Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/900444-dd40-4a04-a616-dc1ff6746d2e/1/iZk1sYztEWP_FkdjmbM-BgZrEF4.roa
File: iZk1sYztEWP_FkdjmbM-BgZrEF4.roa (raw, json)
Hash identifier: 51g2L8uATHWw/hjknkcoGvYUwYkztDiFQkYYHXARpxY=
Subject key identifier: 89:99:35:B1:8C:ED:11:63:FF:16:47:63:99:B3:3E:06:06:6B:10:5E
Certificate issuer: /CN=896ed6e4b5c7c19db98c57432af4dcf630bf60ae
Certificate serial: 018FECA0BB76F4DC5374BA7FAD68519E359B
Authority key identifier: 89:6E:D6:E4:B5:C7:C1:9D:B9:8C:57:43:2A:F4:DC:F6:30:BF:60:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iW7W5LXHwZ25jFdDKvTc9jC_YK4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/900444-dd40-4a04-a616-dc1ff6746d2e/1/iZk1sYztEWP_FkdjmbM-BgZrEF4.roa
Signing time: Thu 06 Jun 2024 08:18:27 +0000
ROA not before: Thu 06 Jun 2024 08:18:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199739
IP address blocks: 109.224.32.0/24 maxlen: 24
109.224.44.0/24 maxlen: 24
109.224.45.0/24 maxlen: 24
109.224.46.0/24 maxlen: 24
109.224.47.0/24 maxlen: 24
185.141.9.0/24 maxlen: 24
185.141.10.0/24 maxlen: 24
185.141.11.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 10 Oct 2024 09:09:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:ec:a0:bb:76:f4:dc:53:74:ba:7f:ad:68:51:9e:35:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=896ed6e4b5c7c19db98c57432af4dcf630bf60ae
Validity
Not Before: Jun 6 08:18:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=899935b18ced1163ff16476399b33e06066b105e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:ed:4c:16:47:54:ea:9f:45:59:97:a8:e6:39:
16:6e:82:20:59:bb:0b:e5:81:cf:d8:01:da:bc:88:
6b:4e:c1:cb:50:2b:7c:a3:8d:51:a7:ba:24:bd:e6:
85:7c:29:85:63:cf:74:59:6e:fb:76:4c:7d:ce:00:
71:e2:30:be:c4:95:ff:1d:c5:c9:fc:1a:22:5a:c2:
d1:ed:d4:ac:57:a6:fd:30:a6:c8:5d:49:a4:73:1b:
dd:f5:59:45:39:87:99:fc:54:6e:03:8c:45:3c:01:
e8:87:4a:05:f3:3a:85:d2:a5:1f:b2:fa:a2:02:19:
6c:2d:fb:94:2a:d3:ce:9b:9c:0d:a3:a0:30:6b:3e:
68:90:28:c3:3f:57:55:c6:34:86:ab:e0:0a:68:84:
51:8a:11:8e:36:b5:23:f4:24:d6:69:15:80:fc:98:
59:42:ec:7c:40:7e:9d:6e:f6:83:0b:c1:bc:fa:85:
16:55:00:a8:3e:f8:0f:c4:91:f3:bf:a3:f1:be:79:
34:73:b0:37:72:dc:b3:4a:fb:a9:0a:15:28:a3:2f:
04:1b:06:8b:8e:ba:9d:5f:d9:80:df:d3:74:b7:9c:
8e:06:b3:c3:da:48:9e:c5:5e:cc:35:73:03:7b:db:
7b:58:d5:c7:41:38:8b:ae:42:e8:45:33:bc:5b:8f:
1d:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:99:35:B1:8C:ED:11:63:FF:16:47:63:99:B3:3E:06:06:6B:10:5E
X509v3 Authority Key Identifier:
keyid:89:6E:D6:E4:B5:C7:C1:9D:B9:8C:57:43:2A:F4:DC:F6:30:BF:60:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iW7W5LXHwZ25jFdDKvTc9jC_YK4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/900444-dd40-4a04-a616-dc1ff6746d2e/1/iZk1sYztEWP_FkdjmbM-BgZrEF4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/900444-dd40-4a04-a616-dc1ff6746d2e/1/iW7W5LXHwZ25jFdDKvTc9jC_YK4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.224.32.0/24
