Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/LXtpOLWlOBjj09G6IRNvl5YbVCQ.roa
File: LXtpOLWlOBjj09G6IRNvl5YbVCQ.roa (raw, json)
Hash identifier: CXDMDThBuAgMMJPHLts34NbO24k5DKEWwfhzS4lGgvU=
Subject key identifier: 2D:7B:69:38:B5:A5:38:18:E3:D3:D1:BA:21:13:6F:97:96:1B:54:24
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 018C19F6EB75403AE993501FBB1F6D025BFA
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/LXtpOLWlOBjj09G6IRNvl5YbVCQ.roa
Signing time: Wed 29 Nov 2023 07:24:21 +0000
ROA not before: Wed 29 Nov 2023 07:24:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211143
IP address blocks: 109.207.128.0/24 maxlen: 24
109.207.131.0/24 maxlen: 24
77.36.58.0/24 maxlen: 24
77.36.66.0/23 maxlen: 23
93.120.34.0/23 maxlen: 23
93.120.40.0/23 maxlen: 23
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:19:f6:eb:75:40:3a:e9:93:50:1f:bb:1f:6d:02:5b:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Nov 29 07:24:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2d7b6938b5a53818e3d3d1ba21136f97961b5424
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:85:41:b6:ae:6f:38:49:18:09:5e:20:a6:74:
c9:8c:5b:24:93:a3:8a:c7:44:55:18:40:7f:44:b8:
0f:d7:85:c3:f5:40:3c:be:a1:4e:71:7f:6b:d7:7d:
96:35:b6:50:60:64:19:0c:6e:00:75:89:0e:54:0e:
d5:27:07:d9:a9:7c:00:ce:8c:c8:7f:09:e0:0a:9f:
b9:ea:c9:69:93:8a:24:25:9e:c7:a3:83:01:22:c3:
21:c9:19:7f:f8:2b:74:66:59:fe:7a:80:26:11:0a:
0a:00:8a:07:8f:3d:13:5a:56:79:5e:3c:24:47:49:
93:48:ca:19:aa:f1:ff:35:2a:26:c5:7d:8b:78:c4:
6d:f9:4b:73:a0:51:35:52:48:f3:7e:51:d2:81:ab:
3e:84:fe:d6:ce:ce:46:6a:87:82:6a:d4:df:02:73:
4c:6c:d5:76:68:cb:bf:18:f7:de:40:56:d1:d2:99:
d2:27:fa:27:07:eb:7a:04:05:f8:e7:69:05:de:5f:
7f:1f:b1:90:17:70:f1:3e:76:48:fd:b3:dc:c4:44:
1b:5c:dc:b0:d2:77:e5:46:45:7c:dc:28:74:4c:69:
8e:50:51:39:6a:f9:3c:43:14:d5:c6:d9:75:54:3e:
94:2e:c4:15:a7:f1:8d:ce:66:56:22:4c:93:22:fd:
e9:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:7B:69:38:B5:A5:38:18:E3:D3:D1:BA:21:13:6F:97:96:1B:54:24
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/LXtpOLWlOBjj09G6IRNvl5YbVCQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.36.58.0/24
77.36.66.0/23
93.120.34.0/23
93.120.40.0/23
109.207.128.0/24
109.207.131.0/24
Signature Algorithm: sha256WithRSAEncryption
97:66:5f:4b:66:26:ce:05:d6:d7:6f:5d:3a:e4:62:df:86:ad:
77:0f:f2:97:d4:92:5a:24:04:a3:4b:42:03:bf:d7:be:21:c2:
83:d9:14:47:8c:4d:70:dc:0c:68:50:0c:d3:c7:02:c6:8a:23:
e5:87:97:b3:0b:ed:11:ba:82:1c:c7:93:0b:be:6b:06:e8:e6:
63:ea:95:40:c2:09:99:eb:57:df:7d:d6:33:8b:74:1a:20:0b:
c9:ac:a6:ef:23:f1:9c:1e:36:8a:6b:76:49:67:38:6f:dd:9c:
91:5e:6c:f7:c1:b9:93:44:40:71:a0:ac:10:08:47:f4:7a:2e:
57:44:65:9d:1f:d8:18:35:6d:dd:75:83:4d:5c:58:92:95:a2:
b8:93:0d:54:fe:2c:49:8f:b5:5d:6e:73:28:ba:c5:2e:c1:2a:
9c:28:20:fd:c9:d1:87:bc:bc:28:a0:23:c4:23:6c:2d:b7:89:
8d:9b:24:70:25:06:ec:44:45:4e:51:9d:d7:ed:99:41:9d:2c:
b9:07:12:43:b9:84:fc:23:17:cb:28:64:79:da:d0:06:d6:55:
35:79:73:c8:49:07:fd:15:c5:01:e5:40:df:38:98:ea:fc:11:
a9:a9:06:89:60:03:25:46:5f:e0:53:51:d9:3b:4c:c2:c5:ae:
c4:9f:94:48
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYwZ9ut1QDrpk1Afux9tAlv6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjMxMTI5MDcyNDIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZDdiNjkzOGI1YTUzODE4ZTNkM2QxYmEyMTEzNmY5Nzk2MWI1NDI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtYVBtq5vOEkYCV4gpnTJjFskk6OK
x0RVGEB/RLgP14XD9UA8vqFOcX9r132WNbZQYGQZDG4AdYkOVA7VJwfZqXwAzozI
fwngCp+56slpk4okJZ7Ho4MBIsMhyRl/+Ct0Zln+eoAmEQoKAIoHjz0TWlZ5Xjwk
R0mTSMoZqvH/NSomxX2LeMRt+UtzoFE1UkjzflHSgas+hP7Wzs5GaoeCatTfAnNM
bNV2aMu/GPfeQFbR0pnSJ/onB+t6BAX452kF3l9/H7GQF3DxPnZI/bPcxEQbXNyw
0nflRkV83Ch0TGmOUFE5avk8QxTVxtl1VD6ULsQVp/GNzmZWIkyTIv3ppQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFC17aTi1pTgY49PRuiETb5eWG1QkMB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvTFh0cE9MV2xPQmpqMDlHNklSTnZsNVliVkNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQATSQ6AwQB
TSRCAwQBXXgiAwQBXXgoAwQAbc+AAwQAbc+DMA0GCSqGSIb3DQEBCwUAA4IBAQCX
Zl9LZibOBdbXb1065GLfhq13D/KX1JJaJASjS0IDv9e+IcKD2RRHjE1w3AxoUAzT
xwLGiiPlh5ezC+0RuoIcx5MLvmsG6OZj6pVAwgmZ61fffdYzi3QaIAvJrKbvI/Gc
HjaKa3ZJZzhv3ZyRXmz3wbmTREBxoKwQCEf0ei5XRGWdH9gYNW3ddYNNXFiSlaK4
kw1U/ixJj7VdbnMousUuwSqcKCD9ydGHvLwooCPEI2wtt4mNmyRwJQbsREVOUZ3X
7ZlBnSy5BxJDuYT8IxfLKGR52tAG1lU1eXPISQf9FcUB5UDfOJjq/BGpqQaJYAMl
Rl/gU1HZO0zCxa7En5RI
-----END CERTIFICATE-----
Generated at Tue Jan 2 08:59:56 2024 by rpki-client on console-ams.rpki-client.org