Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/10a444-3e30-4421-b439-86e5a9ef862a/1/LQaJA8c_zUiik0P5U35PIeKn7Bg.roa
File: LQaJA8c_zUiik0P5U35PIeKn7Bg.roa (raw, json)
Hash identifier: QeIVU/mSQQuY6mPUBFEA4CkA/cmUqHNtgiv8dLIEgJw=
Subject key identifier: 2D:06:89:03:C7:3F:CD:48:A2:93:43:F9:53:7E:4F:21:E2:A7:EC:18
Certificate issuer: /CN=3841266f2c94ac422b96a68a7500bb82c1179191
Certificate serial: 0185708CC194C0B651D9499327609F0A0DB5
Authority key identifier: 38:41:26:6F:2C:94:AC:42:2B:96:A6:8A:75:00:BB:82:C1:17:91:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OEEmbyyUrEIrlqaKdQC7gsEXkZE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/10a444-3e30-4421-b439-86e5a9ef862a/1/LQaJA8c_zUiik0P5U35PIeKn7Bg.roa
Signing time: Mon 02 Jan 2023 03:35:50 +0000
ROA not before: Mon 02 Jan 2023 03:35:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50999
IP address blocks: 109.171.128.0/17 maxlen: 24
2a05:3280::/29 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:29:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:8c:c1:94:c0:b6:51:d9:49:93:27:60:9f:0a:0d:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3841266f2c94ac422b96a68a7500bb82c1179191
Validity
Not Before: Jan 2 03:35:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2d068903c73fcd48a29343f9537e4f21e2a7ec18
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:36:3a:cb:8d:fc:4d:2a:0d:54:97:2f:86:a1:
4a:1a:14:07:ec:2a:71:2d:a1:d6:93:4d:06:1a:af:
42:cb:86:af:43:3d:45:82:92:58:98:a8:4e:50:83:
12:c8:78:dd:14:8e:d8:4e:07:45:64:3d:46:9b:1b:
9f:f4:0e:03:c4:72:2f:ab:ef:c5:11:3f:6d:39:60:
fc:e8:61:ef:5a:05:7f:6e:28:ca:03:4a:7f:a6:01:
d7:d2:fb:c1:b2:a9:7c:93:44:19:c3:d1:b7:f4:24:
a4:38:0f:31:db:d6:5b:51:cc:0e:9f:4b:9e:42:c3:
ef:16:04:85:2a:45:12:0f:a4:fd:bd:b5:d8:e4:c7:
c9:fb:8f:9f:25:a4:b1:6f:c6:94:c0:cd:18:e6:cf:
06:3f:29:09:a7:91:d0:a3:37:9a:2f:d5:87:61:8e:
bf:02:c7:9a:90:19:aa:c2:23:95:04:c8:54:c9:cc:
d1:86:90:38:01:19:25:bc:b6:e6:53:9a:b4:5b:86:
90:09:26:55:93:12:e5:5c:20:03:81:d8:98:ff:04:
64:cc:5b:eb:78:32:9e:8d:f4:e2:e1:24:2c:2b:71:
7c:c4:e5:ff:7c:3d:5d:e5:69:da:4e:88:90:30:69:
3d:b8:30:41:9a:b6:e9:3e:8f:63:af:de:d7:24:d4:
25:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:06:89:03:C7:3F:CD:48:A2:93:43:F9:53:7E:4F:21:E2:A7:EC:18
X509v3 Authority Key Identifier:
keyid:38:41:26:6F:2C:94:AC:42:2B:96:A6:8A:75:00:BB:82:C1:17:91:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OEEmbyyUrEIrlqaKdQC7gsEXkZE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/10a444-3e30-4421-b439-86e5a9ef862a/1/LQaJA8c_zUiik0P5U35PIeKn7Bg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/10a444-3e30-4421-b439-86e5a9ef862a/1/OEEmbyyUrEIrlqaKdQC7gsEXkZE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.171.128.0/17
