Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/DSN-cemb3zKqi0c4GbBcnbmHjTY.roa
File: DSN-cemb3zKqi0c4GbBcnbmHjTY.roa (raw, json)
Hash identifier: S52VML7EKGmjZ/uV8LoYtDXU7SxpGZhaff+32z4BRJU=
Subject key identifier: 0D:23:7E:71:E9:9B:DF:32:AA:8B:47:38:19:B0:5C:9D:B9:87:8D:36
Certificate issuer: /CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Certificate serial: 018A3D2F631ECC2A0FAEE850BC90F63FF176
Authority key identifier: 6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/DSN-cemb3zKqi0c4GbBcnbmHjTY.roa
Signing time: Mon 28 Aug 2023 17:27:10 +0000
ROA not before: Mon 28 Aug 2023 17:27:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 109.121.35.0/24 maxlen: 24
109.121.34.0/24 maxlen: 24
109.121.43.0/24 maxlen: 24
212.69.0.0/24 maxlen: 24
77.105.8.0/24 maxlen: 24
185.47.91.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 31 Aug 2023 11:20:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:3d:2f:63:1e:cc:2a:0f:ae:e8:50:bc:90:f6:3f:f1:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Validity
Not Before: Aug 28 17:27:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0d237e71e99bdf32aa8b473819b05c9db9878d36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:d1:c0:5b:ac:ff:45:20:41:61:6a:4b:78:3e:
ba:77:40:34:10:e0:03:82:70:f2:c2:54:7e:4c:de:
ed:17:f6:c6:f4:14:0f:d3:66:d4:04:7e:1d:33:79:
68:af:4d:b5:b2:9e:46:29:b7:06:a7:64:0b:92:ae:
bf:a7:4e:5c:0b:a2:d5:58:42:41:89:0e:e4:39:72:
23:e8:6e:92:3d:bc:8b:fb:f6:db:7d:fc:ce:67:b0:
82:c4:b4:bd:b3:3d:de:91:cd:47:19:b5:93:40:7b:
10:51:f0:4e:e2:0a:bc:c0:ec:9f:b3:d6:53:da:47:
69:ec:b6:30:be:19:f8:41:f5:a1:ff:92:b9:72:bc:
c5:68:ae:88:05:40:ee:82:88:72:f4:6a:60:f8:81:
e7:58:07:3d:f0:a8:ce:78:ad:61:fc:6b:2c:ec:51:
cf:91:ed:2d:f2:68:1f:d4:0c:f2:eb:fb:8d:5c:7b:
b3:24:da:2e:68:a5:89:e8:ac:fb:ef:25:f1:4f:37:
a5:1f:5b:06:aa:08:d2:b8:28:98:d3:5c:2f:a5:3c:
48:1d:6e:d1:31:3a:63:90:f0:02:b0:72:ea:8d:cd:
0a:63:3c:d5:f7:3a:5b:2d:22:d4:d1:f3:bd:f3:bf:
dd:03:c6:32:71:31:c8:67:76:e0:93:23:c7:6f:c5:
ec:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:23:7E:71:E9:9B:DF:32:AA:8B:47:38:19:B0:5C:9D:B9:87:8D:36
X509v3 Authority Key Identifier:
keyid:6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/DSN-cemb3zKqi0c4GbBcnbmHjTY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.105.8.0/24
109.121.34.0/23
109.121.43.0/24
185.47.91.0/24
212.69.0.0/24
Signature Algorithm: sha256WithRSAEncryption
