Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/4X9OOZldc0fX97ZLZ6dWObvK0Kg.roa
File: 4X9OOZldc0fX97ZLZ6dWObvK0Kg.roa (raw, json)
Hash identifier: x/ozK5i7M+5xK74PPVGdQPhZbLhoNhN6wLvo9WrZV4U=
Subject key identifier: E1:7F:4E:39:99:5D:73:47:D7:F7:B6:4B:67:A7:56:39:BB:CA:D0:A8
Certificate issuer: /CN=722a8c1d311895016108ffbd14575c77cc28773a
Certificate serial: 018CC56EF6401FCCABE01078EEDD2B2EE007
Authority key identifier: 72:2A:8C:1D:31:18:95:01:61:08:FF:BD:14:57:5C:77:CC:28:77:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ciqMHTEYlQFhCP-9FFdcd8wodzo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/4X9OOZldc0fX97ZLZ6dWObvK0Kg.roa
Signing time: Mon 01 Jan 2024 14:30:32 +0000
ROA not before: Mon 01 Jan 2024 14:30:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204210
IP address blocks: 109.160.11.0/24 maxlen: 24
109.160.12.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 09:49:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:f6:40:1f:cc:ab:e0:10:78:ee:dd:2b:2e:e0:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=722a8c1d311895016108ffbd14575c77cc28773a
Validity
Not Before: Jan 1 14:30:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e17f4e39995d7347d7f7b64b67a75639bbcad0a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:de:b4:98:ae:55:0d:02:85:03:b2:ba:12:33:
21:43:8f:bf:15:3b:00:e0:6b:30:9a:6d:83:cd:06:
19:66:2a:6f:db:4b:c1:96:b5:69:a7:4d:45:0a:b3:
aa:ac:55:dd:17:47:68:6a:dc:c6:af:42:23:e3:36:
a7:aa:ed:a7:89:27:2e:3a:a4:d5:ba:b1:bd:d8:5f:
89:7b:44:ab:b5:26:f1:60:9f:f9:69:1b:20:51:f1:
f6:cd:3c:5e:15:1c:60:6f:ed:82:81:b7:3c:c2:81:
02:56:ee:d7:7d:22:d3:1b:fd:d5:99:b3:f4:43:6d:
54:25:2c:fe:2a:3d:28:f9:c8:b0:04:c2:c6:8e:10:
64:f5:a5:88:b6:46:e5:46:a5:1f:54:d2:c6:bb:58:
5c:99:2a:22:20:a0:05:f4:94:9c:4c:1d:81:56:12:
0a:25:98:76:40:b6:70:5e:54:04:7a:32:dc:47:d1:
a4:28:9a:a2:6a:4a:ee:be:a9:66:8a:09:f9:0a:c5:
ab:33:45:a3:d0:38:ee:63:49:f2:b3:11:35:b1:cf:
a4:50:c5:72:4e:e5:d5:3d:11:e4:88:8f:a4:b3:d0:
77:e4:78:27:42:65:82:2c:6c:c3:28:d6:65:6d:dc:
6d:74:bc:dd:b5:82:d4:45:4f:3a:db:c6:a0:e8:43:
08:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:7F:4E:39:99:5D:73:47:D7:F7:B6:4B:67:A7:56:39:BB:CA:D0:A8
X509v3 Authority Key Identifier:
keyid:72:2A:8C:1D:31:18:95:01:61:08:FF:BD:14:57:5C:77:CC:28:77:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ciqMHTEYlQFhCP-9FFdcd8wodzo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/4X9OOZldc0fX97ZLZ6dWObvK0Kg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/ciqMHTEYlQFhCP-9FFdcd8wodzo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.160.11.0-109.160.12.255
