Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/22e1d1-9984-4158-8d18-cf818c7c451a/1/qBIMNKNtaUZWANwbgCterIbVFvc.roa
File: qBIMNKNtaUZWANwbgCterIbVFvc.roa (raw, json)
Hash identifier: UXzyujP8g4qCUPo8uqSjTPikXmC74za68eHnn4MMVsQ=
Subject key identifier: A8:12:0C:34:A3:6D:69:46:56:00:DC:1B:80:2B:5E:AC:86:D5:16:F7
Certificate issuer: /CN=0d72fe2c805ed63afc9c89e9324ac94d30939aab
Certificate serial: 01933FBA3CED058904C464FC65CA6C25B2FA
Authority key identifier: 0D:72:FE:2C:80:5E:D6:3A:FC:9C:89:E9:32:4A:C9:4D:30:93:9A:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DXL-LIBe1jr8nInpMkrJTTCTmqs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/22e1d1-9984-4158-8d18-cf818c7c451a/1/qBIMNKNtaUZWANwbgCterIbVFvc.roa
Signing time: Mon 18 Nov 2024 14:43:09 +0000
ROA not before: Mon 18 Nov 2024 14:43:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 19905
IP address blocks: 109.245.96.0/24 maxlen: 24
109.245.97.0/24 maxlen: 24
109.245.98.0/24 maxlen: 24
109.245.112.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 19 Nov 2024 12:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:3f:ba:3c:ed:05:89:04:c4:64:fc:65:ca:6c:25:b2:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d72fe2c805ed63afc9c89e9324ac94d30939aab
Validity
Not Before: Nov 18 14:43:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a8120c34a36d69465600dc1b802b5eac86d516f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:ec:a0:77:80:ad:c2:52:6c:79:30:d6:8b:cd:
6f:5a:37:a5:9a:61:97:01:74:07:31:ed:cf:f9:78:
bc:af:7d:cd:a0:8e:d0:2a:b3:c2:4b:e6:ef:0e:a4:
7e:61:88:83:1b:ae:dc:45:9c:cf:90:d2:27:f0:61:
4c:5c:3d:61:4f:0b:f5:fa:a0:03:61:2b:7a:1f:80:
10:77:d6:70:32:95:b7:89:91:88:85:8f:6a:88:3c:
40:0f:7a:c9:32:f9:0c:42:ef:e6:61:3a:7d:36:e5:
02:32:3b:ab:58:71:66:e3:f6:34:99:f6:54:83:52:
64:6d:27:b7:6d:22:3b:20:ab:d0:19:aa:8f:97:45:
f2:17:94:9d:10:f4:21:fe:39:1c:88:c2:7a:a1:da:
38:99:f1:ac:2c:96:d6:8d:af:49:16:27:da:f8:31:
50:fe:60:a5:fe:28:77:5f:9b:c9:fe:4a:d6:16:90:
8e:22:11:60:df:7b:20:cf:c9:33:c1:a0:87:e8:f9:
af:2c:33:b2:ca:05:e4:e1:f3:35:fe:dd:da:b7:2a:
c5:e0:36:ef:a2:18:61:f6:6d:37:7d:04:f0:22:17:
03:46:86:a2:9c:a4:9b:7e:59:e7:5b:02:b4:5e:b7:
61:27:d2:73:ad:01:9e:6b:56:cc:42:ea:d9:f6:7a:
83:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:12:0C:34:A3:6D:69:46:56:00:DC:1B:80:2B:5E:AC:86:D5:16:F7
X509v3 Authority Key Identifier:
keyid:0D:72:FE:2C:80:5E:D6:3A:FC:9C:89:E9:32:4A:C9:4D:30:93:9A:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DXL-LIBe1jr8nInpMkrJTTCTmqs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/22e1d1-9984-4158-8d18-cf818c7c451a/1/qBIMNKNtaUZWANwbgCterIbVFvc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/22e1d1-9984-4158-8d18-cf818c7c451a/1/DXL-LIBe1jr8nInpMkrJTTCTmqs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.245.96.0-109.245.98.255
