Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/a1ae75-2d6b-4cc6-acef-dce6d6909247/1/1-KfIztoKuW9x3LDNbFGw8GxFK44.roa
File: 1-KfIztoKuW9x3LDNbFGw8GxFK44.roa (raw, json)
Hash identifier: TNzG9f2foAgY+99PfvcQLBPlyGh7Dvi9pX6zg2v5fbc=
Subject key identifier: F8:A7:C8:CE:DA:0A:B9:6F:71:DC:B0:CD:6C:51:B0:F0:6C:45:2B:8E
Certificate issuer: /CN=940a10a256728f11a4bbaadc3204b7f0a35a5000
Certificate serial: 01856F42AF9FC681DDA08382E251E67D929B
Authority key identifier: 94:0A:10:A2:56:72:8F:11:A4:BB:AA:DC:32:04:B7:F0:A3:5A:50:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lAoQolZyjxGku6rcMgS38KNaUAA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/a1ae75-2d6b-4cc6-acef-dce6d6909247/1/1-KfIztoKuW9x3LDNbFGw8GxFK44.roa
Signing time: Sun 01 Jan 2023 21:35:19 +0000
ROA not before: Sun 01 Jan 2023 21:35:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209156
IP address blocks: 109.121.135.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:30:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:42:af:9f:c6:81:dd:a0:83:82:e2:51:e6:7d:92:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=940a10a256728f11a4bbaadc3204b7f0a35a5000
Validity
Not Before: Jan 1 21:35:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f8a7c8ceda0ab96f71dcb0cd6c51b0f06c452b8e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:c5:79:34:9d:73:4e:c7:4b:49:1e:32:b0:5f:
a0:44:48:9b:99:6e:9d:f8:63:41:e5:c0:5f:a5:89:
2a:45:40:04:20:de:18:05:98:9d:bd:2a:ec:4d:49:
b7:4e:47:d3:5d:e5:e5:c9:49:98:06:23:63:be:c7:
73:23:b1:85:06:34:86:42:b6:2f:f9:53:26:ac:a1:
13:00:e7:d5:e0:4f:ec:50:85:9c:f4:2c:23:be:72:
10:bd:22:52:6a:c1:dd:ed:ef:b5:c4:f7:1e:5b:52:
bb:aa:55:98:ce:f2:e7:e9:f9:5c:df:83:21:3a:d6:
1a:b4:ae:e5:58:8b:7e:46:23:a5:6e:8d:ad:4a:6a:
ed:5d:92:80:33:65:d4:32:0c:99:1e:76:d3:14:a3:
e9:96:85:1f:c0:41:64:2d:4b:98:b7:c7:5e:7d:19:
7f:8b:f1:86:9f:99:dc:34:ef:62:a7:9f:73:86:f0:
30:4f:05:97:cc:f9:06:e9:59:aa:2c:b3:6b:61:45:
53:ff:69:bf:bb:a5:88:b8:c5:2c:8d:ed:31:c9:8c:
77:1c:1d:07:34:fd:2e:8a:19:d9:6f:ce:1a:5b:dd:
40:da:a3:3f:fc:f4:23:03:1c:67:35:8b:12:4f:93:
1e:4a:d5:26:87:f3:74:09:ca:f7:64:b5:3a:33:64:
96:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:A7:C8:CE:DA:0A:B9:6F:71:DC:B0:CD:6C:51:B0:F0:6C:45:2B:8E
X509v3 Authority Key Identifier:
keyid:94:0A:10:A2:56:72:8F:11:A4:BB:AA:DC:32:04:B7:F0:A3:5A:50:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lAoQolZyjxGku6rcMgS38KNaUAA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/a1ae75-2d6b-4cc6-acef-dce6d6909247/1/1-KfIztoKuW9x3LDNbFGw8GxFK44.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/a1ae75-2d6b-4cc6-acef-dce6d6909247/1/lAoQolZyjxGku6rcMgS38KNaUAA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.121.135.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:1e:ba:06:7b:6b:30:32:ad:cf:d8:c1:8b:37:53:74:ee:4c:
