Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/905378-228a-41b4-bce8-87d3b023d919/1/U40RgoJTThJcBO_LR7RlIRhWiuY.roa
File: U40RgoJTThJcBO_LR7RlIRhWiuY.roa (raw, json)
Hash identifier: LRIZO3KzKaQi2xDJIy6lXY2VDJIHRLi1X/tQbPJhGLQ=
Subject key identifier: 53:8D:11:82:82:53:4E:12:5C:04:EF:CB:47:B4:65:21:18:56:8A:E6
Certificate issuer: /CN=60ebd4f7ac3d24920de1c1ff1185d9507e9ad078
Certificate serial: 0185703968CA200947AEC8331BDB76873A14
Authority key identifier: 60:EB:D4:F7:AC:3D:24:92:0D:E1:C1:FF:11:85:D9:50:7E:9A:D0:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YOvU96w9JJIN4cH_EYXZUH6a0Hg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c2/905378-228a-41b4-bce8-87d3b023d919/1/U40RgoJTThJcBO_LR7RlIRhWiuY.roa
Signing time: Mon 02 Jan 2023 02:04:48 +0000
ROA not before: Mon 02 Jan 2023 02:04:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50269
IP address blocks: 109.95.64.0/21 maxlen: 21
109.95.64.0/24 maxlen: 24
109.95.68.0/24 maxlen: 24
109.95.67.0/24 maxlen: 24
109.95.66.0/24 maxlen: 24
109.95.71.0/24 maxlen: 24
109.95.70.0/24 maxlen: 24
109.95.69.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:29:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:39:68:ca:20:09:47:ae:c8:33:1b:db:76:87:3a:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60ebd4f7ac3d24920de1c1ff1185d9507e9ad078
Validity
Not Before: Jan 2 02:04:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=538d118282534e125c04efcb47b4652118568ae6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:ad:58:34:e1:5d:04:74:07:e5:42:fe:9d:8a:
18:43:77:b5:82:12:57:d5:bc:51:ac:5e:b8:6f:99:
83:0c:12:3f:fa:98:e7:bc:fe:36:d7:e3:67:dd:7c:
4a:48:9c:66:96:e6:37:d4:55:3a:72:84:69:fb:5f:
f7:4f:c5:1c:28:50:7b:33:bf:61:67:91:0d:03:90:
11:b2:ef:83:2a:b5:a9:b8:d8:a0:6b:a1:99:cd:fa:
14:9d:85:e3:3c:35:8a:f8:3e:36:7b:9f:c7:09:3c:
dd:4f:d8:4f:04:b6:3a:89:ec:4b:b1:f3:7d:c9:27:
1c:1c:c9:17:99:7a:f9:eb:9f:ec:90:2b:ea:5c:cc:
c8:c2:03:f1:aa:e1:06:f5:16:cb:b4:ae:32:18:4d:
2b:7f:89:a8:7f:3a:28:5b:67:10:f4:43:de:b1:e1:
a8:a6:4c:8a:93:29:3d:49:dc:a2:d5:fb:7c:ce:fc:
56:2a:7f:9d:ff:4f:a7:9a:03:2d:3b:53:4c:20:5d:
85:6f:67:29:d2:2c:02:a8:0f:ea:98:b2:ab:bd:af:
a4:bd:ed:35:3a:69:b1:54:82:93:99:6d:8b:08:c0:
27:d8:0a:1a:f0:e0:4a:43:8a:c8:58:07:93:a4:61:
1d:b6:88:53:b2:73:34:5a:0a:4d:6f:66:18:8f:b9:
21:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:8D:11:82:82:53:4E:12:5C:04:EF:CB:47:B4:65:21:18:56:8A:E6
X509v3 Authority Key Identifier:
keyid:60:EB:D4:F7:AC:3D:24:92:0D:E1:C1:FF:11:85:D9:50:7E:9A:D0:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YOvU96w9JJIN4cH_EYXZUH6a0Hg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/905378-228a-41b4-bce8-87d3b023d919/1/U40RgoJTThJcBO_LR7RlIRhWiuY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/905378-228a-41b4-bce8-87d3b023d919/1/YOvU96w9JJIN4cH_EYXZUH6a0Hg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.95.64.0/21
