Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/X0Iy7bA1rvFUKIoFaSeTvc4K9TU.roa
File: X0Iy7bA1rvFUKIoFaSeTvc4K9TU.roa (raw, json)
Hash identifier: EHNToWkVX6VIBPFgRZORTysU4qOXF8wYCCjqTw+luWY=
Subject key identifier: 5F:42:32:ED:B0:35:AE:F1:54:28:8A:05:69:27:93:BD:CE:0A:F5:35
Certificate issuer: /CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Certificate serial: 01887268D50DDB2995C8B5E88ED65CB7308B
Authority key identifier: 6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/X0Iy7bA1rvFUKIoFaSeTvc4K9TU.roa
Signing time: Wed 31 May 2023 15:24:12 +0000
ROA not before: Wed 31 May 2023 15:24:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 109.121.32.0/24 maxlen: 24
109.121.44.0/24 maxlen: 24
188.255.128.0/24 maxlen: 24
109.121.46.0/24 maxlen: 24
188.255.134.0/24 maxlen: 24
212.69.13.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 11 Jun 2023 12:16:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:72:68:d5:0d:db:29:95:c8:b5:e8:8e:d6:5c:b7:30:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Validity
Not Before: May 31 15:24:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5f4232edb035aef154288a05692793bdce0af535
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:41:51:9c:ef:45:10:5e:92:ce:68:e5:6f:42:
6d:e0:6e:4e:0f:04:8c:a0:08:f6:a0:83:3a:6d:ba:
71:bb:ab:43:ca:1b:89:84:b3:02:e0:75:58:8a:9a:
13:74:65:54:06:a1:57:61:80:e2:08:5a:21:48:16:
04:74:bf:98:0b:62:77:ac:0f:77:a5:06:66:2a:ee:
4b:53:13:bc:91:e4:5e:95:25:c9:49:ee:ab:16:0e:
2f:73:5b:bf:c4:22:1b:23:35:17:7a:13:58:0f:37:
95:f3:c4:2e:a3:1e:75:dc:d4:9c:42:d8:56:3a:ee:
65:89:d3:71:34:0b:99:07:2e:95:18:86:20:97:4f:
99:bc:53:9e:ca:ab:4a:45:b5:b4:65:06:46:e0:ea:
b2:2d:9a:0f:91:7e:f7:70:6d:3e:af:cf:72:8e:12:
e9:c8:a6:6a:38:d3:1d:42:60:e3:ea:1a:ec:42:94:
de:0f:63:2c:50:70:6d:0b:36:71:ec:1d:49:72:2d:
3f:0b:c5:e8:95:ea:e9:9c:2b:11:3c:fc:85:fd:48:
57:65:40:11:d2:51:8c:b1:b4:e8:fd:cd:75:07:98:
4b:a4:bd:ba:a2:85:fe:0c:f0:72:a2:1e:2b:84:0f:
51:da:83:e7:e5:b5:fc:21:e9:ff:5a:f8:45:a0:a3:
5d:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:42:32:ED:B0:35:AE:F1:54:28:8A:05:69:27:93:BD:CE:0A:F5:35
X509v3 Authority Key Identifier:
keyid:6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/X0Iy7bA1rvFUKIoFaSeTvc4K9TU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.121.32.0/24
109.121.44.0/24
109.121.46.0/24
188.255.128.0/24
188.255.134.0/24
212.69.13.0/24
Signature Algorithm: sha256WithRSAEncryption
