Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/9f5f57-e828-4bcf-8d2b-8eab7f4fe77e/1/P0xFv_PrFFjJOFpLfmrCI6xdTG4.roa
File: P0xFv_PrFFjJOFpLfmrCI6xdTG4.roa (raw, json)
Hash identifier: ybX9NQoUvGpLf6cjw8qrmuzgU3Hs/wS2Lo8IlzHA5/0=
Subject key identifier: 3F:4C:45:BF:F3:EB:14:58:C9:38:5A:4B:7E:6A:C2:23:AC:5D:4C:6E
Certificate issuer: /CN=4dd74fbbbae58dd0876d99e80ec82a11a4477f7e
Certificate serial: 018D4EF71C451B7EDB962F9CD76D5639F953
Authority key identifier: 4D:D7:4F:BB:BA:E5:8D:D0:87:6D:99:E8:0E:C8:2A:11:A4:47:7F:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TddPu7rljdCHbZnoDsgqEaRHf34.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/9f5f57-e828-4bcf-8d2b-8eab7f4fe77e/1/P0xFv_PrFFjJOFpLfmrCI6xdTG4.roa
Signing time: Sun 28 Jan 2024 07:27:13 +0000
ROA not before: Sun 28 Jan 2024 07:27:13 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209596
IP address blocks: 109.162.240.0/20 maxlen: 20
213.207.224.0/20 maxlen: 20
Validation: Failed, certificate revoked on Sun 28 Jan 2024 13:05:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:4e:f7:1c:45:1b:7e:db:96:2f:9c:d7:6d:56:39:f9:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4dd74fbbbae58dd0876d99e80ec82a11a4477f7e
Validity
Not Before: Jan 28 07:27:13 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3f4c45bff3eb1458c9385a4b7e6ac223ac5d4c6e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:ea:06:01:70:d5:73:b5:f1:eb:a6:c3:3e:53:
5e:ed:c8:0d:32:59:2f:09:90:b7:d8:8f:e5:6b:70:
79:60:99:91:87:bf:21:b1:75:8d:d2:e5:2b:2f:42:
34:e1:33:9e:49:8f:43:7b:ab:4d:25:03:ae:47:52:
a5:9b:6a:83:35:0f:2a:76:4d:fe:2d:d1:34:45:c5:
cb:3c:43:ec:d8:19:71:a8:f3:96:51:9f:c3:14:11:
21:7f:39:78:ca:22:9c:1c:7d:b1:3e:c4:a2:dd:23:
f3:b8:69:87:0c:cb:de:86:bf:03:b6:b4:34:83:b5:
f2:bd:69:0b:fa:07:d1:98:aa:38:b0:69:04:83:72:
86:1d:a1:68:1b:d8:ed:6a:c1:c8:8d:68:9f:be:d4:
07:26:ba:0b:58:2f:c3:06:c5:43:ae:f0:b9:da:71:
43:88:e5:99:c1:e0:73:72:df:7f:20:b0:49:74:b6:
8c:2c:d4:95:3f:2b:9d:27:3d:23:12:b4:14:a8:67:
af:f1:97:29:9e:a8:e0:0f:ff:c8:8c:d2:d1:ed:7a:
c5:29:4f:a6:78:bf:09:ea:ce:2e:35:f2:c9:ee:a8:
e0:d1:15:d6:3f:c2:cd:f7:9e:3a:6b:30:10:c3:e1:
ce:75:36:79:dc:88:bc:c0:22:50:5f:ba:d4:06:71:
10:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:4C:45:BF:F3:EB:14:58:C9:38:5A:4B:7E:6A:C2:23:AC:5D:4C:6E
X509v3 Authority Key Identifier:
keyid:4D:D7:4F:BB:BA:E5:8D:D0:87:6D:99:E8:0E:C8:2A:11:A4:47:7F:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TddPu7rljdCHbZnoDsgqEaRHf34.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/9f5f57-e828-4bcf-8d2b-8eab7f4fe77e/1/P0xFv_PrFFjJOFpLfmrCI6xdTG4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/9f5f57-e828-4bcf-8d2b-8eab7f4fe77e/1/TddPu7rljdCHbZnoDsgqEaRHf34.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.162.240.0/20
