Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/8qWEtGFAb6aZdWbHTbI5vve8byU.roa
File: 8qWEtGFAb6aZdWbHTbI5vve8byU.roa (raw, json)
Hash identifier: 7RAIZOgQbMmrMfFM7NH2iXHZu/LDyxjrPgsO1EDKdws=
Subject key identifier: F2:A5:84:B4:61:40:6F:A6:99:75:66:C7:4D:B2:39:BE:F7:BC:6F:25
Certificate issuer: /CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Certificate serial: 01890E17A87A11EED682CC6B4DF7A951501D
Authority key identifier: 6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/8qWEtGFAb6aZdWbHTbI5vve8byU.roa
Signing time: Fri 30 Jun 2023 20:56:18 +0000
ROA not before: Fri 30 Jun 2023 20:56:18 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 109.121.32.0/24 maxlen: 24
109.121.44.0/24 maxlen: 24
109.121.46.0/24 maxlen: 24
212.69.13.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:0e:17:a8:7a:11:ee:d6:82:cc:6b:4d:f7:a9:51:50:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Validity
Not Before: Jun 30 20:56:18 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f2a584b461406fa6997566c74db239bef7bc6f25
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:9b:6f:14:a5:6b:b8:ee:44:e8:f3:db:82:4b:
08:d5:03:b2:22:a9:f9:e2:43:92:bf:49:2c:ed:b4:
d9:61:ac:86:1b:b6:72:79:bc:76:61:6c:6e:69:42:
19:77:7d:fd:85:5b:5a:82:f4:c2:06:15:ac:9e:65:
bc:55:6b:d4:f7:39:28:ad:15:8d:17:04:2d:1b:c5:
ec:21:0e:8d:7f:64:d7:9b:d7:30:05:e0:14:c2:db:
09:b4:f0:12:21:08:88:38:49:f0:73:45:0a:7b:bf:
bc:20:91:16:45:27:da:0b:8e:f7:6c:40:69:f4:9d:
38:4b:de:0e:bb:21:73:36:a0:3f:eb:a3:6a:81:05:
e8:4c:f5:16:79:a5:83:f9:5f:55:ca:d5:f8:6c:da:
17:fe:bd:37:33:20:f9:74:d5:7c:3a:03:b7:ab:4d:
0a:7c:4a:0d:72:07:da:46:d8:07:95:87:7c:14:b0:
45:b8:b8:2e:34:c9:52:12:89:89:01:e4:da:00:cd:
1d:7d:cc:14:90:fd:19:5e:7e:72:60:ad:0d:03:ab:
35:3b:09:a4:87:96:38:8a:c6:46:40:0d:08:22:de:
b9:77:10:e3:7c:8c:b9:98:c8:5c:ff:3b:c1:e0:1a:
5a:e0:bc:c0:f3:fb:a9:a8:ee:dd:9a:af:02:4a:92:
92:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:A5:84:B4:61:40:6F:A6:99:75:66:C7:4D:B2:39:BE:F7:BC:6F:25
X509v3 Authority Key Identifier:
keyid:6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/8qWEtGFAb6aZdWbHTbI5vve8byU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.121.32.0/24
109.121.44.0/24
109.121.46.0/24
212.69.13.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:ce:cd:42:bf:65:68:42:58:ff:71:55:ff:50:0b:f6:65:86:
f9:d7:e7:a8:84:30:59:6d:68:e9:ed:4c:58:b5:64:c2:18:2e:
af:47:48:fc:e0:7d:5b:9e:b5:b3:31:67:fc:27:58:9f:47:65:
90:98:52:4b:5d:e4:d0:37:4b:03:f1:70:62:20:f8:02:68:2b:
73:56:f6:67:d7:1d:ca:68:52:c6:5d:40:6d:0c:d4:c3:eb:df:
45:16:1a:9e:82:76:42:3b:15:a9:b8:6b:cc:6c:d6:72:1a:87:
3c:27:5d:99:4c:65:88:5e:52:57:a6:b5:1a:78:98:b1:09:e7:
cb:32:9d:da:df:e0:bc:fe:e8:2e:b5:4b:17:dc:5d:dc:e4:81:
73:85:ad:e2:a5:36:17:9d:d7:e8:f8:4a:97:a9:71:39:fe:ac:
a7:36:99:39:b3:85:72:0b:b6:22:8d:eb:78:ca:ee:e0:d2:8d:
db:d1:95:f2:82:57:73:ce:f3:b3:4f:10:a3:ec:c4:f5:91:69:
fb:80:02:25:f4:92:cf:59:7a:0d:bb:3c:c7:05:2e:1d:4b:a0:
a6:66:f0:b9:7d:18:ce:a0:08:7f:e1:ce:50:68:c9:cc:a4:87:
1e:29:28:fa:c9:ae:31:62:a7:8d:0f:1e:b7:b2:ca:aa:bb:07:
28:e1:4b:38
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYkOF6h6Ee7WgsxrTfepUVAdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmODRlNDczOGE3MGVhMzljMDhjZWYyMTA0MzJhZTM5OWVj
N2U5MTUwHhcNMjMwNjMwMjA1NjE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMmE1ODRiNDYxNDA2ZmE2OTk3NTY2Yzc0ZGIyMzliZWY3YmM2ZjI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz5tvFKVruO5E6PPbgksI1QOyIqn5
4kOSv0ks7bTZYayGG7Zyebx2YWxuaUIZd339hVtagvTCBhWsnmW8VWvU9zkorRWN
FwQtG8XsIQ6Nf2TXm9cwBeAUwtsJtPASIQiIOEnwc0UKe7+8IJEWRSfaC473bEBp
9J04S94OuyFzNqA/66NqgQXoTPUWeaWD+V9VytX4bNoX/r03MyD5dNV8OgO3q00K
fEoNcgfaRtgHlYd8FLBFuLguNMlSEomJAeTaAM0dfcwUkP0ZXn5yYK0NA6s1Owmk
h5Y4isZGQA0IIt65dxDjfIy5mMhc/zvB4Bpa4LzA8/upqO7dmq8CSpKSUQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFPKlhLRhQG+mmXVmx02yOb73vG8lMB8GA1UdIwQY
MBaAFG+E5HOKcOo5wIzvIQQyrjmex+kVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYt
ZmFlNWRiZWQzYjFiLzEvOHFXRXRHRkFiNmFaZFdiSFRiSTV2dmU4YnlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYtZmFlNWRiZWQzYjFi
LzEvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAbXkgAwQA
bXksAwQAbXkuAwQA1EUNMA0GCSqGSIb3DQEBCwUAA4IBAQBvzs1Cv2VoQlj/cVX/
UAv2ZYb51+eohDBZbWjp7UxYtWTCGC6vR0j84H1bnrWzMWf8J1ifR2WQmFJLXeTQ
N0sD8XBiIPgCaCtzVvZn1x3KaFLGXUBtDNTD699FFhqegnZCOxWpuGvMbNZyGoc8
J12ZTGWIXlJXprUaeJixCefLMp3a3+C8/ugutUsX3F3c5IFzha3ipTYXndfo+EqX
qXE5/qynNpk5s4VyC7Yijet4yu7g0o3b0ZXygldzzvOzTxCj7MT1kWn7gAIl9JLP
WXoNuzzHBS4dS6CmZvC5fRjOoAh/4c5QaMnMpIceKSj6ya4xYqeNDx63ssqquwco
4Us4
-----END CERTIFICATE-----
Generated at Mon Sep 4 07:16:57 2023 by rpki-client on console-ams.rpki-client.org