Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/cw7HpY0u4wSu1DiFK6EgmoRzJ_c.roa
File: cw7HpY0u4wSu1DiFK6EgmoRzJ_c.roa (raw, json)
Hash identifier: A1eCWnNUf8vvYvmcPNjcaoeGiPlgMhFG9ki49xnPsjc=
Subject key identifier: 73:0E:C7:A5:8D:2E:E3:04:AE:D4:38:85:2B:A1:20:9A:84:73:27:F7
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 018C167D067449685E8977CFCD29E3E68BE1
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/cw7HpY0u4wSu1DiFK6EgmoRzJ_c.roa
Signing time: Tue 28 Nov 2023 15:12:21 +0000
ROA not before: Tue 28 Nov 2023 15:12:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211143
IP address blocks: 109.207.128.0/24 maxlen: 24
109.207.131.0/24 maxlen: 24
77.36.58.0/24 maxlen: 24
77.36.58.0/23 maxlen: 23
77.36.66.0/23 maxlen: 23
93.120.34.0/23 maxlen: 23
93.120.40.0/23 maxlen: 23
Validation: Failed, certificate revoked on Wed 29 Nov 2023 07:24:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:16:7d:06:74:49:68:5e:89:77:cf:cd:29:e3:e6:8b:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Nov 28 15:12:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=730ec7a58d2ee304aed438852ba1209a847327f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:48:d8:0f:83:ed:a2:83:f7:54:9a:ee:de:64:
bb:e2:2b:9d:4b:df:97:d0:c6:d1:a8:b4:93:fc:18:
2e:37:88:e8:55:a2:99:36:c2:5a:f1:2b:f9:61:b4:
ca:bf:45:7a:61:43:5f:0d:c7:4c:ca:a5:64:ac:3d:
7d:f5:2a:8b:0f:29:37:4d:49:cf:41:00:8c:ec:44:
b6:76:cf:14:87:44:cb:2e:7b:30:50:4d:06:06:8c:
aa:16:9b:98:0d:35:70:e3:a3:a7:dd:07:ea:46:3c:
3f:19:d6:8d:4b:a6:f5:7b:1c:18:c0:62:ea:0a:96:
2b:a1:11:07:7c:14:e5:e2:e5:35:8b:3c:c6:2e:55:
b6:37:96:fc:70:3c:27:15:e1:15:b9:ef:eb:9b:a4:
90:2c:e1:e4:b8:6b:f0:3d:f7:5c:b4:51:d7:bc:ae:
55:73:c3:3a:d1:c4:dd:73:e0:45:6e:d6:e8:7a:7d:
32:8e:71:81:d4:61:95:76:c1:00:1e:de:a8:cb:eb:
c3:a5:4a:4c:96:85:53:06:7d:20:a2:3c:51:64:6a:
1d:d5:3d:be:4b:68:41:72:5a:83:ae:24:38:db:8e:
32:37:e2:bc:ef:68:47:a0:f7:3b:bb:83:7e:a5:6a:
ec:1c:1f:2d:0e:29:c0:6d:c1:05:37:49:4d:ac:f4:
09:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:0E:C7:A5:8D:2E:E3:04:AE:D4:38:85:2B:A1:20:9A:84:73:27:F7
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/cw7HpY0u4wSu1DiFK6EgmoRzJ_c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.36.58.0/23
77.36.66.0/23
93.120.34.0/23
93.120.40.0/23
109.207.128.0/24
109.207.131.0/24
Signature Algorithm: sha256WithRSAEncryption
3d:31:86:52:ab:d8:47:4a:73:88:4d:f1:4d:49:88:7d:19:1c:
1b:0f:59:0f:c3:90:5e:e2:dc:b7:fc:d7:b7:4e:13:30:63:d6:
08:83:de:92:f1:80:01:a4:a9:63:55:9d:bd:9f:90:bc:b7:f8:
35:06:31:cb:14:71:0d:44:5e:a9:45:06:b9:e4:4f:61:71:96:
18:7d:df:1c:d4:87:8a:62:0b:09:b0:a6:da:fc:18:b2:ed:f3:
05:7c:97:4c:92:5b:ff:c6:2b:db:b3:fc:00:b2:b1:e9:33:95:
ad:7d:43:d4:6e:ff:64:54:e4:cc:29:02:3a:c2:b7:b5:0b:36:
38:fa:19:5b:f7:c0:dd:60:45:60:24:20:e8:9e:ff:2b:79:58:
fb:65:d7:23:ba:0e:1a:f8:01:c3:7a:1c:26:d3:7f:e0:9d:62:
b5:3f:03:ae:c0:29:d9:c1:08:1a:dc:bf:36:f4:2c:33:cc:30:
71:b1:b4:b9:01:d7:07:1a:f0:60:2e:11:c2:fd:1e:b8:3e:60:
89:81:1d:d1:45:bb:e3:09:b6:35:9c:ad:a1:51:dc:1a:a4:9a:
41:0f:da:14:dd:f8:42:76:63:17:ea:84:78:b5:9f:14:7e:5e:
82:11:f2:e4:9e:f9:00:a1:c4:53:a3:5b:00:7b:91:70:76:3f:
92:70:cf:3c
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYwWfQZ0SWheiXfPzSnj5ovhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjMxMTI4MTUxMjIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MzBlYzdhNThkMmVlMzA0YWVkNDM4ODUyYmExMjA5YTg0NzMyN2Y3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn0jYD4PtooP3VJru3mS74iudS9+X
0MbRqLST/BguN4joVaKZNsJa8Sv5YbTKv0V6YUNfDcdMyqVkrD199SqLDyk3TUnP
QQCM7ES2ds8Uh0TLLnswUE0GBoyqFpuYDTVw46On3QfqRjw/GdaNS6b1exwYwGLq
CpYroREHfBTl4uU1izzGLlW2N5b8cDwnFeEVue/rm6SQLOHkuGvwPfdctFHXvK5V
c8M60cTdc+BFbtboen0yjnGB1GGVdsEAHt6oy+vDpUpMloVTBn0gojxRZGod1T2+
S2hBclqDriQ4244yN+K872hHoPc7u4N+pWrsHB8tDinAbcEFN0lNrPQJlwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFHMOx6WNLuMErtQ4hSuhIJqEcyf3MB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvY3c3SHBZMHU0d1N1MURpRks2RWdtb1J6Sl9jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQBTSQ6AwQB
TSRCAwQBXXgiAwQBXXgoAwQAbc+AAwQAbc+DMA0GCSqGSIb3DQEBCwUAA4IBAQA9
MYZSq9hHSnOITfFNSYh9GRwbD1kPw5Be4ty3/Ne3ThMwY9YIg96S8YABpKljVZ29
n5C8t/g1BjHLFHENRF6pRQa55E9hcZYYfd8c1IeKYgsJsKba/Biy7fMFfJdMklv/
xivbs/wAsrHpM5WtfUPUbv9kVOTMKQI6wre1CzY4+hlb98DdYEVgJCDonv8reVj7
Zdcjug4a+AHDehwm03/gnWK1PwOuwCnZwQga3L829CwzzDBxsbS5AdcHGvBgLhHC
/R64PmCJgR3RRbvjCbY1nK2hUdwapJpBD9oU3fhCdmMX6oR4tZ8Ufl6CEfLknvkA
ocRTo1sAe5Fwdj+ScM88
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:57 2024 by rpki-client on console-fra.rpki-client.org