Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/1helo3PNZ-PVSktkCKTfQzIu0v8.roa
File: 1helo3PNZ-PVSktkCKTfQzIu0v8.roa (raw, json)
Hash identifier: JShZcJabmaWUrqxw1pfmGiXakeGzrdlRg7izSl1f8b0=
Subject key identifier: D6:17:A5:A3:73:CD:67:E3:D5:4A:4B:64:08:A4:DF:43:32:2E:D2:FF
Certificate issuer: /CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Certificate serial: 018D5666E3646B0FCA5A88DEFD26C232DDD7
Authority key identifier: 6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/1helo3PNZ-PVSktkCKTfQzIu0v8.roa
Signing time: Mon 29 Jan 2024 18:06:39 +0000
ROA not before: Mon 29 Jan 2024 18:06:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 77.105.6.0/24 maxlen: 24
79.175.67.0/24 maxlen: 24
109.121.41.0/24 maxlen: 24
109.121.43.0/24 maxlen: 24
185.47.91.0/24 maxlen: 24
188.255.128.0/24 maxlen: 24
188.255.144.0/24 maxlen: 24
212.69.14.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 05 Feb 2024 10:44:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:56:66:e3:64:6b:0f:ca:5a:88:de:fd:26:c2:32:dd:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Validity
Not Before: Jan 29 18:06:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d617a5a373cd67e3d54a4b6408a4df43322ed2ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:00:43:37:af:0a:2a:0d:18:2e:fa:8c:a1:b0:
36:21:35:d7:b5:81:18:5d:aa:22:b6:61:bb:db:74:
71:25:74:7b:d8:8e:15:52:dd:6f:89:9f:11:9a:47:
fe:e1:45:4b:9f:70:62:07:c3:8b:d2:98:50:f6:08:
b9:74:cf:d9:c7:9b:2a:b9:f7:21:65:40:d6:64:d0:
c6:a8:3c:83:8b:b3:9c:df:88:9b:cd:4e:40:50:9d:
ae:74:e9:bb:6a:19:55:63:eb:e1:38:21:af:95:ec:
30:49:10:f4:ab:cb:9f:51:01:1e:98:f2:c3:1d:1c:
ff:46:f7:81:2e:aa:76:b7:b6:d2:60:e0:40:fe:b0:
45:98:ee:fc:1a:30:9b:1b:b6:8d:b2:16:b6:35:24:
8b:37:2e:b8:52:c6:27:86:d3:b9:68:99:03:c8:1f:
09:4e:2b:07:d2:0e:0b:7d:42:d3:e8:fe:01:6a:be:
79:1b:44:79:f0:c1:bd:ab:12:24:34:dc:4e:f9:74:
b3:e8:5a:a9:01:ac:ef:4e:5c:ee:28:6c:b4:66:3c:
01:42:fc:42:1c:55:ec:fc:17:4d:d6:6c:b2:36:25:
26:5d:bc:75:16:cf:10:a5:2f:70:4e:4d:58:e0:78:
b3:79:7e:64:15:d1:c1:b4:8a:8e:19:ec:bc:ee:f2:
3b:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:17:A5:A3:73:CD:67:E3:D5:4A:4B:64:08:A4:DF:43:32:2E:D2:FF
X509v3 Authority Key Identifier:
keyid:6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/1helo3PNZ-PVSktkCKTfQzIu0v8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.105.6.0/24
79.175.67.0/24
109.121.41.0/24
109.121.43.0/24
185.47.91.0/24
188.255.128.0/24
188.255.144.0/24
212.69.14.0/24
