Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/905378-228a-41b4-bce8-87d3b023d919/1/gI-xICbFdbJ0YHoKcVDOrmEyzp4.roa
File: gI-xICbFdbJ0YHoKcVDOrmEyzp4.roa (raw, json)
Hash identifier: SWuY7yveVQ4FsxLDDUqlI8nmGFiefhbOAzxTnFbTdw8=
Subject key identifier: 80:8F:B1:20:26:C5:75:B2:74:60:7A:0A:71:50:CE:AE:61:32:CE:9E
Certificate issuer: /CN=60ebd4f7ac3d24920de1c1ff1185d9507e9ad078
Certificate serial: 018CC26D020388A196C4F35EA3D921F7FFB7
Authority key identifier: 60:EB:D4:F7:AC:3D:24:92:0D:E1:C1:FF:11:85:D9:50:7E:9A:D0:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YOvU96w9JJIN4cH_EYXZUH6a0Hg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c2/905378-228a-41b4-bce8-87d3b023d919/1/gI-xICbFdbJ0YHoKcVDOrmEyzp4.roa
Signing time: Mon 01 Jan 2024 00:29:32 +0000
ROA not before: Mon 01 Jan 2024 00:29:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210392
IP address blocks: 109.95.66.0/24 maxlen: 24
109.95.65.0/24 maxlen: 24
109.95.68.0/24 maxlen: 24
109.95.67.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 29 Jun 2024 13:09:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:02:03:88:a1:96:c4:f3:5e:a3:d9:21:f7:ff:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60ebd4f7ac3d24920de1c1ff1185d9507e9ad078
Validity
Not Before: Jan 1 00:29:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=808fb12026c575b274607a0a7150ceae6132ce9e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:13:70:93:7a:1c:16:e6:2a:84:b4:b0:8a:bd:
ed:cc:ec:75:c4:06:29:ef:ae:38:5b:69:cd:b4:cb:
70:d5:85:ce:59:5c:ed:ac:b8:e9:05:3b:8f:78:fc:
6c:b9:f3:bc:08:41:50:f7:f1:4c:c7:94:cb:3a:07:
c6:00:5e:a8:ac:d3:97:76:62:42:28:13:63:5d:47:
e2:79:9b:75:e1:0a:76:ca:18:a0:07:2f:60:0a:e4:
52:c8:81:49:04:25:53:6b:b9:d0:57:6a:af:ce:e5:
19:d4:1c:8d:94:f7:e7:6a:65:d8:fc:0e:95:9d:da:
26:50:60:58:e1:16:b9:f4:fd:f8:00:a2:93:73:6c:
4c:7e:c0:67:50:cd:84:dd:b1:b0:43:99:ec:cb:62:
af:71:7a:be:85:ce:88:54:e0:02:09:f1:1d:6d:9f:
bd:97:7b:19:35:09:8e:37:38:bb:73:43:a2:0c:7d:
ce:17:fe:3d:73:f4:8d:35:6a:73:89:92:7f:dd:df:
f7:a7:42:4d:1d:69:bf:4f:d1:62:e8:18:c3:5e:a1:
09:20:fa:3f:41:f2:4c:bd:9f:2f:19:83:93:14:8c:
cf:73:ce:a8:e2:71:cd:d8:7a:43:fa:bf:5d:75:1f:
a9:89:14:50:91:e0:08:01:2d:a7:89:dd:b1:83:96:
62:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:8F:B1:20:26:C5:75:B2:74:60:7A:0A:71:50:CE:AE:61:32:CE:9E
X509v3 Authority Key Identifier:
keyid:60:EB:D4:F7:AC:3D:24:92:0D:E1:C1:FF:11:85:D9:50:7E:9A:D0:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YOvU96w9JJIN4cH_EYXZUH6a0Hg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/905378-228a-41b4-bce8-87d3b023d919/1/gI-xICbFdbJ0YHoKcVDOrmEyzp4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/905378-228a-41b4-bce8-87d3b023d919/1/YOvU96w9JJIN4cH_EYXZUH6a0Hg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.95.65.0-109.95.68.255
