Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/82ed9c-7c13-48b9-a886-cd66ad534812/1/ImslIzkkwmaNHx8KGYAw8SZMVaA.roa
File: ImslIzkkwmaNHx8KGYAw8SZMVaA.roa (raw, json)
Hash identifier: NXYe0xPABvwuD9viDr7rnjm1VIVykAPQSoRiQlDymbA=
Subject key identifier: 22:6B:25:23:39:24:C2:66:8D:1F:1F:0A:19:80:30:F1:26:4C:55:A0
Certificate issuer: /CN=39247f77a3ae0af71eac03256449f5d292cffd74
Certificate serial: 018CC8701E3A7CEEF8C69999CE3046BDE8AC
Authority key identifier: 39:24:7F:77:A3:AE:0A:F7:1E:AC:03:25:64:49:F5:D2:92:CF:FD:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OSR_d6OuCvcerAMlZEn10pLP_XQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/82ed9c-7c13-48b9-a886-cd66ad534812/1/ImslIzkkwmaNHx8KGYAw8SZMVaA.roa
Signing time: Tue 02 Jan 2024 04:30:40 +0000
ROA not before: Tue 02 Jan 2024 04:30:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 273134
IP address blocks: 109.70.132.0/22 maxlen: 22
Validation: Failed, certificate revoked on Tue 09 Jan 2024 20:13:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:70:1e:3a:7c:ee:f8:c6:99:99:ce:30:46:bd:e8:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=39247f77a3ae0af71eac03256449f5d292cffd74
Validity
Not Before: Jan 2 04:30:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=226b25233924c2668d1f1f0a198030f1264c55a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:00:6c:bc:ad:a6:00:63:27:fc:79:7a:59:62:
fb:50:26:bb:8f:0a:c7:e8:1e:e8:07:33:9c:9b:57:
af:46:a9:fb:17:8a:3d:c2:06:ff:5a:88:8b:ec:e8:
a8:37:04:0e:38:f4:c0:0a:0f:1b:e3:0a:1e:8f:7f:
af:26:70:3e:a5:1f:aa:62:5f:02:52:be:f0:e0:eb:
78:07:22:cf:04:63:22:95:2d:1c:10:fe:54:19:81:
4e:06:2c:80:e1:84:95:b3:93:dd:70:c9:f1:e5:6c:
c9:23:80:6a:4f:ae:0f:3c:b2:de:8f:35:9d:67:aa:
2d:82:82:5f:8c:4c:db:1f:9a:9a:c2:4c:ed:aa:6f:
4d:6c:7f:d6:d5:ab:88:9b:d1:02:45:8b:4b:25:4e:
f3:1e:fd:a9:0a:c8:54:73:43:12:d5:4f:d0:09:1a:
85:b6:34:3e:70:4b:64:27:64:d9:5d:88:b6:72:32:
58:e9:27:b5:09:a3:d9:5b:36:c6:dc:0c:23:ea:c2:
b0:bb:e5:d1:1d:71:7e:b8:e0:6a:b5:03:24:5c:09:
c3:31:8c:0b:b2:f1:b3:ac:60:89:a2:41:9b:c8:57:
e0:cd:d7:56:dc:8e:ae:ae:ba:e6:bc:21:65:66:0b:
22:c1:69:76:94:d9:45:65:35:19:26:70:d0:8c:29:
7c:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:6B:25:23:39:24:C2:66:8D:1F:1F:0A:19:80:30:F1:26:4C:55:A0
X509v3 Authority Key Identifier:
keyid:39:24:7F:77:A3:AE:0A:F7:1E:AC:03:25:64:49:F5:D2:92:CF:FD:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OSR_d6OuCvcerAMlZEn10pLP_XQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82ed9c-7c13-48b9-a886-cd66ad534812/1/ImslIzkkwmaNHx8KGYAw8SZMVaA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82ed9c-7c13-48b9-a886-cd66ad534812/1/OSR_d6OuCvcerAMlZEn10pLP_XQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.70.132.0/22
