Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/4b544e-6535-4af8-bbdb-58d2ee982879/1/JuNtLGTJnO1sDYY_72gmzUcscKo.roa
File: JuNtLGTJnO1sDYY_72gmzUcscKo.roa (raw, json)
Hash identifier: eNoHCsRE6f2E599xbUS+rlB0lxid3Et6qfp7OOeJoV0=
Subject key identifier: 26:E3:6D:2C:64:C9:9C:ED:6C:0D:86:3F:EF:68:26:CD:47:2C:70:AA
Certificate issuer: /CN=d826ca5d53c1b5308e2c9c791c630a0f22337943
Certificate serial: 01856B49F6E0F3F5DA7EE171E1408B484616
Authority key identifier: D8:26:CA:5D:53:C1:B5:30:8E:2C:9C:79:1C:63:0A:0F:22:33:79:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2CbKXVPBtTCOLJx5HGMKDyIzeUM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/4b544e-6535-4af8-bbdb-58d2ee982879/1/JuNtLGTJnO1sDYY_72gmzUcscKo.roa
Signing time: Sun 01 Jan 2023 03:04:47 +0000
ROA not before: Sun 01 Jan 2023 03:04:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 14618
IP address blocks: 109.68.70.0/24 maxlen: 24
109.68.67.0/24 maxlen: 24
109.68.71.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:49:f6:e0:f3:f5:da:7e:e1:71:e1:40:8b:48:46:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d826ca5d53c1b5308e2c9c791c630a0f22337943
Validity
Not Before: Jan 1 03:04:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=26e36d2c64c99ced6c0d863fef6826cd472c70aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:10:01:db:dc:99:2c:fb:c9:67:81:85:2f:f5:
5a:04:11:68:1b:51:a0:d8:30:1f:d4:a5:0a:50:cd:
ba:ec:23:86:62:52:1f:36:73:26:44:57:b8:a0:ff:
19:83:9c:4c:3c:57:a5:a4:24:1f:ab:84:f2:ff:28:
18:1a:e1:7a:28:ff:87:af:2e:6b:7b:92:b7:c2:dc:
4f:2b:79:91:4e:69:80:19:b6:4b:28:00:38:56:1a:
4d:b8:02:fc:fd:d8:07:68:e8:63:c0:09:b2:7f:1a:
fd:49:87:f6:d7:24:f1:17:84:b2:c0:d8:b2:5c:ad:
b7:b7:4b:f1:27:17:c2:e3:61:03:a7:98:9f:12:24:
63:81:ab:a0:44:3c:ed:46:3c:b8:bb:ed:8d:02:1f:
6f:ae:2a:0a:9a:0d:45:08:2a:6f:4f:cb:cd:36:d7:
06:0d:e4:4c:13:4c:57:5c:cb:08:e0:d9:ce:58:d3:
29:08:ec:81:54:22:b3:2e:85:84:d3:13:d1:56:df:
b1:41:f2:c3:30:5c:6c:c3:eb:53:88:99:1f:f1:a4:
fc:f1:eb:a2:08:4e:c0:24:01:59:5d:ab:c4:63:21:
b1:7b:cc:6b:57:15:63:0b:03:06:f2:74:61:c3:3e:
40:eb:8b:bf:38:72:11:43:3f:f6:3d:18:b7:31:fe:
b6:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:E3:6D:2C:64:C9:9C:ED:6C:0D:86:3F:EF:68:26:CD:47:2C:70:AA
X509v3 Authority Key Identifier:
keyid:D8:26:CA:5D:53:C1:B5:30:8E:2C:9C:79:1C:63:0A:0F:22:33:79:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2CbKXVPBtTCOLJx5HGMKDyIzeUM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/4b544e-6535-4af8-bbdb-58d2ee982879/1/JuNtLGTJnO1sDYY_72gmzUcscKo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/4b544e-6535-4af8-bbdb-58d2ee982879/1/2CbKXVPBtTCOLJx5HGMKDyIzeUM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.68.67.0/24
