Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/QIwQC_UhqIiy063XF-pKl09LExI.roa
File: QIwQC_UhqIiy063XF-pKl09LExI.roa (raw, json)
Hash identifier: EZtrZPJLWQDWEpUF4udBCdN/Zl3QMHkejwj2eDBbwcc=
Subject key identifier: 40:8C:10:0B:F5:21:A8:88:B2:D3:AD:D7:17:EA:4A:97:4F:4B:13:12
Certificate issuer: /CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Certificate serial: 0189FF608BFD1784ED1EB0DE4B574F0F0356
Authority key identifier: 6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/QIwQC_UhqIiy063XF-pKl09LExI.roa
Signing time: Wed 16 Aug 2023 17:24:24 +0000
ROA not before: Wed 16 Aug 2023 17:24:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 188.255.206.0/24 maxlen: 24
109.121.35.0/24 maxlen: 24
109.121.34.0/24 maxlen: 24
109.121.43.0/24 maxlen: 24
212.69.0.0/24 maxlen: 24
188.255.134.0/24 maxlen: 24
188.255.141.0/24 maxlen: 24
77.105.8.0/24 maxlen: 24
185.47.91.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 21 Aug 2023 21:39:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:ff:60:8b:fd:17:84:ed:1e:b0:de:4b:57:4f:0f:03:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Validity
Not Before: Aug 16 17:24:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=408c100bf521a888b2d3add717ea4a974f4b1312
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:4c:36:1a:4e:cf:5f:a9:d7:4b:38:c0:40:8d:
67:86:52:8c:d4:62:f1:97:4a:85:81:05:46:1b:f5:
e5:69:42:94:e2:00:b8:b3:cb:31:5d:12:d2:17:40:
6d:61:e2:2c:51:72:9f:f1:bd:29:d2:54:bd:b7:9f:
6b:f4:8e:d3:09:66:6a:0b:e3:67:c5:5b:17:89:97:
25:9a:0f:f7:48:33:38:db:5c:57:92:2c:9d:33:5a:
c1:20:ae:77:ab:ea:0d:00:5d:33:60:76:b1:64:ed:
29:59:13:e3:97:04:b4:23:23:eb:f8:26:91:61:e0:
8e:60:f8:e4:70:88:2d:87:e8:71:e6:f8:d4:40:36:
4a:57:e0:da:15:6c:c3:13:ec:66:cf:6b:8d:1f:18:
68:f3:1b:71:6a:9c:33:3a:d6:87:48:dc:47:b1:a0:
70:76:7d:df:fb:88:87:fb:0d:d6:ac:48:83:13:73:
5f:2f:2c:0b:b9:84:5c:99:1f:65:db:16:ad:97:7d:
4e:36:25:d7:ff:52:9e:ef:4a:c9:70:36:1a:6b:93:
ee:38:f1:62:09:5a:64:e8:53:91:5f:10:54:60:a0:
d7:2b:bd:da:4b:19:44:15:ea:07:2f:79:2c:a0:f8:
6f:37:81:d7:58:41:b0:31:41:b2:ac:90:85:b1:49:
a9:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:8C:10:0B:F5:21:A8:88:B2:D3:AD:D7:17:EA:4A:97:4F:4B:13:12
X509v3 Authority Key Identifier:
keyid:6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/QIwQC_UhqIiy063XF-pKl09LExI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.105.8.0/24
109.121.34.0/23
109.121.43.0/24
185.47.91.0/24
188.255.134.0/24
188.255.141.0/24
188.255.206.0/24
