Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/46e400-87fa-49e9-9198-65b86a035a08/1/9QHoPPf6l6ZHAz4HtSsSby2hZh8.roa
File: 9QHoPPf6l6ZHAz4HtSsSby2hZh8.roa (raw, json)
Hash identifier: ihqHLjtJG3Hnx+YQzPZGf1pGHVxvpLzXEZ6zeQfWxdQ=
Subject key identifier: F5:01:E8:3C:F7:FA:97:A6:47:03:3E:07:B5:2B:12:6F:2D:A1:66:1F
Certificate issuer: /CN=0fc4f70a92d46ac02c8dfe7f975be48abd62e7a4
Certificate serial: 01856D93FD5513C494D356541073F2FE03AB
Authority key identifier: 0F:C4:F7:0A:92:D4:6A:C0:2C:8D:FE:7F:97:5B:E4:8A:BD:62:E7:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D8T3CpLUasAsjf5_l1vkir1i56Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/46e400-87fa-49e9-9198-65b86a035a08/1/9QHoPPf6l6ZHAz4HtSsSby2hZh8.roa
Signing time: Sun 01 Jan 2023 13:44:53 +0000
ROA not before: Sun 01 Jan 2023 13:44:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 196865
IP address blocks: 178.19.160.0/21 maxlen: 21
178.19.168.0/22 maxlen: 22
185.142.168.0/22 maxlen: 22
185.75.108.0/22 maxlen: 22
109.232.136.0/21 maxlen: 21
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:93:fd:55:13:c4:94:d3:56:54:10:73:f2:fe:03:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0fc4f70a92d46ac02c8dfe7f975be48abd62e7a4
Validity
Not Before: Jan 1 13:44:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f501e83cf7fa97a647033e07b52b126f2da1661f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:a8:2b:39:74:6e:17:cb:ba:51:1c:39:aa:93:
97:97:01:12:5f:02:4a:17:81:03:e9:8a:54:08:5a:
ef:b6:dd:b7:9e:18:0c:27:4b:45:c2:e2:9f:55:a8:
15:75:f4:5a:38:b2:ca:8f:ab:08:f8:5f:c2:f2:ca:
e8:0c:75:30:21:0e:6f:2b:ce:7f:39:46:24:2a:3c:
dd:9d:e8:de:c0:40:2c:47:12:2d:74:4c:d8:ae:43:
f8:6c:8d:0b:6f:5e:9d:b5:5c:5b:2c:67:7c:fb:13:
b0:bd:cb:06:41:0b:45:d2:bd:f3:c7:81:dd:27:d3:
90:22:a0:3e:67:36:94:22:a2:49:71:a0:75:1e:fa:
bb:87:c2:59:ca:ae:cc:8e:2b:a4:ec:24:0e:27:d3:
15:33:6e:37:a3:93:35:8c:c6:e3:a0:f0:64:55:70:
6c:3c:b1:32:db:1a:09:2e:15:9f:cc:f3:e4:b3:73:
82:12:de:db:50:f8:a8:33:68:2f:d5:79:19:40:68:
dc:73:70:d0:3b:46:4a:91:3e:3a:08:5c:35:f4:57:
06:b4:aa:ed:fc:46:2c:35:fb:96:bd:cf:8f:f6:db:
b8:ef:e2:94:ba:74:f9:53:38:f2:1f:11:b7:e5:d3:
3b:21:d5:a6:ce:9f:5b:1f:ba:79:a4:68:8a:c9:60:
f9:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:01:E8:3C:F7:FA:97:A6:47:03:3E:07:B5:2B:12:6F:2D:A1:66:1F
X509v3 Authority Key Identifier:
keyid:0F:C4:F7:0A:92:D4:6A:C0:2C:8D:FE:7F:97:5B:E4:8A:BD:62:E7:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D8T3CpLUasAsjf5_l1vkir1i56Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/46e400-87fa-49e9-9198-65b86a035a08/1/9QHoPPf6l6ZHAz4HtSsSby2hZh8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/46e400-87fa-49e9-9198-65b86a035a08/1/D8T3CpLUasAsjf5_l1vkir1i56Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.232.136.0/21
