Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/W9PzKgGX8Dz4biKDFTFgHyA0MxY.roa
File: W9PzKgGX8Dz4biKDFTFgHyA0MxY.roa (raw, json)
Hash identifier: MGz6YfqcGU+Ruz7Ie/RFbdT9aqa/d11QG1K8sfFOvqA=
Subject key identifier: 5B:D3:F3:2A:01:97:F0:3C:F8:6E:22:83:15:31:60:1F:20:34:33:16
Certificate issuer: /CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Certificate serial: 0189B2575DDD95B3EAF793D755755CC81122
Authority key identifier: 6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/W9PzKgGX8Dz4biKDFTFgHyA0MxY.roa
Signing time: Tue 01 Aug 2023 18:23:37 +0000
ROA not before: Tue 01 Aug 2023 18:23:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 188.255.206.0/24 maxlen: 24
109.121.35.0/24 maxlen: 24
109.121.43.0/24 maxlen: 24
212.69.0.0/24 maxlen: 24
188.255.134.0/24 maxlen: 24
93.186.69.0/24 maxlen: 24
77.105.8.0/24 maxlen: 24
185.47.91.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:b2:57:5d:dd:95:b3:ea:f7:93:d7:55:75:5c:c8:11:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Validity
Not Before: Aug 1 18:23:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5bd3f32a0197f03cf86e22831531601f20343316
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:c1:28:c9:a7:be:7f:71:42:4e:57:2f:04:96:
7e:4e:f1:bc:c5:20:75:ce:2d:e5:6c:05:a4:c6:8a:
e1:60:3b:69:fb:4b:e0:14:a3:ca:d4:49:14:61:b0:
90:9d:1f:b0:e4:ca:00:7a:af:84:2c:05:ab:6a:b4:
93:a7:3d:db:98:1d:17:39:65:35:01:ca:6c:66:e8:
84:86:fb:b1:71:83:4c:31:7e:4a:32:49:82:64:87:
49:b7:d1:dc:67:50:73:1c:eb:c8:bc:6f:a5:49:d3:
45:b5:d9:fa:fd:7f:ed:f3:8d:21:c4:80:e2:68:16:
17:37:b8:8a:02:c2:54:74:e6:8f:9e:5d:78:b7:34:
dd:35:72:05:20:4c:65:60:f5:1f:5f:c9:00:79:bc:
60:b7:17:50:a8:36:37:85:a1:20:83:ee:2e:fe:64:
74:b5:b0:81:95:27:93:29:e3:ca:40:03:42:0d:af:
b0:c8:51:0d:47:f1:c1:63:05:6f:bc:13:1c:a9:84:
61:c1:04:73:e5:17:9f:89:5c:73:d9:9c:89:11:50:
de:18:4a:ad:3c:15:6c:cc:51:0a:4d:e9:60:6f:68:
3f:95:a9:78:6c:c6:da:80:07:e5:3c:8a:e1:8c:cd:
9f:c8:f5:05:d6:da:cf:f9:46:09:ac:11:2e:57:7a:
ce:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:D3:F3:2A:01:97:F0:3C:F8:6E:22:83:15:31:60:1F:20:34:33:16
X509v3 Authority Key Identifier:
keyid:6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/W9PzKgGX8Dz4biKDFTFgHyA0MxY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.105.8.0/24
93.186.69.0/24
109.121.35.0/24
109.121.43.0/24
185.47.91.0/24
188.255.134.0/24
188.255.206.0/24
212.69.0.0/24
Signature Algorithm: sha256WithRSAEncryption