37:cf:03:8a:c5:78:43:9c:ea:7b:d8:d0:c6:db:12:f6:fd:b4:
ab:e0:b3:2e:39:15:43:9a:1e:f9:31:06:15:62:12:56:58:d6:
ed:d3:43:47:1b:9c:df:55:47:60:3c:a5:3b:ff:73:9c:77:62:
be:3b:b5:b4:82:50:da:2b:f5:75:2f:14:69:f2:ef:44:6a:8d:
c4:8b:ee:f9:59:78:ff:1c:dc:18:3e:04:97:67:e7:50:fe:cb:
dc:b7:6d:a7:6f:7e:ea:1f:2c:2a:12:a2:47:fc:d5:5a:47:c3:
f3:59:3d:d2:28:38:c3:66:ae:65:db:39:bb:f0:e8:fe:f6:32:
01:18:59:2e:86:18:78:71:24:2b:a9:8a:08:0a:17:ea:d4:fd:
eb:fc:b6:86:b5:c4:0b:32:54:02:5c:06:01:c0:9a:58:a4:55:
e9:d7:53:94:cc:7d:7f:16:e6:db:e5:3a:a3:ce:49:53:86:41:
86:41:92:79:b3:a1:f7:5a:e6:c6:e7:0b:49:be:c4:a1:25:6a:
33:7d:25:b9:03:f7:59:de:7c:d1:30:c9:83:5f:a1:db:fb:83:
49:e6:ad:2c:7e:26:5c:a3:d1:40:8d:37:98:02:9a:ab:db:f9:
7c:ef:69:93:df:c1:e8:af:0f:0c:4b:ff:1d:88:6a:41:b4:00:
19:8f:1f:8e
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYo9L2MezCoPruhQvJD2P/F2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmODRlNDczOGE3MGVhMzljMDhjZWYyMTA0MzJhZTM5OWVj
N2U5MTUwHhcNMjMwODI4MTcyNzEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDIzN2U3MWU5OWJkZjMyYWE4YjQ3MzgxOWIwNWM5ZGI5ODc4ZDM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp9HAW6z/RSBBYWpLeD66d0A0EOAD
gnDywlR+TN7tF/bG9BQP02bUBH4dM3lor021sp5GKbcGp2QLkq6/p05cC6LVWEJB
iQ7kOXIj6G6SPbyL+/bbffzOZ7CCxLS9sz3ekc1HGbWTQHsQUfBO4gq8wOyfs9ZT
2kdp7LYwvhn4QfWh/5K5crzFaK6IBUDugohy9Gpg+IHnWAc98KjOeK1h/Gss7FHP
ke0t8mgf1Azy6/uNXHuzJNouaKWJ6Kz77yXxTzelH1sGqgjSuCiY01wvpTxIHW7R
MTpjkPACsHLqjc0KYzzV9zpbLSLU0fO987/dA8YycTHIZ3bgkyPHb8XsZwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFA0jfnHpm98yqotHOBmwXJ25h402MB8GA1UdIwQY
MBaAFG+E5HOKcOo5wIzvIQQyrjmex+kVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYt
ZmFlNWRiZWQzYjFiLzEvRFNOLWNlbWIzektxaTBjNEdiQmNuYm1IalRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYtZmFlNWRiZWQzYjFi
LzEvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQATWkIAwQB
bXkiAwQAbXkrAwQAuS9bAwQA1EUAMA0GCSqGSIb3DQEBCwUAA4IBAQA3zwOKxXhD
nOp72NDG2xL2/bSr4LMuORVDmh75MQYVYhJWWNbt00NHG5zfVUdgPKU7/3Ocd2K+
O7W0glDaK/V1LxRp8u9Eao3Ei+75WXj/HNwYPgSXZ+dQ/svct22nb37qHywqEqJH
/NVaR8PzWT3SKDjDZq5l2zm78Oj+9jIBGFkuhhh4cSQrqYoIChfq1P3r/LaGtcQL
MlQCXAYBwJpYpFXp11OUzH1/Fubb5TqjzklThkGGQZJ5s6H3WubG5wtJvsShJWoz
fSW5A/dZ3nzRMMmDX6Hb+4NJ5q0sfiZco9FAjTeYApqr2/l872mT38Horw8MS/8d
iGpBtAAZjx+O
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:26 2024 by rpki-client on console-fra.rpki-client.org