178.19.160.0-178.19.171.255
185.75.108.0/22
185.142.168.0/22
Signature Algorithm: sha256WithRSAEncryption
29:a5:a4:21:5b:e7:49:9a:d1:de:79:a8:16:a3:94:03:47:85:
00:b3:af:22:33:f0:d3:f5:30:b6:1e:07:65:d9:cc:df:f9:3e:
d6:07:96:11:f7:2e:bb:fc:80:65:0b:9c:84:88:e2:c5:14:03:
33:4a:3d:b3:75:75:38:46:59:cb:be:43:c5:02:bc:61:e4:08:
f5:bf:a6:ae:f3:88:30:bb:e6:33:88:ce:88:5c:e8:ae:c1:35:
d8:6f:ed:30:fc:2c:36:19:94:b8:9d:cc:24:28:53:fa:af:5a:
ee:db:29:c5:1a:40:cf:bf:52:c9:a4:f0:6f:21:71:1a:fb:fe:
3d:10:ea:a6:18:94:06:6d:28:0c:11:8c:a8:75:64:e1:ad:83:
f5:91:cc:9c:f4:64:04:31:52:88:aa:7b:18:64:40:c9:01:3a:
ff:9b:13:41:60:3f:02:b8:9c:a5:9c:f5:32:0c:df:92:b5:7f:
2c:dc:cf:96:ce:2f:3d:f8:bb:2d:ec:ad:e1:97:37:53:49:a9:
bf:16:84:ab:4a:a4:f0:6a:b0:52:3f:1f:f7:82:6c:22:f2:ee:
2b:a5:cd:93:f9:54:f7:0e:11:63:ea:0a:ca:bb:07:24:03:da:
a8:79:f3:96:01:d3:0e:3a:97:97:7a:44:eb:7d:7b:b3:a6:17:
df:0d:7f:e2
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYVtk/1VE8SU01ZUEHPy/gOrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmYzRmNzBhOTJkNDZhYzAyYzhkZmU3Zjk3NWJlNDhhYmQ2
MmU3YTQwHhcNMjMwMTAxMTM0NDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTAxZTgzY2Y3ZmE5N2E2NDcwMzNlMDdiNTJiMTI2ZjJkYTE2NjFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp6grOXRuF8u6URw5qpOXlwESXwJK
F4ED6YpUCFrvtt23nhgMJ0tFwuKfVagVdfRaOLLKj6sI+F/C8sroDHUwIQ5vK85/
OUYkKjzdnejewEAsRxItdEzYrkP4bI0Lb16dtVxbLGd8+xOwvcsGQQtF0r3zx4Hd
J9OQIqA+ZzaUIqJJcaB1Hvq7h8JZyq7Mjiuk7CQOJ9MVM243o5M1jMbjoPBkVXBs
PLEy2xoJLhWfzPPks3OCEt7bUPioM2gv1XkZQGjcc3DQO0ZKkT46CFw19FcGtKrt
/EYsNfuWvc+P9tu47+KUunT5UzjyHxG35dM7IdWmzp9bH7p5pGiKyWD5ewIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFPUB6Dz3+pemRwM+B7UrEm8toWYfMB8GA1UdIwQY
MBaAFA/E9wqS1GrALI3+f5db5Iq9YuekMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRDhUM0NwTFVhc0FzamY1X2wxdmtpcjFpNTZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS80NmU0MDAtODdmYS00OWU5LTkxOTgt
NjViODZhMDM1YTA4LzEvOVFIb1BQZjZsNlpIQXo0SHRTc1NieTJoWmg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS80NmU0MDAtODdmYS00OWU5LTkxOTgtNjViODZhMDM1YTA4
LzEvRDhUM0NwTFVhc0FzamY1X2wxdmtpcjFpNTZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQDbeiIMAwD
BAWyE6ADBAKyE6gDBAK5S2wDBAK5jqgwDQYJKoZIhvcNAQELBQADggEBACmlpCFb
50ma0d55qBajlANHhQCzryIz8NP1MLYeB2XZzN/5PtYHlhH3Lrv8gGULnISI4sUU
AzNKPbN1dThGWcu+Q8UCvGHkCPW/pq7ziDC75jOIzohc6K7BNdhv7TD8LDYZlLid
zCQoU/qvWu7bKcUaQM+/Usmk8G8hcRr7/j0Q6qYYlAZtKAwRjKh1ZOGtg/WRzJz0
ZAQxUoiqexhkQMkBOv+bE0FgPwK4nKWc9TIM35K1fyzcz5bOLz34uy3sreGXN1NJ
qb8WhKtKpPBqsFI/H/eCbCLy7iulzZP5VPcOEWPqCsq7ByQD2qh585YB0w46l5d6
ROt9e7OmF98Nf+I=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:26:22 2024 by rpki-client on console-ams.rpki-client.org