2c:dc:10:66:33:a4:a5:b9:da:fe:cf:6c:e5:1e:9d:e1:6a:10:
02:08:6d:72:be:56:8f:a5:00:f3:49:39:f7:af:e4:57:98:99:
c4:9e:71:14:6c:07:1f:c6:86:7c:5b:05:93:29:3f:a4:5b:3f:
e2:6d:f6:5a:2e:c5:9c:dd:b7:ee:b3:b9:a3:b0:50:fc:92:16:
8d:35:fa:78:2c:5e:13:66:43:c8:b6:06:06:d2:e1:a5:71:a2:
75:74:c4:5b:40:51:98:a1:8b:53:a8:17:bd:c0:ee:ca:d1:c9:
87:61:96:59:a5:e0:e4:32:89:29:1b:b6:78:40:42:99:65:15:
5d:ab:da:fe:37:3c:eb:fe:cf:5c:bd:37:52:1b:63:5e:91:54:
f8:06:2c:5c:21:b6:70:74:22:da:1f:d8:c3:54:f3:7b:c5:f7:
01:d0:f9:d7:f9:d3:ed:38:af:b6:1f:30:da:ec:75:2a:91:e3:
27:39:6a:c6:89:41:71:aa:70:f8:66:6f:02:ce:47:c2:37:13:
f5:89:17:7b:35:3b:71:1e:e4:ab:bd:f8:4d:60:79:d1:2b:4c:
f5:e4:da:57:b3:c9:77:be:41:25:08:c6:27:d8:85:82:17:e3:
81:f8:38:2c
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVvQq+fxoHdoIOC4lHmfZKbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0MGExMGEyNTY3MjhmMTFhNGJiYWFkYzMyMDRiN2YwYTM1
YTUwMDAwHhcNMjMwMTAxMjEzNTE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOGE3YzhjZWRhMGFiOTZmNzFkY2IwY2Q2YzUxYjBmMDZjNDUyYjhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArcV5NJ1zTsdLSR4ysF+gREibmW6d
+GNB5cBfpYkqRUAEIN4YBZidvSrsTUm3TkfTXeXlyUmYBiNjvsdzI7GFBjSGQrYv
+VMmrKETAOfV4E/sUIWc9CwjvnIQvSJSasHd7e+1xPceW1K7qlWYzvLn6flc34Mh
OtYatK7lWIt+RiOlbo2tSmrtXZKAM2XUMgyZHnbTFKPploUfwEFkLUuYt8defRl/
i/GGn5ncNO9ip59zhvAwTwWXzPkG6VmqLLNrYUVT/2m/u6WIuMUsje0xyYx3HB0H
NP0uihnZb84aW91A2qM//PQjAxxnNYsST5MeStUmh/N0Ccr3ZLU6M2SWIQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPinyM7aCrlvcdywzWxRsPBsRSuOMB8GA1UdIwQY
MBaAFJQKEKJWco8RpLuq3DIEt/CjWlAAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEFvUW9sWnlqeEdrdTZyY01nUzM4S05hVUFBLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS9hMWFlNzUtMmQ2Yi00Y2M2LWFjZWYt
ZGNlNmQ2OTA5MjQ3LzEvMS1LZkl6dG9LdVc5eDNMRE5iRkd3OEd4Rks0NC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYzEvYTFhZTc1LTJkNmItNGNjNi1hY2VmLWRjZTZkNjkwOTI0
Ny8xL2xBb1FvbFp5anhHa3U2cmNNZ1MzOEtOYVVBQS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAG15hzAN
BgkqhkiG9w0BAQsFAAOCAQEAKx66BntrMDKtz9jBizdTdO5MLNwQZjOkpbna/s9s
5R6d4WoQAghtcr5Wj6UA80k596/kV5iZxJ5xFGwHH8aGfFsFkyk/pFs/4m32Wi7F
nN237rO5o7BQ/JIWjTX6eCxeE2ZDyLYGBtLhpXGidXTEW0BRmKGLU6gXvcDuytHJ
h2GWWaXg5DKJKRu2eEBCmWUVXava/jc86/7PXL03UhtjXpFU+AYsXCG2cHQi2h/Y
w1Tze8X3AdD51/nT7Tivth8w2ux1KpHjJzlqxolBcapw+GZvAs5HwjcT9YkXezU7
cR7kq734TWB50StM9eTaV7PJd75BJQjGJ9iFghfjgfg4LA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:42:24 2024 by rpki-client on console-ams.rpki-client.org