Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/H2uGjX6tLiJSeVwppNuhvzawjYA.roa
File: H2uGjX6tLiJSeVwppNuhvzawjYA.roa (raw, json)
Hash identifier: U1GS6/TdONFK1aN/alJCVwne8wDq/Qxyh37swkKBT0k=
Subject key identifier: 1F:6B:86:8D:7E:AD:2E:22:52:79:5C:29:A4:DB:A1:BF:36:B0:8D:80
Certificate issuer: /CN=722a8c1d311895016108ffbd14575c77cc28773a
Certificate serial: 018BC8DB4E32C5AF4949DB3F6F1F6EBAA430
Authority key identifier: 72:2A:8C:1D:31:18:95:01:61:08:FF:BD:14:57:5C:77:CC:28:77:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ciqMHTEYlQFhCP-9FFdcd8wodzo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/H2uGjX6tLiJSeVwppNuhvzawjYA.roa
Signing time: Mon 13 Nov 2023 13:24:57 +0000
ROA not before: Mon 13 Nov 2023 13:24:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25211
IP address blocks: 109.160.32.0/22 maxlen: 22
109.160.38.0/24 maxlen: 24
109.160.36.0/24 maxlen: 24
109.160.37.0/24 maxlen: 24
109.160.41.0/24 maxlen: 24
109.160.39.0/24 maxlen: 24
109.160.40.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:c8:db:4e:32:c5:af:49:49:db:3f:6f:1f:6e:ba:a4:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=722a8c1d311895016108ffbd14575c77cc28773a
Validity
Not Before: Nov 13 13:24:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1f6b868d7ead2e2252795c29a4dba1bf36b08d80
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:88:d8:7a:60:54:69:75:77:29:bc:52:74:be:
32:ad:bc:5a:53:8b:05:63:2d:c2:59:52:f8:7a:45:
02:a8:92:a7:3e:e5:b4:4d:4f:b8:e7:67:d4:13:54:
70:69:a1:92:b2:08:8b:5c:03:1d:e6:8f:aa:6f:03:
0c:ad:c2:e6:cb:eb:b5:6d:2d:45:5d:23:14:b9:90:
34:12:f3:c5:24:55:93:64:ac:2d:07:41:6d:06:36:
b5:c3:06:33:ea:f3:4f:c2:03:f1:6c:10:47:7c:13:
b9:e1:d7:da:c4:45:4d:3e:83:44:86:88:f7:e4:8f:
9d:ae:a5:25:7b:b7:e1:36:5a:5b:7c:20:a2:97:52:
39:0a:14:8a:8c:ac:36:c1:4c:e2:30:80:5d:32:ef:
3d:ab:2e:65:63:fb:ab:35:95:56:5d:01:fc:f4:e2:
8b:13:db:b9:0d:9b:56:4b:f1:06:25:91:be:ec:1f:
14:fe:16:5d:a9:3e:6a:01:9f:14:87:ef:1f:14:7f:
ca:74:73:56:5b:f5:50:9a:e2:a3:44:ce:9c:dc:1e:
60:36:ce:ac:d1:b7:04:c3:42:31:cc:6c:35:2d:13:
36:35:a6:3a:75:92:47:5f:fe:57:e5:91:07:cb:20:
55:ef:bb:29:e9:da:77:75:6a:49:76:f1:3d:35:b4:
c1:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:6B:86:8D:7E:AD:2E:22:52:79:5C:29:A4:DB:A1:BF:36:B0:8D:80
X509v3 Authority Key Identifier:
keyid:72:2A:8C:1D:31:18:95:01:61:08:FF:BD:14:57:5C:77:CC:28:77:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ciqMHTEYlQFhCP-9FFdcd8wodzo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/H2uGjX6tLiJSeVwppNuhvzawjYA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/ciqMHTEYlQFhCP-9FFdcd8wodzo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.160.32.0-109.160.41.255