49:22:ea:ee:30:6f:19:aa:33:16:8b:e1:61:49:42:03:f2:8a:
63:ff:3f:2c:69:96:d9:9b:59:f7:d7:d4:35:2d:10:06:5c:5e:
c3:b8:f4:f4:6c:d7:bd:ef:27:06:70:6e:1d:ed:ea:9a:22:da:
2e:88:93:19:f8:71:40:74:3b:64:74:63:9a:60:01:69:00:47:
14:6a:f1:89:2f:f2:14:eb:a0:d2:72:db:9a:d4:3f:fd:14:82:
c6:c7:0b:d9:01:a2:2c:3f:e6:6f:80:f4:20:32:e3:b4:44:63:
6f:85:75:f7:cc:59:51:aa:28:27:46:c4:6c:a5:f9:9d:da:ee:
73:b7:81:01:e3:98:a4:08:b8:ea:d3:a8:bf:3d:cd:44:c9:9b:
fb:27:f9:41:10:b5:53:33:3b:7f:a0:4e:9a:f9:0d:85:4a:44:
90:68:79:5e:63:49:59:8e:41:9f:59:67:ec:07:0e:f9:ed:4e:
6e:69:65:29:f2:16:db:55:74:df:2a:ff:ff:01:89:b5:4f:f3:
ca:f4:16:ec:ed:20:d5:53:11:26:2a:9e:a5:74:f0:0d:4c:f7:
3e:39:21:0f:8d:79:21:eb:b1:29:1e:e0:4a:4c:3e:9d:39:9f:
2b:a8:45:20:d5:f6:4c:13:b7:bb:54:5f:85:80:cd:f4:39:19:
f4:87:64:96
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYmyV13dlbPq95PXVXVcyBEiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmODRlNDczOGE3MGVhMzljMDhjZWYyMTA0MzJhZTM5OWVj
N2U5MTUwHhcNMjMwODAxMTgyMzM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YmQzZjMyYTAxOTdmMDNjZjg2ZTIyODMxNTMxNjAxZjIwMzQzMzE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg8Eoyae+f3FCTlcvBJZ+TvG8xSB1
zi3lbAWkxorhYDtp+0vgFKPK1EkUYbCQnR+w5MoAeq+ELAWrarSTpz3bmB0XOWU1
AcpsZuiEhvuxcYNMMX5KMkmCZIdJt9HcZ1BzHOvIvG+lSdNFtdn6/X/t840hxIDi
aBYXN7iKAsJUdOaPnl14tzTdNXIFIExlYPUfX8kAebxgtxdQqDY3haEgg+4u/mR0
tbCBlSeTKePKQANCDa+wyFENR/HBYwVvvBMcqYRhwQRz5RefiVxz2ZyJEVDeGEqt
PBVszFEKTelgb2g/lal4bMbagAflPIrhjM2fyPUF1trP+UYJrBEuV3rOgQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFFvT8yoBl/A8+G4igxUxYB8gNDMWMB8GA1UdIwQY
MBaAFG+E5HOKcOo5wIzvIQQyrjmex+kVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYt
ZmFlNWRiZWQzYjFiLzEvVzlQektnR1g4RHo0YmlLREZURmdIeUEwTXhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYtZmFlNWRiZWQzYjFi
LzEvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQATWkIAwQA
XbpFAwQAbXkjAwQAbXkrAwQAuS9bAwQAvP+GAwQAvP/OAwQA1EUAMA0GCSqGSIb3
DQEBCwUAA4IBAQBJIuruMG8ZqjMWi+FhSUID8opj/z8saZbZm1n319Q1LRAGXF7D
uPT0bNe97ycGcG4d7eqaItouiJMZ+HFAdDtkdGOaYAFpAEcUavGJL/IU66DSctua
1D/9FILGxwvZAaIsP+ZvgPQgMuO0RGNvhXX3zFlRqignRsRspfmd2u5zt4EB45ik
CLjq06i/Pc1EyZv7J/lBELVTMzt/oE6a+Q2FSkSQaHleY0lZjkGfWWfsBw757U5u
aWUp8hbbVXTfKv//AYm1T/PK9Bbs7SDVUxEmKp6ldPANTPc+OSEPjXkh67EpHuBK
TD6dOZ8rqEUg1fZME7e7VF+FgM30ORn0h2SW
-----END CERTIFICATE-----
Generated at Wed Aug 2 13:40:44 2023 by rpki-client on console-ams.rpki-client.org