Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/_ANOxBiRNukFP6k9vIX9Z6Lfp_A.roa
File: _ANOxBiRNukFP6k9vIX9Z6Lfp_A.roa (raw, json)
Hash identifier: ZS/Zt9fDmzA40yTby0Bf9PbWVsKR56RfxaynJnX/Paw=
Subject key identifier: FC:03:4E:C4:18:91:36:E9:05:3F:A9:3D:BC:85:FD:67:A2:DF:A7:F0
Certificate issuer: /CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Certificate serial: 01941F8C837F9CFE0C11E35BE71332889FCB
Authority key identifier: 6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/_ANOxBiRNukFP6k9vIX9Z6Lfp_A.roa
Signing time: Wed 01 Jan 2025 01:48:09 +0000
ROA not before: Wed 01 Jan 2025 01:48:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 109.122.240.0/20 maxlen: 24
Validation: Failed, certificate revoked on Fri 10 Jan 2025 02:02:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:83:7f:9c:fe:0c:11:e3:5b:e7:13:32:88:9f:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Validity
Not Before: Jan 1 01:48:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fc034ec4189136e9053fa93dbc85fd67a2dfa7f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:fb:b7:b4:72:33:ed:57:e7:07:4a:bf:58:31:
eb:e7:89:13:3b:5a:95:a6:c8:1a:e4:01:b8:68:e2:
b5:5b:6b:a3:43:db:7e:dd:cf:93:6a:c5:6c:dc:6f:
62:b6:78:5a:a1:bd:fa:65:3c:99:1e:cc:c9:d0:b0:
40:c7:a2:7e:4b:d2:4e:1a:e0:d4:2e:7e:db:38:10:
20:ec:53:64:89:c4:25:cd:92:7a:9a:18:0e:aa:f8:
56:b3:12:7b:b8:0f:29:97:ff:3a:34:fa:2e:93:16:
c6:55:6e:7c:b1:75:b1:eb:6d:ff:fb:14:fd:84:88:
4a:6a:24:58:57:31:25:46:e3:da:30:aa:2e:a6:0b:
cb:da:c4:2e:2d:52:5c:e9:3e:1b:5d:61:ad:7a:b1:
9e:c2:69:dc:41:a7:89:af:04:3f:5f:74:23:3a:65:
f2:95:eb:b6:24:f3:8d:b6:21:49:1d:08:31:52:fe:
58:a2:4e:d1:3a:5f:a8:89:db:71:a1:9f:1b:aa:8b:
a6:4d:4b:98:ec:5c:b3:82:97:d0:c1:de:89:59:72:
7c:b1:1c:4e:01:c8:f1:a4:e8:bf:e7:bc:59:74:4a:
5d:a9:19:2d:8f:9b:98:ad:44:f1:e7:05:c5:b1:39:
d2:55:ad:0c:c6:b3:f4:1a:50:d0:84:6a:4b:66:9e:
7c:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:03:4E:C4:18:91:36:E9:05:3F:A9:3D:BC:85:FD:67:A2:DF:A7:F0
X509v3 Authority Key Identifier:
keyid:6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/_ANOxBiRNukFP6k9vIX9Z6Lfp_A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/bds4s0PaLRGTCe2qGceniHAyfr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.122.240.0/20
Signature Algorithm: sha256WithRSAEncryption
39:c8:95:71:bc:fe:eb:ae:ae:0f:aa:9b:ca:8a:4f:cf:96:5c:
ab:bd:3f:10:82:c1:61:df:9b:bf:28:72:60:36:a3:68:1e:86:
76:36:fa:62:0c:81:38:13:ac:05:d8:d9:a1:0a:ed:b6:55:da:
cd:63:2e:31:30:09:ef:21:16:09:25:37:0a:6f:60:79:00:8f:
6c:73:a3:00:b7:61:ff:ce:26:ac:13:26:c4:8b:de:cc:36:44:
14:ed:0f:b2:aa:87:a6:8c:77:68:aa:ff:62:b5:96:0d:22:78:
22:90:eb:c7:c4:e3:77:90:61:1d:32:1d:bf:96:ea:23:e5:0e:
c1:fd:9a:bf:65:ab:46:94:3b:f3:ae:a5:6c:42:df:3f:3c:c3:
a0:c1:e2:c0:61:39:f5:32:3f:30:2d:c0:78:34:9e:c6:c5:80:
eb:82:ea:56:86:9a:4d:0f:34:e5:a4:e0:a0:bf:52:d5:f7:06:
9e:5e:bc:d3:d5:24:0f:dd:b0:52:f3:98:3e:e0:49:0f:ad:95:
31:bf:10:e2:d5:25:f3:e1:c2:f3:2f:64:18:08:ac:4d:5f:5a:
e6:95:6b:ba:81:ef:1c:57:28:6b:c4:ca:3e:25:75:f5:47:89:
f6:cc:6b:08:2d:d4:5b:9d:28:3e:a6:e4:32:2c:63:ed:74:cc:
37:0d:8b:f0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQfjIN/nP4MEeNb5xMyiJ/LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkZGIzOGIzNDNkYTJkMTE5MzA5ZWRhYTE5YzdhNzg4NzAz
MjdlYmUwHhcNMjUwMTAxMDE0ODA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYzAzNGVjNDE4OTEzNmU5MDUzZmE5M2RiYzg1ZmQ2N2EyZGZhN2YwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAovu3tHIz7VfnB0q/WDHr54kTO1qV
psga5AG4aOK1W2ujQ9t+3c+TasVs3G9itnhaob36ZTyZHszJ0LBAx6J+S9JOGuDU
Ln7bOBAg7FNkicQlzZJ6mhgOqvhWsxJ7uA8pl/86NPoukxbGVW58sXWx623/+xT9
hIhKaiRYVzElRuPaMKoupgvL2sQuLVJc6T4bXWGterGewmncQaeJrwQ/X3QjOmXy
leu2JPONtiFJHQgxUv5Yok7ROl+oidtxoZ8bqoumTUuY7FyzgpfQwd6JWXJ8sRxO
AcjxpOi/57xZdEpdqRktj5uYrUTx5wXFsTnSVa0MxrP0GlDQhGpLZp58kwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPwDTsQYkTbpBT+pPbyF/Wei36fwMB8GA1UdIwQY
MBaAFG3bOLND2i0RkwntqhnHp4hwMn6+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQt
M2RmYTUxMGQ2YjE2LzEvX0FOT3hCaVJOdWtGUDZrOXZJWDlaNkxmcF9BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQtM2RmYTUxMGQ2YjE2
LzEvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEbXrwMA0G
CSqGSIb3DQEBCwUAA4IBAQA5yJVxvP7rrq4PqpvKik/PllyrvT8QgsFh35u/KHJg
NqNoHoZ2NvpiDIE4E6wF2NmhCu22VdrNYy4xMAnvIRYJJTcKb2B5AI9sc6MAt2H/
ziasEybEi97MNkQU7Q+yqoemjHdoqv9itZYNIngikOvHxON3kGEdMh2/luoj5Q7B
/Zq/ZatGlDvzrqVsQt8/PMOgweLAYTn1Mj8wLcB4NJ7GxYDrgupWhppNDzTlpOCg
v1LV9waeXrzT1SQP3bBS85g+4EkPrZUxvxDi1SXz4cLzL2QYCKxNX1rmlWu6ge8c
VyhrxMo+JXX1R4n2zGsILdRbnSg+puQyLGPtdMw3DYvw
-----END CERTIFICATE-----
Generated at Mon Apr 28 19:59:41 2025 by rpki-client