Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/2dad35-dd0a-4d63-8c1e-b9a36eb9ee21/1/o7A09qVcd_NExLG1jakD4YRn7qk.roa
File: o7A09qVcd_NExLG1jakD4YRn7qk.roa (raw, json)
Hash identifier: 9YzIMcJAkeNgBj8mLImLm/ctV8GfzEfiRbRK1X/bKoI=
Subject key identifier: A3:B0:34:F6:A5:5C:77:F3:44:C4:B1:B5:8D:A9:03:E1:84:67:EE:A9
Certificate issuer: /CN=e1d75690d39c830180b3f55c49d140a2a04d3917
Certificate serial: 01894E09C8431C2C75E5D3390AB256124893
Authority key identifier: E1:D7:56:90:D3:9C:83:01:80:B3:F5:5C:49:D1:40:A2:A0:4D:39:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4ddWkNOcgwGAs_VcSdFAoqBNORc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/2dad35-dd0a-4d63-8c1e-b9a36eb9ee21/1/o7A09qVcd_NExLG1jakD4YRn7qk.roa
Signing time: Thu 13 Jul 2023 06:56:51 +0000
ROA not before: Thu 13 Jul 2023 06:56:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50377
IP address blocks: 185.184.64.0/22 maxlen: 22
109.234.244.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:4e:09:c8:43:1c:2c:75:e5:d3:39:0a:b2:56:12:48:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e1d75690d39c830180b3f55c49d140a2a04d3917
Validity
Not Before: Jul 13 06:56:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a3b034f6a55c77f344c4b1b58da903e18467eea9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:03:59:9d:ab:6d:89:d0:c1:b6:2b:a5:77:6b:
3d:9f:25:e3:0f:d1:96:7a:f4:67:15:41:da:75:6f:
cb:90:76:1a:f5:d5:3f:a6:4f:74:e1:39:be:83:fc:
11:54:91:47:09:4d:19:55:d8:16:85:39:ee:5e:da:
60:55:0e:7d:39:58:da:0b:da:12:a5:4d:6f:45:89:
fa:ec:de:9f:2a:7f:7d:b1:d4:ac:5f:e0:73:c8:01:
82:35:92:7b:a0:ec:73:d0:0c:87:67:23:1a:84:71:
31:30:9f:c3:5d:07:48:e8:33:a9:10:04:1b:58:80:
c9:06:be:cd:83:78:f2:53:5d:fd:6e:c1:91:59:81:
6d:56:00:7a:dd:25:cb:32:19:d1:02:09:40:b5:e9:
2d:b5:84:47:b9:86:ab:a4:b1:53:f4:f3:d7:e2:e5:
43:95:f9:0c:d8:38:8d:5b:12:9c:23:19:39:2b:bf:
f7:e5:05:02:4e:8c:3f:68:47:87:fc:e7:e7:75:0d:
32:41:fb:0a:04:10:54:85:f7:2f:1f:66:a5:72:14:
7e:85:35:1f:70:4b:c8:81:45:b8:f2:a7:a5:d3:05:
3a:04:06:67:59:e9:67:d6:20:43:31:5f:85:4f:91:
af:bd:3a:b6:99:49:37:ff:a7:22:22:03:85:d7:be:
9a:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:B0:34:F6:A5:5C:77:F3:44:C4:B1:B5:8D:A9:03:E1:84:67:EE:A9
X509v3 Authority Key Identifier:
keyid:E1:D7:56:90:D3:9C:83:01:80:B3:F5:5C:49:D1:40:A2:A0:4D:39:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4ddWkNOcgwGAs_VcSdFAoqBNORc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/2dad35-dd0a-4d63-8c1e-b9a36eb9ee21/1/o7A09qVcd_NExLG1jakD4YRn7qk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/2dad35-dd0a-4d63-8c1e-b9a36eb9ee21/1/4ddWkNOcgwGAs_VcSdFAoqBNORc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.234.244.0/24