213.207.224.0/20
Signature Algorithm: sha256WithRSAEncryption
19:e3:ff:e3:e3:da:10:16:42:09:30:0c:37:5e:a0:1c:1b:cb:
86:10:1d:dd:89:52:aa:e2:e7:6e:b1:12:1b:bc:c0:21:52:ab:
93:56:66:26:8f:22:0e:58:3e:cf:ba:da:1c:ae:7b:8c:a4:f0:
29:a1:9a:62:00:ef:aa:03:9b:c0:f1:a5:89:da:5e:06:d3:0c:
1b:ba:43:ea:ba:c2:69:74:9d:d9:cb:6d:50:df:47:5d:97:da:
8e:2d:a5:37:4c:4a:46:b5:e9:f2:da:c5:14:7c:94:ee:3e:25:
24:c2:12:11:89:94:90:04:bb:cc:db:ba:46:a6:de:a3:31:1d:
fa:36:80:3f:04:77:25:36:77:6a:8b:42:d8:06:12:1b:fb:1a:
86:69:7f:5e:d0:e8:1b:c4:e4:14:07:9c:f5:6e:b7:2a:85:43:
54:5b:de:20:d6:49:ad:43:53:d9:77:94:fa:79:9f:7c:a4:cf:
28:ea:49:fa:03:f1:17:1a:72:60:84:de:95:3e:2d:32:50:ef:
58:63:89:19:90:83:3b:b4:a5:d1:0b:c5:ec:9a:b1:c1:30:5d:
46:00:e9:d9:98:0c:92:7b:14:44:5f:ba:98:ef:56:79:4d:d9:
35:0f:bc:0a:f9:ef:26:64:9c:2a:aa:2b:21:f5:99:d8:0e:3e:
91:9a:44:4f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY1O9xxFG37bli+c121WOflTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkZDc0ZmJiYmFlNThkZDA4NzZkOTllODBlYzgyYTExYTQ0
NzdmN2UwHhcNMjQwMTI4MDcyNzEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjRjNDViZmYzZWIxNDU4YzkzODVhNGI3ZTZhYzIyM2FjNWQ0YzZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkeoGAXDVc7Xx66bDPlNe7cgNMlkv
CZC32I/la3B5YJmRh78hsXWN0uUrL0I04TOeSY9De6tNJQOuR1Klm2qDNQ8qdk3+
LdE0RcXLPEPs2BlxqPOWUZ/DFBEhfzl4yiKcHH2xPsSi3SPzuGmHDMvehr8DtrQ0
g7XyvWkL+gfRmKo4sGkEg3KGHaFoG9jtasHIjWifvtQHJroLWC/DBsVDrvC52nFD
iOWZweBzct9/ILBJdLaMLNSVPyudJz0jErQUqGev8ZcpnqjgD//IjNLR7XrFKU+m
eL8J6s4uNfLJ7qjg0RXWP8LN9546azAQw+HOdTZ53Ii8wCJQX7rUBnEQpQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFD9MRb/z6xRYyThaS35qwiOsXUxuMB8GA1UdIwQY
MBaAFE3XT7u65Y3Qh22Z6A7IKhGkR39+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGRkUHU3cmxqZENIYlpub0RzZ3FFYVJIZjM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi85ZjVmNTctZTgyOC00YmNmLThkMmIt
OGVhYjdmNGZlNzdlLzEvUDB4RnZfUHJGRmpKT0ZwTGZtckNJNnhkVEc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi85ZjVmNTctZTgyOC00YmNmLThkMmItOGVhYjdmNGZlNzdl
LzEvVGRkUHU3cmxqZENIYlpub0RzZ3FFYVJIZjM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQEbaLwAwQE
1c/gMA0GCSqGSIb3DQEBCwUAA4IBAQAZ4//j49oQFkIJMAw3XqAcG8uGEB3diVKq
4udusRIbvMAhUquTVmYmjyIOWD7PutocrnuMpPApoZpiAO+qA5vA8aWJ2l4G0wwb
ukPqusJpdJ3Zy21Q30ddl9qOLaU3TEpGteny2sUUfJTuPiUkwhIRiZSQBLvM27pG
pt6jMR36NoA/BHclNndqi0LYBhIb+xqGaX9e0OgbxOQUB5z1brcqhUNUW94g1kmt
Q1PZd5T6eZ98pM8o6kn6A/EXGnJghN6VPi0yUO9YY4kZkIM7tKXRC8XsmrHBMF1G
AOnZmAySexREX7qY71Z5Tdk1D7wK+e8mZJwqqish9ZnYDj6RmkRP
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:52 2024 by rpki-client on console-ams.rpki-client.org