Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/KQU4kiDv2Z9xDaqL48b_lw4Og9U.roa
File: KQU4kiDv2Z9xDaqL48b_lw4Og9U.roa (raw, json)
Hash identifier: pEDLVcPvOiZJOYfp9Ex07A9Zo1gf7Ys3Dtar+gJapsg=
Subject key identifier: 29:05:38:92:20:EF:D9:9F:71:0D:AA:8B:E3:C6:FF:97:0E:0E:83:D5
Certificate issuer: /CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Certificate serial: 018AEF7AD7DD3084EFF9554B695CF565FE00
Authority key identifier: 6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/KQU4kiDv2Z9xDaqL48b_lw4Og9U.roa
Signing time: Mon 02 Oct 2023 08:21:59 +0000
ROA not before: Mon 02 Oct 2023 08:21:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 188.255.206.0/24 maxlen: 24
109.121.35.0/24 maxlen: 24
109.121.43.0/24 maxlen: 24
212.69.10.0/24 maxlen: 24
188.255.141.0/24 maxlen: 24
79.175.66.0/24 maxlen: 24
77.105.8.0/24 maxlen: 24
185.47.91.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 20 Oct 2023 11:54:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:ef:7a:d7:dd:30:84:ef:f9:55:4b:69:5c:f5:65:fe:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Validity
Not Before: Oct 2 08:21:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2905389220efd99f710daa8be3c6ff970e0e83d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:0a:90:b6:2f:9a:f3:f9:2d:50:30:04:b3:d5:
54:c0:44:0d:87:90:62:ab:d5:54:0e:a1:d0:b0:42:
1c:74:fe:ad:90:22:73:3f:ed:14:04:34:1b:46:26:
5c:be:fa:d0:5d:f2:71:e1:89:3d:e8:9e:54:76:d3:
75:1a:23:1e:12:8c:a5:06:18:48:92:cf:3d:c0:3d:
4a:02:7e:40:9e:39:6a:0c:79:e9:8e:1b:aa:ce:b1:
37:99:ef:47:a0:fa:e7:f3:89:7e:d8:67:08:92:54:
77:05:47:3f:01:da:77:1b:3f:d9:6d:35:be:d2:b4:
e1:f6:9e:18:87:43:af:82:e0:03:8d:4c:d2:34:92:
b4:55:da:6c:98:6b:68:f9:e0:3a:4d:11:7e:43:9c:
41:e0:f9:04:b0:18:ab:1f:21:50:60:f2:a1:35:58:
5a:ed:67:f0:28:85:3f:44:5f:3d:f3:d2:8f:56:40:
d5:b3:91:8d:3c:d6:1d:0a:76:de:c9:b1:2d:a0:16:
47:f2:50:84:0c:43:00:cf:a5:b5:43:2e:7e:db:9e:
3e:b9:c5:ae:21:cf:b6:aa:95:50:64:6d:78:d0:e6:
93:7f:5a:73:cb:9a:ff:e9:25:19:4a:cb:74:c4:a1:
41:3f:2f:c9:68:f1:67:e7:3b:4a:70:ea:5e:75:32:
da:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:05:38:92:20:EF:D9:9F:71:0D:AA:8B:E3:C6:FF:97:0E:0E:83:D5
X509v3 Authority Key Identifier:
keyid:6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/KQU4kiDv2Z9xDaqL48b_lw4Og9U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.105.8.0/24
79.175.66.0/24
109.121.35.0/24
109.121.43.0/24
185.47.91.0/24
188.255.141.0/24
188.255.206.0/24
212.69.10.0/24
