Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/GI9BrGtKc9CSf5D5uR0YtepbG1I.roa
File: GI9BrGtKc9CSf5D5uR0YtepbG1I.roa (raw, json)
Hash identifier: yx4RB3HQhXrZNyhUtplYjYY4YG6JiVHOghiI/8QW/Jo=
Subject key identifier: 18:8F:41:AC:6B:4A:73:D0:92:7F:90:F9:B9:1D:18:B5:EA:5B:1B:52
Certificate issuer: /CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Certificate serial: 018CC56E1119A2671CE1095376A1C44B2B29
Authority key identifier: 6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/GI9BrGtKc9CSf5D5uR0YtepbG1I.roa
Signing time: Mon 01 Jan 2024 14:29:34 +0000
ROA not before: Mon 01 Jan 2024 14:29:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 64267
IP address blocks: 109.121.43.0/24 maxlen: 24
109.121.40.0/24 maxlen: 24
188.255.144.0/24 maxlen: 24
109.233.184.0/24 maxlen: 24
109.233.185.0/24 maxlen: 24
178.253.237.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 29 Jan 2024 09:09:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:11:19:a2:67:1c:e1:09:53:76:a1:c4:4b:2b:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Validity
Not Before: Jan 1 14:29:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=188f41ac6b4a73d0927f90f9b91d18b5ea5b1b52
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:2f:57:0e:39:b6:06:c1:15:27:65:3f:6e:6f:
12:32:10:b8:f7:a3:9d:79:ea:3e:0d:c5:41:03:37:
50:3a:b5:d4:f0:b4:ad:52:7a:1f:9f:73:c6:f0:a9:
96:35:5e:17:ef:d6:89:34:d0:c5:29:d0:38:66:b5:
5a:91:a6:d1:1a:a5:20:19:cf:36:4a:5e:b9:67:d3:
0f:8b:1a:53:39:fd:29:33:21:1b:8e:9b:24:83:80:
11:1b:8a:83:5c:7c:84:87:71:ac:06:0d:1b:fc:d6:
20:30:89:a1:63:04:38:c8:4b:a8:7e:fc:89:32:6d:
0c:58:7b:83:fa:2b:93:9d:1e:4b:d6:c5:af:fa:84:
d4:9f:d6:37:97:46:01:40:bf:a6:4d:b7:49:b9:6e:
81:fe:8e:bc:99:2d:0c:5c:fe:99:c0:ec:6d:ac:38:
44:69:7a:dc:c5:5f:5d:46:83:ff:c5:8b:c6:c5:b6:
06:cf:6f:3b:0d:5e:5b:c7:33:5e:f9:6e:f4:48:db:
dd:e5:a9:43:5d:b0:be:aa:a1:8d:c4:5d:33:48:28:
1f:77:ab:ff:10:9f:6f:9e:e0:bb:da:8f:c8:af:63:
5d:a6:5c:c3:e2:bb:e5:95:ba:a7:31:e3:45:db:0a:
89:40:ad:1b:cc:8a:e9:27:cc:0c:61:fe:bb:21:13:
66:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:8F:41:AC:6B:4A:73:D0:92:7F:90:F9:B9:1D:18:B5:EA:5B:1B:52
X509v3 Authority Key Identifier:
keyid:6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/GI9BrGtKc9CSf5D5uR0YtepbG1I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.121.40.0/24
109.121.43.0/24
109.233.184.0/23
178.253.237.0/24
188.255.144.0/24