185.184.64.0/22
Signature Algorithm: sha256WithRSAEncryption
4b:b7:0f:bf:b0:74:c8:b2:76:bd:21:08:9d:a6:f8:4b:00:51:
cb:1c:77:56:23:82:23:06:14:e2:79:73:5f:a2:4a:e4:0c:26:
c9:22:da:fc:75:e1:3e:0e:4e:d7:6e:9d:a0:b8:6c:18:39:3b:
29:77:db:52:5c:3b:6e:cb:00:30:c9:de:01:9a:a1:d2:b9:c8:
60:eb:e3:cb:16:64:04:88:16:13:66:d6:09:d1:5b:25:59:fd:
64:34:c4:8a:ca:7c:50:c8:84:09:08:9b:88:06:b4:39:70:a6:
43:e6:80:6a:5c:c2:68:3b:0e:e0:47:be:78:70:d4:9c:2d:37:
a6:1b:55:2b:ea:47:4b:13:72:46:c2:19:fa:a0:9f:9f:2c:80:
8c:fb:d5:cd:6d:eb:c9:11:df:1f:46:fd:43:95:74:6a:e0:86:
24:7c:f3:65:71:51:93:1b:52:4c:25:3a:73:ca:da:e7:89:8f:
97:8f:14:65:3e:f8:55:fe:bc:b8:bd:93:c7:32:96:9d:5c:9f:
41:cd:51:31:82:c2:c1:7c:39:35:84:00:09:5c:36:05:fa:8f:
66:82:ca:44:53:3d:15:4a:03:58:97:87:72:2c:fb:64:7b:56:
82:7c:7b:89:d7:5a:04:74:29:f3:d2:9d:3b:b7:84:72:b3:ba:
d3:51:ac:4a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYlOCchDHCx15dM5CrJWEkiTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxZDc1NjkwZDM5YzgzMDE4MGIzZjU1YzQ5ZDE0MGEyYTA0
ZDM5MTcwHhcNMjMwNzEzMDY1NjUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhM2IwMzRmNmE1NWM3N2YzNDRjNGIxYjU4ZGE5MDNlMTg0NjdlZWE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAywNZnattidDBtiuld2s9nyXjD9GW
evRnFUHadW/LkHYa9dU/pk904Tm+g/wRVJFHCU0ZVdgWhTnuXtpgVQ59OVjaC9oS
pU1vRYn67N6fKn99sdSsX+BzyAGCNZJ7oOxz0AyHZyMahHExMJ/DXQdI6DOpEAQb
WIDJBr7Ng3jyU139bsGRWYFtVgB63SXLMhnRAglAtekttYRHuYarpLFT9PPX4uVD
lfkM2DiNWxKcIxk5K7/35QUCTow/aEeH/OfndQ0yQfsKBBBUhfcvH2alchR+hTUf
cEvIgUW48qel0wU6BAZnWeln1iBDMV+FT5GvvTq2mUk3/6ciIgOF176a3QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKOwNPalXHfzRMSxtY2pA+GEZ+6pMB8GA1UdIwQY
MBaAFOHXVpDTnIMBgLP1XEnRQKKgTTkXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNGRkV2tOT2Nnd0dBc19WY1NkRkFvcUJOT1JjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC8yZGFkMzUtZGQwYS00ZDYzLThjMWUt
YjlhMzZlYjllZTIxLzEvbzdBMDlxVmNkX05FeExHMWpha0Q0WVJuN3FrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC8yZGFkMzUtZGQwYS00ZDYzLThjMWUtYjlhMzZlYjllZTIx
LzEvNGRkV2tOT2Nnd0dBc19WY1NkRkFvcUJOT1JjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAber0AwQC
ubhAMA0GCSqGSIb3DQEBCwUAA4IBAQBLtw+/sHTIsna9IQidpvhLAFHLHHdWI4Ij
BhTieXNfokrkDCbJItr8deE+Dk7Xbp2guGwYOTspd9tSXDtuywAwyd4BmqHSuchg
6+PLFmQEiBYTZtYJ0VslWf1kNMSKynxQyIQJCJuIBrQ5cKZD5oBqXMJoOw7gR754
cNScLTemG1Ur6kdLE3JGwhn6oJ+fLICM+9XNbevJEd8fRv1DlXRq4IYkfPNlcVGT
G1JMJTpzytrniY+XjxRlPvhV/ry4vZPHMpadXJ9BzVExgsLBfDk1hAAJXDYF+o9m
gspEUz0VSgNYl4dyLPtke1aCfHuJ11oEdCnz0p07t4Rys7rTUaxK
-----END CERTIFICATE-----
Generated at Mon Jan 1 03:23:45 2024 by rpki-client on console-fra.rpki-client.org