Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/905378-228a-41b4-bce8-87d3b023d919/1/FySik1T0kU4kX0a9WI9H3sQKTYY.roa
File: FySik1T0kU4kX0a9WI9H3sQKTYY.roa (raw, json)
Hash identifier: 6LatR63VSKUCSonGXgd0OauwshPwKQ907E4+rn7tlB8=
Subject key identifier: 17:24:A2:93:54:F4:91:4E:24:5F:46:BD:58:8F:47:DE:C4:0A:4D:86
Certificate issuer: /CN=60ebd4f7ac3d24920de1c1ff1185d9507e9ad078
Certificate serial: 01921AD4398E03D8DC4CD79DBDAA9D9BFA3F
Authority key identifier: 60:EB:D4:F7:AC:3D:24:92:0D:E1:C1:FF:11:85:D9:50:7E:9A:D0:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YOvU96w9JJIN4cH_EYXZUH6a0Hg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c2/905378-228a-41b4-bce8-87d3b023d919/1/FySik1T0kU4kX0a9WI9H3sQKTYY.roa
Signing time: Sun 22 Sep 2024 17:42:48 +0000
ROA not before: Sun 22 Sep 2024 17:42:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35372
IP address blocks: 109.95.65.0/24 maxlen: 24
109.95.66.0/24 maxlen: 24
109.95.68.0/24 maxlen: 24
109.95.70.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 23 Sep 2024 20:43:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:1a:d4:39:8e:03:d8:dc:4c:d7:9d:bd:aa:9d:9b:fa:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60ebd4f7ac3d24920de1c1ff1185d9507e9ad078
Validity
Not Before: Sep 22 17:42:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1724a29354f4914e245f46bd588f47dec40a4d86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:bc:d1:c0:20:c0:2f:be:a5:08:5d:d7:18:91:
9d:a5:bd:10:ec:5a:8f:dd:70:ad:7a:a9:01:ff:fd:
59:4b:11:51:a9:3b:01:74:a4:cb:73:68:f3:93:87:
a0:f3:7a:e9:50:d7:5d:23:98:34:c1:ad:11:a2:a5:
b5:f4:b0:99:48:0d:ad:db:cb:2b:27:fe:0f:d7:40:
4c:6a:5d:26:cf:14:b3:27:93:d9:c4:7f:6c:3f:c5:
3c:ae:e0:95:1f:8e:dd:f6:2d:33:19:c8:8b:cf:30:
d6:54:81:25:2d:3f:45:f1:e8:b4:71:58:b2:55:1d:
0e:19:61:94:ce:07:54:b8:85:4d:63:1b:28:1f:68:
ff:91:ab:87:e2:cc:48:8d:46:61:8f:eb:dd:b8:0e:
35:cf:ed:e0:11:22:b8:06:d5:61:b2:cf:e1:25:3d:
0c:19:9f:59:e1:06:89:50:82:42:ed:c5:ef:c6:49:
4d:8e:17:32:23:83:d1:4f:ce:38:0f:3f:e4:ea:dc:
fb:cd:2e:b5:18:8e:13:34:69:d5:87:6f:27:a5:c3:
45:db:0e:94:60:cc:8e:c5:a5:a6:a0:cb:08:e4:fc:
6d:f8:63:2e:e8:2f:41:20:6f:d5:33:6c:dc:3a:94:
db:93:ef:ea:a0:d7:38:24:5f:48:5d:47:80:f4:a5:
c2:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:24:A2:93:54:F4:91:4E:24:5F:46:BD:58:8F:47:DE:C4:0A:4D:86
X509v3 Authority Key Identifier:
keyid:60:EB:D4:F7:AC:3D:24:92:0D:E1:C1:FF:11:85:D9:50:7E:9A:D0:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YOvU96w9JJIN4cH_EYXZUH6a0Hg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/905378-228a-41b4-bce8-87d3b023d919/1/FySik1T0kU4kX0a9WI9H3sQKTYY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/905378-228a-41b4-bce8-87d3b023d919/1/YOvU96w9JJIN4cH_EYXZUH6a0Hg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.95.65.0-109.95.66.255