Signature Algorithm: sha256WithRSAEncryption
30:46:eb:59:78:49:86:de:24:fb:32:0e:c7:bb:a0:8f:b2:ec:
76:82:51:26:76:95:28:bd:35:c7:90:56:e8:4e:05:1a:f6:7e:
20:7c:13:93:7d:6b:b7:5a:ea:eb:92:3f:e3:32:f3:67:ab:32:
69:29:15:6f:b9:a1:4d:a8:4a:1a:b1:f4:e2:7f:4b:26:05:7a:
4d:fd:91:14:e1:63:bc:b3:c7:77:39:d8:36:96:d0:94:f9:3c:
a1:2d:fb:f4:48:53:70:2f:26:b1:86:3b:08:a7:d6:96:f2:2b:
72:78:40:62:c7:64:4b:de:f6:52:56:98:6f:8e:70:89:33:dd:
b7:71:c8:65:63:a9:e9:12:13:3e:fb:a3:0f:7d:b4:ae:91:85:
68:e1:1a:9f:ca:57:6d:9e:d1:4d:08:16:6b:6b:25:23:1a:43:
d8:37:3c:36:02:7e:64:af:47:33:25:1d:88:e1:25:8a:ec:03:
d3:99:b4:d3:87:dc:6c:da:ae:6f:03:26:45:9b:52:53:78:19:
27:57:d0:1c:da:7e:e3:e5:52:81:59:1d:ce:63:2b:d2:b1:f4:
9a:67:57:72:a3:b2:e8:4e:10:a7:e7:d5:5a:32:03:47:e6:88:
e8:68:46:77:36:b2:3f:80:d2:62:95:3a:6d:22:de:f0:0a:76:
b7:0c:89:4c
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzFbhEZomcc4QlTdqHESyspMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmODRlNDczOGE3MGVhMzljMDhjZWYyMTA0MzJhZTM5OWVj
N2U5MTUwHhcNMjQwMTAxMTQyOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxODhmNDFhYzZiNGE3M2QwOTI3ZjkwZjliOTFkMThiNWVhNWIxYjUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiS9XDjm2BsEVJ2U/bm8SMhC496Od
eeo+DcVBAzdQOrXU8LStUnofn3PG8KmWNV4X79aJNNDFKdA4ZrVakabRGqUgGc82
Sl65Z9MPixpTOf0pMyEbjpskg4ARG4qDXHyEh3GsBg0b/NYgMImhYwQ4yEuofvyJ
Mm0MWHuD+iuTnR5L1sWv+oTUn9Y3l0YBQL+mTbdJuW6B/o68mS0MXP6ZwOxtrDhE
aXrcxV9dRoP/xYvGxbYGz287DV5bxzNe+W70SNvd5alDXbC+qqGNxF0zSCgfd6v/
EJ9vnuC72o/Ir2NdplzD4rvllbqnMeNF2wqJQK0bzIrpJ8wMYf67IRNm+wIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFBiPQaxrSnPQkn+Q+bkdGLXqWxtSMB8GA1UdIwQY
MBaAFG+E5HOKcOo5wIzvIQQyrjmex+kVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYt
ZmFlNWRiZWQzYjFiLzEvR0k5QnJHdEtjOUNTZjVENXVSMFl0ZXBiRzFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYtZmFlNWRiZWQzYjFi
LzEvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAbXkoAwQA
bXkrAwQBbem4AwQAsv3tAwQAvP+QMA0GCSqGSIb3DQEBCwUAA4IBAQAwRutZeEmG
3iT7Mg7Hu6CPsux2glEmdpUovTXHkFboTgUa9n4gfBOTfWu3Wurrkj/jMvNnqzJp
KRVvuaFNqEoasfTif0smBXpN/ZEU4WO8s8d3Odg2ltCU+TyhLfv0SFNwLyaxhjsI
p9aW8ityeEBix2RL3vZSVphvjnCJM923cchlY6npEhM++6MPfbSukYVo4Rqfyldt
ntFNCBZrayUjGkPYNzw2An5kr0czJR2I4SWK7APTmbTTh9xs2q5vAyZFm1JTeBkn
V9Ac2n7j5VKBWR3OYyvSsfSaZ1dyo7LoThCn59VaMgNH5ojoaEZ3NrI/gNJilTpt
It7wCna3DIlM
-----END CERTIFICATE-----
Generated at Mon Jan 29 13:56:22 2024 by rpki-client on console-ams.rpki-client.org