Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/2wuCQESOHl8qWP58--MRPEXLYDg.roa
File: 2wuCQESOHl8qWP58--MRPEXLYDg.roa (raw, json)
Hash identifier: ARzgB0jV+FkeO1zOIWICI+77Q+NUO9Qgrjo2LiFWSTc=
Subject key identifier: DB:0B:82:40:44:8E:1E:5F:2A:58:FE:7C:FB:E3:11:3C:45:CB:60:38
Certificate issuer: /CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Certificate serial: 018C52D24477864D0EF6BF6579CA4EB5AED0
Authority key identifier: 6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/2wuCQESOHl8qWP58--MRPEXLYDg.roa
Signing time: Sun 10 Dec 2023 08:22:40 +0000
ROA not before: Sun 10 Dec 2023 08:22:40 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 109.121.34.0/24 maxlen: 24
109.121.32.0/24 maxlen: 24
109.121.44.0/24 maxlen: 24
212.69.13.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:52:d2:44:77:86:4d:0e:f6:bf:65:79:ca:4e:b5:ae:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Validity
Not Before: Dec 10 08:22:40 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=db0b8240448e1e5f2a58fe7cfbe3113c45cb6038
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:58:c2:ee:d7:f2:9a:64:a4:15:05:4c:00:b7:
b7:5c:c5:e3:dd:f1:f7:5b:59:6f:25:c2:60:4c:a7:
c2:49:ff:d8:a9:c7:fa:b6:eb:15:ac:dc:ae:1d:8d:
1a:96:9d:c7:7e:50:d3:a2:04:c5:a2:ee:b5:5d:11:
51:03:9d:ae:7d:c0:7f:78:5d:04:27:14:3e:57:ae:
ef:49:47:da:54:1d:f0:75:1d:44:ed:f9:5e:3d:26:
f5:3b:65:d8:a3:de:6f:8f:ac:64:14:22:77:e0:4a:
9c:5d:ba:61:85:42:17:be:91:af:89:76:59:15:f4:
84:5d:c5:3e:97:4c:95:60:93:d3:4d:08:78:6c:1d:
7d:3c:c8:b5:e6:4c:8b:aa:99:f0:45:11:d1:ee:5c:
8c:3f:3c:ac:52:e8:06:45:ab:0c:3c:67:65:75:c7:
d1:be:99:71:05:58:16:e5:b4:20:ea:b1:51:04:54:
09:4d:2e:16:23:36:c0:b1:a3:43:da:94:ad:7b:73:
ac:cb:f0:a8:29:7c:81:60:0a:ad:c1:39:78:03:bf:
a0:ea:43:c3:26:4f:8e:da:a0:b5:0c:9f:8c:79:10:
fb:0f:24:5a:62:df:2e:c1:8d:7c:88:a8:5a:fb:32:
5f:1e:42:70:48:3b:c1:f0:c5:38:85:40:6c:99:3b:
4f:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:0B:82:40:44:8E:1E:5F:2A:58:FE:7C:FB:E3:11:3C:45:CB:60:38
X509v3 Authority Key Identifier:
keyid:6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/2wuCQESOHl8qWP58--MRPEXLYDg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.121.32.0/24
109.121.34.0/24
109.121.44.0/24
212.69.13.0/24
Signature Algorithm: sha256WithRSAEncryption
15:9e:44:f7:bf:61:0f:d8:af:8a:b4:a4:a0:e2:c3:77:0a:05:
