Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/9f5f57-e828-4bcf-8d2b-8eab7f4fe77e/1/hXH-JMtFZwAqF-DyYKNDDCaPA54.roa
File: hXH-JMtFZwAqF-DyYKNDDCaPA54.roa (raw, json)
Hash identifier: dQAVRiG/OULaDlb0RIiE3AUb1RsOSaV9QSVeJhwRKCU=
Subject key identifier: 85:71:FE:24:CB:45:67:00:2A:17:E0:F2:60:A3:43:0C:26:8F:03:9E
Certificate issuer: /CN=4dd74fbbbae58dd0876d99e80ec82a11a4477f7e
Certificate serial: 01862B6B2DDDCC3A2A9155CE79ACC3F11D1F
Authority key identifier: 4D:D7:4F:BB:BA:E5:8D:D0:87:6D:99:E8:0E:C8:2A:11:A4:47:7F:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TddPu7rljdCHbZnoDsgqEaRHf34.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/9f5f57-e828-4bcf-8d2b-8eab7f4fe77e/1/hXH-JMtFZwAqF-DyYKNDDCaPA54.roa
Signing time: Tue 07 Feb 2023 10:28:09 +0000
ROA not before: Tue 07 Feb 2023 10:28:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39560
IP address blocks: 109.162.253.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 10 Feb 2023 12:18:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:2b:6b:2d:dd:cc:3a:2a:91:55:ce:79:ac:c3:f1:1d:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4dd74fbbbae58dd0876d99e80ec82a11a4477f7e
Validity
Not Before: Feb 7 10:28:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8571fe24cb4567002a17e0f260a3430c268f039e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:c1:fb:13:b8:64:ac:fa:18:00:a5:6d:94:6b:
06:7c:1a:39:2c:4d:00:eb:49:ab:99:94:0a:69:61:
9e:06:34:81:0d:5c:5f:ba:fe:e6:39:c7:ff:bf:d8:
e7:1b:80:8a:8d:96:15:9e:a6:75:39:e1:5c:ee:99:
c7:79:14:9e:f6:27:29:7b:51:b1:98:a8:aa:2c:a3:
a8:77:4e:e8:cd:1a:b7:a5:f8:f0:aa:02:96:c4:8c:
e3:98:a0:33:41:62:fd:e8:b3:af:bf:2e:74:cf:a0:
09:1e:dc:71:4e:6d:e7:50:3f:66:60:a1:d0:8f:f6:
33:e8:f4:41:84:ad:15:91:a2:98:1e:1f:d4:8a:a6:
0f:fa:9e:62:3e:08:06:35:01:ea:24:d6:b7:df:ce:
c1:85:ef:30:3a:d9:75:99:f1:a9:5d:3e:eb:64:79:
2c:29:b6:4c:2b:84:fd:ff:9d:5f:a7:c6:e7:a2:8a:
c7:fa:fa:ad:f3:c5:68:aa:68:38:de:07:b0:93:35:
fd:d1:a1:1b:fc:fa:58:a2:78:87:16:23:46:ec:0a:
e3:b2:ca:20:95:a4:9d:6f:47:b0:9f:3a:72:3c:f1:
d0:c9:aa:43:18:a1:8b:ec:b5:c4:47:58:2b:2b:02:
f9:47:90:2c:b0:e8:39:b4:1f:5d:cf:f1:85:f8:90:
ec:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:71:FE:24:CB:45:67:00:2A:17:E0:F2:60:A3:43:0C:26:8F:03:9E
X509v3 Authority Key Identifier:
keyid:4D:D7:4F:BB:BA:E5:8D:D0:87:6D:99:E8:0E:C8:2A:11:A4:47:7F:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TddPu7rljdCHbZnoDsgqEaRHf34.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/9f5f57-e828-4bcf-8d2b-8eab7f4fe77e/1/hXH-JMtFZwAqF-DyYKNDDCaPA54.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/9f5f57-e828-4bcf-8d2b-8eab7f4fe77e/1/TddPu7rljdCHbZnoDsgqEaRHf34.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.162.253.0/24