Signature Algorithm: sha256WithRSAEncryption
87:2d:c4:a6:18:ab:b0:a8:71:47:9c:22:cc:74:4a:42:6c:09:
91:6c:42:cc:8d:0e:17:03:57:48:bd:22:4d:a3:06:80:24:7b:
d8:b8:fd:fc:5a:9b:6f:05:3e:5d:a9:cc:c5:56:de:7e:9b:40:
43:2d:ca:f9:63:ba:05:bb:4c:9c:ad:85:c4:85:90:9a:d7:71:
3c:a5:e2:bd:86:63:71:ab:f9:3c:bf:01:a9:82:e3:fd:dc:e7:
4d:39:10:a1:b1:40:1e:51:6a:02:1e:41:05:1a:81:7f:c2:e3:
e9:c4:43:36:95:b8:59:b4:8d:6a:25:11:de:d0:1a:51:8b:94:
04:47:cc:8d:d5:d5:04:bf:5a:ad:49:7d:8a:13:9b:22:5b:17:
1c:4f:3e:d0:81:df:83:64:c2:66:45:b9:2b:47:ca:ed:c2:c3:
70:07:a0:43:c1:e1:79:da:ab:d8:4d:76:8a:26:22:12:22:e3:
36:d2:37:a0:76:f9:bb:93:d8:06:21:5e:6a:77:0c:f8:66:a5:
57:8c:f7:02:c7:5f:40:12:93:56:1d:cc:42:4c:3b:98:25:92:
49:3b:15:ef:67:9a:50:30:a6:ef:9c:3e:fb:69:f6:21:25:07:
c4:95:77:01:67:47:2a:c2:f7:90:10:5d:47:b3:0d:9d:a6:57:
62:56:8e:6a
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYrvetfdMITv+VVLaVz1Zf4AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmODRlNDczOGE3MGVhMzljMDhjZWYyMTA0MzJhZTM5OWVj
N2U5MTUwHhcNMjMxMDAyMDgyMTU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTA1Mzg5MjIwZWZkOTlmNzEwZGFhOGJlM2M2ZmY5NzBlMGU4M2Q1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2gqQti+a8/ktUDAEs9VUwEQNh5Bi
q9VUDqHQsEIcdP6tkCJzP+0UBDQbRiZcvvrQXfJx4Yk96J5UdtN1GiMeEoylBhhI
ks89wD1KAn5AnjlqDHnpjhuqzrE3me9HoPrn84l+2GcIklR3BUc/Adp3Gz/ZbTW+
0rTh9p4Yh0OvguADjUzSNJK0VdpsmGto+eA6TRF+Q5xB4PkEsBirHyFQYPKhNVha
7WfwKIU/RF8989KPVkDVs5GNPNYdCnbeybEtoBZH8lCEDEMAz6W1Qy5+254+ucWu
Ic+2qpVQZG140OaTf1pzy5r/6SUZSst0xKFBPy/JaPFn5ztKcOpedTLakQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFCkFOJIg79mfcQ2qi+PG/5cODoPVMB8GA1UdIwQY
MBaAFG+E5HOKcOo5wIzvIQQyrjmex+kVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYt
ZmFlNWRiZWQzYjFiLzEvS1FVNGtpRHYyWjl4RGFxTDQ4Yl9sdzRPZzlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYtZmFlNWRiZWQzYjFi
LzEvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQATWkIAwQA
T69CAwQAbXkjAwQAbXkrAwQAuS9bAwQAvP+NAwQAvP/OAwQA1EUKMA0GCSqGSIb3
DQEBCwUAA4IBAQCHLcSmGKuwqHFHnCLMdEpCbAmRbELMjQ4XA1dIvSJNowaAJHvY
uP38WptvBT5dqczFVt5+m0BDLcr5Y7oFu0ycrYXEhZCa13E8peK9hmNxq/k8vwGp
guP93OdNORChsUAeUWoCHkEFGoF/wuPpxEM2lbhZtI1qJRHe0BpRi5QER8yN1dUE
v1qtSX2KE5siWxccTz7Qgd+DZMJmRbkrR8rtwsNwB6BDweF52qvYTXaKJiISIuM2
0jegdvm7k9gGIV5qdwz4ZqVXjPcCx19AEpNWHcxCTDuYJZJJOxXvZ5pQMKbvnD77
afYhJQfElXcBZ0cqwveQEF1Hsw2dpldiVo5q
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:26 2024 by rpki-client on console-fra.rpki-client.org