109.95.68.0/24
109.95.70.0/24
Signature Algorithm: sha256WithRSAEncryption
85:87:1c:ab:06:5c:e1:09:d8:08:b4:13:61:7b:40:28:9c:85:
2c:c4:d0:bd:c9:a0:1b:03:5f:93:22:5c:d9:28:29:f8:18:e0:
e9:c8:cf:c0:6e:71:50:34:9e:11:69:c4:5a:8a:c1:52:14:f1:
a1:80:34:22:da:d4:12:63:8a:b8:91:a0:53:85:21:4d:cc:48:
22:90:b8:c3:22:b0:f5:38:05:66:b2:28:8a:f7:78:9a:4a:30:
c8:84:83:bf:ed:03:07:af:0d:4f:94:8d:02:6e:2c:25:5b:77:
eb:7e:a3:92:11:d9:2c:2a:fa:6a:7c:a8:7e:3f:0d:5a:7c:1c:
67:ef:cc:cf:31:f3:6a:10:9b:bf:91:84:34:1d:23:6c:9d:f5:
47:70:6b:d6:98:87:4e:a5:ad:ac:6a:a6:49:48:0f:60:7b:a9:
e0:a8:ed:4f:83:58:8a:e4:a6:15:3f:bc:09:4e:0f:b4:9f:72:
b4:99:eb:15:53:0e:0b:cd:86:0a:a7:27:77:e4:29:e8:70:97:
c3:4c:2f:d3:f8:33:4d:25:36:4d:b6:4e:eb:b1:73:11:5f:fa:
e9:8e:cd:b6:10:9c:41:99:e4:5e:95:0d:bb:b0:47:0a:64:56:
f0:02:f2:02:15:7b:5a:f1:b6:bb:e4:d4:e9:78:1e:91:2f:72:
3d:16:82:ab
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZIa1DmOA9jcTNedvaqdm/o/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwZWJkNGY3YWMzZDI0OTIwZGUxYzFmZjExODVkOTUwN2U5
YWQwNzgwHhcNMjQwOTIyMTc0MjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNzI0YTI5MzU0ZjQ5MTRlMjQ1ZjQ2YmQ1ODhmNDdkZWM0MGE0ZDg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzrzRwCDAL76lCF3XGJGdpb0Q7FqP
3XCteqkB//1ZSxFRqTsBdKTLc2jzk4eg83rpUNddI5g0wa0RoqW19LCZSA2t28sr
J/4P10BMal0mzxSzJ5PZxH9sP8U8ruCVH47d9i0zGciLzzDWVIElLT9F8ei0cViy
VR0OGWGUzgdUuIVNYxsoH2j/kauH4sxIjUZhj+vduA41z+3gESK4BtVhss/hJT0M
GZ9Z4QaJUIJC7cXvxklNjhcyI4PRT844Dz/k6tz7zS61GI4TNGnVh28npcNF2w6U
YMyOxaWmoMsI5Pxt+GMu6C9BIG/VM2zcOpTbk+/qoNc4JF9IXUeA9KXCIQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFBckopNU9JFOJF9GvViPR97ECk2GMB8GA1UdIwQY
MBaAFGDr1PesPSSSDeHB/xGF2VB+mtB4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWU92VTk2dzlKSklONGNIX0VZWFpVSDZhMEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi85MDUzNzgtMjI4YS00MWI0LWJjZTgt
ODdkM2IwMjNkOTE5LzEvRnlTaWsxVDBrVTRrWDBhOVdJOUgzc1FLVFlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi85MDUzNzgtMjI4YS00MWI0LWJjZTgtODdkM2IwMjNkOTE5
LzEvWU92VTk2dzlKSklONGNIX0VZWFpVSDZhMEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBABtX0ED
BABtX0IDBABtX0QDBABtX0YwDQYJKoZIhvcNAQELBQADggEBAIWHHKsGXOEJ2Ai0
E2F7QCichSzE0L3JoBsDX5MiXNkoKfgY4OnIz8BucVA0nhFpxFqKwVIU8aGANCLa
1BJjiriRoFOFIU3MSCKQuMMisPU4BWayKIr3eJpKMMiEg7/tAwevDU+UjQJuLCVb
d+t+o5IR2Swq+mp8qH4/DVp8HGfvzM8x82oQm7+RhDQdI2yd9Udwa9aYh06lraxq
pklID2B7qeCo7U+DWIrkphU/vAlOD7SfcrSZ6xVTDgvNhgqnJ3fkKehwl8NML9P4
M00lNk22TuuxcxFf+umOzbYQnEGZ5F6VDbuwRwpkVvAC8gIVe1rxtrvk1Ol4HpEv
cj0Wgqs=
-----END CERTIFICATE-----
Generated at Mon Sep 23 23:44:30 2024 by rpki-client on console-ams.rpki-client.org