Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/572a98-3bb7-4276-9d39-dff5a09a82cb/1/1tJsasuzTho6PSyDsT3Eaq7mtTE.roa
File: 1tJsasuzTho6PSyDsT3Eaq7mtTE.roa (raw, json)
Hash identifier: 8jyvxwJHciQfgfVTTub9cohby+i/gv082Ru1eXjRMZ0=
Subject key identifier: D6:D2:6C:6A:CB:B3:4E:1A:3A:3D:2C:83:B1:3D:C4:6A:AE:E6:B5:31
Certificate issuer: /CN=2d698baf9ff3eeebe66284889fbf689d4e683c81
Certificate serial: 018A73F3876979D5F46557BD48F8C83DDC23
Authority key identifier: 2D:69:8B:AF:9F:F3:EE:EB:E6:62:84:88:9F:BF:68:9D:4E:68:3C:81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LWmLr5_z7uvmYoSIn79onU5oPIE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/572a98-3bb7-4276-9d39-dff5a09a82cb/1/1tJsasuzTho6PSyDsT3Eaq7mtTE.roa
Signing time: Fri 08 Sep 2023 08:40:54 +0000
ROA not before: Fri 08 Sep 2023 08:40:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3209
IP address blocks: 109.40.0.0/14 maxlen: 24
Validation: Failed, certificate revoked on Mon 11 Sep 2023 08:32:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:73:f3:87:69:79:d5:f4:65:57:bd:48:f8:c8:3d:dc:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2d698baf9ff3eeebe66284889fbf689d4e683c81
Validity
Not Before: Sep 8 08:40:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d6d26c6acbb34e1a3a3d2c83b13dc46aaee6b531
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:8a:ba:a7:5e:a2:68:43:a0:91:54:f5:03:93:
60:81:53:cc:1a:5d:19:0e:76:32:84:03:d1:99:d0:
55:e8:9d:5c:e3:7a:19:f3:20:d7:4b:80:85:a5:f4:
52:cd:f9:ec:16:f8:a5:04:1b:6e:05:87:9b:c5:69:
e7:59:4a:f9:82:f2:42:18:96:dd:47:46:4f:a0:30:
bf:6b:ef:f8:04:b4:19:2f:c5:52:90:aa:80:28:a9:
d2:2c:5d:27:19:85:e1:51:f8:8e:7c:78:d7:b7:93:
88:29:5e:25:95:77:b2:23:f6:a5:b5:56:ac:06:49:
d8:d0:27:6a:9c:c4:40:4d:3b:8f:bb:5c:c5:22:98:
db:01:0f:05:c4:90:dd:f1:9d:b5:ca:56:cd:fa:bd:
6c:89:64:89:6c:1c:10:24:2b:55:0b:7d:86:16:a6:
1a:4b:d3:90:ac:dc:74:b0:a0:e8:02:f8:9c:6b:52:
0d:8b:91:5c:45:50:c7:b4:8a:65:46:94:24:44:ac:
cd:85:e6:cc:a0:b1:6c:97:94:80:c3:af:e5:d6:f2:
b9:cc:89:4c:63:ce:dc:52:66:4b:d1:a2:f0:6d:4b:
37:6d:2e:68:a1:cf:fc:20:77:4b:dc:71:f6:ea:76:
cf:cf:50:88:fe:90:c7:6a:4f:22:d4:e7:a7:88:fa:
21:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:D2:6C:6A:CB:B3:4E:1A:3A:3D:2C:83:B1:3D:C4:6A:AE:E6:B5:31
X509v3 Authority Key Identifier:
keyid:2D:69:8B:AF:9F:F3:EE:EB:E6:62:84:88:9F:BF:68:9D:4E:68:3C:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LWmLr5_z7uvmYoSIn79onU5oPIE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/572a98-3bb7-4276-9d39-dff5a09a82cb/1/1tJsasuzTho6PSyDsT3Eaq7mtTE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/572a98-3bb7-4276-9d39-dff5a09a82cb/1/LWmLr5_z7uvmYoSIn79onU5oPIE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.40.0.0/14
