Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/8O4wNfePJbKMfWi45gYmFRWaxK8.roa
File: 8O4wNfePJbKMfWi45gYmFRWaxK8.roa (raw, json)
Hash identifier: cEYf5zbtp36mja8oV57Q4EYbep+sAS2LzPtBSsjga/I=
Subject key identifier: F0:EE:30:35:F7:8F:25:B2:8C:7D:68:B8:E6:06:26:15:15:9A:C4:AF
Certificate issuer: /CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Certificate serial: 018571D7DA35D5E5D42522BAEE0426ECA949
Authority key identifier: 6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/8O4wNfePJbKMfWi45gYmFRWaxK8.roa
Signing time: Mon 02 Jan 2023 09:37:29 +0000
ROA not before: Mon 02 Jan 2023 09:37:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 109.121.35.0/24 maxlen: 24
109.121.32.0/24 maxlen: 24
109.121.40.0/24 maxlen: 24
109.121.43.0/24 maxlen: 24
109.121.44.0/24 maxlen: 24
109.121.46.0/24 maxlen: 24
109.233.184.0/24 maxlen: 24
77.105.4.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 16 Jan 2023 10:55:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:d7:da:35:d5:e5:d4:25:22:ba:ee:04:26:ec:a9:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Validity
Not Before: Jan 2 09:37:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f0ee3035f78f25b28c7d68b8e6062615159ac4af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:ba:6d:21:fd:a7:a8:24:57:9f:62:89:e9:d2:
97:fb:da:fc:11:56:e2:bb:70:ec:7f:99:ed:d1:8a:
7b:a1:19:14:55:fd:90:95:f1:3a:7e:62:de:96:bb:
b3:d9:f7:98:dc:49:6e:a0:e4:a5:f4:2c:ee:48:d3:
9b:a7:d5:83:dc:e7:24:a7:27:90:e6:05:68:ea:2f:
4d:c3:f7:4f:25:e7:bd:ef:ce:2a:47:dd:a2:f5:3c:
c8:e2:88:3c:f5:b3:26:93:3f:ec:38:1e:9d:13:8f:
c8:1d:2b:66:55:46:d7:ac:b0:12:be:d2:5e:2d:30:
d5:7b:25:c9:f4:76:ba:c3:14:f6:1c:73:b8:0d:6e:
8d:ee:5a:27:5d:16:90:3c:92:d3:82:eb:de:df:8b:
25:35:54:d2:93:85:b9:91:ad:c2:ed:6b:ad:b8:40:
a4:de:94:f1:70:a5:db:0a:b2:ed:e2:d3:67:5f:3a:
43:20:43:29:67:1a:da:df:34:37:33:7a:e1:38:c3:
e3:89:0d:8e:4f:fe:65:9c:52:c4:b5:2c:ef:db:6e:
f6:d0:01:c6:8c:86:1c:b9:d5:18:74:5d:28:f9:fb:
d2:d1:62:03:15:77:bf:6e:5b:29:a2:4d:86:62:45:
e1:6f:57:73:71:92:c9:fa:9e:03:87:ae:58:01:35:
00:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:EE:30:35:F7:8F:25:B2:8C:7D:68:B8:E6:06:26:15:15:9A:C4:AF
X509v3 Authority Key Identifier:
keyid:6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/8O4wNfePJbKMfWi45gYmFRWaxK8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.105.4.0/24
109.121.32.0/24
109.121.35.0/24
109.121.40.0/24
109.121.43.0-109.121.44.255
109.121.46.0/24
109.233.184.0/24
