Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/DmboaHRD4I0ioX9LDwuPvUIDKl8.roa
File: DmboaHRD4I0ioX9LDwuPvUIDKl8.roa (raw, json)
Hash identifier: P8LPTUsm/c6mFn9zTINNutJFyYSe/3rjSmt1TmEiiyM=
Subject key identifier: 0E:66:E8:68:74:43:E0:8D:22:A1:7F:4B:0F:0B:8F:BD:42:03:2A:5F
Certificate issuer: /CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Certificate serial: 0187945AB6EBEC4C8762D5A6BC89F7ABF733
Authority key identifier: 6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/DmboaHRD4I0ioX9LDwuPvUIDKl8.roa
Signing time: Tue 18 Apr 2023 12:33:05 +0000
ROA not before: Tue 18 Apr 2023 12:33:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 77.105.22.0/24 maxlen: 24
109.121.40.0/24 maxlen: 24
212.69.13.0/24 maxlen: 24
109.233.184.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:94:5a:b6:eb:ec:4c:87:62:d5:a6:bc:89:f7:ab:f7:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Validity
Not Before: Apr 18 12:33:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0e66e8687443e08d22a17f4b0f0b8fbd42032a5f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:70:1d:20:75:fa:7c:67:6c:bc:9e:fa:ad:5c:
00:af:ab:54:74:50:3c:01:86:e0:81:70:60:49:22:
5e:da:29:17:b9:69:97:2c:33:c6:9c:44:b0:85:48:
64:9c:92:40:8e:c0:97:c8:c9:0b:21:e8:15:d1:44:
37:a9:da:92:cb:4a:57:1c:4a:cc:14:47:5c:6d:1a:
f2:27:93:2e:c3:2b:b1:07:20:a2:31:18:0d:0f:4b:
d4:c7:91:34:a3:bc:1f:b0:6c:ea:e0:0b:03:8b:03:
0d:81:15:47:d7:a2:47:11:0e:bf:94:88:63:2f:95:
5a:02:0e:7f:e9:bf:73:31:78:b4:2c:5e:fb:98:0e:
0a:32:db:d9:70:4e:8c:b0:ae:21:0e:f2:12:89:6b:
fa:c5:a4:fa:18:fb:c3:16:13:c1:bf:e4:ab:e9:65:
73:0e:89:de:30:92:d2:f5:4f:41:68:ee:82:40:88:
ec:83:47:b6:dd:0d:d3:d0:a3:73:98:cb:8f:dd:e1:
64:23:38:02:1e:cf:a7:49:0b:39:a1:c1:33:27:99:
3e:1c:f8:af:78:9b:fe:86:ff:6f:7f:f7:71:a2:91:
e0:6b:91:12:58:9c:7b:8c:ef:e2:69:94:91:ff:c2:
c4:17:a7:44:ff:47:3d:a2:75:52:b7:cf:d1:18:2c:
cc:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:66:E8:68:74:43:E0:8D:22:A1:7F:4B:0F:0B:8F:BD:42:03:2A:5F
X509v3 Authority Key Identifier:
keyid:6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/DmboaHRD4I0ioX9LDwuPvUIDKl8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.105.22.0/24
109.121.40.0/24
109.233.184.0/24
212.69.13.0/24
Signature Algorithm: sha256WithRSAEncryption
55:8c:ad:e6:7b:55:65:3d:d7:0a:b8:1f:72:7e:37:9f:86:80:
ac:f4:8f:73:c5:be:b9:c8:40:f5:31:52:3c:eb:8f:38:3b:80:
9a:68:bb:cd:e3:fc:c3:92:75:e3:c7:f8:8a:b1:43:5c:61:0b:
da:bf:d9:ee:31:03:2c:5e:ea:2a:23:95:a7:f9:fd:55:ca:82:
6e:7a:e7:31:1c:37:27:d2:fd:b8:e1:00:6e:e7:58:44:ec:f5:
a6:6f:fc:a6:bd:97:72:5b:96:3e:22:ac:30:c7:3d:81:94:72:
d3:f8:34:a1:e8:e7:c2:95:99:20:ed:30:29:2a:fa:30:27:6c:
41:c4:de:99:1e:99:50:ba:c2:23:9e:98:48:87:e5:eb:c5:cf:
0a:9f:4d:56:fb:15:8c:1e:1d:69:fa:60:d4:3e:99:0e:83:fc:
c6:df:cc:84:43:36:10:99:28:9b:31:9a:a0:fb:60:10:91:20:
47:ce:0b:3b:f7:70:11:dd:68:95:0c:a6:08:94:5b:21:de:71:
af:af:ac:1d:c4:b2:d8:19:d3:8d:15:1a:14:a5:1f:54:4c:01:
b3:dd:f5:e2:aa:dc:f2:bb:64:3e:ce:fa:96:64:e8:c9:cf:c8:
c2:43:c4:a6:cf:59:c9:46:a2:52:dd:04:11:bd:c3:de:bc:30:
73:b6:67:80
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYeUWrbr7EyHYtWmvIn3q/czMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmODRlNDczOGE3MGVhMzljMDhjZWYyMTA0MzJhZTM5OWVj
N2U5MTUwHhcNMjMwNDE4MTIzMzA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZTY2ZTg2ODc0NDNlMDhkMjJhMTdmNGIwZjBiOGZiZDQyMDMyYTVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2HAdIHX6fGdsvJ76rVwAr6tUdFA8
AYbggXBgSSJe2ikXuWmXLDPGnESwhUhknJJAjsCXyMkLIegV0UQ3qdqSy0pXHErM
FEdcbRryJ5MuwyuxByCiMRgND0vUx5E0o7wfsGzq4AsDiwMNgRVH16JHEQ6/lIhj
L5VaAg5/6b9zMXi0LF77mA4KMtvZcE6MsK4hDvISiWv6xaT6GPvDFhPBv+Sr6WVz
DoneMJLS9U9BaO6CQIjsg0e23Q3T0KNzmMuP3eFkIzgCHs+nSQs5ocEzJ5k+HPiv
eJv+hv9vf/dxopHga5ESWJx7jO/iaZSR/8LEF6dE/0c9onVSt8/RGCzMvwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFA5m6Gh0Q+CNIqF/Sw8Lj71CAypfMB8GA1UdIwQY
MBaAFG+E5HOKcOo5wIzvIQQyrjmex+kVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYt
ZmFlNWRiZWQzYjFiLzEvRG1ib2FIUkQ0STBpb1g5TER3dVB2VUlES2w4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYtZmFlNWRiZWQzYjFi
LzEvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQATWkWAwQA
bXkoAwQAbem4AwQA1EUNMA0GCSqGSIb3DQEBCwUAA4IBAQBVjK3me1VlPdcKuB9y
fjefhoCs9I9zxb65yED1MVI86484O4CaaLvN4/zDknXjx/iKsUNcYQvav9nuMQMs
XuoqI5Wn+f1VyoJueucxHDcn0v244QBu51hE7PWmb/ymvZdyW5Y+Iqwwxz2BlHLT
+DSh6OfClZkg7TApKvowJ2xBxN6ZHplQusIjnphIh+Xrxc8Kn01W+xWMHh1p+mDU
PpkOg/zG38yEQzYQmSibMZqg+2AQkSBHzgs793AR3WiVDKYIlFsh3nGvr6wdxLLY
GdONFRoUpR9UTAGz3fXiqtzyu2Q+zvqWZOjJz8jCQ8Smz1nJRqJS3QQRvcPevDBz
tmeA
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:32 2023 by rpki-client on console-fra.rpki-client.org