Signature Algorithm: sha256WithRSAEncryption
05:db:3e:d7:c1:28:4b:e3:4c:19:ad:be:ce:49:4b:48:c0:36:
71:33:13:d8:62:17:bb:83:1f:e4:3c:5f:9f:5c:2c:20:99:4a:
dd:78:31:e4:08:71:99:28:b9:c0:50:09:c2:c2:79:4a:8e:00:
e5:9c:23:bf:c9:4f:71:f9:a5:9f:f8:cb:12:78:ff:75:1f:bf:
0c:49:61:31:50:06:e8:e7:7d:c3:ca:ce:97:bb:64:98:39:0f:
3f:ef:87:7f:c8:b1:b2:9f:a8:8f:e6:a1:b8:c6:f5:20:7b:d9:
ab:3c:d1:20:aa:c3:7d:1a:01:d7:0c:42:bd:89:fc:24:52:cb:
bc:0f:2f:a0:4d:7c:f9:e0:e6:c8:86:72:87:b5:38:5c:9a:4a:
69:6e:a9:e0:f1:a2:15:61:dc:ca:98:ac:55:e5:36:23:68:9a:
8c:17:aa:00:31:6b:24:52:82:14:75:f6:d5:f3:e8:8b:2b:2d:
e2:a7:12:f2:92:47:68:6e:17:94:69:39:6a:c8:66:c4:44:13:
c2:af:eb:08:84:cb:c6:a9:6e:61:ca:ba:ab:c7:7a:dd:d0:ce:
ab:96:df:4b:86:0a:5d:58:2b:35:56:08:37:16:24:d7:95:ab:
b5:6d:b3:59:2d:c5:1f:50:89:60:da:6f:cf:6a:53:8a:0c:88:
b8:dc:4c:f0
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAYpz84dpedX0ZVe9SPjIPdwjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkNjk4YmFmOWZmM2VlZWJlNjYyODQ4ODlmYmY2ODlkNGU2
ODNjODEwHhcNMjMwOTA4MDg0MDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNmQyNmM2YWNiYjM0ZTFhM2EzZDJjODNiMTNkYzQ2YWFlZTZiNTMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnIq6p16iaEOgkVT1A5NggVPMGl0Z
DnYyhAPRmdBV6J1c43oZ8yDXS4CFpfRSzfnsFvilBBtuBYebxWnnWUr5gvJCGJbd
R0ZPoDC/a+/4BLQZL8VSkKqAKKnSLF0nGYXhUfiOfHjXt5OIKV4llXeyI/altVas
BknY0CdqnMRATTuPu1zFIpjbAQ8FxJDd8Z21ylbN+r1siWSJbBwQJCtVC32GFqYa
S9OQrNx0sKDoAvica1INi5FcRVDHtIplRpQkRKzNhebMoLFsl5SAw6/l1vK5zIlM
Y87cUmZL0aLwbUs3bS5ooc/8IHdL3HH26nbPz1CI/pDHak8i1OeniPohiQIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFNbSbGrLs04aOj0sg7E9xGqu5rUxMB8GA1UdIwQY
MBaAFC1pi6+f8+7r5mKEiJ+/aJ1OaDyBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFdtTHI1X3o3dXZtWW9TSW43OW9uVTVvUElFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS81NzJhOTgtM2JiNy00Mjc2LTlkMzkt
ZGZmNWEwOWE4MmNiLzEvMXRKc2FzdXpUaG82UFN5RHNUM0VhcTdtdFRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS81NzJhOTgtM2JiNy00Mjc2LTlkMzktZGZmNWEwOWE4MmNi
LzEvTFdtTHI1X3o3dXZtWW9TSW43OW9uVTVvUElFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMCbSgwDQYJ
KoZIhvcNAQELBQADggEBAAXbPtfBKEvjTBmtvs5JS0jANnEzE9hiF7uDH+Q8X59c
LCCZSt14MeQIcZkoucBQCcLCeUqOAOWcI7/JT3H5pZ/4yxJ4/3UfvwxJYTFQBujn
fcPKzpe7ZJg5Dz/vh3/IsbKfqI/mobjG9SB72as80SCqw30aAdcMQr2J/CRSy7wP
L6BNfPng5siGcoe1OFyaSmluqeDxohVh3MqYrFXlNiNomowXqgAxayRSghR19tXz
6IsrLeKnEvKSR2huF5RpOWrIZsREE8Kv6wiEy8apbmHKuqvHet3QzquW30uGCl1Y
KzVWCDcWJNeVq7Vts1ktxR9QiWDab89qU4oMiLjcTPA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:35:56 2024 by rpki-client on console-ams.rpki-client.org