109.224.44.0/22
185.141.9.0-185.141.11.255
Signature Algorithm: sha256WithRSAEncryption
1f:0a:16:f0:9d:34:98:25:46:0d:bc:5a:6a:16:c7:86:8c:23:
7b:5e:93:f7:e6:b4:c5:f9:84:50:3e:0b:43:77:e3:c1:ed:a0:
88:ea:b6:43:bc:e7:bf:62:d9:da:8b:51:97:f7:a9:9a:e8:0e:
45:28:41:f6:83:46:b9:ed:19:87:87:94:37:03:85:c7:b2:52:
93:2a:8e:85:e2:08:84:f6:59:f3:b8:bd:1f:26:43:5a:bc:8b:
9c:ba:68:fe:97:99:75:4b:b4:16:a9:a2:53:86:e1:35:64:54:
87:36:25:13:e1:92:aa:75:28:a0:c1:ca:28:12:ff:b4:ee:b6:
7a:d6:4a:77:2f:89:fc:ff:7b:44:3f:3d:a3:23:a2:95:34:3a:
ea:57:5b:fc:16:db:5d:f4:d8:2c:d1:60:be:af:01:cb:d4:85:
e5:4f:52:3e:57:1e:3f:dc:88:66:40:8a:43:35:25:b4:7f:64:
70:fd:27:a6:df:97:0e:55:3e:a7:44:96:9c:39:bb:0f:a8:00:
dc:0b:3a:86:b7:12:25:e2:28:2f:5e:a3:6b:de:2c:1c:54:e7:
12:1a:d6:bf:b2:da:0d:fb:45:4b:3f:98:c3:35:c8:10:bc:90:
ad:6f:fe:59:cc:28:d1:17:30:f3:56:f8:56:db:82:63:cb:24:
eb:e4:ff:00
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAY/soLt29NxTdLp/rWhRnjWbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5NmVkNmU0YjVjN2MxOWRiOThjNTc0MzJhZjRkY2Y2MzBi
ZjYwYWUwHhcNMjQwNjA2MDgxODI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTk5MzViMThjZWQxMTYzZmYxNjQ3NjM5OWIzM2UwNjA2NmIxMDVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0O1MFkdU6p9FWZeo5jkWboIgWbsL
5YHP2AHavIhrTsHLUCt8o41Rp7okveaFfCmFY890WW77dkx9zgBx4jC+xJX/HcXJ
/BoiWsLR7dSsV6b9MKbIXUmkcxvd9VlFOYeZ/FRuA4xFPAHoh0oF8zqF0qUfsvqi
AhlsLfuUKtPOm5wNo6Awaz5okCjDP1dVxjSGq+AKaIRRihGONrUj9CTWaRWA/JhZ
Qux8QH6dbvaDC8G8+oUWVQCoPvgPxJHzv6Pxvnk0c7A3ctyzSvupChUooy8EGwaL
jrqdX9mA39N0t5yOBrPD2kiexV7MNXMDe9t7WNXHQTiLrkLoRTO8W48dCQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFImZNbGM7RFj/xZHY5mzPgYGaxBeMB8GA1UdIwQY
MBaAFIlu1uS1x8GduYxXQyr03PYwv2CuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVc3VzVMWEh3WjI1akZkREt2VGM5akNfWUs0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC85MDA0NDQtZGQ0MC00YTA0LWE2MTYt
ZGMxZmY2NzQ2ZDJlLzEvaVprMXNZenRFV1BfRmtkam1iTS1CZ1pyRUY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC85MDA0NDQtZGQ0MC00YTA0LWE2MTYtZGMxZmY2NzQ2ZDJl
LzEvaVc3VzVMWEh3WjI1akZkREt2VGM5akNfWUs0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAbeAgAwQC
beAsMAwDBAC5jQkDBAK5jQgwDQYJKoZIhvcNAQELBQADggEBAB8KFvCdNJglRg28
WmoWx4aMI3tek/fmtMX5hFA+C0N348HtoIjqtkO8579i2dqLUZf3qZroDkUoQfaD
RrntGYeHlDcDhceyUpMqjoXiCIT2WfO4vR8mQ1q8i5y6aP6XmXVLtBapolOG4TVk
VIc2JRPhkqp1KKDByigS/7TutnrWSncvifz/e0Q/PaMjopU0OupXW/wW21302CzR
YL6vAcvUheVPUj5XHj/ciGZAikM1JbR/ZHD9J6bflw5VPqdElpw5uw+oANwLOoa3
EiXiKC9eo2veLBxU5xIa1r+y2g37RUs/mMM1yBC8kK1v/lnMKNEXMPNW+FbbgmPL
JOvk/wA=
-----END CERTIFICATE-----
Generated at Thu Oct 10 12:45:06 2024 by rpki-client on console-fra.rpki-client.org