Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/0cd2f3-0f6a-4eaa-9845-99eca5651023/1/yEVzkIkCFI5fVNp87CoPJDtATec.roa
File: yEVzkIkCFI5fVNp87CoPJDtATec.roa (raw, json)
Hash identifier: dO2JK471N3h8PnezsxG6y3e6ZAyEVSP/mlQrewcnsIs=
Subject key identifier: C8:45:73:90:89:02:14:8E:5F:54:DA:7C:EC:2A:0F:24:3B:40:4D:E7
Certificate issuer: /CN=b9c3633acbf63c2ecb10205b9b92580abb4eb87e
Certificate serial: 018571FA20A8505DBA2A4F48178BED3AF1AE
Authority key identifier: B9:C3:63:3A:CB:F6:3C:2E:CB:10:20:5B:9B:92:58:0A:BB:4E:B8:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ucNjOsv2PC7LECBbm5JYCrtOuH4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/0cd2f3-0f6a-4eaa-9845-99eca5651023/1/yEVzkIkCFI5fVNp87CoPJDtATec.roa
Signing time: Mon 02 Jan 2023 10:14:55 +0000
ROA not before: Mon 02 Jan 2023 10:14:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210483
IP address blocks: 109.107.130.0/24 maxlen: 24
2a11:cd40:f00d::/48 maxlen: 48
2a11:cd40::/48 maxlen: 48
2a11:cd40:1000::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 16 Nov 2023 21:34:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:fa:20:a8:50:5d:ba:2a:4f:48:17:8b:ed:3a:f1:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9c3633acbf63c2ecb10205b9b92580abb4eb87e
Validity
Not Before: Jan 2 10:14:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c84573908902148e5f54da7cec2a0f243b404de7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:06:d4:59:99:1a:d1:52:e2:3a:dc:43:31:a8:
ca:87:6e:9c:a1:c1:3b:0a:50:ec:36:28:27:8c:dd:
38:7a:08:b0:bd:e3:b2:96:19:81:29:65:d7:bd:05:
3d:93:9b:1f:c4:2d:7b:1c:37:04:7f:85:c7:b9:03:
16:14:e0:06:bf:b3:e8:44:0d:f4:05:3c:2e:30:8d:
11:96:0b:f8:ad:d4:05:5d:47:54:2d:65:ef:ca:5d:
e0:74:8a:ef:61:3e:e0:75:6b:b4:0a:35:fd:1c:a3:
bf:0c:c6:d6:a5:a7:b0:0b:5b:d6:a9:b7:17:db:ca:
ad:f0:33:58:c2:59:30:92:cb:5d:4d:6b:04:b0:d1:
59:e2:39:97:ae:2b:cf:f7:de:93:f3:0f:9b:e6:84:
5f:02:25:bd:06:35:91:c6:79:42:55:46:17:eb:6d:
e2:2e:e1:d0:87:5b:fe:f8:4b:da:68:f3:2f:91:12:
b2:99:34:09:d8:da:e0:90:fc:fe:e0:f6:e6:c4:a2:
f0:c0:bf:bb:e4:75:82:df:45:12:dd:2a:db:5c:94:
92:a0:69:79:33:d2:58:d2:b6:69:73:b5:75:15:27:
e9:7e:8e:35:f1:2d:90:e9:b5:3f:1e:ab:b1:fc:21:
47:5f:1d:d5:2b:b2:7b:5a:0a:90:e8:1a:78:60:c9:
3e:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:45:73:90:89:02:14:8E:5F:54:DA:7C:EC:2A:0F:24:3B:40:4D:E7
X509v3 Authority Key Identifier:
keyid:B9:C3:63:3A:CB:F6:3C:2E:CB:10:20:5B:9B:92:58:0A:BB:4E:B8:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ucNjOsv2PC7LECBbm5JYCrtOuH4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/0cd2f3-0f6a-4eaa-9845-99eca5651023/1/yEVzkIkCFI5fVNp87CoPJDtATec.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/0cd2f3-0f6a-4eaa-9845-99eca5651023/1/ucNjOsv2PC7LECBbm5JYCrtOuH4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.107.130.0/24
