Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/1d7f08-e77c-4338-9a39-8e19c0db86c2/1/dPRGSxF8Jun1BG0qHd4WbhuUpV4.roa
File: dPRGSxF8Jun1BG0qHd4WbhuUpV4.roa (raw, json)
Hash identifier: B4uFRpML8rK79qrZE1e3fB7UXX7FSvIZ9nOW5dZN1+w=
Subject key identifier: 74:F4:46:4B:11:7C:26:E9:F5:04:6D:2A:1D:DE:16:6E:1B:94:A5:5E
Certificate issuer: /CN=239572ddfcab6291e6410ccd4e860ee36000e668
Certificate serial: 018CC86F8F47213892A51E0337A95D8CD411
Authority key identifier: 23:95:72:DD:FC:AB:62:91:E6:41:0C:CD:4E:86:0E:E3:60:00:E6:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I5Vy3fyrYpHmQQzNToYO42AA5mg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/1d7f08-e77c-4338-9a39-8e19c0db86c2/1/dPRGSxF8Jun1BG0qHd4WbhuUpV4.roa
Signing time: Tue 02 Jan 2024 04:30:03 +0000
ROA not before: Tue 02 Jan 2024 04:30:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201225
IP address blocks: 109.232.160.0/24 maxlen: 24
109.232.161.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 19:47:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:8f:47:21:38:92:a5:1e:03:37:a9:5d:8c:d4:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=239572ddfcab6291e6410ccd4e860ee36000e668
Validity
Not Before: Jan 2 04:30:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=74f4464b117c26e9f5046d2a1dde166e1b94a55e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:5e:d6:ca:2b:c3:51:b8:89:cc:34:90:e7:d7:
75:3c:0e:e0:4d:5d:50:01:f2:d8:71:d5:73:2e:2b:
d8:61:5c:a2:e8:6b:0c:42:4e:1e:e7:0a:fe:19:a4:
07:7b:dc:c9:5c:9f:fb:43:02:1c:06:0f:e1:3b:c4:
a5:36:8e:d0:f6:e5:50:4c:b0:0b:4e:c9:5d:a6:29:
56:82:5a:ce:55:4f:70:fb:08:d3:ff:f7:a0:9d:ea:
ab:a8:ce:4b:95:29:a1:a1:92:a1:23:e5:53:6a:30:
f3:0f:7c:cb:0c:01:0d:88:2a:bc:04:33:71:4e:d6:
b1:9d:4a:33:b5:45:af:60:fb:43:49:fb:2b:17:2f:
7c:11:1c:3b:61:73:53:d1:2e:5e:36:d0:29:10:6d:
8c:37:fa:05:cd:cc:4c:52:29:42:ea:5f:d4:1b:ca:
96:a4:14:cf:8d:c0:4c:51:13:79:dc:82:c2:b6:89:
15:8b:db:f0:da:e4:47:e9:eb:c7:d5:91:2c:81:89:
b7:c2:09:c1:c9:43:6a:6c:70:d8:ed:27:39:93:80:
90:27:25:69:e8:68:8d:3e:7c:dc:5c:ab:0e:78:84:
2d:ca:34:9f:85:66:ea:7d:36:5a:48:4c:72:bc:ed:
e1:1e:8b:81:d4:69:20:37:d6:64:9a:a3:bd:43:5b:
bc:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:F4:46:4B:11:7C:26:E9:F5:04:6D:2A:1D:DE:16:6E:1B:94:A5:5E
X509v3 Authority Key Identifier:
keyid:23:95:72:DD:FC:AB:62:91:E6:41:0C:CD:4E:86:0E:E3:60:00:E6:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I5Vy3fyrYpHmQQzNToYO42AA5mg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/1d7f08-e77c-4338-9a39-8e19c0db86c2/1/dPRGSxF8Jun1BG0qHd4WbhuUpV4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/1d7f08-e77c-4338-9a39-8e19c0db86c2/1/I5Vy3fyrYpHmQQzNToYO42AA5mg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.232.160.0/23
