Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/58af24-c454-44b0-a7ca-c6f1e6ac9ba9/1/DO7UNIWGxdiVl-vVEmb_1K48FoQ.roa
File: DO7UNIWGxdiVl-vVEmb_1K48FoQ.roa (raw, json)
Hash identifier: 98ebU0ATr97q5MkaoWSzpGqFCUwXpRaFZKb6VEPZ5jg=
Subject key identifier: 0C:EE:D4:34:85:86:C5:D8:95:97:EB:D5:12:66:FF:D4:AE:3C:16:84
Certificate issuer: /CN=ae7f747df5f24353154dc4d4bf70d2ddcb53e900
Certificate serial: 01856C4A472EFE8FDDC976B9CA20DE4FDE66
Authority key identifier: AE:7F:74:7D:F5:F2:43:53:15:4D:C4:D4:BF:70:D2:DD:CB:53:E9:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rn90ffXyQ1MVTcTUv3DS3ctT6QA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/58af24-c454-44b0-a7ca-c6f1e6ac9ba9/1/DO7UNIWGxdiVl-vVEmb_1K48FoQ.roa
Signing time: Sun 01 Jan 2023 07:44:45 +0000
ROA not before: Sun 01 Jan 2023 07:44:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60980
IP address blocks: 109.226.247.0/24 maxlen: 24
2a05:7400:c000::/34 maxlen: 34
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:34:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:4a:47:2e:fe:8f:dd:c9:76:b9:ca:20:de:4f:de:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ae7f747df5f24353154dc4d4bf70d2ddcb53e900
Validity
Not Before: Jan 1 07:44:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0ceed4348586c5d89597ebd51266ffd4ae3c1684
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:36:ef:df:de:29:6d:02:e6:c7:ea:a8:49:3f:
a8:d8:16:51:78:15:96:23:ec:95:b2:a4:61:f0:3f:
47:d5:96:25:c1:12:0e:02:3c:65:d1:58:c3:07:ad:
73:f7:73:30:b8:57:cf:0c:fe:d5:a8:d2:79:ee:97:
44:6a:96:41:ba:8f:4a:8d:03:8d:a6:fe:3a:56:06:
97:71:d6:a4:d6:08:9c:96:11:80:44:82:71:60:53:
df:e0:22:e0:57:71:bc:24:2a:d9:65:81:6a:e6:38:
2c:c6:73:8f:3d:99:2d:0d:32:3f:b6:a0:ad:43:87:
61:ee:db:a7:27:60:9b:03:d6:a6:b5:8e:83:53:2e:
9a:9e:d9:19:f8:56:a1:3d:b4:7b:06:c9:32:b4:3f:
b8:f4:40:de:5c:ce:aa:52:c3:ae:f2:2a:49:d6:79:
11:79:33:2d:14:d2:78:06:9b:08:09:20:c7:c2:35:
5b:7f:2f:4c:1c:46:84:60:dd:c7:08:eb:24:03:3a:
43:86:22:c9:2a:78:30:56:f9:28:fa:98:a4:9b:d1:
31:de:75:00:86:0a:f5:6a:e1:86:65:d3:8c:75:ae:
70:de:8b:9a:11:8f:28:e1:88:8f:e6:33:72:c7:37:
ec:13:72:3f:50:89:a7:a4:ce:7d:a4:ac:12:95:d4:
c4:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:EE:D4:34:85:86:C5:D8:95:97:EB:D5:12:66:FF:D4:AE:3C:16:84
X509v3 Authority Key Identifier:
keyid:AE:7F:74:7D:F5:F2:43:53:15:4D:C4:D4:BF:70:D2:DD:CB:53:E9:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rn90ffXyQ1MVTcTUv3DS3ctT6QA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/58af24-c454-44b0-a7ca-c6f1e6ac9ba9/1/DO7UNIWGxdiVl-vVEmb_1K48FoQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/58af24-c454-44b0-a7ca-c6f1e6ac9ba9/1/rn90ffXyQ1MVTcTUv3DS3ctT6QA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.226.247.0/24
