Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/4b128d-ed47-41c1-aaf0-dfe6c5eb1f7c/1/td7JwM2Kjjx7TQtoRev48TTbyc8.roa
File: td7JwM2Kjjx7TQtoRev48TTbyc8.roa (raw, json)
Hash identifier: /cZJU+2UcYLLhQT3muIPybZwo6svV+zb1Q08RLhYlcA=
Subject key identifier: B5:DE:C9:C0:CD:8A:8E:3C:7B:4D:0B:68:45:EB:F8:F1:34:DB:C9:CF
Certificate issuer: /CN=61658d5efa2a0a3c36c9239374258a98f7fda388
Certificate serial: 018C630169F60980359AD5AE506674088B6B
Authority key identifier: 61:65:8D:5E:FA:2A:0A:3C:36:C9:23:93:74:25:8A:98:F7:FD:A3:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YWWNXvoqCjw2ySOTdCWKmPf9o4g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/4b128d-ed47-41c1-aaf0-dfe6c5eb1f7c/1/td7JwM2Kjjx7TQtoRev48TTbyc8.roa
Signing time: Wed 13 Dec 2023 11:48:06 +0000
ROA not before: Wed 13 Dec 2023 11:48:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8771
IP address blocks: 109.121.64.0/19 maxlen: 19
213.240.0.0/19 maxlen: 19
213.198.192.0/18 maxlen: 18
109.121.96.0/20 maxlen: 20
213.240.36.0/22 maxlen: 22
194.247.192.0/19 maxlen: 19
213.240.40.0/23 maxlen: 23
213.240.40.0/21 maxlen: 21
78.30.128.0/18 maxlen: 18
213.240.48.0/20 maxlen: 20
2a00:1108::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:31:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:63:01:69:f6:09:80:35:9a:d5:ae:50:66:74:08:8b:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61658d5efa2a0a3c36c9239374258a98f7fda388
Validity
Not Before: Dec 13 11:48:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b5dec9c0cd8a8e3c7b4d0b6845ebf8f134dbc9cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:5e:ad:c0:f3:ec:63:51:30:0e:1d:01:8d:ff:
ae:77:80:56:a8:92:7d:06:24:9a:76:16:20:cf:cf:
e5:79:ad:60:1f:b0:97:63:d1:f0:7d:a6:bd:1e:74:
15:88:dc:e6:9b:3d:ec:f0:c6:f9:9f:7e:21:97:d9:
bb:20:f4:5e:42:14:5a:58:07:b2:a8:4c:f8:3c:ef:
93:0c:0a:6a:83:96:72:58:7b:eb:e4:61:d5:01:d1:
15:12:38:50:13:65:9c:bb:8d:b4:06:1e:8d:40:db:
04:62:00:34:13:2c:be:9d:46:60:d5:62:1b:52:37:
e4:35:3a:f9:95:d6:f7:70:41:c0:ff:a7:ce:74:8a:
63:28:39:05:13:3b:9d:bb:d0:4b:51:bc:6e:2c:95:
d4:46:29:a7:90:2b:bd:3e:43:4e:7c:12:5f:3c:3e:
b2:78:6a:7f:d5:90:ec:dd:5d:b8:0d:e2:e5:13:bd:
25:6a:f1:9f:9e:4d:0d:9e:57:10:53:74:72:52:1e:
e1:92:5e:46:8b:ed:e8:ee:a9:09:26:c2:34:2b:cb:
e3:83:61:cd:c1:c0:92:21:c5:02:1a:c4:8e:0c:b0:
3f:96:78:d6:61:dd:cd:73:08:86:c7:57:f5:38:d0:
83:d8:18:49:72:6e:f1:96:71:7c:9a:f9:aa:55:28:
6c:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:DE:C9:C0:CD:8A:8E:3C:7B:4D:0B:68:45:EB:F8:F1:34:DB:C9:CF
X509v3 Authority Key Identifier:
keyid:61:65:8D:5E:FA:2A:0A:3C:36:C9:23:93:74:25:8A:98:F7:FD:A3:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YWWNXvoqCjw2ySOTdCWKmPf9o4g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/4b128d-ed47-41c1-aaf0-dfe6c5eb1f7c/1/td7JwM2Kjjx7TQtoRev48TTbyc8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/4b128d-ed47-41c1-aaf0-dfe6c5eb1f7c/1/YWWNXvoqCjw2ySOTdCWKmPf9o4g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.30.128.0/18
