Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/22e1d1-9984-4158-8d18-cf818c7c451a/1/_tkn_8o1YR0rmClLarekbG-Qhls.roa
File: _tkn_8o1YR0rmClLarekbG-Qhls.roa (raw, json)
Hash identifier: VL0ozde1Ea9Id4A9zJ6X9u41rx1ttPvNtZg4THOyzpM=
Subject key identifier: FE:D9:27:FF:CA:35:61:1D:2B:98:29:4B:6A:B7:A4:6C:6F:90:86:5B
Certificate issuer: /CN=0d72fe2c805ed63afc9c89e9324ac94d30939aab
Certificate serial: 0193445AEDD871D355A6CFD3C03E3843621B
Authority key identifier: 0D:72:FE:2C:80:5E:D6:3A:FC:9C:89:E9:32:4A:C9:4D:30:93:9A:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DXL-LIBe1jr8nInpMkrJTTCTmqs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/22e1d1-9984-4158-8d18-cf818c7c451a/1/_tkn_8o1YR0rmClLarekbG-Qhls.roa
Signing time: Tue 19 Nov 2024 12:17:09 +0000
ROA not before: Tue 19 Nov 2024 12:17:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 19905
IP address blocks: 109.245.96.0/24 maxlen: 24
109.245.97.0/24 maxlen: 24
109.245.98.0/24 maxlen: 24
109.245.99.0/24 maxlen: 24
109.245.112.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 19 Nov 2024 14:32:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:44:5a:ed:d8:71:d3:55:a6:cf:d3:c0:3e:38:43:62:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d72fe2c805ed63afc9c89e9324ac94d30939aab
Validity
Not Before: Nov 19 12:17:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fed927ffca35611d2b98294b6ab7a46c6f90865b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:43:36:15:40:bc:64:e0:75:47:94:f8:c5:31:
72:fe:90:64:3e:ec:08:d9:72:40:11:a2:c6:44:7e:
85:7b:9e:da:1c:1d:c4:52:d5:0f:61:27:04:72:c7:
dc:e1:81:be:f7:1d:08:41:8d:d0:a7:7b:0d:3d:e7:
64:f6:b4:b3:cf:60:bf:91:58:d6:b7:eb:79:38:54:
e3:cd:fa:f2:7e:dc:c2:86:7b:94:38:18:36:13:27:
67:c4:b4:16:5e:6b:df:98:5b:3b:4e:d6:cf:8c:c6:
c7:2a:81:bd:18:03:99:bd:f8:e0:5b:c1:35:5f:68:
95:72:6e:0d:77:64:84:f0:a5:5f:5f:6a:11:91:2d:
a1:a5:0c:ad:c1:03:d1:e4:49:d4:24:9c:9a:85:30:
80:7d:5e:27:23:04:b7:dc:b2:1a:15:d5:99:02:01:
74:15:b0:8c:ea:03:af:50:ac:61:04:06:7d:f9:cb:
5c:19:d1:3d:86:2b:52:38:c6:7a:e9:01:d0:5c:a6:
a6:b6:db:cc:f1:06:c4:f7:2e:a0:71:ea:8f:df:87:
6f:25:4a:98:3e:e0:b4:11:d4:98:ae:38:2a:79:1c:
fc:bf:78:0b:29:d7:11:0b:59:50:52:84:99:fc:ba:
c4:2a:f7:6b:54:7e:f2:90:be:69:a0:a2:d4:73:f4:
cb:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:D9:27:FF:CA:35:61:1D:2B:98:29:4B:6A:B7:A4:6C:6F:90:86:5B
X509v3 Authority Key Identifier:
keyid:0D:72:FE:2C:80:5E:D6:3A:FC:9C:89:E9:32:4A:C9:4D:30:93:9A:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DXL-LIBe1jr8nInpMkrJTTCTmqs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/22e1d1-9984-4158-8d18-cf818c7c451a/1/_tkn_8o1YR0rmClLarekbG-Qhls.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/22e1d1-9984-4158-8d18-cf818c7c451a/1/DXL-LIBe1jr8nInpMkrJTTCTmqs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.245.96.0/22