Signature Algorithm: sha256WithRSAEncryption
02:12:08:65:eb:d0:18:fe:9a:fe:76:fb:9f:86:5d:b2:46:68:
34:1f:d0:2c:6a:d6:4b:25:67:de:89:af:8b:1f:d3:d6:e7:1d:
94:9f:9e:82:c3:12:4f:03:32:54:ef:29:f8:23:87:62:fd:4d:
00:15:89:09:10:6c:c6:b7:19:5c:4a:f0:43:41:ba:60:25:93:
3f:19:57:ff:aa:66:b4:d7:8c:53:15:ec:27:9c:c5:8a:c4:0b:
16:ab:fc:14:4f:a3:97:af:f1:04:bf:9c:49:e5:4e:6e:21:c8:
fb:58:eb:cf:2b:10:10:9f:4d:42:17:38:52:11:bc:12:bd:0c:
12:d1:70:43:4f:b7:3b:89:60:05:0e:ed:41:3e:76:43:42:a0:
65:54:e5:21:a3:cf:1c:9f:3c:9f:2a:a6:89:21:77:92:32:d7:
1d:2f:9f:d5:87:c4:db:a4:7f:e8:e7:b5:b6:3b:21:bf:27:d1:
2f:7b:e1:79:49:20:ba:01:a6:1e:d7:6d:f0:2d:1b:99:2a:26:
31:a3:e6:e6:a3:c4:a7:bb:71:f2:a5:7b:8f:e6:ab:7d:44:18:
00:ac:f3:48:34:94:9d:0f:c8:23:57:ed:27:27:e5:23:c2:28:
7b:dd:b1:80:14:9d:1f:d4:da:23:22:35:72:da:cf:36:f4:b6:
15:a3:c4:0d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYYray3dzDoqkVXOeazD8R0fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkZDc0ZmJiYmFlNThkZDA4NzZkOTllODBlYzgyYTExYTQ0
NzdmN2UwHhcNMjMwMjA3MTAyODA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTcxZmUyNGNiNDU2NzAwMmExN2UwZjI2MGEzNDMwYzI2OGYwMzllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqcH7E7hkrPoYAKVtlGsGfBo5LE0A
60mrmZQKaWGeBjSBDVxfuv7mOcf/v9jnG4CKjZYVnqZ1OeFc7pnHeRSe9icpe1Gx
mKiqLKOod07ozRq3pfjwqgKWxIzjmKAzQWL96LOvvy50z6AJHtxxTm3nUD9mYKHQ
j/Yz6PRBhK0VkaKYHh/UiqYP+p5iPggGNQHqJNa3387Bhe8wOtl1mfGpXT7rZHks
KbZMK4T9/51fp8bnoorH+vqt88Voqmg43gewkzX90aEb/PpYoniHFiNG7Arjssog
laSdb0ewnzpyPPHQyapDGKGL7LXER1grKwL5R5AssOg5tB9dz/GF+JDsLQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIVx/iTLRWcAKhfg8mCjQwwmjwOeMB8GA1UdIwQY
MBaAFE3XT7u65Y3Qh22Z6A7IKhGkR39+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGRkUHU3cmxqZENIYlpub0RzZ3FFYVJIZjM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi85ZjVmNTctZTgyOC00YmNmLThkMmIt
OGVhYjdmNGZlNzdlLzEvaFhILUpNdEZad0FxRi1EeVlLTkREQ2FQQTU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi85ZjVmNTctZTgyOC00YmNmLThkMmItOGVhYjdmNGZlNzdl
LzEvVGRkUHU3cmxqZENIYlpub0RzZ3FFYVJIZjM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbaL9MA0G
CSqGSIb3DQEBCwUAA4IBAQACEghl69AY/pr+dvufhl2yRmg0H9AsatZLJWfeia+L
H9PW5x2Un56CwxJPAzJU7yn4I4di/U0AFYkJEGzGtxlcSvBDQbpgJZM/GVf/qma0
14xTFewnnMWKxAsWq/wUT6OXr/EEv5xJ5U5uIcj7WOvPKxAQn01CFzhSEbwSvQwS
0XBDT7c7iWAFDu1BPnZDQqBlVOUho88cnzyfKqaJIXeSMtcdL5/Vh8TbpH/o57W2
OyG/J9Eve+F5SSC6AaYe123wLRuZKiYxo+bmo8Snu3HypXuP5qt9RBgArPNINJSd
D8gjV+0nJ+Ujwih73bGAFJ0f1NojIjVy2s829LYVo8QN
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:21 2024 by rpki-client on console-fra.rpki-client.org