IPv6:
2a05:3280::/29
Signature Algorithm: sha256WithRSAEncryption
3d:23:d3:43:6d:71:23:41:99:0d:64:fd:ac:8f:5f:49:89:72:
b5:df:95:17:8b:ca:12:21:1b:55:2c:83:e6:af:b2:96:11:fb:
47:f7:fb:78:b4:3d:63:9c:12:40:87:a6:f9:fd:a5:c7:f3:77:
8e:4c:8e:90:de:42:d4:f3:49:35:82:c6:da:85:61:ad:ad:4f:
63:41:37:05:55:df:52:2d:8c:36:f4:6d:ee:dc:5e:c6:6f:40:
09:2d:39:8d:0d:a7:66:35:08:c8:6c:6e:ed:ad:f3:72:38:b4:
e8:de:00:17:d5:3d:64:9a:d5:98:a4:d0:9a:76:fa:75:ae:01:
3d:d8:3e:a3:6b:c6:ae:bc:06:97:38:6e:49:92:3c:22:53:cd:
27:a5:38:b8:6c:ab:80:81:c7:6b:17:dd:27:d5:d4:71:2e:5e:
f9:e5:85:0b:a7:d7:cc:ce:57:30:76:7a:26:2d:e7:2f:b3:86:
f2:10:78:ce:1d:8e:16:58:ff:bf:79:d8:d2:a3:45:22:51:4a:
8f:45:26:c0:bd:bc:22:23:fd:65:8b:d8:9e:c5:ef:d4:08:fc:
d7:bb:55:56:bb:98:a7:c0:c0:11:7e:84:77:52:6f:05:35:dd:
b3:56:c2:a5:d0:32:44:db:bd:ae:70:d7:7a:97:7d:79:f9:ac:
83:75:56:5c
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVwjMGUwLZR2UmTJ2CfCg21MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4NDEyNjZmMmM5NGFjNDIyYjk2YTY4YTc1MDBiYjgyYzEx
NzkxOTEwHhcNMjMwMTAyMDMzNTUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZDA2ODkwM2M3M2ZjZDQ4YTI5MzQzZjk1MzdlNGYyMWUyYTdlYzE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgTY6y438TSoNVJcvhqFKGhQH7Cpx
LaHWk00GGq9Cy4avQz1FgpJYmKhOUIMSyHjdFI7YTgdFZD1Gmxuf9A4DxHIvq+/F
ET9tOWD86GHvWgV/bijKA0p/pgHX0vvBsql8k0QZw9G39CSkOA8x29ZbUcwOn0ue
QsPvFgSFKkUSD6T9vbXY5MfJ+4+fJaSxb8aUwM0Y5s8GPykJp5HQozeaL9WHYY6/
AseakBmqwiOVBMhUyczRhpA4ARklvLbmU5q0W4aQCSZVkxLlXCADgdiY/wRkzFvr
eDKejfTi4SQsK3F8xOX/fD1d5WnaToiQMGk9uDBBmrbpPo9jr97XJNQlFwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFC0GiQPHP81IopND+VN+TyHip+wYMB8GA1UdIwQY
MBaAFDhBJm8slKxCK5aminUAu4LBF5GRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0VFbWJ5eVVyRUlybHFhS2RRQzdnc0VYa1pFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS8xMGE0NDQtM2UzMC00NDIxLWI0Mzkt
ODZlNWE5ZWY4NjJhLzEvTFFhSkE4Y196VWlpazBQNVUzNVBJZUtuN0JnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS8xMGE0NDQtM2UzMC00NDIxLWI0MzktODZlNWE5ZWY4NjJh
LzEvT0VFbWJ5eVVyRUlybHFhS2RRQzdnc0VYa1pFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQHbauAMA0E
AgACMAcDBQMqBTKAMA0GCSqGSIb3DQEBCwUAA4IBAQA9I9NDbXEjQZkNZP2sj19J
iXK135UXi8oSIRtVLIPmr7KWEftH9/t4tD1jnBJAh6b5/aXH83eOTI6Q3kLU80k1
gsbahWGtrU9jQTcFVd9SLYw29G3u3F7Gb0AJLTmNDadmNQjIbG7trfNyOLTo3gAX
1T1kmtWYpNCadvp1rgE92D6ja8auvAaXOG5JkjwiU80npTi4bKuAgcdrF90n1dRx
Ll755YULp9fMzlcwdnomLecvs4byEHjOHY4WWP+/edjSo0UiUUqPRSbAvbwiI/1l
i9iexe/UCPzXu1VWu5inwMARfoR3Um8FNd2zVsKl0DJE272ucNd6l315+ayDdVZc
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:32 2024 by rpki-client on console-fra.rpki-client.org