4:05:1c:06:11:ba:00:a1:00:45:23:23:29:33:3d:b4:82:
e5:d2:b9:71
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY+BZ/PVOd2wKkLnvxVu9QDrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0NTllYzJhNWZkNTM5MDljNTIzOWY0Y2M4ZDZkMzI5YTI3
NzliYjEwHhcNMjQwNTE2MTIzNzA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMGE0YTM3MDlkMmZiMDc2NzYwMzY3ZTkyYTJkOWI3ZWRhMTlhNDViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAss43MmX1meS9g8Y7eftgtwMpwsCT
Rk0PhcInuEbc29c3g4bRq88thLqCECn9F7eQliWTqyZyDExSxgxzdT9bYWCP+0aP
Dfat1KP6jQEL2xWde5UxROISGIfjrhZZZWVYLMOchjcm4zoPZJ770ml1oL5hu2Vk
h9gHUd2NvCtqc9BbGLnNykGwaDUPaEvT6r4QaGnSrQlB00Pmo3tiR3+el/4yiQES
0ep9/W61vU6JM4YK5BvHRpI4Aaag7l9WUSH321Ytz90j4IJlBBxY/33oJBExTt0c
ke+ZqPt0Cq7xVW+r7+7UeqIWXxzIV49zIsEJhXndXNhOLixGRpf7m08CKwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBCko3CdL7B2dgNn6Sotm37aGaRbMB8GA1UdIwQY
MBaAFERZ7Cpf1TkJxSOfTMjW0ymid5uxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTkt
NmI0MzcyNjAyMDk2LzEvRUtTamNKMHZzSFoyQTJmcEtpMmJmdG9acEZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTktNmI0MzcyNjAyMDk2
LzEvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCbaxQMA0G
CSqGSIb3DQEBCwUAA4IBAQCsO5h+5Iu45Wex/DMsnp1zgo+q+awyaYTfZvgmHJGM
NiJC5SwlYMBGJ76es5zgfJcqsfUNROf7VR/G3qwNvHjAfyOhs3i1bGA3BTE1ChhQ
RvVjywuENse+O1rOUtLQILSRHgtcfy9Pm3GnEkB6K6v7qUPxKNrgNtqUpyPAmZDu
ZviSecNhkSCmefaa0MhoiCL/JI5nuQbmdAtEEn95dAOnIY9Rt7+NUxH7tJhbts8z
4CPuPmgAgHfEITUmcBVRsOXXc3KCNIvL3CoUlyUHzSFBV2XLCmomZCcqTmo9HGSP
xiVPzqecpoDVZxr91AUcBhG6AKEARSMjKTM9tILl0rlx
-----END CERTIFICATE-----
Generated at Fri May 17 10:15:52 2024 by rpki-client on console-ams.rpki-client.org