Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/5786ab-067e-440c-b276-1b06d1c704c1/1/So53NP9TPh1468Fs_QtTBL17EIM.roa
File: So53NP9TPh1468Fs_QtTBL17EIM.roa (raw, json)
Hash identifier: DOEp4E4aSlplCuZePMIdiwGKPyppWGwEsrz+2W/WcIo=
Subject key identifier: 4A:8E:77:34:FF:53:3E:1D:78:EB:C1:6C:FD:0B:53:04:BD:7B:10:83
Certificate issuer: /CN=d3d56f07be184cba52f6fdc049e8114d2616c32a
Certificate serial: 018A8E3AC2B779A52B2CB39705EDD776446A
Authority key identifier: D3:D5:6F:07:BE:18:4C:BA:52:F6:FD:C0:49:E8:11:4D:26:16:C3:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/09VvB74YTLpS9v3ASegRTSYWwyo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/5786ab-067e-440c-b276-1b06d1c704c1/1/So53NP9TPh1468Fs_QtTBL17EIM.roa
Signing time: Wed 13 Sep 2023 11:08:50 +0000
ROA not before: Wed 13 Sep 2023 11:08:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197961
IP address blocks: 109.207.105.0/24 maxlen: 24
2a10:f782::/48 maxlen: 56
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:8e:3a:c2:b7:79:a5:2b:2c:b3:97:05:ed:d7:76:44:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3d56f07be184cba52f6fdc049e8114d2616c32a
Validity
Not Before: Sep 13 11:08:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4a8e7734ff533e1d78ebc16cfd0b5304bd7b1083
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:85:b6:9f:64:c3:2c:87:72:15:c0:06:e2:47:
30:16:b0:4b:fa:77:fa:88:00:c5:89:53:6a:53:d5:
7c:4d:38:f1:86:e8:9a:9c:ed:58:a3:ee:bc:27:c1:
59:71:8a:3f:d5:27:91:af:a5:79:7f:5f:f1:2f:60:
c5:9a:4b:0a:ab:2c:30:cd:80:88:8f:12:43:ac:7c:
51:4e:35:99:26:c0:ce:68:14:22:cd:bb:74:2b:b7:
cc:4d:0d:29:98:d8:fe:81:12:25:de:43:9a:cc:6f:
a7:98:e6:b7:54:cd:35:cc:4a:51:e7:95:51:64:fb:
72:95:54:5a:4d:5e:d5:b0:0a:a6:49:96:5c:46:4d:
0a:e8:c3:fa:23:9c:66:80:ed:a7:b7:24:a4:92:ef:
a7:86:0f:7d:83:e4:97:df:68:af:e9:9e:84:b3:20:
6a:51:d4:94:a1:12:ff:28:e3:ff:e8:82:9c:71:f8:
b0:02:8d:70:65:ec:17:07:e1:2e:3a:a5:7a:24:0a:
8e:73:85:7f:b1:c1:8d:fb:f7:ad:59:a3:29:f1:61:
57:d1:2c:9e:10:1c:37:bc:24:21:0f:12:e5:7b:b6:
5d:6c:67:11:ff:2c:1c:9b:56:c5:35:ca:e2:4f:2a:
43:ab:3c:6a:93:a0:fd:19:8a:6b:45:d3:09:d3:f8:
8b:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:8E:77:34:FF:53:3E:1D:78:EB:C1:6C:FD:0B:53:04:BD:7B:10:83
X509v3 Authority Key Identifier:
keyid:D3:D5:6F:07:BE:18:4C:BA:52:F6:FD:C0:49:E8:11:4D:26:16:C3:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/09VvB74YTLpS9v3ASegRTSYWwyo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/5786ab-067e-440c-b276-1b06d1c704c1/1/So53NP9TPh1468Fs_QtTBL17EIM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/5786ab-067e-440c-b276-1b06d1c704c1/1/09VvB74YTLpS9v3ASegRTSYWwyo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.207.105.0/24
