Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/6277a7-290f-4994-b286-25d6e8613dc4/1/Vu8vq_W_7y2yQi0X1DXowNJBmsg.roa
File: Vu8vq_W_7y2yQi0X1DXowNJBmsg.roa (raw, json)
Hash identifier: a6FDzzRKqAf3WUFhKd1U8Ns1iTu29XU6w/CVX2i5A28=
Subject key identifier: 56:EF:2F:AB:F5:BF:EF:2D:B2:42:2D:17:D4:35:E8:C0:D2:41:9A:C8
Certificate issuer: /CN=1e9a2f083f471dfb9507b4c973cb5c3acd49759d
Certificate serial: 018572B4224F3661E9180A4EA2F3C4818F0E
Authority key identifier: 1E:9A:2F:08:3F:47:1D:FB:95:07:B4:C9:73:CB:5C:3A:CD:49:75:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HpovCD9HHfuVB7TJc8tcOs1JdZ0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/6277a7-290f-4994-b286-25d6e8613dc4/1/Vu8vq_W_7y2yQi0X1DXowNJBmsg.roa
Signing time: Mon 02 Jan 2023 13:38:05 +0000
ROA not before: Mon 02 Jan 2023 13:38:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50201
IP address blocks: 109.232.88.0/21 maxlen: 21
109.232.94.0/23 maxlen: 23
109.232.93.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:29:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:b4:22:4f:36:61:e9:18:0a:4e:a2:f3:c4:81:8f:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e9a2f083f471dfb9507b4c973cb5c3acd49759d
Validity
Not Before: Jan 2 13:38:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=56ef2fabf5bfef2db2422d17d435e8c0d2419ac8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:77:e5:53:3c:c2:e0:7e:a4:c5:56:0e:3d:fc:
42:40:20:df:61:f4:82:fb:a7:63:ed:9a:a5:0b:db:
9a:86:4c:76:fe:2f:b6:b9:71:b6:ee:a5:1f:07:68:
d2:0c:6c:77:c1:7f:33:48:54:a7:f8:ed:06:a1:dc:
1d:e5:52:20:d4:69:32:4a:9a:e5:3e:3f:33:9c:2e:
5b:d8:c9:82:45:aa:e0:ef:98:87:df:68:ff:62:f7:
8b:ff:3d:db:07:95:24:86:32:73:5e:63:2e:fb:f7:
de:98:02:0b:1d:db:ae:8e:b1:55:78:5f:52:c1:f6:
7a:c9:c9:53:3f:57:06:bc:cf:69:dd:db:16:0e:c1:
06:af:b9:6f:a1:00:2d:63:08:9e:58:b5:a8:64:8f:
89:27:fe:ff:e6:cc:cc:d4:e8:12:31:0e:ef:9f:32:
ff:12:d8:13:e8:30:2c:c8:bf:f8:13:4c:0d:fa:d8:
a1:90:a1:9f:ed:e4:34:3a:85:5f:91:99:c4:cc:69:
8b:71:e5:6b:60:97:77:e9:8c:20:41:e5:4a:e1:24:
16:63:11:61:7d:8c:76:b0:2d:6c:9d:d8:d7:00:1c:
bb:0b:5c:98:9e:69:3d:54:23:89:5a:4c:f4:5e:ea:
bb:d0:bd:55:cb:08:a6:bb:d3:c9:cf:66:15:19:6b:
ff:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:EF:2F:AB:F5:BF:EF:2D:B2:42:2D:17:D4:35:E8:C0:D2:41:9A:C8
X509v3 Authority Key Identifier:
keyid:1E:9A:2F:08:3F:47:1D:FB:95:07:B4:C9:73:CB:5C:3A:CD:49:75:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HpovCD9HHfuVB7TJc8tcOs1JdZ0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/6277a7-290f-4994-b286-25d6e8613dc4/1/Vu8vq_W_7y2yQi0X1DXowNJBmsg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/6277a7-290f-4994-b286-25d6e8613dc4/1/HpovCD9HHfuVB7TJc8tcOs1JdZ0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.232.88.0/21
