Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/KITFiRzO4DUbBLVgxSHOrb43i5E.roa
File: KITFiRzO4DUbBLVgxSHOrb43i5E.roa (raw, json)
Hash identifier: 2lrZ/h66M8GUxQdqxHxGDSB9Bwfq9vSi2CJJUjbkm5Y=
Subject key identifier: 28:84:C5:89:1C:CE:E0:35:1B:04:B5:60:C5:21:CE:AD:BE:37:8B:91
Certificate issuer: /CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Certificate serial: 01881FD1D299204FD5EA3BB42D1CF6B09897
Authority key identifier: 6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/KITFiRzO4DUbBLVgxSHOrb43i5E.roa
Signing time: Mon 15 May 2023 14:30:24 +0000
ROA not before: Mon 15 May 2023 14:30:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 77.105.22.0/24 maxlen: 24
109.121.40.0/24 maxlen: 24
188.255.135.0/24 maxlen: 24
188.255.134.0/24 maxlen: 24
212.69.13.0/24 maxlen: 24
178.219.14.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:1f:d1:d2:99:20:4f:d5:ea:3b:b4:2d:1c:f6:b0:98:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Validity
Not Before: May 15 14:30:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2884c5891ccee0351b04b560c521ceadbe378b91
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:34:b8:e7:ce:65:08:63:03:40:2a:76:d8:e7:
7e:5b:1d:c5:00:e1:3a:55:be:16:0b:da:29:a3:4f:
39:7b:c9:ff:39:ee:a9:02:18:57:26:55:85:35:78:
0b:da:36:0b:06:3a:93:1e:9f:7f:29:2f:4f:70:58:
dc:46:18:e1:86:e5:63:3a:82:1d:fa:0c:54:ee:54:
c0:d0:ac:51:2e:0d:bf:0e:65:42:ce:fa:22:a6:e9:
e6:52:89:44:a7:7b:67:07:3a:b6:b9:91:a0:38:68:
33:bc:4c:0c:c8:a9:d5:75:b0:53:f6:4b:8b:8f:3d:
cd:0a:83:6c:de:b6:ba:b4:20:a6:f5:e8:5c:cb:dd:
90:f3:5f:7e:aa:f3:c1:d4:66:5f:64:3d:f8:af:23:
ec:71:88:f3:f6:f7:41:60:f0:56:83:66:37:60:60:
41:a7:9f:a1:93:63:07:d7:6c:27:74:91:1a:a3:3c:
5e:ba:98:f6:ce:18:10:e5:a9:be:89:a8:84:88:61:
68:15:eb:c4:b2:94:79:2e:d4:86:c6:75:0e:0b:bc:
c0:98:e8:76:c0:14:82:24:04:89:f5:02:c2:be:e6:
72:ba:f6:4e:1a:f6:c6:47:7b:18:94:cf:c6:89:8d:
66:e8:4a:6d:2c:8b:c6:4c:2a:9d:e9:7a:06:b0:92:
b6:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:84:C5:89:1C:CE:E0:35:1B:04:B5:60:C5:21:CE:AD:BE:37:8B:91
X509v3 Authority Key Identifier:
keyid:6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/KITFiRzO4DUbBLVgxSHOrb43i5E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.105.22.0/24
109.121.40.0/24
178.219.14.0/24
188.255.134.0/23
212.69.13.0/24
Signature Algorithm: sha256WithRSAEncryption
