Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/8SOnal3-7Ak-4kpsH1CiD0YO-TY.roa
File: 8SOnal3-7Ak-4kpsH1CiD0YO-TY.roa (raw, json)
Hash identifier: ddDGOEELl5eA6zAOEO7ceClzca8kwKv7aY9DQeZQ36M=
Subject key identifier: F1:23:A7:6A:5D:FE:EC:09:3E:E2:4A:6C:1F:50:A2:0F:46:0E:F9:36
Certificate issuer: /CN=2e82963ff1aa70ab10d1d33e86b1d6d494d6ce51
Certificate serial: 01856BC11A0D1C473345AC125864831DEA9D
Authority key identifier: 2E:82:96:3F:F1:AA:70:AB:10:D1:D3:3E:86:B1:D6:D4:94:D6:CE:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/8SOnal3-7Ak-4kpsH1CiD0YO-TY.roa
Signing time: Sun 01 Jan 2023 05:14:55 +0000
ROA not before: Sun 01 Jan 2023 05:14:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58056
IP address blocks: 109.123.0.0/18 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:c1:1a:0d:1c:47:33:45:ac:12:58:64:83:1d:ea:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e82963ff1aa70ab10d1d33e86b1d6d494d6ce51
Validity
Not Before: Jan 1 05:14:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f123a76a5dfeec093ee24a6c1f50a20f460ef936
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:94:59:c7:3b:76:f4:10:d1:78:e3:de:45:86:
ab:5a:ca:82:f6:73:f7:99:81:93:66:73:22:11:d2:
9f:4c:80:a5:db:53:8f:40:a9:8b:69:4b:cf:bf:3a:
b0:6f:61:c5:2d:58:2e:2b:0a:f4:2d:c0:66:98:82:
9b:b9:5a:c3:67:f2:d1:bc:b7:49:e6:39:f7:46:db:
23:3e:5e:b7:99:89:55:7c:48:f8:d3:27:26:ed:81:
df:b0:ea:76:05:3b:ed:99:72:72:fa:fe:a0:56:f2:
82:a0:f4:46:69:8d:fc:65:ba:60:66:04:b4:5d:aa:
3c:f6:81:06:80:6e:ae:3e:bf:b1:bc:2c:6a:45:cc:
5a:8f:08:e0:98:4b:c3:b3:db:5a:ed:7f:29:f9:36:
a6:e6:7e:fe:f7:33:13:17:05:cc:4b:09:d2:a4:df:
9c:7b:32:53:90:55:98:50:b6:a1:93:a5:e1:7b:44:
a5:0b:95:43:de:36:31:c1:9e:62:36:c1:4e:62:0e:
1c:bd:c4:57:9f:0c:9b:43:97:ab:70:64:83:44:94:
a4:f4:80:68:3f:6f:3c:7a:b1:aa:18:37:f2:cb:d7:
84:04:49:4f:41:59:7f:e9:bd:e9:bc:60:72:68:87:
fa:4a:7a:79:a0:a5:f3:aa:7f:fe:b5:7b:47:df:16:
4b:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:23:A7:6A:5D:FE:EC:09:3E:E2:4A:6C:1F:50:A2:0F:46:0E:F9:36
X509v3 Authority Key Identifier:
keyid:2E:82:96:3F:F1:AA:70:AB:10:D1:D3:3E:86:B1:D6:D4:94:D6:CE:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/8SOnal3-7Ak-4kpsH1CiD0YO-TY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.123.0.0/18
Signature Algorithm: sha256WithRSAEncryption
9e:85:0d:81:fc:ee:a8:87:00:2f:4d:99:d5:cf:58:25:21:a4:
44:a8:9f:f1:cd:bc:5d:f6:c4:ad:37:67:f2:ab:09:4e:78:f3:
