Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/a69b42-0f9d-4f3c-a931-9127f429a48d/1/PP-mbop8ECaae-P64sWmIeCJdxA.roa
File: PP-mbop8ECaae-P64sWmIeCJdxA.roa (raw, json)
Hash identifier: ofxz/Vj7xJuhnV+5FstvbPCrZhEpXi5JqkvxiCXOTUI=
Subject key identifier: 3C:FF:A6:6E:8A:7C:10:26:9A:7B:E3:FA:E2:C5:A6:21:E0:89:77:10
Certificate issuer: /CN=018b20ff098e6b7cbc8b6af0d680065e6b90600b
Certificate serial: 01856FC287286298326D3564A6F2A3B14F7C
Authority key identifier: 01:8B:20:FF:09:8E:6B:7C:BC:8B:6A:F0:D6:80:06:5E:6B:90:60:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AYsg_wmOa3y8i2rw1oAGXmuQYAs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/a69b42-0f9d-4f3c-a931-9127f429a48d/1/PP-mbop8ECaae-P64sWmIeCJdxA.roa
Signing time: Sun 01 Jan 2023 23:54:57 +0000
ROA not before: Sun 01 Jan 2023 23:54:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210598
IP address blocks: 109.107.152.0/24 maxlen: 24
2a11:d2c0::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:c2:87:28:62:98:32:6d:35:64:a6:f2:a3:b1:4f:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=018b20ff098e6b7cbc8b6af0d680065e6b90600b
Validity
Not Before: Jan 1 23:54:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3cffa66e8a7c10269a7be3fae2c5a621e0897710
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:40:80:ba:de:d6:6f:16:ee:c1:5b:14:27:56:
77:f5:66:d8:c3:b5:9f:7e:a7:b0:01:5d:76:9c:2c:
2a:12:8c:37:14:81:67:1a:6d:81:d6:90:58:07:a6:
cc:22:25:54:0e:ea:9d:07:2a:74:70:94:11:45:44:
38:92:ce:67:d1:5c:b1:c5:1f:72:d4:35:fe:28:6a:
42:e7:c4:dc:99:8d:5e:35:9d:79:e0:bc:62:07:5e:
1d:e1:29:7c:6b:ed:20:7c:33:ca:25:52:cd:be:2a:
9f:d9:bf:3e:b5:36:ba:2d:9c:1c:2f:9c:3c:b1:76:
96:23:79:af:c6:2f:aa:c1:ad:32:c3:de:66:75:f7:
07:16:eb:c9:cf:9b:ac:b7:d7:0c:ef:0e:f8:33:a7:
d2:d5:f1:38:d6:e1:c2:a5:f6:c6:f7:eb:9d:c6:fc:
1f:30:14:9c:a4:5b:c3:1d:4a:83:42:b0:43:29:da:
44:c1:ec:e5:70:56:90:23:8c:23:7d:7b:43:1e:3f:
b5:72:8c:3d:59:ea:7a:f9:e6:2a:0c:d0:61:79:2b:
0a:ec:55:13:7d:37:8e:8b:e8:b7:d8:56:9b:fe:ee:
4c:22:e0:e5:65:fd:ef:63:e1:67:60:36:a3:73:57:
43:0a:dc:c6:2a:3a:de:f9:89:2e:3c:d6:bb:3b:b9:
cf:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:FF:A6:6E:8A:7C:10:26:9A:7B:E3:FA:E2:C5:A6:21:E0:89:77:10
X509v3 Authority Key Identifier:
keyid:01:8B:20:FF:09:8E:6B:7C:BC:8B:6A:F0:D6:80:06:5E:6B:90:60:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AYsg_wmOa3y8i2rw1oAGXmuQYAs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/a69b42-0f9d-4f3c-a931-9127f429a48d/1/PP-mbop8ECaae-P64sWmIeCJdxA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/a69b42-0f9d-4f3c-a931-9127f429a48d/1/AYsg_wmOa3y8i2rw1oAGXmuQYAs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.107.152.0/24
