Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/i4vO4K1cqaeRgpirfw6QuAkTaOI.roa
File: i4vO4K1cqaeRgpirfw6QuAkTaOI.roa (raw, json)
Hash identifier: FX7hfktE6aKvBPkssC8WsDIuawQpVeSQpi71LlJSiVw=
Subject key identifier: 8B:8B:CE:E0:AD:5C:A9:A7:91:82:98:AB:7F:0E:90:B8:09:13:68:E2
Certificate issuer: /CN=722a8c1d311895016108ffbd14575c77cc28773a
Certificate serial: 019126901EF2FEC01EFB67EB2EC871569419
Authority key identifier: 72:2A:8C:1D:31:18:95:01:61:08:FF:BD:14:57:5C:77:CC:28:77:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ciqMHTEYlQFhCP-9FFdcd8wodzo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/i4vO4K1cqaeRgpirfw6QuAkTaOI.roa
Signing time: Tue 06 Aug 2024 07:21:04 +0000
ROA not before: Tue 06 Aug 2024 07:21:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209854
IP address blocks: 109.160.40.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 21 Aug 2024 10:15:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:26:90:1e:f2:fe:c0:1e:fb:67:eb:2e:c8:71:56:94:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=722a8c1d311895016108ffbd14575c77cc28773a
Validity
Not Before: Aug 6 07:21:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8b8bcee0ad5ca9a7918298ab7f0e90b8091368e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:d5:c3:a4:9f:90:b3:cf:ea:38:3f:ab:a7:15:
17:09:d7:9d:ee:c5:ce:15:f9:7b:61:9f:be:27:36:
aa:cb:7f:bb:79:69:71:52:00:68:51:a4:26:76:24:
fa:b4:e3:42:f4:7b:67:6a:78:c6:c0:b5:f0:da:a4:
0e:51:a6:46:71:22:8d:76:11:ea:56:87:a9:04:67:
3f:8e:e0:8b:77:b3:7f:16:ed:01:5c:d0:59:4e:06:
50:44:cb:a7:8e:3a:98:b7:77:32:8f:a2:07:84:03:
bc:f5:9f:6c:c8:72:9e:9b:15:8f:4f:28:da:97:00:
08:6d:f6:3c:ab:27:f3:44:ef:aa:27:16:a8:66:01:
f6:45:c4:54:14:c6:bb:1f:8e:9d:bc:1d:5f:29:99:
19:1b:79:a3:28:ff:10:eb:f3:10:3c:76:d7:bd:3a:
98:8b:ae:2c:0b:5e:20:b0:01:1b:89:27:13:53:ba:
86:e2:05:fc:45:73:5e:7a:ee:8d:ab:c4:e4:fa:36:
e5:be:fb:87:08:55:2f:89:79:95:1c:23:f6:f8:8c:
66:c9:2f:3b:d1:6a:08:59:19:7d:cb:06:3f:46:de:
e3:0d:1e:e8:5a:ac:8e:d3:bf:01:44:34:04:c3:33:
c6:16:44:76:d4:a6:f6:ac:b4:3a:3e:3a:97:1e:ce:
2b:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:8B:CE:E0:AD:5C:A9:A7:91:82:98:AB:7F:0E:90:B8:09:13:68:E2
X509v3 Authority Key Identifier:
keyid:72:2A:8C:1D:31:18:95:01:61:08:FF:BD:14:57:5C:77:CC:28:77:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ciqMHTEYlQFhCP-9FFdcd8wodzo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/i4vO4K1cqaeRgpirfw6QuAkTaOI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/ciqMHTEYlQFhCP-9FFdcd8wodzo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.160.40.0/24