109.68.70.0/23
Signature Algorithm: sha256WithRSAEncryption
2f:f0:69:16:61:32:3f:6f:c8:f7:08:55:8f:f4:32:51:cc:56:
1d:92:b9:6d:b9:ec:6a:d3:6f:25:50:fd:35:aa:56:06:c5:b4:
25:3b:60:15:c4:35:f5:24:05:97:58:5a:e3:fd:21:aa:ae:16:
b7:d2:4d:40:b1:7d:6f:11:1e:70:80:61:af:45:ed:a5:a5:45:
6a:8a:62:43:0e:df:48:fd:e3:8b:7f:ea:72:b3:13:fa:97:1a:
47:46:da:b2:4d:96:53:7e:8e:3b:16:a3:2e:8d:33:f5:74:36:
21:1d:69:a2:5e:4c:52:29:d1:0e:8e:1a:5a:46:3a:44:fd:ff:
e8:66:c8:34:5f:ef:ac:7d:a9:27:4f:24:c6:9b:26:2f:bd:02:
e3:fc:68:2f:7d:15:97:c3:59:52:42:e3:ee:59:b6:d0:49:e1:
08:19:f8:ae:1c:e5:bd:17:fd:de:8b:42:e0:d7:45:37:8c:ca:
0a:da:af:57:06:ef:47:3b:8d:a5:c7:48:3c:53:b8:d4:00:d1:
59:fa:f7:9d:bb:e7:e2:11:27:01:28:e5:19:6f:d0:0d:47:ed:
a2:9b:4a:ab:b8:6f:2b:7c:c4:5d:8e:91:39:7c:0f:37:4a:88:
38:b0:e7:f3:2a:7f:14:62:7b:16:de:9b:f6:da:76:33:78:14:
ee:28:28:21
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVrSfbg8/XafuFx4UCLSEYWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4MjZjYTVkNTNjMWI1MzA4ZTJjOWM3OTFjNjMwYTBmMjIz
Mzc5NDMwHhcNMjMwMTAxMDMwNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNmUzNmQyYzY0Yzk5Y2VkNmMwZDg2M2ZlZjY4MjZjZDQ3MmM3MGFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAohAB29yZLPvJZ4GFL/VaBBFoG1Gg
2DAf1KUKUM267COGYlIfNnMmRFe4oP8Zg5xMPFelpCQfq4Ty/ygYGuF6KP+Hry5r
e5K3wtxPK3mRTmmAGbZLKAA4VhpNuAL8/dgHaOhjwAmyfxr9SYf21yTxF4SywNiy
XK23t0vxJxfC42EDp5ifEiRjgaugRDztRjy4u+2NAh9vrioKmg1FCCpvT8vNNtcG
DeRME0xXXMsI4NnOWNMpCOyBVCKzLoWE0xPRVt+xQfLDMFxsw+tTiJkf8aT88eui
CE7AJAFZXavEYyGxe8xrVxVjCwMG8nRhwz5A64u/OHIRQz/2PRi3Mf62zQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCbjbSxkyZztbA2GP+9oJs1HLHCqMB8GA1UdIwQY
MBaAFNgmyl1TwbUwjiyceRxjCg8iM3lDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkNiS1hWUEJ0VENPTEp4NUhHTUtEeUl6ZVVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS80YjU0NGUtNjUzNS00YWY4LWJiZGIt
NThkMmVlOTgyODc5LzEvSnVOdExHVEpuTzFzRFlZXzcyZ216VWNzY0tvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS80YjU0NGUtNjUzNS00YWY4LWJiZGItNThkMmVlOTgyODc5
LzEvMkNiS1hWUEJ0VENPTEp4NUhHTUtEeUl6ZVVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAbURDAwQB
bURGMA0GCSqGSIb3DQEBCwUAA4IBAQAv8GkWYTI/b8j3CFWP9DJRzFYdkrltuexq
028lUP01qlYGxbQlO2AVxDX1JAWXWFrj/SGqrha30k1AsX1vER5wgGGvRe2lpUVq
imJDDt9I/eOLf+pysxP6lxpHRtqyTZZTfo47FqMujTP1dDYhHWmiXkxSKdEOjhpa
RjpE/f/oZsg0X++sfaknTyTGmyYvvQLj/GgvfRWXw1lSQuPuWbbQSeEIGfiuHOW9
F/3ei0Lg10U3jMoK2q9XBu9HO42lx0g8U7jUANFZ+vedu+fiEScBKOUZb9ANR+2i
m0qruG8rfMRdjpE5fA83Sog4sOfzKn8UYnsW3pv22nYzeBTuKCgh
-----END CERTIFICATE-----
Generated at Mon Jan 1 09:31:06 2024 by rpki-client on console-ams.rpki-client.org