IPv6:
2a05:7400:c000::/34
Signature Algorithm: sha256WithRSAEncryption
48:e0:e0:83:8b:cc:f5:e3:ad:db:ca:2d:7a:eb:52:b6:81:2b:
4a:f3:dc:93:33:62:8b:88:73:6d:99:47:37:54:1f:42:8e:22:
d2:d4:a0:d6:04:ee:a6:8f:c4:b4:78:8c:97:6b:0d:08:41:0e:
56:82:06:69:97:bf:ff:6b:f0:f7:48:09:69:1e:be:8c:cf:65:
32:24:a3:90:27:80:ff:42:e3:ac:4a:bc:b1:28:d8:f2:05:0a:
b1:c4:26:cb:b8:ad:53:a9:a2:24:63:be:33:b4:eb:63:05:b7:
8a:02:87:4f:9f:f3:93:6c:29:f0:1d:3f:a6:88:29:73:0c:95:
77:21:06:44:53:00:5b:5e:ed:5c:4e:b2:5e:b0:ed:61:40:47:
9c:28:23:70:35:c8:ef:f3:04:77:f6:70:5f:0c:3a:61:be:60:
d2:0f:1f:5e:bb:77:e0:cf:d5:ef:65:08:fb:6a:67:ec:f4:ba:
a4:66:08:0e:d3:20:34:dc:22:b5:71:3b:c6:82:40:48:14:76:
a9:6c:be:f2:da:3d:19:92:4a:85:e6:05:9f:b2:8b:71:3c:ea:
bd:a9:c2:e0:b0:a5:d0:05:19:90:06:6e:0e:25:04:27:58:c5:
67:b9:ab:5c:54:d0:c9:a0:c9:78:c8:52:9f:3b:6e:53:e6:f5:
10:7d:aa:be
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYVsSkcu/o/dyXa5yiDeT95mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlN2Y3NDdkZjVmMjQzNTMxNTRkYzRkNGJmNzBkMmRkY2I1
M2U5MDAwHhcNMjMwMTAxMDc0NDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwY2VlZDQzNDg1ODZjNWQ4OTU5N2ViZDUxMjY2ZmZkNGFlM2MxNjg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0zbv394pbQLmx+qoST+o2BZReBWW
I+yVsqRh8D9H1ZYlwRIOAjxl0VjDB61z93MwuFfPDP7VqNJ57pdEapZBuo9KjQON
pv46VgaXcdak1giclhGARIJxYFPf4CLgV3G8JCrZZYFq5jgsxnOPPZktDTI/tqCt
Q4dh7tunJ2CbA9amtY6DUy6antkZ+FahPbR7BskytD+49EDeXM6qUsOu8ipJ1nkR
eTMtFNJ4BpsICSDHwjVbfy9MHEaEYN3HCOskAzpDhiLJKngwVvko+pikm9Ex3nUA
hgr1auGGZdOMda5w3ouaEY8o4YiP5jNyxzfsE3I/UImnpM59pKwSldTEjQIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFAzu1DSFhsXYlZfr1RJm/9SuPBaEMB8GA1UdIwQY
MBaAFK5/dH318kNTFU3E1L9w0t3LU+kAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcm45MGZmWHlRMU1WVGNUVXYzRFMzY3RUNlFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi81OGFmMjQtYzQ1NC00NGIwLWE3Y2Et
YzZmMWU2YWM5YmE5LzEvRE83VU5JV0d4ZGlWbC12VkVtYl8xSzQ4Rm9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi81OGFmMjQtYzQ1NC00NGIwLWE3Y2EtYzZmMWU2YWM5YmE5
LzEvcm45MGZmWHlRMU1WVGNUVXYzRFMzY3RUNlFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQAbeL3MA4E
AgACMAgDBgYqBXQAwDANBgkqhkiG9w0BAQsFAAOCAQEASODgg4vM9eOt28oteutS
toErSvPckzNii4hzbZlHN1QfQo4i0tSg1gTupo/EtHiMl2sNCEEOVoIGaZe//2vw
90gJaR6+jM9lMiSjkCeA/0LjrEq8sSjY8gUKscQmy7itU6miJGO+M7TrYwW3igKH
T5/zk2wp8B0/pogpcwyVdyEGRFMAW17tXE6yXrDtYUBHnCgjcDXI7/MEd/ZwXww6
Yb5g0g8fXrt34M/V72UI+2pn7PS6pGYIDtMgNNwitXE7xoJASBR2qWy+8to9GZJK
heYFn7KLcTzqvanC4LCl0AUZkAZuDiUEJ1jFZ7mrXFTQyaDJeMhSnztuU+b1EH2q
vg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:18 2024 by rpki-client on console-ams.rpki-client.org