Signature Algorithm: sha256WithRSAEncryption
33:6b:5e:8c:93:b0:5c:d8:7b:86:ff:ec:e9:c7:49:48:63:14:
dd:eb:d0:df:07:6a:c4:dd:6c:a6:44:55:9b:df:f9:1e:9f:47:
76:05:7f:3c:d1:b0:0d:e6:28:a7:35:fd:e3:c8:c3:87:36:77:
77:f2:97:ad:70:86:47:57:37:2b:fd:d3:94:c2:7f:37:42:d9:
b7:dd:ed:14:00:8a:61:ba:f1:e3:29:bd:2e:7e:9b:95:1b:17:
21:5c:d0:d0:09:cc:b2:bb:f6:8b:85:5c:79:dd:4c:ad:63:ad:
0c:21:53:ed:31:53:7e:9b:ef:90:5c:ef:3b:3f:63:d0:9d:99:
6f:f6:f7:7f:e9:24:3b:a8:70:e0:a8:3a:11:1f:d3:e3:ac:70:
70:7d:05:6b:92:72:9a:0b:2e:4b:c0:f0:d7:bb:fb:71:21:19:
88:1c:62:76:3d:d5:12:ac:55:fd:46:44:34:5a:36:8c:db:5e:
bf:f1:09:9e:1a:27:9c:86:16:3c:94:83:bc:62:76:ab:b7:f8:
21:0d:e9:b4:ba:28:57:d0:e4:61:b3:41:51:9f:43:80:8a:d1:
76:84:8b:af:3f:9a:ae:5f:be:8f:b7:3f:b0:31:5b:ba:b6:11:
88:d0:92:e9:2a:57:69:a5:b0:e8:94:6f:33:fa:71:72:c3:c5:
27:cd:e6:81
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzCbQIDiKGWxPNeo9kh9/+3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwZWJkNGY3YWMzZDI0OTIwZGUxYzFmZjExODVkOTUwN2U5
YWQwNzgwHhcNMjQwMTAxMDAyOTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDhmYjEyMDI2YzU3NWIyNzQ2MDdhMGE3MTUwY2VhZTYxMzJjZTllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmxNwk3ocFuYqhLSwir3tzOx1xAYp
7644W2nNtMtw1YXOWVztrLjpBTuPePxsufO8CEFQ9/FMx5TLOgfGAF6orNOXdmJC
KBNjXUfieZt14Qp2yhigBy9gCuRSyIFJBCVTa7nQV2qvzuUZ1ByNlPfnamXY/A6V
ndomUGBY4Ra59P34AKKTc2xMfsBnUM2E3bGwQ5nsy2KvcXq+hc6IVOACCfEdbZ+9
l3sZNQmONzi7c0OiDH3OF/49c/SNNWpziZJ/3d/3p0JNHWm/T9Fi6BjDXqEJIPo/
QfJMvZ8vGYOTFIzPc86o4nHN2HpD+r9ddR+piRRQkeAIAS2nid2xg5ZiRwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFICPsSAmxXWydGB6CnFQzq5hMs6eMB8GA1UdIwQY
MBaAFGDr1PesPSSSDeHB/xGF2VB+mtB4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWU92VTk2dzlKSklONGNIX0VZWFpVSDZhMEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi85MDUzNzgtMjI4YS00MWI0LWJjZTgt
ODdkM2IwMjNkOTE5LzEvZ0kteElDYkZkYkowWUhvS2NWRE9ybUV5enA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi85MDUzNzgtMjI4YS00MWI0LWJjZTgtODdkM2IwMjNkOTE5
LzEvWU92VTk2dzlKSklONGNIX0VZWFpVSDZhMEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBABtX0ED
BABtX0QwDQYJKoZIhvcNAQELBQADggEBADNrXoyTsFzYe4b/7OnHSUhjFN3r0N8H
asTdbKZEVZvf+R6fR3YFfzzRsA3mKKc1/ePIw4c2d3fyl61whkdXNyv905TCfzdC
2bfd7RQAimG68eMpvS5+m5UbFyFc0NAJzLK79ouFXHndTK1jrQwhU+0xU36b75Bc
7zs/Y9CdmW/293/pJDuocOCoOhEf0+OscHB9BWuScpoLLkvA8Ne7+3EhGYgcYnY9
1RKsVf1GRDRaNozbXr/xCZ4aJ5yGFjyUg7xidqu3+CEN6bS6KFfQ5GGzQVGfQ4CK
0XaEi68/mq5fvo+3P7AxW7q2EYjQkukqV2mlsOiUbzP6cXLDxSfN5oE=
-----END CERTIFICATE-----
Generated at Sat Jun 29 18:20:19 2024 by rpki-client on console-ams.rpki-client.org