83:aa:b8:b8:a9:fd:51:7b:e2:83:99:b0:b2:45:3d:ea:0c:82:
d5:18:82:42:b9:eb:e9:69:8b:2a:46:19:b2:e9:a5:27:5c:d9:
eb:16:21:4f:97:70:45:c0:9c:3e:70:b5:61:d6:4b:8d:a1:90:
13:6e:58:b5:e9:5e:b5:a7:b8:ae:ad:22:f1:41:49:ef:ee:25:
ee:2f:d6:35:3b:75:b2:0c:63:73:0c:15:9b:55:b7:2d:ac:70:
b8:bf:68:7a:76:c9:7e:f3:38:d0:ad:49:ed:f6:4f:84:8c:b8:
31:bc:6c:d2:4b:73:6f:2f:1e:5d:ea:0a:42:6a:78:50:6d:ea:
29:58:2a:9a:6d:e1:e1:c2:07:f3:ff:20:bc:de:11:69:53:14:
47:e7:a5:20:8c:09:e3:d2:ae:da:84:52:45:4d:18:2f:a7:24:
31:74:c2:dc:c0:cf:83:c6:25:a1:51:6c:e8:41:e5:5c:14:12:
99:dc:d8:85:94:53:ad:44:82:8f:cd:50:1e:df:84:a0:e1:7e:
17:f2:0b:c1:e1:0e:e7:6f:7d:1e:b0:d3:a1:e5:3b:94:06:78:
be:2f:37:06:94:5a:60:bd:5b:67:d8:5b:53:5d:09:7b:50:b9:
f1:3c:4d:e3:03:1c:27:e2:6f:7a:80:08:83:03:aa:75:7b:e6:
e5:da:f4:7f
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYhyaNUN2ymVyLXojtZctzCLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmODRlNDczOGE3MGVhMzljMDhjZWYyMTA0MzJhZTM5OWVj
N2U5MTUwHhcNMjMwNTMxMTUyNDEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjQyMzJlZGIwMzVhZWYxNTQyODhhMDU2OTI3OTNiZGNlMGFmNTM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwUFRnO9FEF6Szmjlb0Jt4G5ODwSM
oAj2oIM6bbpxu6tDyhuJhLMC4HVYipoTdGVUBqFXYYDiCFohSBYEdL+YC2J3rA93
pQZmKu5LUxO8keRelSXJSe6rFg4vc1u/xCIbIzUXehNYDzeV88Quox513NScQthW
Ou5lidNxNAuZBy6VGIYgl0+ZvFOeyqtKRbW0ZQZG4OqyLZoPkX73cG0+r89yjhLp
yKZqONMdQmDj6hrsQpTeD2MsUHBtCzZx7B1Jci0/C8XolerpnCsRPPyF/UhXZUAR
0lGMsbTo/c11B5hLpL26ooX+DPByoh4rhA9R2oPn5bX8Ien/WvhFoKNdGwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFF9CMu2wNa7xVCiKBWknk73OCvU1MB8GA1UdIwQY
MBaAFG+E5HOKcOo5wIzvIQQyrjmex+kVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYt
ZmFlNWRiZWQzYjFiLzEvWDBJeTdiQTFydkZVS0lvRmFTZVR2YzRLOVRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYtZmFlNWRiZWQzYjFi
LzEvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAbXkgAwQA
bXksAwQAbXkuAwQAvP+AAwQAvP+GAwQA1EUNMA0GCSqGSIb3DQEBCwUAA4IBAQCD
qri4qf1Re+KDmbCyRT3qDILVGIJCuevpaYsqRhmy6aUnXNnrFiFPl3BFwJw+cLVh
1kuNoZATbli16V61p7iurSLxQUnv7iXuL9Y1O3WyDGNzDBWbVbctrHC4v2h6dsl+
8zjQrUnt9k+EjLgxvGzSS3NvLx5d6gpCanhQbeopWCqabeHhwgfz/yC83hFpUxRH
56UgjAnj0q7ahFJFTRgvpyQxdMLcwM+DxiWhUWzoQeVcFBKZ3NiFlFOtRIKPzVAe
34Sg4X4X8gvB4Q7nb30esNOh5TuUBni+LzcGlFpgvVtn2FtTXQl7ULnxPE3jAxwn
4m96gAiDA6p1e+bl2vR/
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:04 2024 by rpki-client on console-ams.rpki-client.org