212.69.0.0/24
Signature Algorithm: sha256WithRSAEncryption
51:ed:41:20:41:2c:cf:c1:33:c2:6d:bf:5a:d9:5d:8e:03:38:
e7:99:30:e3:22:ba:82:01:96:82:40:90:a7:3c:aa:e2:ae:32:
1d:7d:53:0e:61:6d:28:49:1f:38:34:9d:4f:4b:9f:ee:be:de:
07:63:ec:c6:16:6f:49:49:c8:af:b9:75:55:f7:5b:72:78:f6:
c0:1b:f4:e3:6b:3d:d2:d0:27:96:6e:e3:52:fc:8e:75:44:10:
fb:6e:99:b0:89:d5:73:b7:82:f5:4d:be:63:97:74:61:24:ac:
50:aa:bf:06:b8:f9:0b:51:6b:37:eb:28:55:24:b7:81:48:91:
d6:01:7e:49:0f:d3:f8:44:4b:cf:56:a6:ee:67:18:74:7c:5a:
a4:96:78:2a:d1:41:0e:72:15:8e:88:23:40:5b:10:0b:c5:12:
3c:73:e5:6b:f4:f4:79:99:2e:a6:47:10:0e:19:22:27:26:ec:
ee:c2:d9:9e:e1:a3:53:f0:2d:e4:49:fb:68:b7:c0:39:dd:7c:
be:bc:60:2a:8a:ab:c4:e9:7c:63:a4:49:9f:ad:73:a7:8b:02:
ae:50:13:c1:d2:08:90:34:91:19:99:31:c0:ee:15:a2:e4:9d:
97:31:6e:5f:ee:d5:eb:45:e0:19:cb:1a:24:ca:f2:f0:3d:4b:
8f:9f:fd:02
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYn/YIv9F4TtHrDeS1dPDwNWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmODRlNDczOGE3MGVhMzljMDhjZWYyMTA0MzJhZTM5OWVj
N2U5MTUwHhcNMjMwODE2MTcyNDI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDhjMTAwYmY1MjFhODg4YjJkM2FkZDcxN2VhNGE5NzRmNGIxMzEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt0w2Gk7PX6nXSzjAQI1nhlKM1GLx
l0qFgQVGG/XlaUKU4gC4s8sxXRLSF0BtYeIsUXKf8b0p0lS9t59r9I7TCWZqC+Nn
xVsXiZclmg/3SDM421xXkiydM1rBIK53q+oNAF0zYHaxZO0pWRPjlwS0IyPr+CaR
YeCOYPjkcIgth+hx5vjUQDZKV+DaFWzDE+xmz2uNHxho8xtxapwzOtaHSNxHsaBw
dn3f+4iH+w3WrEiDE3NfLywLuYRcmR9l2xatl31ONiXX/1Ke70rJcDYaa5PuOPFi
CVpk6FORXxBUYKDXK73aSxlEFeoHL3ksoPhvN4HXWEGwMUGyrJCFsUmp1QIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFECMEAv1IaiIstOt1xfqSpdPSxMSMB8GA1UdIwQY
MBaAFG+E5HOKcOo5wIzvIQQyrjmex+kVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYt
ZmFlNWRiZWQzYjFiLzEvUUl3UUNfVWhxSWl5MDYzWEYtcEtsMDlMRXhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYtZmFlNWRiZWQzYjFi
LzEvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQATWkIAwQB
bXkiAwQAbXkrAwQAuS9bAwQAvP+GAwQAvP+NAwQAvP/OAwQA1EUAMA0GCSqGSIb3
DQEBCwUAA4IBAQBR7UEgQSzPwTPCbb9a2V2OAzjnmTDjIrqCAZaCQJCnPKrirjId
fVMOYW0oSR84NJ1PS5/uvt4HY+zGFm9JScivuXVV91tyePbAG/Tjaz3S0CeWbuNS
/I51RBD7bpmwidVzt4L1Tb5jl3RhJKxQqr8GuPkLUWs36yhVJLeBSJHWAX5JD9P4
REvPVqbuZxh0fFqklngq0UEOchWOiCNAWxALxRI8c+Vr9PR5mS6mRxAOGSInJuzu
wtme4aNT8C3kSftot8A53Xy+vGAqiqvE6XxjpEmfrXOniwKuUBPB0giQNJEZmTHA
7hWi5J2XMW5f7tXrReAZyxokyvLwPUuPn/0C
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:04 2024 by rpki-client on console-ams.rpki-client.org