Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/82ed9c-7c13-48b9-a886-cd66ad534812/1/0NkDyEN7jlRtOTQj3f56ERFMQcU.roa
File: 0NkDyEN7jlRtOTQj3f56ERFMQcU.roa (raw, json)
Hash identifier: Mmyex/QjXj8sANQq6dLuFKOW0tJBAo0QafoLZ34x0kY=
Subject key identifier: D0:D9:03:C8:43:7B:8E:54:6D:39:34:23:DD:FE:7A:11:11:4C:41:C5
Certificate issuer: /CN=39247f77a3ae0af71eac03256449f5d292cffd74
Certificate serial: 018DEF52F78B65908FC052C5F32E20B8AD75
Authority key identifier: 39:24:7F:77:A3:AE:0A:F7:1E:AC:03:25:64:49:F5:D2:92:CF:FD:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OSR_d6OuCvcerAMlZEn10pLP_XQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/82ed9c-7c13-48b9-a886-cd66ad534812/1/0NkDyEN7jlRtOTQj3f56ERFMQcU.roa
Signing time: Wed 28 Feb 2024 10:46:48 +0000
ROA not before: Wed 28 Feb 2024 10:46:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 273314
IP address blocks: 109.70.134.0/23 maxlen: 23
Validation: Failed, certificate revoked on Thu 18 Apr 2024 11:12:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:ef:52:f7:8b:65:90:8f:c0:52:c5:f3:2e:20:b8:ad:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=39247f77a3ae0af71eac03256449f5d292cffd74
Validity
Not Before: Feb 28 10:46:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d0d903c8437b8e546d393423ddfe7a11114c41c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:8d:c2:d2:75:ea:ae:ce:fa:1d:cc:6d:e1:3b:
eb:10:b2:ed:ae:4c:23:c4:c6:56:ff:1a:d5:47:0e:
da:32:ff:7d:23:83:99:6c:b7:72:0f:75:35:a6:f9:
e7:73:6f:6e:9e:72:d3:90:e5:cb:9f:ab:8c:14:73:
d7:09:91:76:d5:87:c7:30:a8:bc:ab:ac:7c:b7:e8:
c2:c5:36:c7:b0:af:7d:9c:d0:9e:81:dd:47:bc:f9:
00:04:ba:da:ca:d8:4f:eb:89:a1:a2:2c:84:71:d3:
0e:d1:1b:da:05:87:72:06:9e:f2:88:11:f4:bb:b7:
ac:59:fc:2f:7e:67:24:a3:b0:24:d5:35:4a:fb:8a:
3b:0a:95:61:0e:39:bf:32:29:17:e4:bb:59:39:f0:
77:c1:39:1d:98:0f:7b:bb:ef:bf:97:d9:64:fe:b9:
ef:d8:a1:e8:79:8f:7b:31:6a:b3:22:6b:8f:cf:fc:
17:6e:9f:14:66:74:65:25:a6:68:50:23:e3:bb:3d:
a1:7c:91:87:1e:de:7f:a3:dd:e7:c4:ba:f1:ba:2d:
ef:d3:a5:fa:23:3b:90:79:28:61:00:9e:89:e4:2b:
d8:f3:dd:11:d8:15:d4:a6:a1:dc:8f:d4:ac:82:33:
ed:3a:11:50:76:b5:96:e3:d7:30:e3:16:c2:70:d7:
be:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:D9:03:C8:43:7B:8E:54:6D:39:34:23:DD:FE:7A:11:11:4C:41:C5
X509v3 Authority Key Identifier:
keyid:39:24:7F:77:A3:AE:0A:F7:1E:AC:03:25:64:49:F5:D2:92:CF:FD:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OSR_d6OuCvcerAMlZEn10pLP_XQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82ed9c-7c13-48b9-a886-cd66ad534812/1/0NkDyEN7jlRtOTQj3f56ERFMQcU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82ed9c-7c13-48b9-a886-cd66ad534812/1/OSR_d6OuCvcerAMlZEn10pLP_XQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.70.134.0/23