Signature Algorithm: sha256WithRSAEncryption
7f:64:96:a3:76:9a:f1:2e:e3:98:8f:45:be:df:79:2c:e8:f7:
8c:c7:f1:bf:57:f4:ac:50:14:f9:8e:2c:55:f4:8a:4b:52:39:
a9:f0:9d:96:1f:8b:f4:07:2c:4a:b6:3d:14:97:39:23:36:ab:
05:6d:af:c0:60:1b:80:5f:04:3b:74:dd:01:c0:b8:a5:74:c8:
ce:77:f9:f5:01:f8:f1:b0:6d:32:2e:2f:fd:27:ff:f9:28:c8:
3b:2f:27:71:7a:17:37:24:6e:b7:8f:bc:07:23:16:32:6a:0d:
72:97:e5:ab:9c:09:19:0d:f1:f4:4e:37:37:2c:31:0e:eb:cc:
26:2a:a8:cf:1d:47:59:24:9e:6d:21:98:03:b5:ab:49:af:1b:
57:63:e8:c5:ee:49:ff:d9:68:e3:e3:8f:e7:e9:b3:2b:20:30:
66:4f:2d:0d:2d:e1:55:c5:71:41:d8:12:4d:b6:7d:3c:d9:1e:
fa:d2:da:1c:58:c7:ac:d6:85:73:2a:16:5a:ee:19:88:71:22:
fa:e9:93:68:b3:24:38:cc:1b:cb:21:ca:67:d8:1d:17:25:c3:
d9:21:91:4f:0b:04:cf:d6:76:74:44:23:88:9e:52:9e:a0:0c:
36:1f:5d:3d:a0:93:07:0b:19:ac:08:fd:5c:2f:80:3a:0f:bd:
4d:f6:f9:f5
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYvI204yxa9JSds/bx9uuqQwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMmE4YzFkMzExODk1MDE2MTA4ZmZiZDE0NTc1Yzc3Y2My
ODc3M2EwHhcNMjMxMTEzMTMyNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjZiODY4ZDdlYWQyZTIyNTI3OTVjMjlhNGRiYTFiZjM2YjA4ZDgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm4jYemBUaXV3KbxSdL4yrbxaU4sF
Yy3CWVL4ekUCqJKnPuW0TU+452fUE1RwaaGSsgiLXAMd5o+qbwMMrcLmy+u1bS1F
XSMUuZA0EvPFJFWTZKwtB0FtBja1wwYz6vNPwgPxbBBHfBO54dfaxEVNPoNEhoj3
5I+drqUle7fhNlpbfCCil1I5ChSKjKw2wUziMIBdMu89qy5lY/urNZVWXQH89OKL
E9u5DZtWS/EGJZG+7B8U/hZdqT5qAZ8Uh+8fFH/KdHNWW/VQmuKjRM6c3B5gNs6s
0bcEw0IxzGw1LRM2NaY6dZJHX/5X5ZEHyyBV77sp6dp3dWpJdvE9NbTBewIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFB9rho1+rS4iUnlcKaTbob82sI2AMB8GA1UdIwQY
MBaAFHIqjB0xGJUBYQj/vRRXXHfMKHc6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2lxTUhURVlsUUZoQ1AtOUZGZGNkOHdvZHpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC9iMWY2ZWUtYzRlZi00MzU1LWFmMzYt
YTU1OGVlNjU0MzFmLzEvSDJ1R2pYNnRMaUpTZVZ3cHBOdWh2emF3allBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC9iMWY2ZWUtYzRlZi00MzU1LWFmMzYtYTU1OGVlNjU0MzFm
LzEvY2lxTUhURVlsUUZoQ1AtOUZGZGNkOHdvZHpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAVtoCAD
BAFtoCgwDQYJKoZIhvcNAQELBQADggEBAH9klqN2mvEu45iPRb7feSzo94zH8b9X
9KxQFPmOLFX0iktSOanwnZYfi/QHLEq2PRSXOSM2qwVtr8BgG4BfBDt03QHAuKV0
yM53+fUB+PGwbTIuL/0n//koyDsvJ3F6FzckbrePvAcjFjJqDXKX5aucCRkN8fRO
NzcsMQ7rzCYqqM8dR1kknm0hmAO1q0mvG1dj6MXuSf/ZaOPjj+fpsysgMGZPLQ0t
4VXFcUHYEk22fTzZHvrS2hxYx6zWhXMqFlruGYhxIvrpk2izJDjMG8shymfYHRcl
w9khkU8LBM/WdnREI4ieUp6gDDYfXT2gkwcLGawI/VwvgDoPvU32+fU=
-----END CERTIFICATE-----
Generated at Mon Jan 1 17:15:02 2024 by rpki-client on console-ams.rpki-client.org