Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/KoA59QqrDE1l1r4_a_NwzO-LPYM.roa
File: KoA59QqrDE1l1r4_a_NwzO-LPYM.roa (raw, json)
Hash identifier: Zd0RQRzMUZ1Tq3WFRVKcNtIRnsX1vaDrV18lM56qhJA=
Subject key identifier: 2A:80:39:F5:0A:AB:0C:4D:65:D6:BE:3F:6B:F3:70:CC:EF:8B:3D:83
Certificate issuer: /CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Certificate serial: 0189ED487FAD57B4C8C8023F2986566EB559
Authority key identifier: 6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/KoA59QqrDE1l1r4_a_NwzO-LPYM.roa
Signing time: Sun 13 Aug 2023 05:04:58 +0000
ROA not before: Sun 13 Aug 2023 05:04:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 188.255.206.0/24 maxlen: 24
109.121.35.0/24 maxlen: 24
109.121.43.0/24 maxlen: 24
212.69.0.0/24 maxlen: 24
188.255.134.0/24 maxlen: 24
188.255.141.0/24 maxlen: 24
77.105.8.0/24 maxlen: 24
185.47.91.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 16 Aug 2023 17:24:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:ed:48:7f:ad:57:b4:c8:c8:02:3f:29:86:56:6e:b5:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Validity
Not Before: Aug 13 05:04:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2a8039f50aab0c4d65d6be3f6bf370ccef8b3d83
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:d1:1a:b1:61:00:ae:36:90:83:75:79:24:14:
35:ce:fd:9c:7b:c8:90:fc:43:4d:19:c7:a6:28:c8:
1d:8b:f1:4f:b9:ae:57:81:96:41:5c:c2:3c:c7:33:
19:b4:f8:dd:c7:73:02:7a:5b:9f:f3:77:b6:87:50:
45:33:a9:ab:30:f9:d0:45:ef:bb:cd:d4:f5:70:4a:
3c:61:75:bd:60:ad:7a:2b:72:e2:dd:c8:03:1d:55:
86:ad:f4:ac:c8:d3:2c:bf:f8:3f:31:5d:ae:12:cd:
56:c5:c3:13:92:03:81:48:f3:32:b5:fc:e5:da:0c:
03:b9:15:81:56:32:6c:90:26:32:9b:99:b5:f5:08:
f7:ca:29:36:0f:9b:34:28:fa:8b:6f:7f:ce:11:84:
12:d5:13:31:74:ca:c5:a4:df:14:e9:e2:5e:98:b8:
4f:73:07:06:29:41:cb:d8:3f:bb:6b:ad:83:a9:ee:
3e:35:50:be:7f:b2:c1:7d:bd:f3:1b:fa:b6:d7:18:
7f:3f:aa:6d:cb:f5:3a:14:62:8c:74:55:6f:bd:eb:
98:1c:ba:3a:31:03:93:67:18:a2:1b:c7:79:34:de:
8a:5c:da:34:c8:0f:a6:33:dd:ee:fe:28:6b:f7:a9:
ed:21:20:d2:12:a6:b9:bd:a9:6b:53:3d:80:8c:34:
0e:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:80:39:F5:0A:AB:0C:4D:65:D6:BE:3F:6B:F3:70:CC:EF:8B:3D:83
X509v3 Authority Key Identifier:
keyid:6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/KoA59QqrDE1l1r4_a_NwzO-LPYM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.105.8.0/24
109.121.35.0/24
109.121.43.0/24
185.47.91.0/24
188.255.134.0/24
188.255.141.0/24
188.255.206.0/24