IPv6:
2a11:d2c0::/29
Signature Algorithm: sha256WithRSAEncryption
d5:8d:f0:82:78:99:c3:00:c0:03:f6:6b:a3:b2:59:4a:42:2d:
a4:10:be:74:7a:87:2d:31:f0:54:f3:52:f4:37:e8:7a:82:22:
e6:d5:55:22:54:42:1b:0a:e0:17:a7:a8:59:85:d0:a1:21:5b:
bc:eb:a5:57:0b:76:ff:4d:5d:9a:6d:ee:e5:a9:22:e3:08:f0:
86:c3:40:1c:94:5a:05:f9:4a:45:ff:96:cb:96:52:74:b5:4e:
87:22:f5:59:ad:3f:06:be:05:ed:35:5e:4a:d0:74:e2:c8:72:
53:44:bb:48:4c:9d:0d:0e:e8:8c:01:68:b1:23:90:4e:89:a0:
8a:ef:05:93:93:32:7b:fc:33:1c:a1:b8:62:06:64:78:a2:8b:
f4:a3:98:cd:b4:7f:40:b3:7f:25:59:c8:be:3a:f1:47:bb:76:
81:3f:be:f2:50:f7:85:06:1d:0c:d8:5f:e2:77:f2:ae:f7:2f:
88:21:b5:75:c9:a0:4e:cb:01:2c:74:ec:3b:0c:4a:c9:49:dc:
a5:90:95:53:a0:b4:8b:b1:ad:f2:df:6d:ef:3f:4f:f3:6f:a6:
bb:62:27:0b:8e:a6:3e:62:ac:a6:bc:20:05:97:2c:9d:dc:6e:
db:f0:33:55:06:70:8f:09:36:06:a1:f3:b1:78:a9:f6:40:8f:
9f:0b:da:14
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVvwocoYpgybTVkpvKjsU98MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxOGIyMGZmMDk4ZTZiN2NiYzhiNmFmMGQ2ODAwNjVlNmI5
MDYwMGIwHhcNMjMwMTAxMjM1NDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzY2ZmYTY2ZThhN2MxMDI2OWE3YmUzZmFlMmM1YTYyMWUwODk3NzEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo0CAut7WbxbuwVsUJ1Z39WbYw7Wf
fqewAV12nCwqEow3FIFnGm2B1pBYB6bMIiVUDuqdByp0cJQRRUQ4ks5n0VyxxR9y
1DX+KGpC58TcmY1eNZ154LxiB14d4Sl8a+0gfDPKJVLNviqf2b8+tTa6LZwcL5w8
sXaWI3mvxi+qwa0yw95mdfcHFuvJz5ust9cM7w74M6fS1fE41uHCpfbG9+udxvwf
MBScpFvDHUqDQrBDKdpEwezlcFaQI4wjfXtDHj+1cow9Wep6+eYqDNBheSsK7FUT
fTeOi+i32Fab/u5MIuDlZf3vY+FnYDajc1dDCtzGKjre+YkuPNa7O7nPeQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDz/pm6KfBAmmnvj+uLFpiHgiXcQMB8GA1UdIwQY
MBaAFAGLIP8Jjmt8vItq8NaABl5rkGALMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQVlzZ193bU9hM3k4aTJydzFvQUdYbXVRWUFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS9hNjliNDItMGY5ZC00ZjNjLWE5MzEt
OTEyN2Y0MjlhNDhkLzEvUFAtbWJvcDhFQ2FhZS1QNjRzV21JZUNKZHhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS9hNjliNDItMGY5ZC00ZjNjLWE5MzEtOTEyN2Y0MjlhNDhk
LzEvQVlzZ193bU9hM3k4aTJydzFvQUdYbXVRWUFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAbWuYMA0E
AgACMAcDBQMqEdLAMA0GCSqGSIb3DQEBCwUAA4IBAQDVjfCCeJnDAMAD9mujsllK
Qi2kEL50eoctMfBU81L0N+h6giLm1VUiVEIbCuAXp6hZhdChIVu866VXC3b/TV2a
be7lqSLjCPCGw0AclFoF+UpF/5bLllJ0tU6HIvVZrT8GvgXtNV5K0HTiyHJTRLtI
TJ0NDuiMAWixI5BOiaCK7wWTkzJ7/DMcobhiBmR4oov0o5jNtH9As38lWci+OvFH
u3aBP77yUPeFBh0M2F/id/Ku9y+IIbV1yaBOywEsdOw7DErJSdylkJVToLSLsa3y
323vP0/zb6a7YicLjqY+YqymvCAFlyyd3G7b8DNVBnCPCTYGofOxeKn2QI+fC9oU
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:55:40 2024 by rpki-client on console.sobornost.net