Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/905378-228a-41b4-bce8-87d3b023d919/1/HTXbIRSZ17LMlmegRE1Z2zNjmw0.roa
File: HTXbIRSZ17LMlmegRE1Z2zNjmw0.roa (raw, json)
Hash identifier: /uI+Y8JsimJ3D9ImMlzbyx17S/bMqtX+VqBwgF7ESHA=
Subject key identifier: 1D:35:DB:21:14:99:D7:B2:CC:96:67:A0:44:4D:59:DB:33:63:9B:0D
Certificate issuer: /CN=60ebd4f7ac3d24920de1c1ff1185d9507e9ad078
Certificate serial: 019091E70425081AA89A68D4EF0467438787
Authority key identifier: 60:EB:D4:F7:AC:3D:24:92:0D:E1:C1:FF:11:85:D9:50:7E:9A:D0:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YOvU96w9JJIN4cH_EYXZUH6a0Hg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c2/905378-228a-41b4-bce8-87d3b023d919/1/HTXbIRSZ17LMlmegRE1Z2zNjmw0.roa
Signing time: Mon 08 Jul 2024 10:32:34 +0000
ROA not before: Mon 08 Jul 2024 10:32:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35372
IP address blocks: 109.95.65.0/24 maxlen: 24
109.95.68.0/24 maxlen: 24
109.95.70.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 22 Sep 2024 17:42:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:91:e7:04:25:08:1a:a8:9a:68:d4:ef:04:67:43:87:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60ebd4f7ac3d24920de1c1ff1185d9507e9ad078
Validity
Not Before: Jul 8 10:32:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1d35db211499d7b2cc9667a0444d59db33639b0d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:fb:b3:72:f8:a9:57:84:0b:ee:43:3e:a8:8d:
ee:32:24:93:8d:aa:f7:08:07:d9:7f:c9:cb:33:ee:
a4:2b:48:23:72:b7:61:b9:8d:1b:d8:bb:f8:98:0a:
a0:57:6f:eb:dd:9e:50:22:de:d1:07:9b:a3:c5:80:
70:7d:eb:1c:34:31:e3:a8:cd:a3:f2:df:64:d8:21:
35:3e:3c:4b:27:f3:6d:22:64:ac:35:bb:8a:fe:f7:
27:b0:b2:62:4a:45:82:3f:54:19:70:57:e9:85:94:
f7:3e:01:21:1c:e6:4e:d1:7c:71:08:f2:ad:fa:dd:
e2:e0:00:56:d0:28:53:e4:93:bb:4a:e6:89:88:80:
b4:50:dc:a2:c9:1f:e3:36:16:7c:5f:d6:90:f8:b8:
ca:1b:51:2c:d6:6b:7b:e9:7c:3a:c8:a1:c8:9e:30:
f5:25:03:57:59:3b:81:82:e8:8c:0e:1c:66:b4:2b:
a9:0e:71:15:a6:2e:4c:38:b6:ab:bc:28:33:70:45:
38:a5:2e:96:b0:71:02:af:4d:50:d6:5a:b0:e5:ba:
6a:f3:08:6a:bf:36:c8:3c:77:96:0e:48:0f:1d:6f:
77:cc:8c:2a:c6:63:05:eb:79:d3:22:9f:38:a0:49:
4a:bb:99:8c:a3:b1:b0:a2:b6:8f:9b:c5:c2:9c:c8:
c5:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:35:DB:21:14:99:D7:B2:CC:96:67:A0:44:4D:59:DB:33:63:9B:0D
X509v3 Authority Key Identifier:
keyid:60:EB:D4:F7:AC:3D:24:92:0D:E1:C1:FF:11:85:D9:50:7E:9A:D0:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YOvU96w9JJIN4cH_EYXZUH6a0Hg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/905378-228a-41b4-bce8-87d3b023d919/1/HTXbIRSZ17LMlmegRE1Z2zNjmw0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/905378-228a-41b4-bce8-87d3b023d919/1/YOvU96w9JJIN4cH_EYXZUH6a0Hg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.95.65.0/24
