Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/Aoy4iH3fcyLUjh_WfwyB0xGf3QY.roa
File: Aoy4iH3fcyLUjh_WfwyB0xGf3QY.roa (raw, json)
Hash identifier: A0dmNYriqM5SZ6oDDahQWb10SGYkTTFKP9WPasQli30=
Subject key identifier: 02:8C:B8:88:7D:DF:73:22:D4:8E:1F:D6:7F:0C:81:D3:11:9F:DD:06
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 018C167C1C5CC4A5DB37F1675E0FD257EE68
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/Aoy4iH3fcyLUjh_WfwyB0xGf3QY.roa
Signing time: Tue 28 Nov 2023 15:11:21 +0000
ROA not before: Tue 28 Nov 2023 15:11:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209854
IP address blocks: 109.207.129.0/24 maxlen: 24
91.229.18.0/24 maxlen: 24
77.36.59.0/24 maxlen: 24
91.229.19.0/24 maxlen: 24
93.120.24.0/23 maxlen: 24
193.36.203.0/24 maxlen: 24
192.162.184.0/24 maxlen: 24
192.162.185.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:30:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:16:7c:1c:5c:c4:a5:db:37:f1:67:5e:0f:d2:57:ee:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Nov 28 15:11:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=028cb8887ddf7322d48e1fd67f0c81d3119fdd06
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:e0:98:c6:cf:28:42:b9:27:39:01:2d:5e:71:
de:00:a7:e6:da:fd:e1:4f:95:55:c7:35:69:4e:6a:
cb:40:99:1f:10:a6:d6:2f:3c:23:af:8c:b4:6f:63:
8d:04:38:95:a8:26:c8:6d:a2:46:34:c8:97:43:a1:
7c:2a:49:2a:87:b7:f5:cf:75:c7:e9:bf:33:5e:b2:
ee:ea:19:61:59:4d:b8:ba:44:2a:61:3e:cc:9c:e2:
98:50:8f:ef:63:95:29:6b:d8:18:a8:92:0b:12:08:
19:28:1a:75:df:23:ee:9a:03:3c:4b:4d:4e:2a:3c:
e5:22:e3:59:d1:02:f6:c2:2e:1b:a1:31:cc:78:6b:
c6:66:30:0c:c4:6d:e6:84:f0:db:1e:3d:a9:53:1b:
5b:90:ec:12:67:88:cf:b7:2c:b7:dc:69:26:e1:62:
b5:ff:92:74:ed:a0:15:03:15:60:41:b2:42:b4:1d:
33:40:f4:40:3c:31:88:17:03:f5:86:51:b8:c6:d8:
b4:32:b4:e3:70:00:d6:6e:00:1f:d3:0f:1a:75:db:
e1:52:38:22:b0:e9:f4:19:56:c4:98:fc:b7:03:70:
b9:7b:21:7c:b4:93:b4:64:87:4d:60:f7:96:3f:75:
8a:67:df:c0:1b:1e:30:b3:8a:e7:df:fa:83:c2:b5:
a3:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:8C:B8:88:7D:DF:73:22:D4:8E:1F:D6:7F:0C:81:D3:11:9F:DD:06
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/Aoy4iH3fcyLUjh_WfwyB0xGf3QY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.36.59.0/24
91.229.18.0/23
93.120.24.0/23
109.207.129.0/24
192.162.184.0/23
193.36.203.0/24
Signature Algorithm: sha256WithRSAEncryption
9c:e0:1c:e4:8e:ce:3e:7a:c1:cb:99:7e:a4:c5:14:63:b2:2e:
01:50:8b:e9:e1:b0:df:99:1b:85:ba:b3:ef:78:a9:02:86:2b:
f0:cd:da:38:8e:15:ea:cc:1c:7b:16:20:5e:b2:b4:31:28:8a:
8e:df:09:e0:91:59:0f:1b:34:17:f4:db:6f:f1:32:f7:61:35:
e0:e2:21:38:8f:46:66:49:82:be:dd:6c:d7:85:0d:7d:27:87:
5e:bd:04:53:f8:eb:b5:84:81:9b:68:48:e3:ff:6c:10:aa:ed:
31:1b:d1:c6:6b:9b:cf:81:17:18:a6:23:a3:e4:e0:13:1a:79:
4f:ae:06:a8:cc:26:c8:f3:71:44:4f:f8:d7:7b:2b:16:a0:d3:
0b:c9:8e:6e:8b:81:b1:a0:ed:de:2f:28:1d:43:3f:ca:b1:d0:
cb:fb:4f:d8:7d:03:9f:dd:d1:35:60:14:62:ca:6c:b6:2b:02:
fc:fc:eb:cc:e6:9a:e9:f0:b4:06:4c:23:4e:90:c7:66:49:23:
d1:30:d8:be:2b:30:5f:9e:66:92:e6:b1:44:58:2d:11:43:0a:
69:d7:a4:19:44:0f:f3:5c:58:b3:73:d9:72:32:b6:26:f6:a4:
3c:7e:ef:42:99:a5:97:1b:46:cd:6c:a7:15:8f:26:08:7c:7c:
6e:d6:f2:6b
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYwWfBxcxKXbN/FnXg/SV+5oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjMxMTI4MTUxMTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjhjYjg4ODdkZGY3MzIyZDQ4ZTFmZDY3ZjBjODFkMzExOWZkZDA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjuCYxs8oQrknOQEtXnHeAKfm2v3h
T5VVxzVpTmrLQJkfEKbWLzwjr4y0b2ONBDiVqCbIbaJGNMiXQ6F8Kkkqh7f1z3XH
6b8zXrLu6hlhWU24ukQqYT7MnOKYUI/vY5Upa9gYqJILEggZKBp13yPumgM8S01O
KjzlIuNZ0QL2wi4boTHMeGvGZjAMxG3mhPDbHj2pUxtbkOwSZ4jPtyy33Gkm4WK1
/5J07aAVAxVgQbJCtB0zQPRAPDGIFwP1hlG4xti0MrTjcADWbgAf0w8addvhUjgi
sOn0GVbEmPy3A3C5eyF8tJO0ZIdNYPeWP3WKZ9/AGx4ws4rn3/qDwrWj5QIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFAKMuIh933Mi1I4f1n8MgdMRn90GMB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvQW95NGlIM2ZjeUxVamhfV2Z3eUIweEdmM1FZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQATSQ7AwQB
W+USAwQBXXgYAwQAbc+BAwQBwKK4AwQAwSTLMA0GCSqGSIb3DQEBCwUAA4IBAQCc
4Bzkjs4+esHLmX6kxRRjsi4BUIvp4bDfmRuFurPveKkChivwzdo4jhXqzBx7FiBe
srQxKIqO3wngkVkPGzQX9Ntv8TL3YTXg4iE4j0ZmSYK+3WzXhQ19J4devQRT+Ou1
hIGbaEjj/2wQqu0xG9HGa5vPgRcYpiOj5OATGnlPrgaozCbI83FET/jXeysWoNML
yY5ui4GxoO3eLygdQz/KsdDL+0/YfQOf3dE1YBRiymy2KwL8/OvM5prp8LQGTCNO
kMdmSSPRMNi+KzBfnmaS5rFEWC0RQwpp16QZRA/zXFizc9lyMrYm9qQ8fu9CmaWX
G0bNbKcVjyYIfHxu1vJr
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:57 2024 by rpki-client on console-fra.rpki-client.org