Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/KDqQ5kyA_gsXrEL0UO2vFoemh6M.roa
File: KDqQ5kyA_gsXrEL0UO2vFoemh6M.roa (raw, json)
Hash identifier: HoxVEo3fsod7NDaBUfSqZDyRKQMDu4tTcz6N206UkoA=
Subject key identifier: 28:3A:90:E6:4C:80:FE:0B:17:AC:42:F4:50:ED:AF:16:87:A6:87:A3
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 0185D04CE36583E1788D4EF1F0998A805418
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/KDqQ5kyA_gsXrEL0UO2vFoemh6M.roa
Signing time: Fri 20 Jan 2023 17:49:37 +0000
ROA not before: Fri 20 Jan 2023 17:49:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211143
IP address blocks: 109.207.128.0/24 maxlen: 24
109.207.131.0/24 maxlen: 24
77.36.58.0/23 maxlen: 23
77.36.66.0/23 maxlen: 23
93.120.34.0/23 maxlen: 23
93.120.40.0/23 maxlen: 23
Validation: Failed, certificate revoked on Tue 28 Nov 2023 15:12:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:d0:4c:e3:65:83:e1:78:8d:4e:f1:f0:99:8a:80:54:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Jan 20 17:49:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=283a90e64c80fe0b17ac42f450edaf1687a687a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:e8:1e:58:f9:2d:50:c1:bd:67:bd:be:e4:ae:
ee:c7:2c:b3:70:41:98:e4:92:47:06:c9:0b:0c:13:
61:cc:53:15:60:c1:99:2b:ff:ab:ed:bd:74:20:d3:
c3:f6:0b:0c:4b:9a:e8:da:bd:a8:30:2e:7c:5b:61:
10:b6:f8:4f:a3:ed:c4:68:3a:70:af:00:e7:52:82:
8c:8e:e6:d9:e1:0a:16:06:6c:7c:e5:c8:66:08:4e:
ba:ea:6d:c3:28:9b:ec:6f:92:fd:44:24:8f:64:86:
db:48:a2:c6:02:99:16:f4:2e:52:a5:3d:6f:de:6b:
de:e6:58:5d:9b:05:32:66:51:17:3c:90:ef:d7:59:
78:81:2b:6d:9f:57:92:da:15:73:56:6d:c7:ee:67:
ed:85:b0:77:7b:9f:09:8d:6c:f3:bd:2c:a8:8e:37:
75:45:44:d8:df:80:15:63:f4:08:3d:65:88:cb:2d:
b1:4b:f5:dc:43:5b:b8:b6:51:dd:31:41:a7:89:8e:
99:f4:11:8c:91:15:a4:91:96:1f:76:ee:4d:43:3c:
cc:03:09:80:1f:48:52:95:b2:fc:1e:40:f4:4c:69:
60:c3:79:f6:3e:e3:2d:4e:25:7f:98:de:53:b7:e4:
bb:1c:79:48:ea:3f:ee:91:18:89:94:62:c1:c7:bc:
9a:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:3A:90:E6:4C:80:FE:0B:17:AC:42:F4:50:ED:AF:16:87:A6:87:A3
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/KDqQ5kyA_gsXrEL0UO2vFoemh6M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.36.58.0/23
77.36.66.0/23
93.120.34.0/23
93.120.40.0/23
109.207.128.0/24
109.207.131.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:fc:a1:94:84:7d:18:28:39:e4:f7:4e:a0:bd:31:40:06:56:
e2:5d:b7:fd:35:83:43:d4:ba:eb:e9:92:0b:27:5b:d3:2d:5a:
4c:af:b2:81:97:96:f1:fc:1f:bd:4c:98:34:34:ce:62:77:ae:
c9:c8:a0:e3:eb:f6:36:13:ff:45:ce:8b:15:5c:38:9a:93:b3:
33:4b:16:fc:66:d9:e7:ea:10:12:30:95:66:df:25:89:f8:b3:
3d:35:32:ea:f9:96:ed:26:30:a4:19:c2:aa:52:06:c8:d6:94:
a2:15:37:a9:f5:ea:7a:5a:b9:1b:87:83:1b:64:06:d7:4f:93:
49:86:3f:ee:47:76:e2:b5:b9:94:2e:a2:d0:4f:4b:16:9b:94:
87:6e:e5:23:c4:fc:dc:e2:64:55:a9:36:36:f6:3d:7b:37:e4:
55:57:b1:12:e0:90:56:ec:5d:64:72:36:7f:ca:61:21:34:b6:
4a:69:1e:ef:bc:5b:bb:f4:ac:15:68:65:81:3f:59:80:7e:81:
97:a7:5e:e9:80:dc:2d:36:9a:42:29:92:27:e6:67:e3:65:25:
26:78:5c:9f:ef:bf:cf:82:f9:37:71:b7:9c:1c:56:65:b6:a9:
5b:f3:11:d0:27:6f:6e:67:66:aa:34:de:d5:91:e9:8a:38:50:
81:ca:e1:1c
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYXQTONlg+F4jU7x8JmKgFQYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjMwMTIwMTc0OTM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODNhOTBlNjRjODBmZTBiMTdhYzQyZjQ1MGVkYWYxNjg3YTY4N2EzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxegeWPktUMG9Z72+5K7uxyyzcEGY
5JJHBskLDBNhzFMVYMGZK/+r7b10INPD9gsMS5ro2r2oMC58W2EQtvhPo+3EaDpw
rwDnUoKMjubZ4QoWBmx85chmCE666m3DKJvsb5L9RCSPZIbbSKLGApkW9C5SpT1v
3mve5lhdmwUyZlEXPJDv11l4gSttn1eS2hVzVm3H7mfthbB3e58JjWzzvSyojjd1
RUTY34AVY/QIPWWIyy2xS/XcQ1u4tlHdMUGniY6Z9BGMkRWkkZYfdu5NQzzMAwmA
H0hSlbL8HkD0TGlgw3n2PuMtTiV/mN5Tt+S7HHlI6j/ukRiJlGLBx7yaUQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFCg6kOZMgP4LF6xC9FDtrxaHpoejMB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvS0RxUTVreUFfZ3NYckVMMFVPMnZGb2VtaDZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQBTSQ6AwQB
TSRCAwQBXXgiAwQBXXgoAwQAbc+AAwQAbc+DMA0GCSqGSIb3DQEBCwUAA4IBAQBs
/KGUhH0YKDnk906gvTFABlbiXbf9NYND1Lrr6ZILJ1vTLVpMr7KBl5bx/B+9TJg0
NM5id67JyKDj6/Y2E/9FzosVXDiak7MzSxb8Ztnn6hASMJVm3yWJ+LM9NTLq+Zbt
JjCkGcKqUgbI1pSiFTep9ep6Wrkbh4MbZAbXT5NJhj/uR3bitbmULqLQT0sWm5SH
buUjxPzc4mRVqTY29j17N+RVV7ES4JBW7F1kcjZ/ymEhNLZKaR7vvFu79KwVaGWB
P1mAfoGXp17pgNwtNppCKZIn5mfjZSUmeFyf77/Pgvk3cbecHFZltqlb8xHQJ29u
Z2aqNN7VkemKOFCByuEc
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:57 2024 by rpki-client on console-fra.rpki-client.org