Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/9CaW8Cm5pubEGGOfwek_c6sT2AU.roa
File: 9CaW8Cm5pubEGGOfwek_c6sT2AU.roa (raw, json)
Hash identifier: qG/NF4ailzUajkvTAz77jK9BjcUKSMqsM0/K9uMsDqc=
Subject key identifier: F4:26:96:F0:29:B9:A6:E6:C4:18:63:9F:C1:E9:3F:73:AB:13:D8:05
Certificate issuer: /CN=722a8c1d311895016108ffbd14575c77cc28773a
Certificate serial: 019256BE0DFF886060016BB6FBD8E0CADB60
Authority key identifier: 72:2A:8C:1D:31:18:95:01:61:08:FF:BD:14:57:5C:77:CC:28:77:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ciqMHTEYlQFhCP-9FFdcd8wodzo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/9CaW8Cm5pubEGGOfwek_c6sT2AU.roa
Signing time: Fri 04 Oct 2024 08:55:48 +0000
ROA not before: Fri 04 Oct 2024 08:55:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207388
IP address blocks: 109.160.38.0/24 maxlen: 24
109.160.39.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 09:49:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:56:be:0d:ff:88:60:60:01:6b:b6:fb:d8:e0:ca:db:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=722a8c1d311895016108ffbd14575c77cc28773a
Validity
Not Before: Oct 4 08:55:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f42696f029b9a6e6c418639fc1e93f73ab13d805
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:27:f3:55:4a:26:04:37:d4:24:27:65:3a:92:
c3:d2:30:c1:82:83:29:ed:89:34:fb:44:22:be:78:
53:ea:ad:8e:94:72:58:bf:fa:ff:af:0f:39:4e:a0:
ce:19:69:91:73:5e:41:06:9d:3d:a2:2d:41:3a:20:
be:60:96:84:bc:34:57:84:b6:5a:12:ba:7d:10:1b:
94:a7:33:6a:10:d5:89:10:18:33:8f:3b:97:87:7b:
04:d2:85:ab:e9:40:3f:1b:52:3e:67:f0:6b:08:cd:
b9:c3:40:dc:10:3c:09:7c:f4:ac:43:19:77:11:8d:
d3:ce:55:bd:cb:1e:fa:73:fe:1d:94:b1:d0:7b:8f:
d2:2d:40:82:35:b6:fa:d8:19:4e:8a:a9:1a:91:6c:
f0:41:df:59:47:0b:da:dd:41:4a:9a:a6:e7:b9:14:
28:3a:0f:d5:f8:60:45:b8:39:47:29:11:e5:d8:ef:
4d:35:2b:73:4d:f6:66:0f:74:b6:4c:35:af:c2:bc:
34:63:e7:37:5a:38:67:02:82:76:f6:66:26:9a:18:
d4:27:26:ba:60:a3:ec:0d:e1:bf:e0:f2:39:3e:9d:
57:59:84:51:50:75:c8:31:32:c2:b4:44:a7:37:ed:
65:d1:46:ee:97:97:ff:e2:43:88:c0:6e:fb:c1:a0:
e0:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:26:96:F0:29:B9:A6:E6:C4:18:63:9F:C1:E9:3F:73:AB:13:D8:05
X509v3 Authority Key Identifier:
keyid:72:2A:8C:1D:31:18:95:01:61:08:FF:BD:14:57:5C:77:CC:28:77:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ciqMHTEYlQFhCP-9FFdcd8wodzo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/9CaW8Cm5pubEGGOfwek_c6sT2AU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/ciqMHTEYlQFhCP-9FFdcd8wodzo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.160.38.0/23