Signature Algorithm: sha256WithRSAEncryption
a1:f2:58:43:3f:d5:b7:3d:b5:6f:1e:a9:30:6c:e3:69:bc:9a:
0b:ad:60:9e:93:c6:e4:50:9a:93:2d:ab:72:fe:78:b5:6b:58:
2b:2c:81:c5:98:09:db:c3:45:21:9f:db:be:92:62:f2:39:8a:
12:df:e7:02:5e:4d:50:b6:57:40:f4:36:e0:4b:36:8e:4e:46:
5f:36:fb:96:f3:c3:a7:ac:e0:e5:98:f2:e0:71:38:b6:73:aa:
93:c7:2e:53:98:af:c0:ba:1b:63:f5:bf:84:d4:47:20:09:69:
5e:e2:ce:34:09:de:da:03:a9:45:f8:e3:21:ea:bd:58:44:19:
83:fd:ae:bf:de:0e:44:b5:6b:5e:99:25:41:74:b7:c8:69:d2:
b9:cd:df:b9:ad:02:b5:35:1f:ab:45:88:60:d3:a5:46:40:a2:
22:9d:13:fd:c6:30:34:f2:44:a5:86:4c:97:d8:a8:1a:a9:81:
02:c0:97:09:82:57:5a:b9:a3:af:ec:95:c6:23:a0:7f:68:75:
94:5f:ef:7b:89:f6:83:70:59:23:aa:bb:9e:90:9d:f3:e3:50:
7d:30:cf:b6:d9:42:91:b3:b2:5d:3a:36:7f:d0:36:47:41:cb:
ef:fa:e7:53:bd:5c:7e:c8:bd:15:4d:89:48:17:ae:c2:9f:b2:
c4:fe:e3:83
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzFbvZAH8yr4BB47t0rLuAHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMmE4YzFkMzExODk1MDE2MTA4ZmZiZDE0NTc1Yzc3Y2My
ODc3M2EwHhcNMjQwMTAxMTQzMDMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTdmNGUzOTk5NWQ3MzQ3ZDdmN2I2NGI2N2E3NTYzOWJiY2FkMGE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArt60mK5VDQKFA7K6EjMhQ4+/FTsA
4Gswmm2DzQYZZipv20vBlrVpp01FCrOqrFXdF0doatzGr0Ij4zanqu2niScuOqTV
urG92F+Je0SrtSbxYJ/5aRsgUfH2zTxeFRxgb+2Cgbc8woECVu7XfSLTG/3VmbP0
Q21UJSz+Kj0o+ciwBMLGjhBk9aWItkblRqUfVNLGu1hcmSoiIKAF9JScTB2BVhIK
JZh2QLZwXlQEejLcR9GkKJqiakruvqlmign5CsWrM0Wj0DjuY0nysxE1sc+kUMVy
TuXVPRHkiI+ks9B35HgnQmWCLGzDKNZlbdxtdLzdtYLURU8628ag6EMItQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFOF/TjmZXXNH1/e2S2enVjm7ytCoMB8GA1UdIwQY
MBaAFHIqjB0xGJUBYQj/vRRXXHfMKHc6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2lxTUhURVlsUUZoQ1AtOUZGZGNkOHdvZHpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC9iMWY2ZWUtYzRlZi00MzU1LWFmMzYt
YTU1OGVlNjU0MzFmLzEvNFg5T09abGRjMGZYOTdaTFo2ZFdPYnZLMEtnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC9iMWY2ZWUtYzRlZi00MzU1LWFmMzYtYTU1OGVlNjU0MzFm
LzEvY2lxTUhURVlsUUZoQ1AtOUZGZGNkOHdvZHpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBABtoAsD
BABtoAwwDQYJKoZIhvcNAQELBQADggEBAKHyWEM/1bc9tW8eqTBs42m8mgutYJ6T
xuRQmpMtq3L+eLVrWCssgcWYCdvDRSGf276SYvI5ihLf5wJeTVC2V0D0NuBLNo5O
Rl82+5bzw6es4OWY8uBxOLZzqpPHLlOYr8C6G2P1v4TURyAJaV7izjQJ3toDqUX4
4yHqvVhEGYP9rr/eDkS1a16ZJUF0t8hp0rnN37mtArU1H6tFiGDTpUZAoiKdE/3G
MDTyRKWGTJfYqBqpgQLAlwmCV1q5o6/slcYjoH9odZRf73uJ9oNwWSOqu56QnfPj
UH0wz7bZQpGzsl06Nn/QNkdBy+/651O9XH7IvRVNiUgXrsKfssT+44M=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:07:45 2025 by rpki-client