109.95.68.0/24
109.95.70.0/24
Signature Algorithm: sha256WithRSAEncryption
c8:f9:83:2a:ed:7e:36:5c:bf:c6:8d:74:1a:5d:05:82:fd:62:
b6:9f:a9:35:34:b6:b4:63:c7:24:f8:1e:80:21:25:ae:95:f6:
7c:bb:14:57:12:3a:3f:4e:75:6b:44:0c:34:67:cd:c4:8d:0b:
c4:f6:cd:1c:e0:24:fd:0e:96:82:9b:ea:bb:79:a6:f9:71:54:
2a:6e:22:c3:41:c0:01:cb:23:3d:2f:34:db:d5:f1:c1:d7:b7:
6f:23:2f:ca:d2:3f:ee:bc:99:a2:42:16:5d:a1:d8:41:e1:80:
fa:d7:7e:bc:c6:28:18:48:72:5f:d9:dc:57:9d:c8:4e:48:2f:
48:63:c1:07:d2:b8:4e:b1:99:2d:f0:25:70:37:34:d6:74:f6:
ee:39:68:8d:e0:d7:cf:df:bb:9d:55:93:ad:51:4c:bc:2e:92:
a1:ed:66:6a:4c:f3:f6:99:7d:a5:14:17:22:1e:23:90:c8:db:
63:21:b3:9d:82:97:75:e9:bd:4b:be:3f:79:4e:6e:c1:5e:90:
39:a6:4f:00:c6:a1:a8:99:f9:57:c4:7e:f1:b7:28:82:07:10:
08:5c:07:fb:e1:b4:a9:7f:79:4e:64:c0:5f:82:75:ab:f5:24:
86:c1:03:2b:65:b7:4d:68:4b:a8:a5:6c:13:71:c9:28:c8:8b:
5e:1a:40:0a
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZCR5wQlCBqommjU7wRnQ4eHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwZWJkNGY3YWMzZDI0OTIwZGUxYzFmZjExODVkOTUwN2U5
YWQwNzgwHhcNMjQwNzA4MTAzMjM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDM1ZGIyMTE0OTlkN2IyY2M5NjY3YTA0NDRkNTlkYjMzNjM5YjBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2PuzcvipV4QL7kM+qI3uMiSTjar3
CAfZf8nLM+6kK0gjcrdhuY0b2Lv4mAqgV2/r3Z5QIt7RB5ujxYBwfescNDHjqM2j
8t9k2CE1PjxLJ/NtImSsNbuK/vcnsLJiSkWCP1QZcFfphZT3PgEhHOZO0XxxCPKt
+t3i4ABW0ChT5JO7SuaJiIC0UNyiyR/jNhZ8X9aQ+LjKG1Es1mt76Xw6yKHInjD1
JQNXWTuBguiMDhxmtCupDnEVpi5MOLarvCgzcEU4pS6WsHECr01Q1lqw5bpq8whq
vzbIPHeWDkgPHW93zIwqxmMF63nTIp84oElKu5mMo7GworaPm8XCnMjF/wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFB012yEUmdeyzJZnoERNWdszY5sNMB8GA1UdIwQY
MBaAFGDr1PesPSSSDeHB/xGF2VB+mtB4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWU92VTk2dzlKSklONGNIX0VZWFpVSDZhMEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi85MDUzNzgtMjI4YS00MWI0LWJjZTgt
ODdkM2IwMjNkOTE5LzEvSFRYYklSU1oxN0xNbG1lZ1JFMVoyek5qbXcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi85MDUzNzgtMjI4YS00MWI0LWJjZTgtODdkM2IwMjNkOTE5
LzEvWU92VTk2dzlKSklONGNIX0VZWFpVSDZhMEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAbV9BAwQA
bV9EAwQAbV9GMA0GCSqGSIb3DQEBCwUAA4IBAQDI+YMq7X42XL/GjXQaXQWC/WK2
n6k1NLa0Y8ck+B6AISWulfZ8uxRXEjo/TnVrRAw0Z83EjQvE9s0c4CT9DpaCm+q7
eab5cVQqbiLDQcAByyM9LzTb1fHB17dvIy/K0j/uvJmiQhZdodhB4YD61368xigY
SHJf2dxXnchOSC9IY8EH0rhOsZkt8CVwNzTWdPbuOWiN4NfP37udVZOtUUy8LpKh
7WZqTPP2mX2lFBciHiOQyNtjIbOdgpd16b1Lvj95Tm7BXpA5pk8AxqGomflXxH7x
tyiCBxAIXAf74bSpf3lOZMBfgnWr9SSGwQMrZbdNaEuopWwTcckoyIteGkAK
-----END CERTIFICATE-----
Generated at Sun Sep 22 22:34:31 2024 by rpki-client on console-fra.rpki-client.org