Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/2b5ed6-3a7c-4631-b49d-bf55b8b1669c/1/R_Gfj-ZqwHwLza7EFWByXo5utCk.roa
File: R_Gfj-ZqwHwLza7EFWByXo5utCk.roa (raw, json)
Hash identifier: nRGV+mkoEyDvtQwPzN0w5ajjeOt+uvAbPIy/hv50DCk=
Subject key identifier: 47:F1:9F:8F:E6:6A:C0:7C:0B:CD:AE:C4:15:60:72:5E:8E:6E:B4:29
Certificate issuer: /CN=2cce5d51fa75bbb6ed962a4166ef6f8630a02581
Certificate serial: 018CC3494739EE8B035031AEE7DF6D917E2D
Authority key identifier: 2C:CE:5D:51:FA:75:BB:B6:ED:96:2A:41:66:EF:6F:86:30:A0:25:81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LM5dUfp1u7btlipBZu9vhjCgJYE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/2b5ed6-3a7c-4631-b49d-bf55b8b1669c/1/R_Gfj-ZqwHwLza7EFWByXo5utCk.roa
Signing time: Mon 01 Jan 2024 04:30:08 +0000
ROA not before: Mon 01 Jan 2024 04:30:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212302
IP address blocks: 109.70.239.0/24 maxlen: 24
2a0c:2bc0::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 01 Jan 2025 09:48:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:47:39:ee:8b:03:50:31:ae:e7:df:6d:91:7e:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2cce5d51fa75bbb6ed962a4166ef6f8630a02581
Validity
Not Before: Jan 1 04:30:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=47f19f8fe66ac07c0bcdaec41560725e8e6eb429
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:5d:61:cb:58:b2:cd:2e:9f:bf:ca:de:83:64:
a8:5b:47:69:ba:60:eb:a9:2e:98:3a:e9:b7:93:77:
e9:0a:d9:8e:1d:26:ea:86:54:2a:13:14:2b:b4:30:
46:42:da:74:b9:91:28:71:b2:df:d4:7e:99:a3:0f:
2f:9a:de:59:f2:cf:02:09:8b:df:88:be:a1:78:56:
b6:2d:6c:1d:61:6d:05:b2:1a:9a:31:4b:ef:8e:a9:
e6:ab:24:fb:32:ee:01:51:8e:e6:29:e2:ab:31:9d:
52:87:ea:55:6c:c3:8b:a7:87:83:40:6d:c1:70:7e:
89:ea:73:5e:61:df:6c:31:0b:34:70:ca:62:00:68:
c9:fc:83:06:05:64:48:85:db:09:83:0c:51:eb:e8:
84:77:6f:fb:b7:a4:bf:a0:1d:71:25:e0:11:b5:5d:
60:ab:a5:13:73:a8:0a:eb:20:66:39:82:99:fc:4f:
00:a4:82:27:85:42:79:99:88:53:76:f2:c7:25:9c:
05:8f:6d:89:41:ef:4e:a7:35:5a:a5:68:de:73:4c:
e5:b7:41:82:1b:40:fa:6f:c6:98:57:5d:dc:b4:af:
7b:45:a3:bb:dd:0a:f4:df:d6:a4:f6:5b:f6:15:48:
14:8d:fa:d6:ef:bf:b9:8e:4a:9d:d5:5b:15:0f:18:
c7:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:F1:9F:8F:E6:6A:C0:7C:0B:CD:AE:C4:15:60:72:5E:8E:6E:B4:29
X509v3 Authority Key Identifier:
keyid:2C:CE:5D:51:FA:75:BB:B6:ED:96:2A:41:66:EF:6F:86:30:A0:25:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LM5dUfp1u7btlipBZu9vhjCgJYE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/2b5ed6-3a7c-4631-b49d-bf55b8b1669c/1/R_Gfj-ZqwHwLza7EFWByXo5utCk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/2b5ed6-3a7c-4631-b49d-bf55b8b1669c/1/LM5dUfp1u7btlipBZu9vhjCgJYE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.70.239.0/24