212.69.0.0/24
Signature Algorithm: sha256WithRSAEncryption
11:bf:90:f8:14:7b:9e:38:f6:ce:ff:f7:c0:8b:78:a9:63:6f:
f3:e1:44:8f:1b:af:ac:1c:b8:f8:d7:14:88:1f:f8:3e:b9:e7:
ec:d3:ae:cb:b1:2a:8d:2b:54:94:ef:21:2f:95:e0:9c:46:b1:
54:59:2c:0a:96:eb:92:b7:a0:46:3d:ee:59:67:c6:da:af:9e:
99:9a:6c:60:13:02:ae:47:e0:3b:d9:41:38:eb:b5:58:3d:d2:
ff:c9:fd:80:f8:32:b8:ac:0a:9f:85:03:1e:27:19:6d:ec:27:
50:73:18:ed:ee:a3:60:fa:5e:e0:cf:16:f4:b5:59:f3:ee:3b:
9a:2a:d9:63:48:f5:02:f1:0a:9b:72:b8:61:c8:44:e9:ba:5e:
12:ae:cc:de:61:2f:f7:ef:72:e4:f2:8f:8f:96:07:da:72:57:
da:cc:b4:4c:08:9f:a0:64:12:c7:40:1a:05:30:73:6b:6f:e0:
80:70:0b:14:90:a0:c0:23:5b:40:a6:2b:f1:06:82:66:0c:92:
e2:f9:b0:0d:ec:c1:f2:89:98:8a:ec:c9:ba:7d:76:50:ea:9a:
68:56:78:5c:15:0d:cb:d4:fc:77:47:54:b5:c4:cd:a4:df:a6:
a7:1f:d3:fa:33:b7:d0:b3:5e:b2:85:1f:7d:ba:59:18:71:ef:
0d:6f:3f:5e
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYntSH+tV7TIyAI/KYZWbrVZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmODRlNDczOGE3MGVhMzljMDhjZWYyMTA0MzJhZTM5OWVj
N2U5MTUwHhcNMjMwODEzMDUwNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTgwMzlmNTBhYWIwYzRkNjVkNmJlM2Y2YmYzNzBjY2VmOGIzZDgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn9EasWEArjaQg3V5JBQ1zv2ce8iQ
/ENNGcemKMgdi/FPua5XgZZBXMI8xzMZtPjdx3MCeluf83e2h1BFM6mrMPnQRe+7
zdT1cEo8YXW9YK16K3Li3cgDHVWGrfSsyNMsv/g/MV2uEs1WxcMTkgOBSPMytfzl
2gwDuRWBVjJskCYym5m19Qj3yik2D5s0KPqLb3/OEYQS1RMxdMrFpN8U6eJemLhP
cwcGKUHL2D+7a62Dqe4+NVC+f7LBfb3zG/q21xh/P6pty/U6FGKMdFVvveuYHLo6
MQOTZxiiG8d5NN6KXNo0yA+mM93u/ihr96ntISDSEqa5valrUz2AjDQONwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFCqAOfUKqwxNZda+P2vzcMzviz2DMB8GA1UdIwQY
MBaAFG+E5HOKcOo5wIzvIQQyrjmex+kVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYt
ZmFlNWRiZWQzYjFiLzEvS29BNTlRcXJERTFsMXI0X2FfTnd6Ty1MUFlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYtZmFlNWRiZWQzYjFi
LzEvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQATWkIAwQA
bXkjAwQAbXkrAwQAuS9bAwQAvP+GAwQAvP+NAwQAvP/OAwQA1EUAMA0GCSqGSIb3
DQEBCwUAA4IBAQARv5D4FHueOPbO//fAi3ipY2/z4USPG6+sHLj41xSIH/g+uefs
067LsSqNK1SU7yEvleCcRrFUWSwKluuSt6BGPe5ZZ8bar56ZmmxgEwKuR+A72UE4
67VYPdL/yf2A+DK4rAqfhQMeJxlt7CdQcxjt7qNg+l7gzxb0tVnz7juaKtljSPUC
8QqbcrhhyETpul4SrszeYS/373Lk8o+PlgfaclfazLRMCJ+gZBLHQBoFMHNrb+CA
cAsUkKDAI1tApivxBoJmDJLi+bAN7MHyiZiK7Mm6fXZQ6ppoVnhcFQ3L1Px3R1S1
xM2k36anH9P6M7fQs16yhR99ulkYce8Nbz9e
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:04 2024 by rpki-client on console-ams.rpki-client.org