109.245.112.0/24
Signature Algorithm: sha256WithRSAEncryption
37:60:43:37:ff:92:a9:56:69:3a:25:7c:d7:3c:44:06:93:73:
27:44:06:26:4c:f9:cd:ad:b1:aa:c5:f8:a3:47:20:9f:3e:5f:
fa:3b:01:16:1b:96:d7:71:58:86:fe:32:93:e6:ec:65:2e:50:
49:57:51:09:01:e4:bc:c0:93:d9:66:d5:0a:f3:26:97:04:60:
3a:07:53:ee:34:b4:26:80:b5:cf:ff:0c:67:f1:f3:15:c7:88:
97:89:91:ff:ad:41:7a:28:60:4c:0a:e5:5b:91:18:aa:56:dc:
65:e4:41:b2:1b:0e:12:41:57:41:53:4f:5d:3a:fa:3f:42:0e:
d6:d1:0a:6c:44:36:37:1d:df:b1:bf:d1:86:dd:2a:a5:3c:fa:
27:fb:72:93:0c:bf:02:ea:cf:de:d9:dc:68:c0:83:0e:a6:cd:
bd:b4:81:df:b1:c6:e1:7d:b7:cf:b5:2f:5f:7c:5c:d8:5d:d5:
d6:9d:41:3e:3e:20:e2:8e:2b:5e:a3:39:ed:10:aa:d4:fd:ad:
18:75:81:a5:73:46:1d:3a:36:05:48:26:89:e3:ff:be:45:9d:
47:70:f3:68:a3:9c:ca:f8:19:28:30:09:35:fa:de:fd:68:15:
67:90:96:1f:42:6c:5a:e8:82:fd:cc:24:f5:a1:88:87:4e:d0:
1b:d5:f4:e0
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZM/ujztBYkExGT8ZcpsJbL6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNzJmZTJjODA1ZWQ2M2FmYzljODllOTMyNGFjOTRkMzA5
MzlhYWIwHhcNMjQxMTE4MTQ0MzA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODEyMGMzNGEzNmQ2OTQ2NTYwMGRjMWI4MDJiNWVhYzg2ZDUxNmY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmuygd4CtwlJseTDWi81vWjelmmGX
AXQHMe3P+Xi8r33NoI7QKrPCS+bvDqR+YYiDG67cRZzPkNIn8GFMXD1hTwv1+qAD
YSt6H4AQd9ZwMpW3iZGIhY9qiDxAD3rJMvkMQu/mYTp9NuUCMjurWHFm4/Y0mfZU
g1JkbSe3bSI7IKvQGaqPl0XyF5SdEPQh/jkciMJ6odo4mfGsLJbWja9JFifa+DFQ
/mCl/ih3X5vJ/krWFpCOIhFg33sgz8kzwaCH6PmvLDOyygXk4fM1/t3atyrF4Dbv
ohhh9m03fQTwIhcDRoainKSbflnnWwK0XrdhJ9JzrQGea1bMQurZ9nqDMwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFKgSDDSjbWlGVgDcG4ArXqyG1Rb3MB8GA1UdIwQY
MBaAFA1y/iyAXtY6/JyJ6TJKyU0wk5qrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFhMLUxJQmUxanI4bklucE1rckpUVENUbXFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC8yMmUxZDEtOTk4NC00MTU4LThkMTgt
Y2Y4MThjN2M0NTFhLzEvcUJJTU5LTnRhVVpXQU53YmdDdGVySWJWRnZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC8yMmUxZDEtOTk4NC00MTU4LThkMTgtY2Y4MThjN2M0NTFh
LzEvRFhMLUxJQmUxanI4bklucE1rckpUVENUbXFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAVt9WAD
BABt9WIDBABt9XAwDQYJKoZIhvcNAQELBQADggEBADdgQzf/kqlWaTolfNc8RAaT
cydEBiZM+c2tsarF+KNHIJ8+X/o7ARYbltdxWIb+MpPm7GUuUElXUQkB5LzAk9lm
1QrzJpcEYDoHU+40tCaAtc//DGfx8xXHiJeJkf+tQXooYEwK5VuRGKpW3GXkQbIb
DhJBV0FTT106+j9CDtbRCmxENjcd37G/0YbdKqU8+if7cpMMvwLqz97Z3GjAgw6m
zb20gd+xxuF9t8+1L198XNhd1dadQT4+IOKOK16jOe0QqtT9rRh1gaVzRh06NgVI
Jonj/75FnUdw82ijnMr4GSgwCTX63v1oFWeQlh9CbFrogv3MJPWhiIdO0BvV9OA=
-----END CERTIFICATE-----
Generated at Tue Apr 15 01:21:09 2025 by rpki-client