Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/58af24-c454-44b0-a7ca-c6f1e6ac9ba9/1/X3mjlS0kP1_gDPQOjCRjCsFnLaI.roa
File: X3mjlS0kP1_gDPQOjCRjCsFnLaI.roa (raw, json)
Hash identifier: hwSZpEKMbELDqWpq461WiiXJPJpa28F2eqYSsjZhkvI=
Subject key identifier: 5F:79:A3:95:2D:24:3F:5F:E0:0C:F4:0E:8C:24:63:0A:C1:67:2D:A2
Certificate issuer: /CN=ae7f747df5f24353154dc4d4bf70d2ddcb53e900
Certificate serial: 018CC9BCDC66C8D354F2BB014A1BAD3CD4B8
Authority key identifier: AE:7F:74:7D:F5:F2:43:53:15:4D:C4:D4:BF:70:D2:DD:CB:53:E9:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rn90ffXyQ1MVTcTUv3DS3ctT6QA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/58af24-c454-44b0-a7ca-c6f1e6ac9ba9/1/X3mjlS0kP1_gDPQOjCRjCsFnLaI.roa
Signing time: Tue 02 Jan 2024 10:34:06 +0000
ROA not before: Tue 02 Jan 2024 10:34:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60980
IP address blocks: 109.226.247.0/24 maxlen: 24
2a05:7400:c000::/34 maxlen: 34
Validation: Failed, certificate revoked on Mon 18 Nov 2024 10:47:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:dc:66:c8:d3:54:f2:bb:01:4a:1b:ad:3c:d4:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ae7f747df5f24353154dc4d4bf70d2ddcb53e900
Validity
Not Before: Jan 2 10:34:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5f79a3952d243f5fe00cf40e8c24630ac1672da2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:9a:cb:13:d4:1e:eb:0f:13:ab:b5:51:18:5c:
da:c3:58:b2:f0:94:61:18:53:72:69:d7:6a:4f:84:
78:ec:7f:aa:4d:f1:13:cd:39:cf:fd:c5:56:93:61:
89:22:fb:8b:0f:6c:7f:6e:00:e7:14:22:dc:02:35:
20:33:1c:2a:07:b6:5d:81:a1:b6:73:f3:70:bb:1b:
85:89:02:39:ef:f7:c4:3a:f6:d6:b6:06:7a:45:3a:
cc:9a:f1:15:9a:a3:3c:4e:dc:0a:28:c1:c8:07:3d:
99:35:18:76:ed:ee:c5:e4:bf:5b:be:e6:4f:30:50:
07:c7:2f:d1:f4:fc:02:bd:6f:8a:ff:bb:6c:a9:f7:
a3:da:33:10:e5:53:da:83:b3:8d:55:79:64:de:2b:
12:0f:f9:66:a3:44:45:ed:7c:00:91:76:c8:ee:13:
7a:dc:8b:1a:9d:3d:92:87:41:09:cf:ae:e0:49:9a:
30:81:a4:ba:5c:0c:aa:83:f8:4d:f0:ca:0d:33:37:
e7:31:ee:6d:f3:51:86:cb:6b:22:74:0c:4f:ce:bf:
88:a2:16:ad:ec:7b:8c:25:91:02:4d:ff:3c:5f:85:
71:06:a2:c9:37:88:53:22:f7:ab:e0:18:f2:1f:c8:
10:16:30:19:b9:40:a7:bc:97:95:13:77:7c:0a:fb:
cc:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:79:A3:95:2D:24:3F:5F:E0:0C:F4:0E:8C:24:63:0A:C1:67:2D:A2
X509v3 Authority Key Identifier:
keyid:AE:7F:74:7D:F5:F2:43:53:15:4D:C4:D4:BF:70:D2:DD:CB:53:E9:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rn90ffXyQ1MVTcTUv3DS3ctT6QA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/58af24-c454-44b0-a7ca-c6f1e6ac9ba9/1/X3mjlS0kP1_gDPQOjCRjCsFnLaI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/58af24-c454-44b0-a7ca-c6f1e6ac9ba9/1/rn90ffXyQ1MVTcTUv3DS3ctT6QA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.226.247.0/24
