Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/1V1p0DtcrhjaXv01XTpbZiM1NsM.roa
File: 1V1p0DtcrhjaXv01XTpbZiM1NsM.roa (raw, json)
Hash identifier: YCCkyljLTIyGbrVYEAZuGulkaGVZyUC2g04ckZcjif4=
Subject key identifier: D5:5D:69:D0:3B:5C:AE:18:DA:5E:FD:35:5D:3A:5B:66:23:35:36:C3
Certificate issuer: /CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Certificate serial: 0188917A02E8111F690046773696E4AA754B
Authority key identifier: 6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/1V1p0DtcrhjaXv01XTpbZiM1NsM.roa
Signing time: Tue 06 Jun 2023 16:11:12 +0000
ROA not before: Tue 06 Jun 2023 16:11:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 109.121.35.0/24 maxlen: 24
109.121.43.0/24 maxlen: 24
109.121.40.0/24 maxlen: 24
109.233.185.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:91:7a:02:e8:11:1f:69:00:46:77:36:96:e4:aa:75:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Validity
Not Before: Jun 6 16:11:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d55d69d03b5cae18da5efd355d3a5b66233536c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:9e:2d:4f:35:be:7b:01:95:68:e2:1a:5e:50:
48:97:33:1b:95:cd:df:ef:bb:6b:06:de:2b:e3:fc:
d4:5f:b0:ac:bf:d1:e0:d3:96:da:9f:d5:e6:75:c2:
32:72:db:8f:38:ab:c2:45:70:6e:00:02:56:6a:5f:
9a:d3:dd:62:fe:d5:dd:21:a8:04:db:1b:e7:e9:a9:
c2:62:26:0a:b3:95:64:22:a1:b2:df:b6:79:b9:f9:
82:48:04:5c:2d:f6:9d:61:31:dc:3e:82:12:12:b4:
88:3e:85:c1:36:fe:91:8c:7b:ee:26:a1:33:dc:18:
7e:44:44:6c:ac:e2:6c:e6:a9:c8:e3:96:e3:31:32:
4c:04:2f:18:f1:d4:06:de:5f:00:c0:b4:4a:57:08:
54:d3:d5:b7:6f:72:6f:bf:93:25:18:d6:bd:e8:41:
ff:d8:40:15:c3:42:7c:51:28:5e:94:f2:9d:dd:60:
d8:91:92:c3:d6:fb:64:e3:25:33:48:7b:c9:a1:22:
a3:ff:cd:68:19:3f:49:13:d7:b0:12:55:40:c5:ac:
ca:9b:15:1d:cc:d1:6f:50:0a:d9:14:60:eb:0a:b9:
89:11:94:2d:e3:ba:79:4b:61:12:d5:4c:80:4d:a2:
bf:98:6b:1f:56:97:a5:8e:39:94:54:b3:8e:1d:e7:
a1:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:5D:69:D0:3B:5C:AE:18:DA:5E:FD:35:5D:3A:5B:66:23:35:36:C3
X509v3 Authority Key Identifier:
keyid:6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/1V1p0DtcrhjaXv01XTpbZiM1NsM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.121.35.0/24
109.121.40.0/24
109.121.43.0/24
109.233.185.0/24
Signature Algorithm: sha256WithRSAEncryption
00:4f:2a:b6:fd:2a:8b:15:e7:15:83:4f:cc:ac:66:4e:e3:cd:
2b:86:05:90:1f:af:88:73:8c:cf:cf:3c:f9:31:bd:45:cd:66:
96:c2:11:70:44:94:0e:e7:66:58:3b:b0:6e:dd:f6:99:49:28:
20:51:c5:26:00:f7:c8:70:ca:24:57:1c:f1:bd:b1:ad:10:1f:
da:cb:4d:b8:33:0a:a0:1b:d5:b3:48:81:97:c2:26:db:4d:93:
ec:4f:d2:5d:c9:b4:8b:ce:06:63:a0:f0:56:e3:6d:b4:57:f7:
ab:fe:3f:04:9c:e5:31:2c:12:43:27:30:04:22:26:8e:87:18:
73:c5:7d:3f:11:48:2f:89:b3:94:7d:16:a7:0a:08:11:93:47:
cd:32:bb:c1:fe:ce:61:c0:66:f2:6d:cc:07:69:b9:55:a3:45:
06:1e:9f:f1:6b:e5:83:94:76:0a:67:ea:53:79:f5:2a:05:a2:
78:3c:08:25:f9:a1:b2:2b:b2:f3:d1:7c:6c:0b:3a:a2:3a:d7:
1d:ea:71:4a:ce:24:08:a5:6b:f2:9d:92:6f:3c:ae:fb:cf:d6:
a2:ce:18:5f:69:fe:45:ee:8f:a2:c3:e0:08:25:1a:75:aa:62:
52:95:15:59:17:c6:14:54:03:43:dc:ea:ac:c6:d6:32:75:0d:
40:f9:d7:ed
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYiRegLoER9pAEZ3NpbkqnVLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmODRlNDczOGE3MGVhMzljMDhjZWYyMTA0MzJhZTM5OWVj
N2U5MTUwHhcNMjMwNjA2MTYxMTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTVkNjlkMDNiNWNhZTE4ZGE1ZWZkMzU1ZDNhNWI2NjIzMzUzNmMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoZ4tTzW+ewGVaOIaXlBIlzMblc3f
77trBt4r4/zUX7Csv9Hg05ban9XmdcIyctuPOKvCRXBuAAJWal+a091i/tXdIagE
2xvn6anCYiYKs5VkIqGy37Z5ufmCSARcLfadYTHcPoISErSIPoXBNv6RjHvuJqEz
3Bh+RERsrOJs5qnI45bjMTJMBC8Y8dQG3l8AwLRKVwhU09W3b3Jvv5MlGNa96EH/
2EAVw0J8UShelPKd3WDYkZLD1vtk4yUzSHvJoSKj/81oGT9JE9ewElVAxazKmxUd
zNFvUArZFGDrCrmJEZQt47p5S2ES1UyATaK/mGsfVpeljjmUVLOOHeeh6wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFNVdadA7XK4Y2l79NV06W2YjNTbDMB8GA1UdIwQY
MBaAFG+E5HOKcOo5wIzvIQQyrjmex+kVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYt
ZmFlNWRiZWQzYjFiLzEvMVYxcDBEdGNyaGphWHYwMVhUcGJaaU0xTnNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYtZmFlNWRiZWQzYjFi
LzEvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAbXkjAwQA
bXkoAwQAbXkrAwQAbem5MA0GCSqGSIb3DQEBCwUAA4IBAQAATyq2/SqLFecVg0/M
rGZO480rhgWQH6+Ic4zPzzz5Mb1FzWaWwhFwRJQO52ZYO7Bu3faZSSggUcUmAPfI
cMokVxzxvbGtEB/ay024MwqgG9WzSIGXwibbTZPsT9JdybSLzgZjoPBW4220V/er
/j8EnOUxLBJDJzAEIiaOhxhzxX0/EUgvibOUfRanCggRk0fNMrvB/s5hwGbybcwH
ablVo0UGHp/xa+WDlHYKZ+pTefUqBaJ4PAgl+aGyK7Lz0XxsCzqiOtcd6nFKziQI
pWvynZJvPK77z9aizhhfaf5F7o+iw+AIJRp1qmJSlRVZF8YUVAND3OqsxtYydQ1A
+dft
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:31 2023 by rpki-client on console-fra.rpki-client.org