Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/1-HW7r1A14wA1OGyIgewTLALyXy8.roa
File: 1-HW7r1A14wA1OGyIgewTLALyXy8.roa (raw, json)
Hash identifier: bOnlGZyi2GwWx5xOs/CG909UHMENBakO/NrFAV8Vrpg=
Subject key identifier: F8:75:BB:AF:50:35:E3:00:35:38:6C:88:81:EC:13:2C:02:F2:5F:2F
Certificate issuer: /CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Certificate serial: 0188DCE10D29F624B80E8FBCAD57165EE5CB
Authority key identifier: 6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/1-HW7r1A14wA1OGyIgewTLALyXy8.roa
Signing time: Wed 21 Jun 2023 07:35:16 +0000
ROA not before: Wed 21 Jun 2023 07:35:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 109.121.35.0/24 maxlen: 24
109.121.41.0/24 maxlen: 24
109.121.43.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 26 Jun 2023 19:06:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:dc:e1:0d:29:f6:24:b8:0e:8f:bc:ad:57:16:5e:e5:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Validity
Not Before: Jun 21 07:35:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f875bbaf5035e30035386c8881ec132c02f25f2f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:76:58:b7:02:4d:0e:e4:12:a0:f3:ee:b1:5c:
95:91:05:26:1a:54:98:e9:3c:a1:6c:66:bb:85:4c:
66:01:75:65:fb:85:b8:37:59:2b:23:d8:92:83:3f:
95:c8:52:a0:f1:5b:8a:85:4c:32:75:9c:83:eb:06:
b8:fc:73:5e:b2:72:6c:19:f9:fc:40:f7:85:61:78:
22:4e:7d:ea:b2:ef:e4:9e:4d:d9:2f:60:9f:b4:23:
79:d4:87:74:0b:4b:3c:e2:72:23:53:67:08:ff:ad:
74:65:e5:d4:c2:4d:60:4a:cc:33:dd:4c:75:f9:20:
f6:d1:1e:3c:4b:6d:63:32:b5:98:a4:91:23:cf:2c:
bd:c6:8e:e0:94:e7:30:dc:b9:d6:ca:d1:3e:4d:53:
fc:58:d9:4c:86:4e:90:a6:15:cc:f2:c0:8b:ed:02:
8f:10:28:90:bd:a5:c0:a6:da:de:84:ec:71:0e:57:
ab:bb:17:67:16:81:c0:d9:82:3f:31:58:11:cc:04:
eb:92:98:a7:a2:3c:e2:6e:2e:da:7e:9a:75:c5:cf:
0b:62:f4:dc:f3:44:9e:3b:4b:b7:be:21:aa:bd:4b:
a6:4d:cc:c7:68:cb:c5:50:53:9e:0f:2d:74:72:17:
84:e0:1b:6d:2b:c4:0f:d7:ea:7c:d1:60:b8:65:e5:
e7:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:75:BB:AF:50:35:E3:00:35:38:6C:88:81:EC:13:2C:02:F2:5F:2F
X509v3 Authority Key Identifier:
keyid:6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/1-HW7r1A14wA1OGyIgewTLALyXy8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.121.35.0/24
109.121.41.0/24
109.121.43.0/24
Signature Algorithm: sha256WithRSAEncryption
3d:6b:a3:0f:02:68:bd:8f:ee:8a:a9:16:05:17:08:5b:cf:ec:
c9:c1:01:b1:b2:35:ed:6c:0f:f7:47:0f:6d:3e:a5:65:73:d5:
58:d4:56:1a:12:28:22:18:02:ab:84:9c:4c:60:a3:c2:af:37:
5c:f0:99:4b:ae:02:6e:c8:f8:51:7b:e1:8e:49:16:cd:e0:24:
3d:7b:04:c3:c8:fe:8e:71:88:a7:a3:55:3a:6b:0c:fe:a1:fa:
38:b2:dc:9a:ac:7b:45:e5:96:81:94:6d:62:dd:a3:9a:87:f0:
3d:d0:61:3e:d7:ba:1a:df:f5:96:52:22:37:4d:1b:bb:71:68:
4f:ef:bb:6f:90:af:0e:e6:82:db:8a:f3:7e:b0:3d:a2:34:84:
eb:5f:eb:2b:d2:d6:c6:19:40:31:3c:9e:66:05:e2:ac:f0:a7:
f3:dd:92:7c:28:e3:85:76:b2:3a:28:e9:aa:41:32:ce:5e:02:
58:b9:e3:33:ac:3a:50:27:4c:15:02:92:44:fb:97:9a:8d:b0:
ce:c7:76:bb:ce:2c:68:55:11:f3:89:8d:64:eb:5d:ca:ea:48:
55:a6:80:d2:32:05:46:e7:87:70:69:ce:6c:9e:8f:75:33:8f:
0d:27:79:5d:e9:29:8a:59:42:95:d8:7e:9d:c7:9e:6c:ca:f3:
79:a8:df:7c
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAYjc4Q0p9iS4Do+8rVcWXuXLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmODRlNDczOGE3MGVhMzljMDhjZWYyMTA0MzJhZTM5OWVj
N2U5MTUwHhcNMjMwNjIxMDczNTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmODc1YmJhZjUwMzVlMzAwMzUzODZjODg4MWVjMTMyYzAyZjI1ZjJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAinZYtwJNDuQSoPPusVyVkQUmGlSY
6TyhbGa7hUxmAXVl+4W4N1krI9iSgz+VyFKg8VuKhUwydZyD6wa4/HNesnJsGfn8
QPeFYXgiTn3qsu/knk3ZL2CftCN51Id0C0s84nIjU2cI/610ZeXUwk1gSswz3Ux1
+SD20R48S21jMrWYpJEjzyy9xo7glOcw3LnWytE+TVP8WNlMhk6QphXM8sCL7QKP
ECiQvaXAptrehOxxDleruxdnFoHA2YI/MVgRzATrkpinojzibi7afpp1xc8LYvTc
80SeO0u3viGqvUumTczHaMvFUFOeDy10cheE4BttK8QP1+p80WC4ZeXn3QIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFPh1u69QNeMANThsiIHsEywC8l8vMB8GA1UdIwQY
MBaAFG+E5HOKcOo5wIzvIQQyrjmex+kVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYt
ZmFlNWRiZWQzYjFiLzEvMS1IVzdyMUExNHdBMU9HeUlnZXdUTEFMeVh5OC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMzYvZGRmOGIzLTFjMDgtNDk1Yy04ZGRmLWZhZTVkYmVkM2Ix
Yi8xL2I0VGtjNHB3NmpuQWpPOGhCREt1T1o3SDZSVS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjArBggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAG15IwME
AG15KQMEAG15KzANBgkqhkiG9w0BAQsFAAOCAQEAPWujDwJovY/uiqkWBRcIW8/s
ycEBsbI17WwP90cPbT6lZXPVWNRWGhIoIhgCq4ScTGCjwq83XPCZS64Cbsj4UXvh
jkkWzeAkPXsEw8j+jnGIp6NVOmsM/qH6OLLcmqx7ReWWgZRtYt2jmofwPdBhPte6
Gt/1llIiN00bu3FoT++7b5CvDuaC24rzfrA9ojSE61/rK9LWxhlAMTyeZgXirPCn
892SfCjjhXayOijpqkEyzl4CWLnjM6w6UCdMFQKSRPuXmo2wzsd2u84saFUR84mN
ZOtdyupIVaaA0jIFRueHcGnObJ6PdTOPDSd5XekpillCldh+nceebMrzeajffA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:25 2024 by rpki-client on console-fra.rpki-client.org