Signature Algorithm: sha256WithRSAEncryption
43:8f:4d:a2:34:f8:7a:77:96:18:06:e9:da:58:b2:13:9a:88:
00:1b:c2:3d:b7:47:ce:6f:90:30:e8:e8:a2:0c:bc:39:c9:ac:
86:d3:93:dc:6f:dc:f4:30:d8:c9:de:80:7a:44:c1:aa:27:4e:
ec:eb:6f:a2:95:f9:93:0f:c1:1d:76:88:31:8e:d0:90:eb:37:
ec:ea:59:15:ad:22:b0:24:5e:3f:58:2d:0e:14:70:88:87:cc:
19:18:dc:ef:84:e4:49:ca:79:0a:47:83:fe:c7:e6:d1:5f:67:
e5:fb:dc:1c:b4:ec:0b:aa:fa:62:df:70:f0:8b:61:44:75:64:
2b:f5:7d:27:b7:6b:5f:04:d9:87:1c:6b:39:71:72:82:53:11:
a5:e2:b1:09:eb:cf:8b:f0:f8:b8:6c:22:d1:0a:aa:a2:17:36:
0d:14:dc:a4:ec:3d:cc:04:d5:c7:a5:5a:98:34:85:0f:21:df:
d2:36:84:21:0d:d0:27:4d:7d:1d:ba:d6:60:65:15:9b:54:5e:
ed:30:04:e2:07:00:a8:e1:63:c9:5a:87:4d:8e:7b:dc:06:b2:
be:d3:ef:65:96:14:dd:5b:e1:f5:af:1d:ff:31:68:9d:cc:b3:
bb:5a:a4:c8:a1:b2:0e:63:ea:da:19:36:ff:e8:03:ba:4f:45:
33:42:76:16
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZEmkB7y/sAe+2frLshxVpQZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMmE4YzFkMzExODk1MDE2MTA4ZmZiZDE0NTc1Yzc3Y2My
ODc3M2EwHhcNMjQwODA2MDcyMTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjhiY2VlMGFkNWNhOWE3OTE4Mjk4YWI3ZjBlOTBiODA5MTM2OGUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz9XDpJ+Qs8/qOD+rpxUXCded7sXO
Ffl7YZ++Jzaqy3+7eWlxUgBoUaQmdiT6tONC9HtnanjGwLXw2qQOUaZGcSKNdhHq
VoepBGc/juCLd7N/Fu0BXNBZTgZQRMunjjqYt3cyj6IHhAO89Z9syHKemxWPTyja
lwAIbfY8qyfzRO+qJxaoZgH2RcRUFMa7H46dvB1fKZkZG3mjKP8Q6/MQPHbXvTqY
i64sC14gsAEbiScTU7qG4gX8RXNeeu6Nq8Tk+jblvvuHCFUviXmVHCP2+IxmyS87
0WoIWRl9ywY/Rt7jDR7oWqyO078BRDQEwzPGFkR21Kb2rLQ6PjqXHs4rcwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIuLzuCtXKmnkYKYq38OkLgJE2jiMB8GA1UdIwQY
MBaAFHIqjB0xGJUBYQj/vRRXXHfMKHc6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2lxTUhURVlsUUZoQ1AtOUZGZGNkOHdvZHpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC9iMWY2ZWUtYzRlZi00MzU1LWFmMzYt
YTU1OGVlNjU0MzFmLzEvaTR2TzRLMWNxYWVSZ3BpcmZ3NlF1QWtUYU9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC9iMWY2ZWUtYzRlZi00MzU1LWFmMzYtYTU1OGVlNjU0MzFm
LzEvY2lxTUhURVlsUUZoQ1AtOUZGZGNkOHdvZHpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbaAoMA0G
CSqGSIb3DQEBCwUAA4IBAQBDj02iNPh6d5YYBunaWLITmogAG8I9t0fOb5Aw6Oii
DLw5yayG05Pcb9z0MNjJ3oB6RMGqJ07s62+ilfmTD8EddogxjtCQ6zfs6lkVrSKw
JF4/WC0OFHCIh8wZGNzvhORJynkKR4P+x+bRX2fl+9wctOwLqvpi33Dwi2FEdWQr
9X0nt2tfBNmHHGs5cXKCUxGl4rEJ68+L8Pi4bCLRCqqiFzYNFNyk7D3MBNXHpVqY
NIUPId/SNoQhDdAnTX0dutZgZRWbVF7tMATiBwCo4WPJWodNjnvcBrK+0+9llhTd
W+H1rx3/MWidzLO7WqTIobIOY+raGTb/6AO6T0UzQnYW
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:11:03 2025 by rpki-client