IPv6:
2a11:cd40::/48
2a11:cd40:1000::/48
2a11:cd40:f00d::/48
Signature Algorithm: sha256WithRSAEncryption
19:31:ae:a8:76:38:6d:65:cc:66:4e:fb:db:c3:35:84:77:79:
4f:ff:b7:75:8c:1d:b0:a7:89:a0:10:b8:9c:e9:62:30:a3:00:
22:55:42:31:46:9e:f4:5c:fb:0b:ca:d6:de:97:57:1c:31:b7:
7e:0e:18:c2:01:75:87:19:2c:60:fd:e7:56:16:43:86:a2:51:
c7:66:8f:ed:31:52:d8:3f:fe:70:55:ac:37:23:67:7f:10:bf:
be:d7:a2:e3:3e:0d:1c:b9:a4:12:93:8c:9b:8b:c3:fa:44:b2:
c9:4e:74:dd:96:62:bd:1b:a8:7f:11:33:7f:c4:d2:c7:99:18:
09:de:7b:e2:40:c6:4d:d5:19:0b:9e:37:bc:fa:56:83:59:a9:
75:8b:f4:13:c6:d6:72:37:4c:30:83:45:70:24:9e:3e:98:b0:
9f:75:d4:9c:fd:f8:b4:21:60:82:60:e1:ce:c0:71:26:d4:89:
bf:b5:9d:db:9f:0b:3c:33:de:3d:35:ce:6f:18:01:c0:0b:d8:
32:c6:ef:bc:7f:a0:ce:3d:b9:44:50:8a:5a:0f:ae:5f:96:d0:
10:e2:09:b6:15:45:42:1d:7a:1e:b4:40:3f:b3:40:bc:0c:18:
f1:72:6c:fc:d0:75:94:f1:8a:3d:1c:26:88:42:c8:61:fa:02:
7e:ba:49:de
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYVx+iCoUF26Kk9IF4vtOvGuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5YzM2MzNhY2JmNjNjMmVjYjEwMjA1YjliOTI1ODBhYmI0
ZWI4N2UwHhcNMjMwMTAyMTAxNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODQ1NzM5MDg5MDIxNDhlNWY1NGRhN2NlYzJhMGYyNDNiNDA0ZGU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkAbUWZka0VLiOtxDMajKh26cocE7
ClDsNignjN04egiwveOylhmBKWXXvQU9k5sfxC17HDcEf4XHuQMWFOAGv7PoRA30
BTwuMI0Rlgv4rdQFXUdULWXvyl3gdIrvYT7gdWu0CjX9HKO/DMbWpaewC1vWqbcX
28qt8DNYwlkwkstdTWsEsNFZ4jmXrivP996T8w+b5oRfAiW9BjWRxnlCVUYX623i
LuHQh1v++EvaaPMvkRKymTQJ2NrgkPz+4PbmxKLwwL+75HWC30US3SrbXJSSoGl5
M9JY0rZpc7V1FSfpfo418S2Q6bU/Hqux/CFHXx3VK7J7WgqQ6Bp4YMk+GQIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFMhFc5CJAhSOX1TafOwqDyQ7QE3nMB8GA1UdIwQY
MBaAFLnDYzrL9jwuyxAgW5uSWAq7Trh+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWNOak9zdjJQQzdMRUNCYm01SllDcnRPdUg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi8wY2QyZjMtMGY2YS00ZWFhLTk4NDUt
OTllY2E1NjUxMDIzLzEveUVWemtJa0NGSTVmVk5wODdDb1BKRHRBVGVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi8wY2QyZjMtMGY2YS00ZWFhLTk4NDUtOTllY2E1NjUxMDIz
LzEvdWNOak9zdjJQQzdMRUNCYm01SllDcnRPdUg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAMBAIAATAGAwQAbWuCMCEE
AgACMBsDBwAqEc1AAAADBwAqEc1AEAADBwAqEc1A8A0wDQYJKoZIhvcNAQELBQAD
ggEBABkxrqh2OG1lzGZO+9vDNYR3eU//t3WMHbCniaAQuJzpYjCjACJVQjFGnvRc
+wvK1t6XVxwxt34OGMIBdYcZLGD951YWQ4aiUcdmj+0xUtg//nBVrDcjZ38Qv77X
ouM+DRy5pBKTjJuLw/pEsslOdN2WYr0bqH8RM3/E0seZGAnee+JAxk3VGQueN7z6
VoNZqXWL9BPG1nI3TDCDRXAknj6YsJ911Jz9+LQhYIJg4c7AcSbUib+1ndufCzwz
3j01zm8YAcAL2DLG77x/oM49uURQiloPrl+W0BDiCbYVRUIdeh60QD+zQLwMGPFy
bPzQdZTxij0cJohCyGH6An66Sd4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:21 2024 by rpki-client on console-fra.rpki-client.org