Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/6277a7-290f-4994-b286-25d6e8613dc4/1/6CQG6JSpNgTWZMbVlUt3i9elftg.roa
File: 6CQG6JSpNgTWZMbVlUt3i9elftg.roa (raw, json)
Hash identifier: xRgn6w+A5Qnhb9Xjij2YRI6Bt22FbADhiPmkKVbr19I=
Subject key identifier: E8:24:06:E8:94:A9:36:04:D6:64:C6:D5:95:4B:77:8B:D7:A5:7E:D8
Certificate issuer: /CN=1e9a2f083f471dfb9507b4c973cb5c3acd49759d
Certificate serial: 018CC5001BFC994EF4C6EF9F46B6B692B545
Authority key identifier: 1E:9A:2F:08:3F:47:1D:FB:95:07:B4:C9:73:CB:5C:3A:CD:49:75:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HpovCD9HHfuVB7TJc8tcOs1JdZ0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/6277a7-290f-4994-b286-25d6e8613dc4/1/6CQG6JSpNgTWZMbVlUt3i9elftg.roa
Signing time: Mon 01 Jan 2024 12:29:27 +0000
ROA not before: Mon 01 Jan 2024 12:29:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 109.232.88.0/21 maxlen: 21
Validation: Failed, certificate revoked on Wed 01 Jan 2025 19:47:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:1b:fc:99:4e:f4:c6:ef:9f:46:b6:b6:92:b5:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e9a2f083f471dfb9507b4c973cb5c3acd49759d
Validity
Not Before: Jan 1 12:29:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e82406e894a93604d664c6d5954b778bd7a57ed8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:60:dd:24:99:7c:a0:4a:98:4f:af:4b:31:22:
f5:8e:32:4d:a5:6f:55:d4:69:1a:de:69:b0:76:a3:
39:90:0d:77:9e:2b:84:aa:7f:e5:96:82:74:bb:d1:
b4:04:ac:46:1a:5d:75:1d:03:0c:45:97:88:82:4e:
99:8a:36:fc:f7:d3:ee:86:03:8f:2d:49:11:9e:08:
57:6a:8b:d4:85:d9:f7:81:eb:21:b8:ba:63:ca:ba:
37:57:f6:1a:bd:7e:6d:15:58:6e:eb:6f:78:7a:0e:
11:97:fe:4d:06:b2:4e:22:77:2c:34:d2:fe:3a:37:
14:37:2f:1e:22:eb:4b:f5:54:4f:cc:8f:4b:1b:35:
b8:45:18:3f:82:ff:1a:be:50:aa:97:10:a6:34:f6:
eb:65:25:65:02:47:77:a4:33:af:86:be:26:d6:6e:
b6:ff:99:2c:93:2a:99:e9:81:12:63:42:1f:31:bc:
3d:bc:49:9d:f7:ef:56:f4:27:83:52:a4:14:17:9f:
d8:a8:a7:ce:88:09:32:0b:17:d4:c5:e1:c9:bf:74:
09:62:9c:aa:8d:01:88:e1:48:8d:6f:97:1d:ba:6b:
dd:f7:bd:e7:bc:b0:d4:de:e4:f9:ee:c6:91:5a:16:
bd:fd:91:cc:57:0a:b3:1d:93:63:41:80:3b:fb:bc:
40:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:24:06:E8:94:A9:36:04:D6:64:C6:D5:95:4B:77:8B:D7:A5:7E:D8
X509v3 Authority Key Identifier:
keyid:1E:9A:2F:08:3F:47:1D:FB:95:07:B4:C9:73:CB:5C:3A:CD:49:75:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HpovCD9HHfuVB7TJc8tcOs1JdZ0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/6277a7-290f-4994-b286-25d6e8613dc4/1/6CQG6JSpNgTWZMbVlUt3i9elftg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/6277a7-290f-4994-b286-25d6e8613dc4/1/HpovCD9HHfuVB7TJc8tcOs1JdZ0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.232.88.0/21
