Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/8uIjDNgDEg_dAwLM72Bqg2yZdsM.roa
File: 8uIjDNgDEg_dAwLM72Bqg2yZdsM.roa (raw, json)
Hash identifier: qzU3fQyh4xM2xbIu2jF5WqM2bi6XMdoxRbnlZfPEtFI=
Subject key identifier: F2:E2:23:0C:D8:03:12:0F:DD:03:02:CC:EF:60:6A:83:6C:99:76:C3
Certificate issuer: /CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Certificate serial: 018C52D243CD3BC59331D47324F36D5C00C4
Authority key identifier: 6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/8uIjDNgDEg_dAwLM72Bqg2yZdsM.roa
Signing time: Sun 10 Dec 2023 08:22:40 +0000
ROA not before: Sun 10 Dec 2023 08:22:40 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 109.121.43.0/24 maxlen: 24
109.121.46.0/24 maxlen: 24
185.47.91.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 25 Dec 2023 07:54:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:52:d2:43:cd:3b:c5:93:31:d4:73:24:f3:6d:5c:00:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Validity
Not Before: Dec 10 08:22:40 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f2e2230cd803120fdd0302ccef606a836c9976c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:e5:9d:59:da:e4:55:42:9d:38:58:5e:ea:16:
3c:42:68:3a:fa:1a:99:2b:32:f1:e2:d9:d8:f0:34:
67:8e:6c:ec:69:ed:4e:99:c5:52:de:56:f7:d3:01:
c3:09:35:2b:18:62:03:db:e1:00:16:f4:e9:a1:0f:
62:a9:85:21:da:6c:ba:0d:ea:86:99:ad:e9:ce:2c:
8a:fc:00:6d:b3:45:6b:5d:d9:b7:8c:0f:b2:48:d5:
52:22:17:86:61:29:9a:52:e7:46:af:c4:e2:40:a8:
b7:19:4f:73:d9:42:68:b9:c8:5f:58:5d:d2:a0:c9:
35:28:af:82:21:33:f9:82:14:7f:c8:85:a2:ff:72:
f7:03:2d:b0:49:61:71:a7:2e:60:62:8d:22:84:2c:
de:f1:fd:67:36:e0:a8:d0:cb:96:71:cc:a2:e7:5b:
c0:2f:01:fb:15:36:a7:c1:68:c9:51:15:c7:84:5d:
c9:21:36:88:e7:4b:16:55:25:c0:c6:df:a4:d3:de:
4b:f7:8d:bc:24:a8:ea:30:25:4b:ef:df:ed:13:da:
a9:69:e4:02:a4:26:b6:dc:a5:74:f5:62:cc:1a:ed:
36:66:83:f5:35:68:6c:ac:db:73:b9:58:73:db:8b:
43:6e:87:25:70:90:e8:11:15:d8:b5:80:1c:fb:b5:
c3:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:E2:23:0C:D8:03:12:0F:DD:03:02:CC:EF:60:6A:83:6C:99:76:C3
X509v3 Authority Key Identifier:
keyid:6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/8uIjDNgDEg_dAwLM72Bqg2yZdsM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.121.43.0/24
109.121.46.0/24
185.47.91.0/24
Signature Algorithm: sha256WithRSAEncryption
9f:63:29:9a:0f:02:b8:bf:4a:e7:63:2c:b4:dd:16:87:af:ad:
68:d4:ea:6e:eb:f1:78:12:aa:7d:52:aa:bb:80:7a:97:04:17:
26:7e:d4:34:94:ac:a5:6b:09:5b:c7:da:b0:3d:57:be:66:4e:
19:fb:44:77:48:da:64:01:9c:ad:0c:db:30:ab:30:a2:d7:18:
11:9f:3b:26:47:63:62:0f:d3:fe:d5:92:70:b9:98:08:88:b8:
dc:2d:44:3a:8a:46:2e:ad:44:00:a7:a4:e2:0a:33:ec:bd:77:
c9:4b:f8:89:5f:37:2a:bc:33:9b:3d:3e:7f:db:4f:e3:86:a8:
30:5a:9b:8b:0f:d5:4b:87:de:97:33:2c:9c:40:ee:f5:f7:b3:
b3:28:ab:35:f4:40:bf:e6:37:6f:6f:34:70:95:8e:9f:ea:03:
8a:17:00:dc:d3:d1:57:22:7a:ae:69:89:f8:98:40:21:69:a5:
ab:18:c2:00:fa:1a:a4:b7:46:a8:4e:8f:2b:48:a4:f1:f0:f4:
4d:4d:de:48:5a:c2:52:1a:9c:b0:db:84:fa:fc:80:1c:89:a1:
63:1a:e0:0c:e5:8a:a7:a9:2d:ee:43:ad:93:3d:af:fd:ad:ee:
80:db:b8:96:ab:59:d5:c4:df:bc:79:56:06:9b:2c:d8:74:f1:
11:05:d8:78
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYxS0kPNO8WTMdRzJPNtXADEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmODRlNDczOGE3MGVhMzljMDhjZWYyMTA0MzJhZTM5OWVj
N2U5MTUwHhcNMjMxMjEwMDgyMjQwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMmUyMjMwY2Q4MDMxMjBmZGQwMzAyY2NlZjYwNmE4MzZjOTk3NmMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoeWdWdrkVUKdOFhe6hY8Qmg6+hqZ
KzLx4tnY8DRnjmzsae1OmcVS3lb30wHDCTUrGGID2+EAFvTpoQ9iqYUh2my6DeqG
ma3pziyK/ABts0VrXdm3jA+ySNVSIheGYSmaUudGr8TiQKi3GU9z2UJouchfWF3S
oMk1KK+CITP5ghR/yIWi/3L3Ay2wSWFxpy5gYo0ihCze8f1nNuCo0MuWccyi51vA
LwH7FTanwWjJURXHhF3JITaI50sWVSXAxt+k095L9428JKjqMCVL79/tE9qpaeQC
pCa23KV09WLMGu02ZoP1NWhsrNtzuVhz24tDboclcJDoERXYtYAc+7XDwQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFPLiIwzYAxIP3QMCzO9gaoNsmXbDMB8GA1UdIwQY
MBaAFG+E5HOKcOo5wIzvIQQyrjmex+kVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYt
ZmFlNWRiZWQzYjFiLzEvOHVJakROZ0RFZ19kQXdMTTcyQnFnMnlaZHNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYtZmFlNWRiZWQzYjFi
LzEvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAbXkrAwQA
bXkuAwQAuS9bMA0GCSqGSIb3DQEBCwUAA4IBAQCfYymaDwK4v0rnYyy03RaHr61o
1Opu6/F4Eqp9Uqq7gHqXBBcmftQ0lKylawlbx9qwPVe+Zk4Z+0R3SNpkAZytDNsw
qzCi1xgRnzsmR2NiD9P+1ZJwuZgIiLjcLUQ6ikYurUQAp6TiCjPsvXfJS/iJXzcq
vDObPT5/20/jhqgwWpuLD9VLh96XMyycQO7197OzKKs19EC/5jdvbzRwlY6f6gOK
FwDc09FXInquaYn4mEAhaaWrGMIA+hqkt0aoTo8rSKTx8PRNTd5IWsJSGpyw24T6
/IAciaFjGuAM5YqnqS3uQ62TPa/9re6A27iWq1nVxN+8eVYGmyzYdPERBdh4
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:25 2024 by rpki-client on console-fra.rpki-client.org