IPv6:
2a10:f782::/48
Signature Algorithm: sha256WithRSAEncryption
3a:b2:e6:b0:91:81:21:19:b3:40:62:54:c0:6e:59:6a:fc:57:
2e:96:29:b4:8c:73:26:b7:51:a6:5b:1d:4b:e3:68:76:24:c8:
d6:dd:dc:06:74:70:38:c2:c2:90:49:94:d8:00:5c:9a:3e:60:
3c:35:9a:21:89:0e:6b:02:ad:71:3e:de:6b:5f:e5:8c:c9:77:
79:f8:5d:b0:b1:a3:3c:48:ec:0e:ca:8e:f9:d0:1b:68:ec:a8:
f0:29:71:ce:96:cc:d9:79:1e:5d:f2:b6:eb:e8:00:67:3e:00:
7a:83:15:65:c6:c8:2c:13:ae:a7:69:1e:22:a6:da:0b:f7:f6:
9d:b4:84:00:13:30:17:fc:a7:18:9d:f6:79:44:c5:21:99:ee:
fc:7b:ca:54:89:f4:52:37:9b:29:f4:6c:ae:07:9f:e0:08:0b:
8d:75:2e:d4:52:41:f0:a5:4d:10:d5:db:f4:b4:39:b8:37:2a:
c5:66:37:4f:8f:67:f2:49:27:64:9d:a9:45:8f:ba:d7:8f:bc:
8d:47:b3:b3:e4:84:22:8f:60:36:3f:0d:f1:71:e1:2d:19:fa:
16:4a:7a:f7:a2:15:02:1a:78:f3:0b:89:38:ed:7a:77:94:cb:
2e:d0:b3:f3:c5:b8:0c:a2:d2:02:c7:5e:a1:c8:d3:6f:9a:c0:
7d:83:88:91
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYqOOsK3eaUrLLOXBe3XdkRqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzZDU2ZjA3YmUxODRjYmE1MmY2ZmRjMDQ5ZTgxMTRkMjYx
NmMzMmEwHhcNMjMwOTEzMTEwODUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YThlNzczNGZmNTMzZTFkNzhlYmMxNmNmZDBiNTMwNGJkN2IxMDgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApYW2n2TDLIdyFcAG4kcwFrBL+nf6
iADFiVNqU9V8TTjxhuianO1Yo+68J8FZcYo/1SeRr6V5f1/xL2DFmksKqywwzYCI
jxJDrHxRTjWZJsDOaBQizbt0K7fMTQ0pmNj+gRIl3kOazG+nmOa3VM01zEpR55VR
ZPtylVRaTV7VsAqmSZZcRk0K6MP6I5xmgO2ntySkku+nhg99g+SX32iv6Z6EsyBq
UdSUoRL/KOP/6IKccfiwAo1wZewXB+EuOqV6JAqOc4V/scGN+/etWaMp8WFX0Sye
EBw3vCQhDxLle7ZdbGcR/ywcm1bFNcriTypDqzxqk6D9GYprRdMJ0/iLOwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEqOdzT/Uz4deOvBbP0LUwS9exCDMB8GA1UdIwQY
MBaAFNPVbwe+GEy6Uvb9wEnoEU0mFsMqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDlWdkI3NFlUTHBTOXYzQVNlZ1JUU1lXd3lvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC81Nzg2YWItMDY3ZS00NDBjLWIyNzYt
MWIwNmQxYzcwNGMxLzEvU281M05QOVRQaDE0NjhGc19RdFRCTDE3RUlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC81Nzg2YWItMDY3ZS00NDBjLWIyNzYtMWIwNmQxYzcwNGMx
LzEvMDlWdkI3NFlUTHBTOXYzQVNlZ1JUU1lXd3lvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAbc9pMA8E
AgACMAkDBwAqEPeCAAAwDQYJKoZIhvcNAQELBQADggEBADqy5rCRgSEZs0BiVMBu
WWr8Vy6WKbSMcya3UaZbHUvjaHYkyNbd3AZ0cDjCwpBJlNgAXJo+YDw1miGJDmsC
rXE+3mtf5YzJd3n4XbCxozxI7A7KjvnQG2jsqPApcc6WzNl5Hl3ytuvoAGc+AHqD
FWXGyCwTrqdpHiKm2gv39p20hAATMBf8pxid9nlExSGZ7vx7ylSJ9FI3myn0bK4H
n+AIC411LtRSQfClTRDV2/S0Obg3KsVmN0+PZ/JJJ2SdqUWPutePvI1Hs7PkhCKP
YDY/DfFx4S0Z+hZKeveiFQIaePMLiTjteneUyy7Qs/PFuAyi0gLHXqHI02+awH2D
iJE=
-----END CERTIFICATE-----
Generated at Wed Sep 13 13:01:27 2023 by rpki-client on console-ams.rpki-client.org