Signature Algorithm: sha256WithRSAEncryption
61:2f:0d:b2:de:e7:54:b6:1f:a2:d9:3d:2b:a2:25:4f:ce:98:
01:53:c0:ab:f1:9b:d6:a4:3a:4b:11:ab:27:85:ac:23:08:49:
fd:d7:87:d4:8c:73:bb:0a:f8:a3:5b:cd:7e:4d:3e:aa:04:34:
e4:66:33:bc:81:06:b0:16:b8:a4:89:f4:2f:4d:fc:d2:5c:20:
19:89:b8:ca:a1:f1:66:31:8f:25:60:64:e5:0f:e1:04:fb:08:
5b:61:3c:16:8e:44:93:67:68:03:e3:47:1e:4b:ee:21:6d:3b:
8c:16:17:5a:7a:cf:f4:bc:88:31:40:c4:3c:ce:29:2f:8c:0d:
ce:0a:b2:66:53:7c:78:9f:b7:92:8f:b1:1e:6e:f9:aa:e8:4b:
61:eb:cd:6c:cd:71:99:04:95:b1:ce:1e:93:1b:c2:3e:ea:6c:
1e:1a:fa:07:5c:24:d2:83:0e:03:5f:83:f9:04:cc:50:13:88:
fa:d6:74:f8:c1:f6:8d:b9:19:b9:f4:83:73:e8:86:a8:73:43:
d4:56:9c:67:0e:6c:64:8b:86:9e:f8:c4:f1:a7:f2:fa:1d:60:
59:d4:d4:5e:9d:99:83:df:b5:ef:2a:63:85:3a:43:06:4f:7e:
17:8c:16:1e:a4:a7:4a:36:42:93:cb:9e:30:40:e6:c6:04:60:
50:53:99:7e
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAY1WZuNkaw/KWoje/SbCMt3XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmODRlNDczOGE3MGVhMzljMDhjZWYyMTA0MzJhZTM5OWVj
N2U5MTUwHhcNMjQwMTI5MTgwNjM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjE3YTVhMzczY2Q2N2UzZDU0YTRiNjQwOGE0ZGY0MzMyMmVkMmZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuwBDN68KKg0YLvqMobA2ITXXtYEY
XaoitmG723RxJXR72I4VUt1viZ8Rmkf+4UVLn3BiB8OL0phQ9gi5dM/Zx5squfch
ZUDWZNDGqDyDi7Oc34ibzU5AUJ2udOm7ahlVY+vhOCGvlewwSRD0q8ufUQEemPLD
HRz/RveBLqp2t7bSYOBA/rBFmO78GjCbG7aNsha2NSSLNy64UsYnhtO5aJkDyB8J
TisH0g4LfULT6P4Bar55G0R58MG9qxIkNNxO+XSz6FqpAazvTlzuKGy0ZjwBQvxC
HFXs/BdN1myyNiUmXbx1Fs8QpS9wTk1Y4HizeX5kFdHBtIqOGey87vI75wIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFNYXpaNzzWfj1UpLZAik30MyLtL/MB8GA1UdIwQY
MBaAFG+E5HOKcOo5wIzvIQQyrjmex+kVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYt
ZmFlNWRiZWQzYjFiLzEvMWhlbG8zUE5aLVBWU2t0a0NLVGZRekl1MHY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYtZmFlNWRiZWQzYjFi
LzEvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQATWkGAwQA
T69DAwQAbXkpAwQAbXkrAwQAuS9bAwQAvP+AAwQAvP+QAwQA1EUOMA0GCSqGSIb3
DQEBCwUAA4IBAQBhLw2y3udUth+i2T0roiVPzpgBU8Cr8ZvWpDpLEasnhawjCEn9
14fUjHO7CvijW81+TT6qBDTkZjO8gQawFrikifQvTfzSXCAZibjKofFmMY8lYGTl
D+EE+whbYTwWjkSTZ2gD40ceS+4hbTuMFhdaes/0vIgxQMQ8zikvjA3OCrJmU3x4
n7eSj7Eebvmq6Eth681szXGZBJWxzh6TG8I+6mweGvoHXCTSgw4DX4P5BMxQE4j6
1nT4wfaNuRm59INz6Iaoc0PUVpxnDmxki4ae+MTxp/L6HWBZ1NRenZmD37XvKmOF
OkMGT34XjBYepKdKNkKTy54wQObGBGBQU5l+
-----END CERTIFICATE-----
Generated at Mon Feb 5 14:32:33 2024 by rpki-client on console-fra.rpki-client.org