5b:4d:d4:26:97:3c:2f:f0:53:00:7b:9e:a2:c1:e3:16:69:7c:
b4:82:55:be:c1:4a:b1:bb:f3:50:22:4e:96:de:30:05:e3:4a:
8c:c3:ff:3e:96:92:cd:a1:a2:f2:f9:fd:41:2a:42:4a:64:63:
ac:21:9e:a5:89:d7:35:28:ce:47:6e:99:98:6f:e8:ff:2f:f4:
5f:8a:ad:17:78:93:9f:1c:41:6a:63:83:a2:de:84:ae:14:cf:
87:21:33:21:9a:db:4c:c7:45:b6:43:95:6c:56:10:10:ef:45:
89:33:74:ca:c4:8d:10:7c:ca:d4:76:97:b4:b4:bd:33:c7:0b:
0a:04:bc:71:eb:bb:31:bb:8a:1f:35:6c:e2:08:50:62:5d:a4:
0a:d9:5c:aa:8f:ae:93:f5:7a:22:b1:9f:b0:ab:7a:db:cb:71:
ca:d3:41:24:33:48:aa:6b:a9:f1:ce:3f:d9:7e:b8:25:07:b5:
bc:d8:bf:4f:c8:65:7c:bf:77:39:f3:13:c2:18:72:9b:18:de:
1e:b5:02:4c:d1:b3:5a:b8:fe:d1:a2:2a:a0:a0:d7:75:76:66:
0c:a1:27:b5:a9:7e:f8:00:49:e4:4e:e3:e3:d1:86:95:da:01:
5b:7c:5f:6c
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYxS0kR3hk0O9r9lecpOta7QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmODRlNDczOGE3MGVhMzljMDhjZWYyMTA0MzJhZTM5OWVj
N2U5MTUwHhcNMjMxMjEwMDgyMjQwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjBiODI0MDQ0OGUxZTVmMmE1OGZlN2NmYmUzMTEzYzQ1Y2I2MDM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp1jC7tfymmSkFQVMALe3XMXj3fH3
W1lvJcJgTKfCSf/Yqcf6tusVrNyuHY0alp3HflDTogTFou61XRFRA52ufcB/eF0E
JxQ+V67vSUfaVB3wdR1E7flePSb1O2XYo95vj6xkFCJ34EqcXbphhUIXvpGviXZZ
FfSEXcU+l0yVYJPTTQh4bB19PMi15kyLqpnwRRHR7lyMPzysUugGRasMPGdldcfR
vplxBVgW5bQg6rFRBFQJTS4WIzbAsaND2pSte3Osy/CoKXyBYAqtwTl4A7+g6kPD
Jk+O2qC1DJ+MeRD7DyRaYt8uwY18iKha+zJfHkJwSDvB8MU4hUBsmTtP5wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFNsLgkBEjh5fKlj+fPvjETxFy2A4MB8GA1UdIwQY
MBaAFG+E5HOKcOo5wIzvIQQyrjmex+kVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYt
ZmFlNWRiZWQzYjFiLzEvMnd1Q1FFU09IbDhxV1A1OC0tTVJQRVhMWURnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYtZmFlNWRiZWQzYjFi
LzEvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAbXkgAwQA
bXkiAwQAbXksAwQA1EUNMA0GCSqGSIb3DQEBCwUAA4IBAQAVnkT3v2EP2K+KtKSg
4sN3CgVbTdQmlzwv8FMAe56iweMWaXy0glW+wUqxu/NQIk6W3jAF40qMw/8+lpLN
oaLy+f1BKkJKZGOsIZ6lidc1KM5HbpmYb+j/L/Rfiq0XeJOfHEFqY4Oi3oSuFM+H
ITMhmttMx0W2Q5VsVhAQ70WJM3TKxI0QfMrUdpe0tL0zxwsKBLxx67sxu4ofNWzi
CFBiXaQK2Vyqj66T9XoisZ+wq3rby3HK00EkM0iqa6nxzj/ZfrglB7W82L9PyGV8
v3c58xPCGHKbGN4etQJM0bNauP7RoiqgoNd1dmYMoSe1qX74AEnkTuPj0YaV2gFb
fF9s
-----END CERTIFICATE-----
Generated at Mon Dec 25 08:20:38 2023 by rpki-client on console-ams.rpki-client.org