Signature Algorithm: sha256WithRSAEncryption
15:43:11:23:7a:07:30:f2:5c:14:e7:5f:7c:06:64:b5:dd:1b:
98:65:07:eb:0f:be:db:a6:cd:0f:19:74:a2:7d:95:bf:81:d5:
97:64:3b:09:d8:f2:6a:74:64:8e:d1:5e:55:c3:cd:c5:72:9a:
2c:e1:3c:be:f4:ee:70:80:05:c0:b8:56:f4:03:0b:c3:dd:27:
2f:c4:c8:a9:28:4e:89:a0:e9:8e:90:80:59:1b:2b:d6:ce:09:
54:9b:90:f8:37:9b:6e:b4:43:ba:ca:10:8e:55:bc:14:8c:90:
ae:27:d8:2f:8d:2b:c3:27:d1:66:fd:5a:64:75:fe:de:bd:3d:
7e:96:18:19:c6:e6:23:b0:db:23:fa:e6:06:00:d8:96:9b:8d:
a2:f9:6d:25:0d:a8:0f:29:35:c6:4c:f9:e1:66:ce:d4:e3:63:
8a:bd:54:6f:a2:12:c6:fa:23:da:d5:a4:30:24:05:6e:3f:bc:
4e:bc:88:fc:ac:58:fc:01:fa:b9:9f:fe:09:2d:e8:c3:9f:bd:
d1:cf:bc:d2:49:15:96:aa:92:32:43:d5:05:cb:60:06:4b:71:
7f:2c:46:e9:ce:77:af:4f:6b:78:a3:3f:96:16:33:a7:2a:33:
06:63:65:ad:1d:3f:24:2d:32:d9:2d:f3:77:f0:25:2c:ae:7c:
46:99:fe:ae
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwOWjKIAlHrsgzG9t2hzoUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwZWJkNGY3YWMzZDI0OTIwZGUxYzFmZjExODVkOTUwN2U5
YWQwNzgwHhcNMjMwMTAyMDIwNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzhkMTE4MjgyNTM0ZTEyNWMwNGVmY2I0N2I0NjUyMTE4NTY4YWU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiK1YNOFdBHQH5UL+nYoYQ3e1ghJX
1bxRrF64b5mDDBI/+pjnvP421+Nn3XxKSJxmluY31FU6coRp+1/3T8UcKFB7M79h
Z5ENA5ARsu+DKrWpuNiga6GZzfoUnYXjPDWK+D42e5/HCTzdT9hPBLY6iexLsfN9
ySccHMkXmXr565/skCvqXMzIwgPxquEG9RbLtK4yGE0rf4mofzooW2cQ9EPeseGo
pkyKkyk9Sdyi1ft8zvxWKn+d/0+nmgMtO1NMIF2Fb2cp0iwCqA/qmLKrva+kve01
OmmxVIKTmW2LCMAn2Aoa8OBKQ4rIWAeTpGEdtohTsnM0WgpNb2YYj7khSQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFONEYKCU04SXATvy0e0ZSEYVormMB8GA1UdIwQY
MBaAFGDr1PesPSSSDeHB/xGF2VB+mtB4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWU92VTk2dzlKSklONGNIX0VZWFpVSDZhMEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi85MDUzNzgtMjI4YS00MWI0LWJjZTgt
ODdkM2IwMjNkOTE5LzEvVTQwUmdvSlRUaEpjQk9fTFI3UmxJUmhXaXVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi85MDUzNzgtMjI4YS00MWI0LWJjZTgtODdkM2IwMjNkOTE5
LzEvWU92VTk2dzlKSklONGNIX0VZWFpVSDZhMEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDbV9AMA0G
CSqGSIb3DQEBCwUAA4IBAQAVQxEjegcw8lwU5198BmS13RuYZQfrD77bps0PGXSi
fZW/gdWXZDsJ2PJqdGSO0V5Vw83Fcpos4Ty+9O5wgAXAuFb0AwvD3ScvxMipKE6J
oOmOkIBZGyvWzglUm5D4N5tutEO6yhCOVbwUjJCuJ9gvjSvDJ9Fm/Vpkdf7evT1+
lhgZxuYjsNsj+uYGANiWm42i+W0lDagPKTXGTPnhZs7U42OKvVRvohLG+iPa1aQw
JAVuP7xOvIj8rFj8Afq5n/4JLejDn73Rz7zSSRWWqpIyQ9UFy2AGS3F/LEbpznev
T2t4oz+WFjOnKjMGY2WtHT8kLTLZLfN38CUsrnxGmf6u
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:42 2024 by rpki-client on console-fra.rpki-client.org