Signature Algorithm: sha256WithRSAEncryption
31:36:36:64:f7:74:a1:c2:fc:9b:55:24:ba:a5:a6:05:15:53:
ea:12:9f:6f:9e:96:84:35:ef:c4:59:e4:46:a7:ba:aa:3d:46:
74:bc:ae:70:9b:58:cf:0f:a5:e4:5f:1a:c1:60:62:98:ab:fa:
8c:93:77:07:05:f3:fc:67:e1:5b:90:1e:e4:58:36:f5:4d:1b:
b4:97:ba:8f:ce:5d:36:05:f9:c0:35:99:97:d7:6d:77:9e:f8:
29:46:16:d9:ee:a2:6f:ad:15:04:7e:d0:8d:22:36:b5:a4:5e:
ec:b5:40:09:9a:9d:a1:c2:dd:8d:38:d0:d9:90:39:4f:c4:eb:
9a:45:62:5a:57:5a:31:87:01:e9:ed:eb:b1:34:2d:61:9e:05:
b7:06:7d:b0:e5:72:a0:bf:f3:db:5f:1d:91:2e:cf:72:c1:d9:
75:19:99:28:9a:6f:3e:19:42:78:06:e9:31:88:1b:46:d5:a4:
22:e1:14:a0:01:ca:e9:fc:2d:0a:66:b9:1f:20:3d:32:5c:cc:
8f:54:aa:b2:a3:92:8b:fc:09:e4:45:98:9a:61:fe:42:92:98:
c7:25:7f:eb:65:67:5d:18:18:d1:67:55:d9:e8:d0:3c:84:5d:
8f:3c:7c:b9:d1:52:7c:60:0e:26:b5:df:8a:2e:0f:35:cb:44:
2c:20:9b:fa
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVytCJPNmHpGApOovPEgY8OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlOWEyZjA4M2Y0NzFkZmI5NTA3YjRjOTczY2I1YzNhY2Q0
OTc1OWQwHhcNMjMwMTAyMTMzODA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NmVmMmZhYmY1YmZlZjJkYjI0MjJkMTdkNDM1ZThjMGQyNDE5YWM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvnflUzzC4H6kxVYOPfxCQCDfYfSC
+6dj7ZqlC9uahkx2/i+2uXG27qUfB2jSDGx3wX8zSFSn+O0Godwd5VIg1GkySprl
Pj8znC5b2MmCRarg75iH32j/YveL/z3bB5UkhjJzXmMu+/femAILHduujrFVeF9S
wfZ6yclTP1cGvM9p3dsWDsEGr7lvoQAtYwieWLWoZI+JJ/7/5szM1OgSMQ7vnzL/
EtgT6DAsyL/4E0wN+tihkKGf7eQ0OoVfkZnEzGmLceVrYJd36YwgQeVK4SQWYxFh
fYx2sC1sndjXABy7C1yYnmk9VCOJWkz0Xuq70L1Vywimu9PJz2YVGWv//wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFbvL6v1v+8tskItF9Q16MDSQZrIMB8GA1UdIwQY
MBaAFB6aLwg/Rx37lQe0yXPLXDrNSXWdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHBvdkNEOUhIZnVWQjdUSmM4dGNPczFKZFowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC82Mjc3YTctMjkwZi00OTk0LWIyODYt
MjVkNmU4NjEzZGM0LzEvVnU4dnFfV183eTJ5UWkwWDFEWG93TkpCbXNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC82Mjc3YTctMjkwZi00OTk0LWIyODYtMjVkNmU4NjEzZGM0
LzEvSHBvdkNEOUhIZnVWQjdUSmM4dGNPczFKZFowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDbehYMA0G
CSqGSIb3DQEBCwUAA4IBAQAxNjZk93ShwvybVSS6paYFFVPqEp9vnpaENe/EWeRG
p7qqPUZ0vK5wm1jPD6XkXxrBYGKYq/qMk3cHBfP8Z+FbkB7kWDb1TRu0l7qPzl02
BfnANZmX1213nvgpRhbZ7qJvrRUEftCNIja1pF7stUAJmp2hwt2NONDZkDlPxOua
RWJaV1oxhwHp7euxNC1hngW3Bn2w5XKgv/PbXx2RLs9ywdl1GZkomm8+GUJ4Bukx
iBtG1aQi4RSgAcrp/C0KZrkfID0yXMyPVKqyo5KL/AnkRZiaYf5CkpjHJX/rZWdd
GBjRZ1XZ6NA8hF2PPHy50VJ8YA4mtd+KLg81y0QsIJv6
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:54:22 2024 by rpki-client on console-ams.rpki-client.org