Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/22e1d1-9984-4158-8d18-cf818c7c451a/1/xDTEmzLXpzPhhaqg5imgmoatSmU.roa
File: xDTEmzLXpzPhhaqg5imgmoatSmU.roa (raw, json)
Hash identifier: Bq0zy/lpJycSfms/lLsO8ZbvPo34njQ9cv2/fkPaY8A=
Subject key identifier: C4:34:C4:9B:32:D7:A7:33:E1:85:AA:A0:E6:29:A0:9A:86:AD:4A:65
Certificate issuer: /CN=0d72fe2c805ed63afc9c89e9324ac94d30939aab
Certificate serial: 0193632689ADACFFCBB038EA8F647EA3DAB8
Authority key identifier: 0D:72:FE:2C:80:5E:D6:3A:FC:9C:89:E9:32:4A:C9:4D:30:93:9A:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DXL-LIBe1jr8nInpMkrJTTCTmqs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/22e1d1-9984-4158-8d18-cf818c7c451a/1/xDTEmzLXpzPhhaqg5imgmoatSmU.roa
Signing time: Mon 25 Nov 2024 11:48:10 +0000
ROA not before: Mon 25 Nov 2024 11:48:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 19905
IP address blocks: 109.245.96.0/24 maxlen: 24
109.245.97.0/24 maxlen: 24
109.245.98.0/24 maxlen: 24
109.245.99.0/24 maxlen: 24
109.245.100.0/24 maxlen: 24
109.245.101.0/24 maxlen: 24
109.245.102.0/24 maxlen: 24
109.245.103.0/24 maxlen: 24
109.245.112.0/24 maxlen: 24
109.245.113.0/24 maxlen: 24
109.245.114.0/24 maxlen: 24
109.245.115.0/24 maxlen: 24
109.245.116.0/24 maxlen: 24
109.245.117.0/24 maxlen: 24
109.245.118.0/24 maxlen: 24
109.245.119.0/24 maxlen: 24
109.245.192.0/24 maxlen: 24
109.245.193.0/24 maxlen: 24
109.245.194.0/24 maxlen: 24
109.245.195.0/24 maxlen: 24
109.245.196.0/24 maxlen: 24
109.245.197.0/24 maxlen: 24
109.245.198.0/24 maxlen: 24
109.245.199.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 25 Nov 2024 12:51:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:63:26:89:ad:ac:ff:cb:b0:38:ea:8f:64:7e:a3:da:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d72fe2c805ed63afc9c89e9324ac94d30939aab
Validity
Not Before: Nov 25 11:48:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c434c49b32d7a733e185aaa0e629a09a86ad4a65
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:ff:d1:33:c7:a6:74:cd:58:b8:31:c9:28:65:
27:be:d5:8b:73:b1:7e:6f:a7:9e:be:67:d4:12:e1:
cb:80:1a:02:b2:a8:1d:63:b8:5d:33:46:e0:e2:34:
0a:fe:64:0f:07:d0:0e:4f:ac:27:a8:12:c8:ea:76:
fa:bc:01:e4:d6:53:21:c1:d9:f9:2b:50:a0:59:e0:
f8:cd:05:4e:a3:9d:02:6e:31:11:8e:11:50:17:ff:
3c:49:07:b7:de:33:22:69:28:35:8e:ae:4b:4b:b9:
0d:c1:90:ae:bf:71:6e:14:6f:61:b9:55:e0:b3:f7:
41:4e:4c:46:38:e3:ef:2f:dd:9f:a4:f8:7d:58:d3:
28:fe:e2:3e:09:52:11:aa:e9:f9:d6:e1:77:04:2b:
a1:c5:fa:1c:56:64:b0:a8:3b:c7:f5:14:ca:f6:39:
dc:bc:a4:f7:47:35:1c:f4:b8:5a:ae:03:9c:b3:64:
98:51:80:07:c4:6b:c7:1f:30:a3:63:16:19:90:12:
51:fb:d5:ad:26:62:41:b1:f3:c4:a6:2a:6a:cd:70:
df:34:f1:64:57:f1:db:a8:e9:a1:56:c1:3f:29:d0:
be:58:bd:1e:65:f9:7b:66:4f:0c:c3:08:26:f6:5c:
55:ca:d8:7f:71:b2:1b:02:7b:4f:fd:b9:01:36:cf:
fd:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:34:C4:9B:32:D7:A7:33:E1:85:AA:A0:E6:29:A0:9A:86:AD:4A:65
X509v3 Authority Key Identifier:
keyid:0D:72:FE:2C:80:5E:D6:3A:FC:9C:89:E9:32:4A:C9:4D:30:93:9A:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DXL-LIBe1jr8nInpMkrJTTCTmqs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/22e1d1-9984-4158-8d18-cf818c7c451a/1/xDTEmzLXpzPhhaqg5imgmoatSmU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/22e1d1-9984-4158-8d18-cf818c7c451a/1/DXL-LIBe1jr8nInpMkrJTTCTmqs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.245.96.0/21
109.245.112.0/21
109.245.192.0/21
Signature Algorithm: sha256WithRSAEncryption
86:a3:d9:21:aa:de:ac:9c:5f:ed:c4:27:e1:5b:a9:73:99:fc:
61:c1:29:f8:1d:63:df:34:22:7e:bc:b2:d1:30:93:b3:48:39:
22:e0:4c:4a:93:65:0e:32:a1:c6:e3:10:e7:5e:90:08:52:85:
a3:4c:4a:b5:9a:58:97:23:f9:a0:ab:8e:fc:34:a1:d7:2d:15:
f2:b7:c7:3a:36:64:e1:49:be:58:2f:ea:06:d0:d4:ad:36:0d:
33:47:3c:b2:a6:00:1f:3e:d0:ce:5b:92:0e:f5:5d:39:b1:f9:
be:25:a5:9f:e8:37:9e:74:b0:c0:c4:34:7e:bd:70:23:4a:fc:
f2:42:32:47:31:b3:9f:28:bf:1e:a9:92:2b:2f:b0:1a:9c:16:
92:23:b3:75:c2:16:ec:5b:98:c4:03:72:cc:ed:a3:b0:e5:51:
e5:37:e1:da:a7:2e:08:3c:90:f8:55:42:07:b3:86:7e:c1:aa:
2c:e0:ed:2d:1b:f8:48:8f:1f:33:cb:34:ab:46:50:2b:62:7b:
47:58:42:bd:53:18:af:7f:55:7f:3a:6f:4f:46:d1:19:5b:27:
fb:63:f2:0b:44:59:c0:ae:da:58:59:92:91:69:e9:15:89:cc:
a5:0b:e6:af:1e:0d:b8:c8:ba:31:89:6a:4b:ab:65:41:10:57:
44:f7:1b:17
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZNjJomtrP/LsDjqj2R+o9q4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNzJmZTJjODA1ZWQ2M2FmYzljODllOTMyNGFjOTRkMzA5
MzlhYWIwHhcNMjQxMTI1MTE0ODEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDM0YzQ5YjMyZDdhNzMzZTE4NWFhYTBlNjI5YTA5YTg2YWQ0YTY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3f/RM8emdM1YuDHJKGUnvtWLc7F+
b6eevmfUEuHLgBoCsqgdY7hdM0bg4jQK/mQPB9AOT6wnqBLI6nb6vAHk1lMhwdn5
K1CgWeD4zQVOo50CbjERjhFQF/88SQe33jMiaSg1jq5LS7kNwZCuv3FuFG9huVXg
s/dBTkxGOOPvL92fpPh9WNMo/uI+CVIRqun51uF3BCuhxfocVmSwqDvH9RTK9jnc
vKT3RzUc9LhargOcs2SYUYAHxGvHHzCjYxYZkBJR+9WtJmJBsfPEpipqzXDfNPFk
V/HbqOmhVsE/KdC+WL0eZfl7Zk8Mwwgm9lxVyth/cbIbAntP/bkBNs/9SQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMQ0xJsy16cz4YWqoOYpoJqGrUplMB8GA1UdIwQY
MBaAFA1y/iyAXtY6/JyJ6TJKyU0wk5qrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFhMLUxJQmUxanI4bklucE1rckpUVENUbXFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC8yMmUxZDEtOTk4NC00MTU4LThkMTgt
Y2Y4MThjN2M0NTFhLzEveERURW16TFhwelBoaGFxZzVpbWdtb2F0U21VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC8yMmUxZDEtOTk4NC00MTU4LThkMTgtY2Y4MThjN2M0NTFh
LzEvRFhMLUxJQmUxanI4bklucE1rckpUVENUbXFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDbfVgAwQD
bfVwAwQDbfXAMA0GCSqGSIb3DQEBCwUAA4IBAQCGo9khqt6snF/txCfhW6lzmfxh
wSn4HWPfNCJ+vLLRMJOzSDki4ExKk2UOMqHG4xDnXpAIUoWjTEq1mliXI/mgq478
NKHXLRXyt8c6NmThSb5YL+oG0NStNg0zRzyypgAfPtDOW5IO9V05sfm+JaWf6Dee
dLDAxDR+vXAjSvzyQjJHMbOfKL8eqZIrL7AanBaSI7N1whbsW5jEA3LM7aOw5VHl
N+Hapy4IPJD4VUIHs4Z+waos4O0tG/hIjx8zyzSrRlArYntHWEK9Uxivf1V/Om9P
RtEZWyf7Y/ILRFnArtpYWZKRaekVicylC+avHg24yLoxiWpLq2VBEFdE9xsX
-----END CERTIFICATE-----
Generated at Tue Apr 15 01:28:15 2025 by rpki-client