Signature Algorithm: sha256WithRSAEncryption
22:7e:5f:f4:da:c8:a5:2a:9f:eb:3f:45:53:51:e4:e4:e3:4a:
c3:1e:f8:7e:fe:67:ec:54:f4:f4:4a:59:d9:cc:f8:5d:0b:c2:
85:39:7a:36:f4:a4:6e:52:4b:cb:71:2d:1a:55:2e:44:e7:48:
e5:ba:22:b8:55:bd:c8:a6:b6:83:65:34:0e:81:ce:2e:92:0a:
b3:cc:bf:f9:bc:81:43:0d:df:54:74:6d:ef:7b:bd:cf:bc:11:
eb:3b:e1:ad:ce:2e:e4:7a:b3:52:f7:d0:4d:22:91:84:7c:5a:
b0:00:5f:0c:90:c3:9b:d5:4a:57:02:f0:38:e3:7f:d7:5b:00:
06:a8:eb:f0:8b:89:12:45:23:31:fc:4a:45:a3:d3:78:72:9f:
65:3c:91:42:40:a4:f5:2c:59:94:30:40:19:f7:70:54:67:a0:
25:01:16:33:94:74:38:3c:8b:77:50:cb:94:5c:67:18:fb:7b:
7e:dd:34:6b:8a:a8:4b:04:25:63:5f:81:0b:2a:37:14:4c:a1:
52:d6:59:96:44:b9:8e:9d:35:9c:8f:98:0c:94:b3:4f:1d:b5:
dc:2a:53:72:05:9b:14:8b:c2:08:fa:5c:98:75:7e:da:fd:cc:
47:64:03:d5:00:3f:dd:9a:c9:69:8d:33:fb:76:2f:0d:fd:51:
39:b6:a3:7e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZJWvg3/iGBgAWu2+9jgyttgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMmE4YzFkMzExODk1MDE2MTA4ZmZiZDE0NTc1Yzc3Y2My
ODc3M2EwHhcNMjQxMDA0MDg1NTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDI2OTZmMDI5YjlhNmU2YzQxODYzOWZjMWU5M2Y3M2FiMTNkODA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArifzVUomBDfUJCdlOpLD0jDBgoMp
7Yk0+0QivnhT6q2OlHJYv/r/rw85TqDOGWmRc15BBp09oi1BOiC+YJaEvDRXhLZa
Erp9EBuUpzNqENWJEBgzjzuXh3sE0oWr6UA/G1I+Z/BrCM25w0DcEDwJfPSsQxl3
EY3TzlW9yx76c/4dlLHQe4/SLUCCNbb62BlOiqkakWzwQd9ZRwva3UFKmqbnuRQo
Og/V+GBFuDlHKRHl2O9NNStzTfZmD3S2TDWvwrw0Y+c3WjhnAoJ29mYmmhjUJya6
YKPsDeG/4PI5Pp1XWYRRUHXIMTLCtESnN+1l0Ubul5f/4kOIwG77waDgcQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPQmlvApuabmxBhjn8HpP3OrE9gFMB8GA1UdIwQY
MBaAFHIqjB0xGJUBYQj/vRRXXHfMKHc6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2lxTUhURVlsUUZoQ1AtOUZGZGNkOHdvZHpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC9iMWY2ZWUtYzRlZi00MzU1LWFmMzYt
YTU1OGVlNjU0MzFmLzEvOUNhVzhDbTVwdWJFR0dPZndla19jNnNUMkFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC9iMWY2ZWUtYzRlZi00MzU1LWFmMzYtYTU1OGVlNjU0MzFm
LzEvY2lxTUhURVlsUUZoQ1AtOUZGZGNkOHdvZHpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBbaAmMA0G
CSqGSIb3DQEBCwUAA4IBAQAifl/02silKp/rP0VTUeTk40rDHvh+/mfsVPT0SlnZ
zPhdC8KFOXo29KRuUkvLcS0aVS5E50jluiK4Vb3IpraDZTQOgc4ukgqzzL/5vIFD
Dd9UdG3ve73PvBHrO+Gtzi7kerNS99BNIpGEfFqwAF8MkMOb1UpXAvA443/XWwAG
qOvwi4kSRSMx/EpFo9N4cp9lPJFCQKT1LFmUMEAZ93BUZ6AlARYzlHQ4PIt3UMuU
XGcY+3t+3TRriqhLBCVjX4ELKjcUTKFS1lmWRLmOnTWcj5gMlLNPHbXcKlNyBZsU
i8II+lyYdX7a/cxHZAPVAD/dmslpjTP7di8N/VE5tqN+
-----END CERTIFICATE-----
Generated at Sun Feb 16 21:48:06 2025 by rpki-client