IPv6:
2a0c:2bc0::/29
Signature Algorithm: sha256WithRSAEncryption
97:e1:ca:9f:7d:26:d5:98:79:58:49:06:65:fe:b9:ae:d2:6f:
bf:19:4b:f9:8d:f3:02:70:5e:45:59:c9:eb:60:c6:15:a2:36:
a7:6b:69:ea:24:9e:58:d1:35:e3:bc:eb:b0:d8:eb:7b:59:4c:
af:52:66:4e:98:1a:4c:36:1f:8a:74:18:96:f9:73:14:34:55:
7a:51:f4:39:d6:7f:f6:39:30:e4:bd:d4:1b:21:49:dc:fb:ce:
3d:ee:a1:13:7f:ad:33:7d:c8:22:1a:0c:e7:c8:fb:cf:ed:97:
6e:78:37:4a:25:e6:9d:d1:a3:87:ff:77:ef:8a:61:4f:a5:57:
da:bc:93:17:29:d8:3f:85:ca:85:7d:fa:91:17:ec:5d:10:af:
50:cc:04:b9:f8:25:4f:dc:bd:fd:fa:eb:67:2b:37:7d:35:ce:
3f:b4:a0:24:ae:4f:b7:ff:16:57:71:cc:c3:c4:e7:ac:86:39:
d8:13:1c:59:22:22:79:7b:d4:9e:3b:c6:2b:01:47:55:37:b2:
1f:3b:b4:20:a0:c1:a9:af:7f:8e:09:f1:cc:68:7b:a1:68:ed:
a9:cb:84:92:b8:bc:d3:8e:e2:89:04:f6:59:6f:de:c9:86:a3:
61:41:22:1c:be:89:00:92:40:ef:9f:3a:aa:63:24:80:23:75:
d6:c6:58:3a
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzDSUc57osDUDGu599tkX4tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjY2U1ZDUxZmE3NWJiYjZlZDk2MmE0MTY2ZWY2Zjg2MzBh
MDI1ODEwHhcNMjQwMTAxMDQzMDA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0N2YxOWY4ZmU2NmFjMDdjMGJjZGFlYzQxNTYwNzI1ZThlNmViNDI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjV1hy1iyzS6fv8reg2SoW0dpumDr
qS6YOum3k3fpCtmOHSbqhlQqExQrtDBGQtp0uZEocbLf1H6Zow8vmt5Z8s8CCYvf
iL6heFa2LWwdYW0FshqaMUvvjqnmqyT7Mu4BUY7mKeKrMZ1Sh+pVbMOLp4eDQG3B
cH6J6nNeYd9sMQs0cMpiAGjJ/IMGBWRIhdsJgwxR6+iEd2/7t6S/oB1xJeARtV1g
q6UTc6gK6yBmOYKZ/E8ApIInhUJ5mYhTdvLHJZwFj22JQe9OpzVapWjec0zlt0GC
G0D6b8aYV13ctK97RaO73Qr039ak9lv2FUgUjfrW77+5jkqd1VsVDxjHWQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEfxn4/masB8C82uxBVgcl6ObrQpMB8GA1UdIwQY
MBaAFCzOXVH6dbu27ZYqQWbvb4YwoCWBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTE01ZFVmcDF1N2J0bGlwQlp1OXZoakNnSllFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy8yYjVlZDYtM2E3Yy00NjMxLWI0OWQt
YmY1NWI4YjE2NjljLzEvUl9HZmotWnF3SHdMemE3RUZXQnlYbzV1dENrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy8yYjVlZDYtM2E3Yy00NjMxLWI0OWQtYmY1NWI4YjE2Njlj
LzEvTE01ZFVmcDF1N2J0bGlwQlp1OXZoakNnSllFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAbUbvMA0E
AgACMAcDBQMqDCvAMA0GCSqGSIb3DQEBCwUAA4IBAQCX4cqffSbVmHlYSQZl/rmu
0m+/GUv5jfMCcF5FWcnrYMYVojana2nqJJ5Y0TXjvOuw2Ot7WUyvUmZOmBpMNh+K
dBiW+XMUNFV6UfQ51n/2OTDkvdQbIUnc+8497qETf60zfcgiGgznyPvP7ZdueDdK
Jead0aOH/3fvimFPpVfavJMXKdg/hcqFffqRF+xdEK9QzAS5+CVP3L39+utnKzd9
Nc4/tKAkrk+3/xZXcczDxOeshjnYExxZIiJ5e9SeO8YrAUdVN7IfO7QgoMGpr3+O
CfHMaHuhaO2py4SSuLzTjuKJBPZZb97JhqNhQSIcvokAkkDvnzqqYySAI3XWxlg6
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:25:27 2025 by rpki-client