IPv6:
2a05:7400:c000::/34
Signature Algorithm: sha256WithRSAEncryption
b1:df:59:60:12:39:3b:78:89:0c:17:35:c9:db:c2:80:ce:bc:
90:f7:32:20:38:96:f2:f3:5b:8d:f1:0d:e2:49:d6:df:2f:3b:
20:0e:44:e3:62:3c:17:71:65:24:be:2b:7d:c1:20:67:08:d0:
9f:bb:d6:41:1c:44:1e:01:25:06:0f:04:f8:51:63:b6:96:c6:
2a:f3:c5:ac:f9:bb:4a:5b:65:47:ad:c7:c6:07:67:a7:ad:c3:
93:81:ec:f7:3f:62:a2:d5:44:cd:91:b0:71:fc:5b:5e:c7:0e:
0e:bf:eb:ec:4e:28:5a:9a:02:b4:1c:8a:61:be:db:ba:b3:fc:
52:9e:0b:78:65:06:3a:8b:c5:08:81:42:b0:19:00:4a:2b:0c:
8e:3a:a0:98:5a:82:36:cd:33:1f:64:b7:7d:d1:23:6b:c0:95:
3b:a6:38:30:ed:d5:9c:ab:56:25:08:3b:e6:c5:0a:bb:b1:38:
a2:5a:29:d0:f9:86:29:60:fc:e8:7b:43:e8:90:8a:bc:00:42:
e6:94:06:e4:cc:c4:bc:63:55:4a:80:d1:7f:9e:b4:82:83:d3:
7d:6e:8d:86:c8:7f:a9:e1:92:bb:b3:32:d9:33:eb:6b:68:72:
a5:5e:e8:f5:9b:05:e6:1f:ea:2e:e0:df:ab:c6:1d:c8:f4:29:
dc:51:32:fd
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYzJvNxmyNNU8rsBShutPNS4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlN2Y3NDdkZjVmMjQzNTMxNTRkYzRkNGJmNzBkMmRkY2I1
M2U5MDAwHhcNMjQwMTAyMTAzNDA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Zjc5YTM5NTJkMjQzZjVmZTAwY2Y0MGU4YzI0NjMwYWMxNjcyZGEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhJrLE9Qe6w8Tq7VRGFzaw1iy8JRh
GFNyaddqT4R47H+qTfETzTnP/cVWk2GJIvuLD2x/bgDnFCLcAjUgMxwqB7ZdgaG2
c/NwuxuFiQI57/fEOvbWtgZ6RTrMmvEVmqM8TtwKKMHIBz2ZNRh27e7F5L9bvuZP
MFAHxy/R9PwCvW+K/7tsqfej2jMQ5VPag7ONVXlk3isSD/lmo0RF7XwAkXbI7hN6
3IsanT2Sh0EJz67gSZowgaS6XAyqg/hN8MoNMzfnMe5t81GGy2sidAxPzr+Iohat
7HuMJZECTf88X4VxBqLJN4hTIver4BjyH8gQFjAZuUCnvJeVE3d8CvvMIwIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFF95o5UtJD9f4Az0DowkYwrBZy2iMB8GA1UdIwQY
MBaAFK5/dH318kNTFU3E1L9w0t3LU+kAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcm45MGZmWHlRMU1WVGNUVXYzRFMzY3RUNlFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi81OGFmMjQtYzQ1NC00NGIwLWE3Y2Et
YzZmMWU2YWM5YmE5LzEvWDNtamxTMGtQMV9nRFBRT2pDUmpDc0ZuTGFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi81OGFmMjQtYzQ1NC00NGIwLWE3Y2EtYzZmMWU2YWM5YmE5
LzEvcm45MGZmWHlRMU1WVGNUVXYzRFMzY3RUNlFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQAbeL3MA4E
AgACMAgDBgYqBXQAwDANBgkqhkiG9w0BAQsFAAOCAQEAsd9ZYBI5O3iJDBc1ydvC
gM68kPcyIDiW8vNbjfEN4knW3y87IA5E42I8F3FlJL4rfcEgZwjQn7vWQRxEHgEl
Bg8E+FFjtpbGKvPFrPm7SltlR63Hxgdnp63Dk4Hs9z9iotVEzZGwcfxbXscODr/r
7E4oWpoCtByKYb7burP8Up4LeGUGOovFCIFCsBkASisMjjqgmFqCNs0zH2S3fdEj
a8CVO6Y4MO3VnKtWJQg75sUKu7E4olop0PmGKWD86HtD6JCKvABC5pQG5MzEvGNV
SoDRf560goPTfW6Nhsh/qeGSu7My2TPra2hypV7o9ZsF5h/qLuDfq8YdyPQp3FEy
/Q==
-----END CERTIFICATE-----
Generated at Mon Nov 18 13:32:29 2024 by rpki-client on console-ams.rpki-client.org