Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/N1qmKg3UIMi2Nwem85MNI76hq-w.roa
File: N1qmKg3UIMi2Nwem85MNI76hq-w.roa (raw, json)
Hash identifier: 7AetxeMz5BKQbND+SHuph0qg/sJ6e6biZwkFUGo4HcM=
Subject key identifier: 37:5A:A6:2A:0D:D4:20:C8:B6:37:07:A6:F3:93:0D:23:BE:A1:AB:EC
Certificate issuer: /CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Certificate serial: 0185737AC4D2B9836D9ABD8A722A28F7457C
Authority key identifier: D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/N1qmKg3UIMi2Nwem85MNI76hq-w.roa
Signing time: Mon 02 Jan 2023 17:15:03 +0000
ROA not before: Mon 02 Jan 2023 17:15:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50977
IP address blocks: 109.107.96.0/19 maxlen: 24
185.96.24.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:7a:c4:d2:b9:83:6d:9a:bd:8a:72:2a:28:f7:45:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Validity
Not Before: Jan 2 17:15:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=375aa62a0dd420c8b63707a6f3930d23bea1abec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:c8:fe:5e:b4:eb:d3:5b:e2:89:b6:7a:bd:05:
48:ca:88:eb:0f:77:ca:93:0c:57:e7:5c:7e:c3:27:
dc:e3:10:ef:28:67:52:89:0e:b8:0f:bb:e6:3d:d2:
c8:15:07:5a:bd:20:96:13:24:01:7d:9f:ee:cf:1c:
63:f3:2e:1d:ad:db:08:ef:27:ef:0f:0d:e9:b2:11:
54:4a:29:0a:d4:e7:25:76:d7:3b:14:78:38:8f:a1:
b3:86:09:ea:3d:ee:95:cf:92:be:a5:ae:8f:9f:e0:
b1:9f:e2:1d:c3:ca:ce:e2:95:63:b6:24:6b:04:2b:
27:f7:2e:50:52:df:a4:78:65:54:3d:41:6f:01:51:
f9:ae:be:1e:a4:6b:87:ec:c5:76:12:36:bb:98:d9:
fc:d5:58:50:d1:1b:27:7f:37:5d:3f:2a:b4:84:fd:
71:2c:44:dd:f3:50:7d:8c:1e:18:fb:f4:8e:ee:0b:
fe:74:c7:43:03:31:c5:bd:0b:60:6f:cb:05:8a:36:
eb:f3:44:d4:66:6a:d0:a1:4d:53:10:69:d3:23:21:
d6:4d:be:78:d6:de:a4:fe:3b:cd:28:f5:9c:5e:ac:
ab:70:3d:8e:75:eb:cf:8c:09:ff:55:45:a5:e8:33:
06:bb:04:fd:0b:44:f2:e9:82:1a:2c:ea:16:8f:9d:
b9:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:5A:A6:2A:0D:D4:20:C8:B6:37:07:A6:F3:93:0D:23:BE:A1:AB:EC
X509v3 Authority Key Identifier:
keyid:D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/N1qmKg3UIMi2Nwem85MNI76hq-w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.107.96.0/19
185.96.24.0/22
Signature Algorithm: sha256WithRSAEncryption
0c:02:d3:63:e5:0d:22:36:db:78:90:3c:c9:31:22:cd:06:95:
29:db:ac:ff:28:b2:ab:b2:1e:0b:ec:df:f2:42:89:7b:83:98:
15:90:44:03:be:dd:df:00:d7:e3:8a:67:a9:4f:33:11:d8:1e:
2a:06:e6:9a:cd:c5:1b:af:01:db:fb:a3:ee:49:56:8f:0a:4d:
47:f5:ed:31:bd:b8:64:46:11:f3:36:1c:65:65:66:d7:a1:d4:
dc:42:24:86:1d:63:40:7c:ab:f6:06:e6:13:93:ea:fb:e6:3e:
a9:f7:4b:f8:4f:7e:48:f4:50:29:ca:d1:db:17:fd:22:23:9c:
ab:e3:25:c2:0c:b8:11:c6:30:9a:29:93:c1:1f:56:bc:a5:fa:
0f:6f:df:59:cd:3d:ef:f5:47:0d:bd:7d:db:b4:d8:36:5d:a7:
61:3b:6e:8e:c7:43:2a:35:02:2b:af:6c:34:33:fa:14:dd:ed:
49:6e:e4:1b:be:9f:5c:d2:96:92:b0:40:21:52:d0:ea:82:70:
ff:ce:73:d7:85:4b:22:37:43:86:00:69:dc:99:b1:df:44:e5:
8a:20:32:2b:f0:6b:52:b7:74:72:20:1d:63:8a:06:e8:0f:25:
10:42:66:f7:b6:e6:3d:56:da:46:bd:c3:e7:d0:44:ee:c7:d2:
cc:7a:0e:89
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVzesTSuYNtmr2Kcioo90V8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NzVmYjA5MzRjZjZhNThkY2NlZjExMDg3NWRiZTVlM2U4
YjZiNzUwHhcNMjMwMTAyMTcxNTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNzVhYTYyYTBkZDQyMGM4YjYzNzA3YTZmMzkzMGQyM2JlYTFhYmVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlsj+XrTr01viibZ6vQVIyojrD3fK
kwxX51x+wyfc4xDvKGdSiQ64D7vmPdLIFQdavSCWEyQBfZ/uzxxj8y4drdsI7yfv
Dw3pshFUSikK1Ocldtc7FHg4j6GzhgnqPe6Vz5K+pa6Pn+Cxn+Idw8rO4pVjtiRr
BCsn9y5QUt+keGVUPUFvAVH5rr4epGuH7MV2Eja7mNn81VhQ0RsnfzddPyq0hP1x
LETd81B9jB4Y+/SO7gv+dMdDAzHFvQtgb8sFijbr80TUZmrQoU1TEGnTIyHWTb54
1t6k/jvNKPWcXqyrcD2OdevPjAn/VUWl6DMGuwT9C0Ty6YIaLOoWj525+wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDdapioN1CDItjcHpvOTDSO+oavsMB8GA1UdIwQY
MBaAFNR1+wk0z2pY3M7xEIddvl4+i2t1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYt
Yzc5MTRhYjY0MjczLzEvTjFxbUtnM1VJTWkyTndlbTg1TU5JNzZocS13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYtYzc5MTRhYjY0Mjcz
LzEvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQFbWtgAwQC
uWAYMA0GCSqGSIb3DQEBCwUAA4IBAQAMAtNj5Q0iNtt4kDzJMSLNBpUp26z/KLKr
sh4L7N/yQol7g5gVkEQDvt3fANfjimepTzMR2B4qBuaazcUbrwHb+6PuSVaPCk1H
9e0xvbhkRhHzNhxlZWbXodTcQiSGHWNAfKv2BuYTk+r75j6p90v4T35I9FApytHb
F/0iI5yr4yXCDLgRxjCaKZPBH1a8pfoPb99ZzT3v9UcNvX3btNg2XadhO26Ox0Mq
NQIrr2w0M/oU3e1JbuQbvp9c0paSsEAhUtDqgnD/znPXhUsiN0OGAGncmbHfROWK
IDIr8GtSt3RyIB1jigboDyUQQmb3tuY9VtpGvcPn0ETux9LMeg6J
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:36 2024 by rpki-client on console-fra.rpki-client.org