Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/7b6edc-ad23-4d73-ab56-0a1a35897f10/1/3ha8LGojKM3ODTZ_k4RHAy6fCwA.roa
File: 3ha8LGojKM3ODTZ_k4RHAy6fCwA.roa (raw, json)
Hash identifier: boVUJ4L/S577mFmiieoeKF5zkTT66f+QV4D9raIsGlE=
Subject key identifier: DE:16:BC:2C:6A:23:28:CD:CE:0D:36:7F:93:84:47:03:2E:9F:0B:00
Certificate issuer: /CN=929352a8d2dd70c91ffcec8e323fe69f1e9a4139
Certificate serial: 0185EE9A4D05BFCAB9CD7F4D4312BDF66D5B
Authority key identifier: 92:93:52:A8:D2:DD:70:C9:1F:FC:EC:8E:32:3F:E6:9F:1E:9A:41:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kpNSqNLdcMkf_OyOMj_mnx6aQTk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/7b6edc-ad23-4d73-ab56-0a1a35897f10/1/3ha8LGojKM3ODTZ_k4RHAy6fCwA.roa
Signing time: Thu 26 Jan 2023 15:02:47 +0000
ROA not before: Thu 26 Jan 2023 15:02:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8747
IP address blocks: 109.235.180.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 26 Jan 2023 19:20:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:ee:9a:4d:05:bf:ca:b9:cd:7f:4d:43:12:bd:f6:6d:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=929352a8d2dd70c91ffcec8e323fe69f1e9a4139
Validity
Not Before: Jan 26 15:02:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=de16bc2c6a2328cdce0d367f938447032e9f0b00
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:1f:b9:b8:c6:2e:6f:cd:b1:60:b2:56:cf:09:
ff:af:51:ca:b4:db:cf:54:d9:47:c2:27:a9:d7:bd:
48:79:35:3a:d2:fd:ea:b5:e0:e6:19:10:61:be:d8:
24:44:96:6d:a7:08:ff:a2:c6:b5:8b:e2:02:d9:3a:
bb:a7:ac:76:49:14:91:66:d4:79:82:48:13:78:ab:
78:b2:e9:44:ce:6d:99:3d:9c:ef:9e:01:e2:80:16:
bd:90:47:0d:49:7d:97:7b:42:48:41:48:65:46:d2:
a4:9c:37:91:7a:d7:46:3d:08:3e:a7:89:0b:c6:f9:
c9:c2:cb:47:67:45:b0:1a:a5:28:e2:3b:98:8a:11:
ae:9c:c7:72:c7:eb:a3:1f:8c:d1:05:2f:d7:fb:94:
cf:36:8a:a0:db:be:eb:50:74:94:52:23:ad:64:d8:
64:02:d4:5f:fd:48:a4:09:76:ac:19:31:d8:d8:41:
c0:7f:99:fd:45:6c:85:4c:e1:17:d8:b6:11:7a:cf:
b1:0e:d5:3a:8c:ed:1d:f5:f8:3b:25:f3:56:ac:e3:
37:73:7c:2c:c9:e0:33:9c:ee:ff:36:1f:43:48:32:
f7:de:37:16:8f:49:94:33:51:ad:33:0a:e9:ca:36:
fb:26:00:25:2a:65:9c:22:ad:76:4d:bb:be:de:4a:
18:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:16:BC:2C:6A:23:28:CD:CE:0D:36:7F:93:84:47:03:2E:9F:0B:00
X509v3 Authority Key Identifier:
keyid:92:93:52:A8:D2:DD:70:C9:1F:FC:EC:8E:32:3F:E6:9F:1E:9A:41:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kpNSqNLdcMkf_OyOMj_mnx6aQTk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/7b6edc-ad23-4d73-ab56-0a1a35897f10/1/3ha8LGojKM3ODTZ_k4RHAy6fCwA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/7b6edc-ad23-4d73-ab56-0a1a35897f10/1/kpNSqNLdcMkf_OyOMj_mnx6aQTk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.235.180.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:0a:ba:71:f2:65:2f:bc:a2:23:7c:6b:27:17:c9:4b:2c:56:
fc:79:48:ac:35:25:9c:d7:43:c9:3d:2a:2c:e6:d4:54:1c:71:
7c:c4:26:b4:6b:2f:e3:d2:e0:af:3b:19:0b:a8:a2:7c:a2:d1:
8c:0e:4b:21:bf:92:9a:68:fc:1b:98:8b:3d:fa:4d:0c:73:8b:
da:d5:46:a1:15:e4:02:32:cd:3b:f5:c4:38:7c:a4:4d:e9:34:
d5:a4:61:42:c6:65:54:87:5c:c8:e2:f0:7b:29:51:ee:5e:00:
71:fc:34:73:34:97:8f:a4:1e:6a:a8:9b:bf:dc:1e:ae:0c:62:
2d:55:64:0f:71:5f:74:13:09:0a:4b:fd:1d:ec:57:80:ea:25:
3f:40:4a:a2:3f:68:39:5e:52:27:37:cf:9d:b7:a1:2c:e7:b2:
bf:f0:1b:72:f4:8e:dc:73:48:ea:17:5f:6a:bc:fa:d0:cf:4a:
83:0d:2b:9e:9d:5a:90:33:23:21:51:fc:4e:8b:91:2a:11:a3:
24:df:bb:5d:24:aa:cd:1d:8e:68:af:74:d3:e7:85:fb:01:da:
f2:f4:46:35:71:39:a2:57:73:bf:60:50:41:a9:be:32:57:16:
76:1a:a0:a0:e1:11:c7:55:5f:49:f9:26:03:b1:87:2e:92:6a:
c7:71:85:40
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYXumk0Fv8q5zX9NQxK99m1bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyOTM1MmE4ZDJkZDcwYzkxZmZjZWM4ZTMyM2ZlNjlmMWU5
YTQxMzkwHhcNMjMwMTI2MTUwMjQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTE2YmMyYzZhMjMyOGNkY2UwZDM2N2Y5Mzg0NDcwMzJlOWYwYjAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgh+5uMYub82xYLJWzwn/r1HKtNvP
VNlHwiep171IeTU60v3qteDmGRBhvtgkRJZtpwj/osa1i+IC2Tq7p6x2SRSRZtR5
gkgTeKt4sulEzm2ZPZzvngHigBa9kEcNSX2Xe0JIQUhlRtKknDeRetdGPQg+p4kL
xvnJwstHZ0WwGqUo4juYihGunMdyx+ujH4zRBS/X+5TPNoqg277rUHSUUiOtZNhk
AtRf/UikCXasGTHY2EHAf5n9RWyFTOEX2LYRes+xDtU6jO0d9fg7JfNWrOM3c3ws
yeAznO7/Nh9DSDL33jcWj0mUM1GtMwrpyjb7JgAlKmWcIq12Tbu+3koYDQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN4WvCxqIyjNzg02f5OERwMunwsAMB8GA1UdIwQY
MBaAFJKTUqjS3XDJH/zsjjI/5p8emkE5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3BOU3FOTGRjTWtmX095T01qX21ueDZhUVRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi83YjZlZGMtYWQyMy00ZDczLWFiNTYt
MGExYTM1ODk3ZjEwLzEvM2hhOExHb2pLTTNPRFRaX2s0UkhBeTZmQ3dBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi83YjZlZGMtYWQyMy00ZDczLWFiNTYtMGExYTM1ODk3ZjEw
LzEva3BOU3FOTGRjTWtmX095T01qX21ueDZhUVRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbeu0MA0G
CSqGSIb3DQEBCwUAA4IBAQBqCrpx8mUvvKIjfGsnF8lLLFb8eUisNSWc10PJPSos
5tRUHHF8xCa0ay/j0uCvOxkLqKJ8otGMDkshv5KaaPwbmIs9+k0Mc4va1UahFeQC
Ms079cQ4fKRN6TTVpGFCxmVUh1zI4vB7KVHuXgBx/DRzNJePpB5qqJu/3B6uDGIt
VWQPcV90EwkKS/0d7FeA6iU/QEqiP2g5XlInN8+dt6Es57K/8Bty9I7cc0jqF19q
vPrQz0qDDSuenVqQMyMhUfxOi5EqEaMk37tdJKrNHY5or3TT54X7Adry9EY1cTmi
V3O/YFBBqb4yVxZ2GqCg4RHHVV9J+SYDsYcukmrHcYVA
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:29 2024 by rpki-client on console-fra.rpki-client.org