64:b5:fb:c1:30:5a:40:40:2d:38:3a:67:e5:f8:9c:02:f4:8c:
26:8a:35:d9:b9:0e:e5:e5:af:d3:18:ee:a1:cf:ba:57:2a:8c:
1e:95:4a:25:ab:09:66:c3:0f:62:a2:bc:13:db:ea:3f:0a:72:
21:c2:2d:96:16:46:54:6c:6a:ce:dd:16:ac:27:90:b8:2d:ba:
bb:e2:7f:80:a2:02:a9:35:ab:26:e2:bb:c8:71:8e:09:8b:a0:
b2:49:20:2a:7d:0c:8e:10:f1:12:b1:fa:59:eb:c6:16:7a:d4:
ec:5e:42:e0:7a:b3:ef:63:24:72:03:ce:45:c3:09:3b:a7:79:
55:28:e4:fb:48:7a:c0:f1:db:34:24:22:2f:1a:2c:fa:5e:8d:
16:0e:cc:7c:b2:6f:29:c2:c0:67:29:fb:f0:15:ec:9e:34:8a:
a1:0f:cc:b9:c0:e2:05:ae:0a:f1:0f:39:e6:01:dd:b2:b9:6e:
93:c2:d0:7c:e0:62:7a:83:0a:f6:2c:82:4b:6a:0c:48:e6:c3:
76:31:da:3c:67:f0:05:5f:2d:19:f6:37:f6:a8:bd:84:f0:67:
b0:df:dc:78:51:ee:e5:6e:35:61:06:6d:33:d3:1a:66:b2:95:
a3:d1:a6:6d:87:7c:c4:f0:07:95:69:73:0a:2b:d1:6e:bd:e6:
16:2b:27:2d
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYgf0dKZIE/V6ju0LRz2sJiXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmODRlNDczOGE3MGVhMzljMDhjZWYyMTA0MzJhZTM5OWVj
N2U5MTUwHhcNMjMwNTE1MTQzMDI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODg0YzU4OTFjY2VlMDM1MWIwNGI1NjBjNTIxY2VhZGJlMzc4YjkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0jS4585lCGMDQCp22Od+Wx3FAOE6
Vb4WC9opo085e8n/Oe6pAhhXJlWFNXgL2jYLBjqTHp9/KS9PcFjcRhjhhuVjOoId
+gxU7lTA0KxRLg2/DmVCzvoipunmUolEp3tnBzq2uZGgOGgzvEwMyKnVdbBT9kuL
jz3NCoNs3ra6tCCm9ehcy92Q819+qvPB1GZfZD34ryPscYjz9vdBYPBWg2Y3YGBB
p5+hk2MH12wndJEaozxeupj2zhgQ5am+iaiEiGFoFevEspR5LtSGxnUOC7zAmOh2
wBSCJASJ9QLCvuZyuvZOGvbGR3sYlM/GiY1m6EptLIvGTCqd6XoGsJK2OQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFCiExYkczuA1GwS1YMUhzq2+N4uRMB8GA1UdIwQY
MBaAFG+E5HOKcOo5wIzvIQQyrjmex+kVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYt
ZmFlNWRiZWQzYjFiLzEvS0lURmlSek80RFViQkxWZ3hTSE9yYjQzaTVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYtZmFlNWRiZWQzYjFi
LzEvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQATWkWAwQA
bXkoAwQAstsOAwQBvP+GAwQA1EUNMA0GCSqGSIb3DQEBCwUAA4IBAQBktfvBMFpA
QC04Omfl+JwC9IwmijXZuQ7l5a/TGO6hz7pXKowelUolqwlmww9iorwT2+o/CnIh
wi2WFkZUbGrO3RasJ5C4Lbq74n+AogKpNasm4rvIcY4Ji6CySSAqfQyOEPESsfpZ
68YWetTsXkLgerPvYyRyA85Fwwk7p3lVKOT7SHrA8ds0JCIvGiz6Xo0WDsx8sm8p
wsBnKfvwFeyeNIqhD8y5wOIFrgrxDznmAd2yuW6TwtB84GJ6gwr2LIJLagxI5sN2
Mdo8Z/AFXy0Z9jf2qL2E8Gew39x4Ue7lbjVhBm0z0xpmspWj0aZth3zE8AeVaXMK
K9FuveYWKyct
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:19 2023 by rpki-client on console-ams.rpki-client.org