Signature Algorithm: sha256WithRSAEncryption
03:34:f4:78:1f:52:f8:03:53:e3:51:10:10:7e:e4:48:fc:52:
95:e9:25:e1:b1:b3:ea:14:bb:83:31:15:9d:81:db:ea:7d:7e:
66:47:d1:0f:28:0d:31:a7:69:dd:ae:1f:ea:38:29:97:b9:b2:
92:43:5b:08:6f:ef:56:8c:e3:9f:c7:ca:26:3d:70:a9:c1:03:
fd:db:19:9e:81:59:b3:83:55:e6:f8:a1:03:86:9f:a2:5a:f4:
ee:4b:6c:e1:4f:7e:71:11:94:4b:fa:37:d7:a1:66:2e:4e:af:
08:6e:a4:85:b2:0d:c9:06:80:7d:1e:4a:42:64:41:86:8e:b6:
9c:fd:53:a8:b1:c0:ad:39:d5:c3:d1:ef:99:32:58:5a:fd:9a:
42:b4:53:c0:27:28:77:1f:bb:52:23:c4:d6:1f:e2:5b:50:32:
05:01:61:70:db:3b:41:42:c9:3f:71:a3:ec:b4:fd:f9:c7:c0:
08:63:3b:3d:ba:71:3d:f6:b0:68:46:50:f0:02:91:08:1d:53:
43:e0:5a:1a:89:02:10:c3:73:a2:c0:6c:99:85:73:ac:19:0b:
73:e6:32:28:7a:4d:f4:c1:65:dd:6c:87:65:55:e9:dd:d9:b8:
89:07:d6:2c:6a:4d:e4:89:30:5d:4a:a9:cb:f4:fd:7c:56:5d:
1f:20:86:87
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIb49HITiSpR4DN6ldjNQRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzOTU3MmRkZmNhYjYyOTFlNjQxMGNjZDRlODYwZWUzNjAw
MGU2NjgwHhcNMjQwMTAyMDQzMDAzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NGY0NDY0YjExN2MyNmU5ZjUwNDZkMmExZGRlMTY2ZTFiOTRhNTVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1F7WyivDUbiJzDSQ59d1PA7gTV1Q
AfLYcdVzLivYYVyi6GsMQk4e5wr+GaQHe9zJXJ/7QwIcBg/hO8SlNo7Q9uVQTLAL
TsldpilWglrOVU9w+wjT//egneqrqM5LlSmhoZKhI+VTajDzD3zLDAENiCq8BDNx
TtaxnUoztUWvYPtDSfsrFy98ERw7YXNT0S5eNtApEG2MN/oFzcxMUilC6l/UG8qW
pBTPjcBMURN53ILCtokVi9vw2uRH6evH1ZEsgYm3wgnByUNqbHDY7Sc5k4CQJyVp
6GiNPnzcXKsOeIQtyjSfhWbqfTZaSExyvO3hHouB1GkgN9ZkmqO9Q1u8UQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHT0RksRfCbp9QRtKh3eFm4blKVeMB8GA1UdIwQY
MBaAFCOVct38q2KR5kEMzU6GDuNgAOZoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTVWeTNmeXJZcEhtUVF6TlRvWU80MkFBNW1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC8xZDdmMDgtZTc3Yy00MzM4LTlhMzkt
OGUxOWMwZGI4NmMyLzEvZFBSR1N4RjhKdW4xQkcwcUhkNFdiaHVVcFY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC8xZDdmMDgtZTc3Yy00MzM4LTlhMzktOGUxOWMwZGI4NmMy
LzEvSTVWeTNmeXJZcEhtUVF6TlRvWU80MkFBNW1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBbeigMA0G
CSqGSIb3DQEBCwUAA4IBAQADNPR4H1L4A1PjURAQfuRI/FKV6SXhsbPqFLuDMRWd
gdvqfX5mR9EPKA0xp2ndrh/qOCmXubKSQ1sIb+9WjOOfx8omPXCpwQP92xmegVmz
g1Xm+KEDhp+iWvTuS2zhT35xEZRL+jfXoWYuTq8IbqSFsg3JBoB9HkpCZEGGjrac
/VOoscCtOdXD0e+ZMlha/ZpCtFPAJyh3H7tSI8TWH+JbUDIFAWFw2ztBQsk/caPs
tP35x8AIYzs9unE99rBoRlDwApEIHVND4FoaiQIQw3OiwGyZhXOsGQtz5jIoek30
wWXdbIdlVend2biJB9Ysak3kiTBdSqnL9P18Vl0fIIaH
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:58:59 2025 by rpki-client