109.121.64.0-109.121.111.255
194.247.192.0/19
213.198.192.0/18
213.240.0.0/19
213.240.36.0-213.240.63.255
IPv6:
2a00:1108::/32
Signature Algorithm: sha256WithRSAEncryption
44:5b:19:74:19:5e:c6:94:8f:66:d0:47:e0:0e:b6:ca:7e:4c:
ad:0b:0b:9f:c1:d2:2e:37:b5:db:a0:02:4c:85:e3:95:ae:c3:
c8:27:c1:ec:a2:a5:76:98:b3:43:7f:88:ba:8a:17:e5:a1:c6:
2f:f9:a7:42:e2:ba:56:b5:7e:9b:52:5b:4a:b9:92:45:23:16:
b1:67:e5:6e:ed:e5:b8:4b:08:5c:15:b8:fd:57:71:6e:1b:27:
81:67:43:11:50:6f:43:be:ef:8c:30:12:ff:6f:48:5e:dd:d0:
b5:61:1e:da:5a:ee:e3:0a:c3:f2:d0:ac:89:45:0b:ae:85:59:
e3:5d:03:6e:c1:14:33:ec:d4:90:0d:05:c1:f1:5d:63:7c:e4:
30:5d:6b:b5:14:f3:a7:11:44:eb:c4:8d:3d:84:e3:bd:1c:3e:
1b:5f:93:f4:1d:00:9d:9d:9d:3b:d6:fc:bf:90:4d:10:3f:c7:
3f:79:77:3c:35:ce:43:80:5f:30:d8:8e:db:0d:23:28:82:c7:
d5:44:d6:ed:db:84:26:97:47:3d:ae:c6:0d:36:71:7a:d0:5c:
ad:ee:44:54:da:71:7a:74:6a:7f:7f:61:cc:a1:34:c5:30:d5:
d7:63:b2:55:6e:8a:9c:94:40:5a:37:ce:0a:75:3d:e1:fc:95:
83:f2:e2:47
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgISAYxjAWn2CYA1mtWuUGZ0CItrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxNjU4ZDVlZmEyYTBhM2MzNmM5MjM5Mzc0MjU4YTk4Zjdm
ZGEzODgwHhcNMjMxMjEzMTE0ODA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNWRlYzljMGNkOGE4ZTNjN2I0ZDBiNjg0NWViZjhmMTM0ZGJjOWNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiF6twPPsY1EwDh0Bjf+ud4BWqJJ9
BiSadhYgz8/lea1gH7CXY9Hwfaa9HnQViNzmmz3s8Mb5n34hl9m7IPReQhRaWAey
qEz4PO+TDApqg5ZyWHvr5GHVAdEVEjhQE2Wcu420Bh6NQNsEYgA0Eyy+nUZg1WIb
UjfkNTr5ldb3cEHA/6fOdIpjKDkFEzudu9BLUbxuLJXURimnkCu9PkNOfBJfPD6y
eGp/1ZDs3V24DeLlE70lavGfnk0NnlcQU3RyUh7hkl5Gi+3o7qkJJsI0K8vjg2HN
wcCSIcUCGsSODLA/lnjWYd3NcwiGx1f1ONCD2BhJcm7xlnF8mvmqVShszwIDAQAB
o4ICRjCCAkIwHQYDVR0OBBYEFLXeycDNio48e00LaEXr+PE028nPMB8GA1UdIwQY
MBaAFGFljV76Kgo8Nskjk3Qlipj3/aOIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVdXTlh2b3FDancyeVNPVGRDV0ttUGY5bzRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS80YjEyOGQtZWQ0Ny00MWMxLWFhZjAt
ZGZlNmM1ZWIxZjdjLzEvdGQ3SndNMktqang3VFF0b1JldjQ4VFRieWM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS80YjEyOGQtZWQ0Ny00MWMxLWFhZjAtZGZlNmM1ZWIxZjdj
LzEvWVdXTlh2b3FDancyeVNPVGRDV0ttUGY5bzRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFwGCCsGAQUFBwEHAQH/BE0wSzA6BAIAATA0AwQGTh6AMAwD
BAZteUADBARteWADBAXC98ADBAbVxsADBAXV8AAwDAMEAtXwJAMEBtXwADANBAIA
AjAHAwUAKgARCDANBgkqhkiG9w0BAQsFAAOCAQEARFsZdBlexpSPZtBH4A62yn5M
rQsLn8HSLje126ACTIXjla7DyCfB7KKldpizQ3+IuooX5aHGL/mnQuK6VrV+m1Jb
SrmSRSMWsWflbu3luEsIXBW4/VdxbhsngWdDEVBvQ77vjDAS/29IXt3QtWEe2lru
4wrD8tCsiUULroVZ410DbsEUM+zUkA0FwfFdY3zkMF1rtRTzpxFE68SNPYTjvRw+
G1+T9B0AnZ2dO9b8v5BNED/HP3l3PDXOQ4BfMNiO2w0jKILH1UTW7duEJpdHPa7G
DTZxetBcre5EVNpxenRqf39hzKE0xTDV12OyVW6KnJRAWjfOCnU94fyVg/LiRw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:51:09 2024 by rpki-client on console-ams.rpki-client.org