Signature Algorithm: sha256WithRSAEncryption
15:74:b3:08:38:8b:86:b9:91:d3:b8:8b:16:63:3e:2b:f1:a0:
a6:33:c4:f7:31:61:85:99:b0:a2:61:b0:e3:c7:ed:02:db:ae:
b1:5f:bd:c0:ca:57:26:80:58:26:8b:b4:72:d2:ed:63:4f:c5:
da:85:ad:0b:7e:b0:86:8b:ad:b7:09:a9:6b:5c:10:0d:25:9c:
95:3a:de:2a:37:ba:71:87:0a:45:61:4d:b6:e1:79:24:7d:67:
db:77:58:ad:5a:cc:cf:e7:17:d7:d5:a6:71:ab:12:39:28:6e:
54:9e:93:c4:20:45:7d:78:8d:74:56:2f:84:d1:7c:77:aa:7e:
8d:d3:31:e2:83:12:94:ac:d3:9b:fd:f2:f0:e5:f9:c5:f5:aa:
86:9c:4f:0d:a7:89:67:62:73:7f:a9:4f:02:d7:91:ef:82:54:
6e:77:40:82:71:03:fa:53:b3:66:06:e0:3e:72:e1:f4:35:6c:
f9:46:55:66:df:c1:01:28:27:7d:c4:b8:a3:b6:9a:87:09:b6:
e2:17:9a:83:1f:4f:f0:60:e7:c8:cf:84:e4:18:b2:fa:23:e4:
67:31:f7:d6:1c:ad:a9:45:6b:0d:52:f9:be:4b:c5:fd:00:2c:
4e:20:94:a2:23:35:92:c5:7a:98:39:c3:89:15:71:3b:fd:24:
95:22:00:d6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIcB46fO74xpmZzjBGveisMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5MjQ3Zjc3YTNhZTBhZjcxZWFjMDMyNTY0NDlmNWQyOTJj
ZmZkNzQwHhcNMjQwMTAyMDQzMDQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjZiMjUyMzM5MjRjMjY2OGQxZjFmMGExOTgwMzBmMTI2NGM1NWEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiwBsvK2mAGMn/Hl6WWL7UCa7jwrH
6B7oBzOcm1evRqn7F4o9wgb/WoiL7OioNwQOOPTACg8b4woej3+vJnA+pR+qYl8C
Ur7w4Ot4ByLPBGMilS0cEP5UGYFOBiyA4YSVs5PdcMnx5WzJI4BqT64PPLLejzWd
Z6otgoJfjEzbH5qawkztqm9NbH/W1auIm9ECRYtLJU7zHv2pCshUc0MS1U/QCRqF
tjQ+cEtkJ2TZXYi2cjJY6Se1CaPZWzbG3Awj6sKwu+XRHXF+uOBqtQMkXAnDMYwL
svGzrGCJokGbyFfgzddW3I6urrrmvCFlZgsiwWl2lNlFZTUZJnDQjCl8GwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCJrJSM5JMJmjR8fChmAMPEmTFWgMB8GA1UdIwQY
MBaAFDkkf3ejrgr3HqwDJWRJ9dKSz/10MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1NSX2Q2T3VDdmNlckFNbFpFbjEwcExQX1hRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi84MmVkOWMtN2MxMy00OGI5LWE4ODYt
Y2Q2NmFkNTM0ODEyLzEvSW1zbEl6a2t3bWFOSHg4S0dZQXc4U1pNVmFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi84MmVkOWMtN2MxMy00OGI5LWE4ODYtY2Q2NmFkNTM0ODEy
LzEvT1NSX2Q2T3VDdmNlckFNbFpFbjEwcExQX1hRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCbUaEMA0G
CSqGSIb3DQEBCwUAA4IBAQAVdLMIOIuGuZHTuIsWYz4r8aCmM8T3MWGFmbCiYbDj
x+0C266xX73AylcmgFgmi7Ry0u1jT8Xaha0LfrCGi623CalrXBANJZyVOt4qN7px
hwpFYU224XkkfWfbd1itWszP5xfX1aZxqxI5KG5UnpPEIEV9eI10Vi+E0Xx3qn6N
0zHigxKUrNOb/fLw5fnF9aqGnE8Np4lnYnN/qU8C15HvglRud0CCcQP6U7NmBuA+
cuH0NWz5RlVm38EBKCd9xLijtpqHCbbiF5qDH0/wYOfIz4TkGLL6I+RnMffWHK2p
RWsNUvm+S8X9ACxOIJSiIzWSxXqYOcOJFXE7/SSVIgDW
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:01:15 2024 by rpki-client on console-fra.rpki-client.org