Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/XHntPPBGs3GyCd6tmRIOT4gqlLA.roa
File: XHntPPBGs3GyCd6tmRIOT4gqlLA.roa (raw, json)
Hash identifier: 6RyoO3xFdTbVxUFpfASBye3U8Q3CjbNOe+kyHoxq14Q=
Subject key identifier: 5C:79:ED:3C:F0:46:B3:71:B2:09:DE:AD:99:12:0E:4F:88:2A:94:B0
Certificate issuer: /CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Certificate serial: 01909226303913DB85920AC385F73D7DCCC3
Authority key identifier: 6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/XHntPPBGs3GyCd6tmRIOT4gqlLA.roa
Signing time: Mon 08 Jul 2024 11:41:34 +0000
ROA not before: Mon 08 Jul 2024 11:41:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 109.121.41.0/24 maxlen: 24
109.121.43.0/24 maxlen: 24
185.47.91.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 30 Jul 2024 09:42:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:92:26:30:39:13:db:85:92:0a:c3:85:f7:3d:7d:cc:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Validity
Not Before: Jul 8 11:41:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5c79ed3cf046b371b209dead99120e4f882a94b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:66:6e:d2:67:bd:4f:d7:5c:25:42:c4:c5:8b:
9e:27:4a:cf:d1:f8:fd:6e:ce:1d:24:4c:93:92:a1:
af:8c:09:28:87:59:8a:a4:c7:77:43:46:82:81:83:
82:e5:8b:17:7b:50:9a:d7:d9:79:8b:db:ca:a0:20:
30:0e:89:77:0d:85:98:57:93:6c:5d:0a:b3:a6:ea:
9a:a5:56:42:be:25:d1:45:e0:2b:df:78:d3:1b:5f:
fb:92:ac:ca:95:26:18:77:f4:bc:c5:d8:25:77:27:
a5:cb:fb:01:22:6a:8f:ed:64:5b:d5:ab:c7:d3:cf:
c8:64:21:09:b7:56:09:c3:aa:8f:c1:14:ea:2f:20:
bc:6a:b2:30:4d:83:ee:88:c5:b5:da:75:46:da:31:
13:a6:61:80:fc:89:32:38:27:ef:bb:99:25:fb:46:
b9:20:ca:14:b6:b6:9a:f5:23:57:7f:10:dd:c5:a7:
c5:b0:8b:fc:b3:6e:fc:bf:45:5c:8c:9e:32:7c:00:
75:5c:7d:fe:91:f5:21:fe:9b:73:f6:36:d8:d2:4e:
e9:ff:f4:59:d7:45:68:c9:b5:7e:c5:ec:e3:aa:93:
63:4e:b0:3c:4e:f2:da:1e:6c:72:0f:8b:1e:90:17:
64:27:95:52:44:22:46:32:57:39:82:d6:ce:61:91:
b0:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:79:ED:3C:F0:46:B3:71:B2:09:DE:AD:99:12:0E:4F:88:2A:94:B0
X509v3 Authority Key Identifier:
keyid:6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/XHntPPBGs3GyCd6tmRIOT4gqlLA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.121.41.0/24
109.121.43.0/24
185.47.91.0/24
Signature Algorithm: sha256WithRSAEncryption
74:59:e1:aa:e1:e7:96:b0:f3:a1:1d:b6:6e:9e:fa:36:bd:1f:
c7:a0:8d:d1:2f:33:d9:e7:ad:17:ac:65:27:34:f2:22:32:fb:
71:83:2a:7f:3c:55:74:7f:eb:3a:15:92:15:0f:d2:28:9d:1b:
de:55:84:b6:b3:06:2c:89:36:50:51:58:05:26:34:06:9e:3b:
91:c3:04:38:9c:03:01:76:18:44:78:37:da:d5:65:7c:09:ac:
fd:87:f0:a6:e4:f8:5a:ea:a6:4c:9d:e4:a8:16:0c:07:82:87:
f9:69:d8:a6:d5:86:62:c9:69:f9:66:4b:9e:c6:f5:e9:6b:f5:
f0:b1:9a:f6:00:ed:bf:77:77:1e:54:d0:a4:52:ac:ae:ae:c6:
17:45:55:f8:b9:fc:0a:bc:bc:a4:54:cd:e4:9f:42:99:8c:15:
66:cd:90:95:fc:75:de:58:63:99:85:0d:12:f4:42:aa:ca:b7:
66:dd:7a:2b:cd:17:53:cb:02:36:01:43:45:5b:bb:29:79:a4:
8a:8c:e0:37:3e:7a:08:0d:2a:47:43:f7:ef:cf:a8:d2:37:e5:
5b:ac:c5:5f:c0:3e:f4:f4:be:93:c1:03:d5:d7:7e:0e:f4:b2:
8f:c4:6e:1c:26:23:8b:e7:2a:b1:5d:b7:74:63:28:b8:6a:d3:
d4:bb:da:83
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZCSJjA5E9uFkgrDhfc9fczDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmODRlNDczOGE3MGVhMzljMDhjZWYyMTA0MzJhZTM5OWVj
N2U5MTUwHhcNMjQwNzA4MTE0MTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Yzc5ZWQzY2YwNDZiMzcxYjIwOWRlYWQ5OTEyMGU0Zjg4MmE5NGIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA32Zu0me9T9dcJULExYueJ0rP0fj9
bs4dJEyTkqGvjAkoh1mKpMd3Q0aCgYOC5YsXe1Ca19l5i9vKoCAwDol3DYWYV5Ns
XQqzpuqapVZCviXRReAr33jTG1/7kqzKlSYYd/S8xdgldyely/sBImqP7WRb1avH
08/IZCEJt1YJw6qPwRTqLyC8arIwTYPuiMW12nVG2jETpmGA/IkyOCfvu5kl+0a5
IMoUtraa9SNXfxDdxafFsIv8s278v0VcjJ4yfAB1XH3+kfUh/ptz9jbY0k7p//RZ
10VoybV+xezjqpNjTrA8TvLaHmxyD4sekBdkJ5VSRCJGMlc5gtbOYZGwRwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFx57TzwRrNxsgnerZkSDk+IKpSwMB8GA1UdIwQY
MBaAFG+E5HOKcOo5wIzvIQQyrjmex+kVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYt
ZmFlNWRiZWQzYjFiLzEvWEhudFBQQkdzM0d5Q2Q2dG1SSU9UNGdxbExBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYtZmFlNWRiZWQzYjFi
LzEvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAbXkpAwQA
bXkrAwQAuS9bMA0GCSqGSIb3DQEBCwUAA4IBAQB0WeGq4eeWsPOhHbZunvo2vR/H
oI3RLzPZ560XrGUnNPIiMvtxgyp/PFV0f+s6FZIVD9IonRveVYS2swYsiTZQUVgF
JjQGnjuRwwQ4nAMBdhhEeDfa1WV8Caz9h/Cm5Pha6qZMneSoFgwHgof5adim1YZi
yWn5ZkuexvXpa/XwsZr2AO2/d3ceVNCkUqyursYXRVX4ufwKvLykVM3kn0KZjBVm
zZCV/HXeWGOZhQ0S9EKqyrdm3XorzRdTywI2AUNFW7speaSKjOA3PnoIDSpHQ/fv
z6jSN+VbrMVfwD709L6TwQPV134O9LKPxG4cJiOL5yqxXbd0Yyi4atPUu9qD
-----END CERTIFICATE-----
Generated at Tue Jul 30 11:55:49 2024 by rpki-client on console-fra.rpki-client.org