109.245.112.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:f3:78:77:c6:d6:a2:95:9a:bc:c1:1c:ce:2c:53:29:ab:68:
af:b9:49:80:58:10:df:18:58:f0:e1:a1:ef:fe:52:07:62:ee:
e9:45:44:aa:97:1b:ec:91:74:81:81:73:f4:e2:fd:c8:eb:a2:
8b:8f:29:c3:1e:22:e6:37:64:68:8b:d7:6a:0d:da:69:d0:d6:
10:fd:e1:41:99:3a:3e:1d:b4:08:64:23:00:51:9e:8c:14:0a:
cd:97:95:51:f6:a2:ba:25:67:4f:d0:0f:8f:e7:45:69:ef:f0:
47:33:08:ab:2d:32:a7:f0:f9:de:77:7f:b1:ca:74:a5:39:28:
e4:b5:4f:36:9e:79:04:3f:e1:4e:b6:68:90:e1:5b:dc:08:bf:
fb:f0:2b:0d:9e:45:19:18:db:6f:61:30:92:0d:e6:de:42:01:
1a:6e:a6:fb:11:95:88:1f:3d:ef:37:a4:6d:f1:07:c5:a7:51:
de:87:4b:af:ee:64:3a:c8:5a:ec:f5:d2:c9:83:40:db:7d:79:
4b:41:76:07:b9:14:7e:3a:29:dc:54:c0:f8:62:29:0a:b2:0a:
62:76:d3:c3:5e:7a:9d:53:88:59:ab:06:11:2c:7f:8b:a7:3e:
4c:0f:f1:5f:dd:a8:0f:9e:e9:2c:f3:d1:88:78:31:d5:d0:a4:
29:04:2d:cf
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZNEWu3YcdNVps/TwD44Q2IbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNzJmZTJjODA1ZWQ2M2FmYzljODllOTMyNGFjOTRkMzA5
MzlhYWIwHhcNMjQxMTE5MTIxNzA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZWQ5MjdmZmNhMzU2MTFkMmI5ODI5NGI2YWI3YTQ2YzZmOTA4NjViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtUM2FUC8ZOB1R5T4xTFy/pBkPuwI
2XJAEaLGRH6Fe57aHB3EUtUPYScEcsfc4YG+9x0IQY3Qp3sNPedk9rSzz2C/kVjW
t+t5OFTjzfryftzChnuUOBg2EydnxLQWXmvfmFs7TtbPjMbHKoG9GAOZvfjgW8E1
X2iVcm4Nd2SE8KVfX2oRkS2hpQytwQPR5EnUJJyahTCAfV4nIwS33LIaFdWZAgF0
FbCM6gOvUKxhBAZ9+ctcGdE9hitSOMZ66QHQXKamttvM8QbE9y6gceqP34dvJUqY
PuC0EdSYrjgqeRz8v3gLKdcRC1lQUoSZ/LrEKvdrVH7ykL5poKLUc/TLowIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFP7ZJ//KNWEdK5gpS2q3pGxvkIZbMB8GA1UdIwQY
MBaAFA1y/iyAXtY6/JyJ6TJKyU0wk5qrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFhMLUxJQmUxanI4bklucE1rckpUVENUbXFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC8yMmUxZDEtOTk4NC00MTU4LThkMTgt
Y2Y4MThjN2M0NTFhLzEvX3Rrbl84bzFZUjBybUNsTGFyZWtiRy1RaGxzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC8yMmUxZDEtOTk4NC00MTU4LThkMTgtY2Y4MThjN2M0NTFh
LzEvRFhMLUxJQmUxanI4bklucE1rckpUVENUbXFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCbfVgAwQA
bfVwMA0GCSqGSIb3DQEBCwUAA4IBAQBs83h3xtailZq8wRzOLFMpq2ivuUmAWBDf
GFjw4aHv/lIHYu7pRUSqlxvskXSBgXP04v3I66KLjynDHiLmN2Roi9dqDdpp0NYQ
/eFBmTo+HbQIZCMAUZ6MFArNl5VR9qK6JWdP0A+P50Vp7/BHMwirLTKn8Pned3+x
ynSlOSjktU82nnkEP+FOtmiQ4VvcCL/78CsNnkUZGNtvYTCSDebeQgEabqb7EZWI
Hz3vN6Rt8QfFp1Heh0uv7mQ6yFrs9dLJg0DbfXlLQXYHuRR+OincVMD4YikKsgpi
dtPDXnqdU4hZqwYRLH+Lpz5MD/Ff3agPnuks89GIeDHV0KQpBC3P
-----END CERTIFICATE-----
Generated at Tue Nov 19 18:43:34 2024 by rpki-client on console-ams.rpki-client.org