Signature Algorithm: sha256WithRSAEncryption
67:8c:94:8e:51:00:69:ec:8d:80:af:a0:5a:07:10:5e:ad:f6:
be:eb:7a:74:23:a3:33:26:57:eb:61:d3:c9:4a:97:b5:4e:46:
82:52:4b:71:85:b3:e4:50:74:bc:22:f7:75:88:2c:de:db:e3:
2b:64:68:37:4c:e7:4a:b6:f3:1f:fe:41:04:4c:21:b0:28:7e:
bf:ee:9f:56:22:b6:17:74:f4:ee:70:e6:2e:af:e6:32:6b:b4:
f2:f9:97:81:e6:f1:cf:cc:48:ac:e5:db:2d:cb:68:b4:01:89:
25:38:b1:7a:1f:17:8c:92:e0:63:87:d7:75:12:ff:7a:ea:a6:
c8:16:cc:6d:0d:81:59:8c:5f:a2:5a:65:f4:c4:51:3b:31:9f:
46:c0:4c:d8:7d:ae:9e:ef:30:23:80:51:5a:fb:de:e8:38:8a:
a5:9b:53:6d:8d:ea:fb:37:ca:1a:c0:f9:86:da:0d:0e:c9:12:
c6:82:1c:ea:42:51:97:91:e3:62:3b:15:29:ab:85:1b:11:4f:
78:c3:ab:21:69:61:8a:4b:6a:5c:54:6b:47:6e:3c:b2:7c:97:
91:0d:5d:0e:fd:24:a9:05:2a:b7:52:70:fe:f8:10:e7:0f:3f:
a0:b8:71:d8:14:a0:f5:3c:66:9d:2c:ff:b7:2a:24:ce:5a:58:
c0:11:30:62
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAYVx19o11eXUJSK67gQm7KlJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmODRlNDczOGE3MGVhMzljMDhjZWYyMTA0MzJhZTM5OWVj
N2U5MTUwHhcNMjMwMTAyMDkzNzI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMGVlMzAzNWY3OGYyNWIyOGM3ZDY4YjhlNjA2MjYxNTE1OWFjNGFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo7ptIf2nqCRXn2KJ6dKX+9r8EVbi
u3Dsf5nt0Yp7oRkUVf2QlfE6fmLelruz2feY3EluoOSl9CzuSNObp9WD3OckpyeQ
5gVo6i9Nw/dPJee9784qR92i9TzI4og89bMmkz/sOB6dE4/IHStmVUbXrLASvtJe
LTDVeyXJ9Ha6wxT2HHO4DW6N7lonXRaQPJLTguve34slNVTSk4W5ka3C7WutuECk
3pTxcKXbCrLt4tNnXzpDIEMpZxra3zQ3M3rhOMPjiQ2OT/5lnFLEtSzv22720AHG
jIYcudUYdF0o+fvS0WIDFXe/blspok2GYkXhb1dzcZLJ+p4Dh65YATUAowIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFPDuMDX3jyWyjH1ouOYGJhUVmsSvMB8GA1UdIwQY
MBaAFG+E5HOKcOo5wIzvIQQyrjmex+kVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYt
ZmFlNWRiZWQzYjFiLzEvOE80d05mZVBKYktNZldpNDVnWW1GUldheEs4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYtZmFlNWRiZWQzYjFi
LzEvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQATWkEAwQA
bXkgAwQAbXkjAwQAbXkoMAwDBABteSsDBABteSwDBABteS4DBABt6bgwDQYJKoZI
hvcNAQELBQADggEBAGeMlI5RAGnsjYCvoFoHEF6t9r7renQjozMmV+th08lKl7VO
RoJSS3GFs+RQdLwi93WILN7b4ytkaDdM50q28x/+QQRMIbAofr/un1Yithd09O5w
5i6v5jJrtPL5l4Hm8c/MSKzl2y3LaLQBiSU4sXofF4yS4GOH13US/3rqpsgWzG0N
gVmMX6JaZfTEUTsxn0bATNh9rp7vMCOAUVr73ug4iqWbU22N6vs3yhrA+YbaDQ7J
EsaCHOpCUZeR42I7FSmrhRsRT3jDqyFpYYpLalxUa0duPLJ8l5ENXQ79JKkFKrdS
cP74EOcPP6C4cdgUoPU8Zp0s/7cqJM5aWMARMGI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:25 2024 by rpki-client on console-fra.rpki-client.org