a7:86:b4:06:75:74:b4:34:9f:fb:8a:d6:33:5d:bd:a8:14:04:
60:e3:5d:2d:09:e6:76:a9:2f:94:7f:80:ae:84:89:f7:67:11:
79:19:8f:c0:bb:1d:99:e2:8e:da:7c:0f:11:00:3c:6f:90:56:
c7:15:64:a4:2c:80:22:9b:86:5e:05:2d:f2:70:27:85:06:0b:
fb:46:c5:30:45:54:5e:3a:52:ca:29:96:15:66:6b:e6:67:cc:
88:a4:be:16:ac:1c:11:13:40:f6:52:de:44:84:a8:10:62:ea:
eb:cd:b5:55:68:11:8f:60:55:49:4c:75:92:64:51:9d:b9:cf:
e4:08:18:cd:94:1f:fb:6f:45:e0:55:93:91:0a:36:35:6f:16:
a7:02:5c:c5:5c:14:44:e7:c4:69:a8:fb:33:85:7f:92:55:b4:
42:97:dc:1d:df:8e:a3:6f:3a:45:16:7e:8f:c9:8f:65:3e:a0:
fa:a2:5b:6c:e6:29:5c:3b:f9:0f:61:2c:a3:52:84:b9:5f:d6:
6d:bc:12:f7:b3:62:1d:63:2c:b1:d6:f3:f4:d5:29:39:aa:e0:
ff:e0:e0:f5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVrwRoNHEczRawSWGSDHeqdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlODI5NjNmZjFhYTcwYWIxMGQxZDMzZTg2YjFkNmQ0OTRk
NmNlNTEwHhcNMjMwMTAxMDUxNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMTIzYTc2YTVkZmVlYzA5M2VlMjRhNmMxZjUwYTIwZjQ2MGVmOTM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnJRZxzt29BDReOPeRYarWsqC9nP3
mYGTZnMiEdKfTICl21OPQKmLaUvPvzqwb2HFLVguKwr0LcBmmIKbuVrDZ/LRvLdJ
5jn3RtsjPl63mYlVfEj40ycm7YHfsOp2BTvtmXJy+v6gVvKCoPRGaY38ZbpgZgS0
Xao89oEGgG6uPr+xvCxqRcxajwjgmEvDs9ta7X8p+Tam5n7+9zMTFwXMSwnSpN+c
ezJTkFWYULahk6Xhe0SlC5VD3jYxwZ5iNsFOYg4cvcRXnwybQ5ercGSDRJSk9IBo
P288erGqGDfyy9eEBElPQVl/6b3pvGByaIf6Snp5oKXzqn/+tXtH3xZLswIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPEjp2pd/uwJPuJKbB9Qog9GDvk2MB8GA1UdIwQY
MBaAFC6Clj/xqnCrENHTPoax1tSU1s5RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTG9LV1BfR3FjS3NRMGRNLWhySFcxSlRXemxFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi85NTdjNjgtNmYyNy00MGVkLWFiZWQt
ZGY2NGYwZTgyMzYwLzEvOFNPbmFsMy03QWstNGtwc0gxQ2lEMFlPLVRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi85NTdjNjgtNmYyNy00MGVkLWFiZWQtZGY2NGYwZTgyMzYw
LzEvTG9LV1BfR3FjS3NRMGRNLWhySFcxSlRXemxFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQGbXsAMA0G
CSqGSIb3DQEBCwUAA4IBAQCehQ2B/O6ohwAvTZnVz1glIaREqJ/xzbxd9sStN2fy
qwlOePOnhrQGdXS0NJ/7itYzXb2oFARg410tCeZ2qS+Uf4CuhIn3ZxF5GY/Aux2Z
4o7afA8RADxvkFbHFWSkLIAim4ZeBS3ycCeFBgv7RsUwRVReOlLKKZYVZmvmZ8yI
pL4WrBwRE0D2Ut5EhKgQYurrzbVVaBGPYFVJTHWSZFGduc/kCBjNlB/7b0XgVZOR
CjY1bxanAlzFXBRE58RpqPszhX+SVbRCl9wd346jbzpFFn6PyY9lPqD6olts5ilc
O/kPYSyjUoS5X9ZtvBL3s2IdYyyx1vP01Sk5quD/4OD1
-----END CERTIFICATE-----
Generated at Mon Jan 1 17:14:34 2024 by rpki-client on console-ams.rpki-client.org