Signature Algorithm: sha256WithRSAEncryption
06:cc:b0:da:c5:ae:f7:e8:99:b1:72:2c:67:cb:a8:4d:5e:3c:
4b:aa:6a:6b:c2:28:5b:e8:0a:67:2f:e9:90:b8:3c:73:b8:f7:
83:d6:a7:31:17:26:61:09:41:5d:17:3d:e0:2b:f9:f1:fb:30:
6b:d3:48:91:98:db:42:a7:53:0f:70:c2:ef:b9:39:86:b7:4b:
70:38:12:4c:dd:50:bd:64:ec:2e:ae:7b:40:76:88:fa:34:fa:
cc:fd:dd:41:b8:39:9a:cc:00:4a:6b:63:a2:fe:70:0d:92:8c:
20:95:10:d9:96:d4:b2:21:b7:96:4b:e1:57:77:c0:33:03:ff:
d6:41:1c:21:d3:a1:f0:34:d7:7c:45:e7:b3:50:99:d8:bc:37:
80:a9:50:b9:75:71:92:dc:26:a5:12:0e:0e:de:57:10:90:1e:
37:87:e9:d8:16:0e:fd:0f:b4:9e:48:d8:49:77:78:b6:a1:1a:
6d:89:92:36:76:0c:9c:40:a1:33:d4:67:03:a3:c4:ba:b4:9d:
93:9c:03:09:7a:1c:45:74:82:c5:d0:85:05:68:49:cf:f4:81:
d7:45:96:dc:6c:50:7e:d8:4e:eb:24:7d:e6:63:7e:df:3c:d5:
75:a7:2d:86:bf:e2:b6:eb:77:2d:70:f9:cd:60:0b:82:cf:88:
6a:6d:7e:53
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFABv8mU70xu+fRra2krVFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlOWEyZjA4M2Y0NzFkZmI5NTA3YjRjOTczY2I1YzNhY2Q0
OTc1OWQwHhcNMjQwMTAxMTIyOTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlODI0MDZlODk0YTkzNjA0ZDY2NGM2ZDU5NTRiNzc4YmQ3YTU3ZWQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0WDdJJl8oEqYT69LMSL1jjJNpW9V
1Gka3mmwdqM5kA13niuEqn/lloJ0u9G0BKxGGl11HQMMRZeIgk6Zijb899PuhgOP
LUkRnghXaovUhdn3geshuLpjyro3V/YavX5tFVhu6294eg4Rl/5NBrJOIncsNNL+
OjcUNy8eIutL9VRPzI9LGzW4RRg/gv8avlCqlxCmNPbrZSVlAkd3pDOvhr4m1m62
/5kskyqZ6YESY0IfMbw9vEmd9+9W9CeDUqQUF5/YqKfOiAkyCxfUxeHJv3QJYpyq
jQGI4UiNb5cdumvd973nvLDU3uT57saRWha9/ZHMVwqzHZNjQYA7+7xAaQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOgkBuiUqTYE1mTG1ZVLd4vXpX7YMB8GA1UdIwQY
MBaAFB6aLwg/Rx37lQe0yXPLXDrNSXWdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHBvdkNEOUhIZnVWQjdUSmM4dGNPczFKZFowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC82Mjc3YTctMjkwZi00OTk0LWIyODYt
MjVkNmU4NjEzZGM0LzEvNkNRRzZKU3BOZ1RXWk1iVmxVdDNpOWVsZnRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC82Mjc3YTctMjkwZi00OTk0LWIyODYtMjVkNmU4NjEzZGM0
LzEvSHBvdkNEOUhIZnVWQjdUSmM4dGNPczFKZFowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDbehYMA0G
CSqGSIb3DQEBCwUAA4IBAQAGzLDaxa736Jmxcixny6hNXjxLqmprwihb6ApnL+mQ
uDxzuPeD1qcxFyZhCUFdFz3gK/nx+zBr00iRmNtCp1MPcMLvuTmGt0twOBJM3VC9
ZOwurntAdoj6NPrM/d1BuDmazABKa2Oi/nANkowglRDZltSyIbeWS+FXd8AzA//W
QRwh06HwNNd8ReezUJnYvDeAqVC5dXGS3CalEg4O3lcQkB43h+nYFg79D7SeSNhJ
d3i2oRptiZI2dgycQKEz1GcDo8S6tJ2TnAMJehxFdILF0IUFaEnP9IHXRZbcbFB+
2E7rJH3mY37fPNV1py2Gv+K263ctcPnNYAuCz4hqbX5T
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:43:11 2025 by rpki-client