Signature Algorithm: sha256WithRSAEncryption
5c:57:43:a8:36:ef:8c:5b:b8:77:a9:13:ed:97:f7:e5:b8:fd:
56:bf:ad:32:c6:c1:95:67:17:23:61:b2:67:bb:e5:76:9b:36:
ff:0b:ba:13:b0:20:ca:d0:31:03:f1:9a:6c:ff:07:c1:eb:a5:
f3:c1:4d:7e:12:94:e9:96:fc:a5:dd:f3:6b:6b:3c:fb:c3:88:
9f:cf:13:27:d1:bb:88:10:43:15:84:6c:1d:0b:c6:cd:94:a0:
3b:fe:97:50:4f:d1:c4:32:ae:6c:ff:04:2a:d2:44:34:6c:59:
49:5f:08:4f:7e:20:ec:97:de:96:0b:41:96:7c:3f:14:2d:6d:
db:57:f3:37:0c:e6:ab:c9:a3:30:6d:0b:b7:31:33:47:5d:54:
8f:3d:e8:3d:f3:78:e8:aa:e7:76:e2:7d:f2:b2:6b:a2:96:55:
17:de:8f:e5:86:de:c3:30:1e:f8:52:e8:51:8f:55:d1:4a:f6:
f4:79:f6:12:8d:ac:03:8c:c1:e9:5d:3b:83:5a:62:99:58:5c:
98:40:da:ef:a8:d3:3c:4d:b6:7b:07:f0:16:94:88:a7:ef:98:
28:81:89:9e:af:51:20:b5:d2:96:4a:93:ac:53:30:bc:d9:ac:
59:57:cf:cf:c9:fe:6f:fe:28:a9:d7:2d:b1:da:a1:3b:1d:87:
00:07:63:74
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY3vUveLZZCPwFLF8y4guK11MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5MjQ3Zjc3YTNhZTBhZjcxZWFjMDMyNTY0NDlmNWQyOTJj
ZmZkNzQwHhcNMjQwMjI4MTA0NjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMGQ5MDNjODQzN2I4ZTU0NmQzOTM0MjNkZGZlN2ExMTExNGM0MWM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6I3C0nXqrs76Hcxt4TvrELLtrkwj
xMZW/xrVRw7aMv99I4OZbLdyD3U1pvnnc29unnLTkOXLn6uMFHPXCZF21YfHMKi8
q6x8t+jCxTbHsK99nNCegd1HvPkABLraythP64mhoiyEcdMO0RvaBYdyBp7yiBH0
u7esWfwvfmcko7Ak1TVK+4o7CpVhDjm/MikX5LtZOfB3wTkdmA97u++/l9lk/rnv
2KHoeY97MWqzImuPz/wXbp8UZnRlJaZoUCPjuz2hfJGHHt5/o93nxLrxui3v06X6
IzuQeShhAJ6J5CvY890R2BXUpqHcj9SsgjPtOhFQdrWW49cw4xbCcNe+YQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNDZA8hDe45UbTk0I93+ehERTEHFMB8GA1UdIwQY
MBaAFDkkf3ejrgr3HqwDJWRJ9dKSz/10MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1NSX2Q2T3VDdmNlckFNbFpFbjEwcExQX1hRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi84MmVkOWMtN2MxMy00OGI5LWE4ODYt
Y2Q2NmFkNTM0ODEyLzEvME5rRHlFTjdqbFJ0T1RRajNmNTZFUkZNUWNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi84MmVkOWMtN2MxMy00OGI5LWE4ODYtY2Q2NmFkNTM0ODEy
LzEvT1NSX2Q2T3VDdmNlckFNbFpFbjEwcExQX1hRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBbUaGMA0G
CSqGSIb3DQEBCwUAA4IBAQBcV0OoNu+MW7h3qRPtl/fluP1Wv60yxsGVZxcjYbJn
u+V2mzb/C7oTsCDK0DED8Zps/wfB66XzwU1+EpTplvyl3fNrazz7w4ifzxMn0buI
EEMVhGwdC8bNlKA7/pdQT9HEMq5s/wQq0kQ0bFlJXwhPfiDsl96WC0GWfD8ULW3b
V/M3DOaryaMwbQu3MTNHXVSPPeg983joqud24n3ysmuillUX3o/lht7DMB74UuhR
j1XRSvb0efYSjawDjMHpXTuDWmKZWFyYQNrvqNM8TbZ7B/AWlIin75gogYmer1Eg
tdKWSpOsUzC82axZV8/Pyf5v/iip1y2x2qE7HYcAB2N0
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:01:15 2024 by rpki-client on console-fra.rpki-client.org