Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/Xe_1UjiOxSDe8JWluHhiAbXGxG8.roa
File: Xe_1UjiOxSDe8JWluHhiAbXGxG8.roa (raw, json)
Hash identifier: uZoVFxxbfOdos79FpLBxlOnpZULHd+XRrjXUE9z1vxg=
Subject key identifier: 5D:EF:F5:52:38:8E:C5:20:DE:F0:95:A5:B8:78:62:01:B5:C6:C4:6F
Certificate issuer: /CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Certificate serial: 0188957F0F35824C5E4C0B77B14B42B22058
Authority key identifier: 6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/Xe_1UjiOxSDe8JWluHhiAbXGxG8.roa
Signing time: Wed 07 Jun 2023 10:55:12 +0000
ROA not before: Wed 07 Jun 2023 10:55:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 109.121.35.0/24 maxlen: 24
109.121.43.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 15 Jun 2023 08:04:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:95:7f:0f:35:82:4c:5e:4c:0b:77:b1:4b:42:b2:20:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Validity
Not Before: Jun 7 10:55:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5deff552388ec520def095a5b8786201b5c6c46f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:8c:e1:e4:d4:1a:3e:17:da:62:ca:99:02:e6:
d5:e1:6c:f6:16:7b:39:71:f3:cc:63:eb:74:d9:70:
7a:61:61:5d:cf:e5:37:87:9b:4f:7a:c8:2a:67:ce:
6f:ba:61:ba:cb:17:fc:b8:13:4d:4e:6e:bd:b0:42:
00:34:ac:2f:64:75:24:46:63:9e:ae:8d:51:51:44:
bc:77:f6:5b:8c:06:0a:d4:9e:bb:79:f8:d4:ab:79:
3c:6b:37:a3:26:79:ea:f1:0c:a9:a1:f1:f8:54:e6:
36:67:39:f5:f3:bc:3f:d0:99:f9:35:d4:d2:a0:e6:
cf:d7:a8:d4:f5:9d:14:e5:f5:d6:84:0c:20:d6:d6:
fc:4e:73:c6:8a:73:2b:85:f9:94:34:98:bb:84:02:
d6:88:87:a8:16:f8:ff:8e:4b:35:8c:64:94:21:7c:
18:90:01:60:6e:d9:f0:9d:8d:5c:57:79:cb:a8:6f:
bf:f5:d6:0f:f0:3b:16:e3:ec:5a:17:23:3e:9d:86:
8b:15:48:d3:d8:85:35:b7:33:d5:77:97:42:a0:1a:
8b:16:e3:11:1a:c4:df:38:2f:bc:c8:2c:11:11:1c:
36:f0:87:e7:51:2b:71:4b:77:eb:c1:df:16:17:2f:
b4:cb:bf:bd:95:42:7f:c3:5f:ab:f9:dc:fb:a9:ad:
e9:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:EF:F5:52:38:8E:C5:20:DE:F0:95:A5:B8:78:62:01:B5:C6:C4:6F
X509v3 Authority Key Identifier:
keyid:6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/Xe_1UjiOxSDe8JWluHhiAbXGxG8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.121.35.0/24
109.121.43.0/24
Signature Algorithm: sha256WithRSAEncryption
a5:ae:d6:03:e4:47:a9:d4:4f:ff:1d:49:72:29:37:e3:7f:af:
cd:98:ba:e3:65:cb:9f:e2:95:e4:95:fb:58:23:ff:b2:82:5b:
51:44:10:47:c4:f5:75:cc:56:54:39:07:b7:e5:3e:32:25:53:
42:b7:03:2e:b3:07:50:2b:f7:40:d8:39:a0:66:02:85:bb:b3:
0a:39:14:45:94:6c:14:9c:ba:17:9b:e2:b3:74:39:39:5b:68:
05:39:fe:58:3a:dd:b9:33:12:b4:fe:18:88:ed:9f:9a:3a:90:
ef:4f:1e:2f:88:2c:22:9e:2a:fa:40:5b:74:c6:82:04:f2:a3:
11:69:52:2e:a4:de:64:e2:85:57:8c:77:f5:30:1e:e5:43:66:
bf:25:c8:01:83:82:c8:06:8d:1f:7b:57:5e:93:da:53:22:0d:
fb:93:78:62:db:7b:d7:51:5b:9a:9f:82:a3:64:ed:63:79:3c:
45:cb:a5:5b:c6:d2:92:15:9c:ce:24:e2:15:d0:fb:59:28:e1:
56:cd:90:ce:a8:25:ef:41:11:08:17:75:58:37:59:29:3f:15:
29:8a:b3:62:71:8b:20:a4:bd:6a:ba:bd:f5:8a:1c:fd:99:07:
f9:0f:9b:7a:4d:73:e0:9a:35:b1:fa:c3:7c:d6:0b:3d:5c:6b:
6f:84:79:cf
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYiVfw81gkxeTAt3sUtCsiBYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmODRlNDczOGE3MGVhMzljMDhjZWYyMTA0MzJhZTM5OWVj
N2U5MTUwHhcNMjMwNjA3MTA1NTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZGVmZjU1MjM4OGVjNTIwZGVmMDk1YTViODc4NjIwMWI1YzZjNDZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApYzh5NQaPhfaYsqZAubV4Wz2Fns5
cfPMY+t02XB6YWFdz+U3h5tPesgqZ85vumG6yxf8uBNNTm69sEIANKwvZHUkRmOe
ro1RUUS8d/ZbjAYK1J67efjUq3k8azejJnnq8QypofH4VOY2Zzn187w/0Jn5NdTS
oObP16jU9Z0U5fXWhAwg1tb8TnPGinMrhfmUNJi7hALWiIeoFvj/jks1jGSUIXwY
kAFgbtnwnY1cV3nLqG+/9dYP8DsW4+xaFyM+nYaLFUjT2IU1tzPVd5dCoBqLFuMR
GsTfOC+8yCwRERw28IfnUStxS3frwd8WFy+0y7+9lUJ/w1+r+dz7qa3pnQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFF3v9VI4jsUg3vCVpbh4YgG1xsRvMB8GA1UdIwQY
MBaAFG+E5HOKcOo5wIzvIQQyrjmex+kVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYt
ZmFlNWRiZWQzYjFiLzEvWGVfMVVqaU94U0RlOEpXbHVIaGlBYlhHeEc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYtZmFlNWRiZWQzYjFi
LzEvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAbXkjAwQA
bXkrMA0GCSqGSIb3DQEBCwUAA4IBAQClrtYD5Eep1E//HUlyKTfjf6/NmLrjZcuf
4pXklftYI/+ygltRRBBHxPV1zFZUOQe35T4yJVNCtwMuswdQK/dA2DmgZgKFu7MK
ORRFlGwUnLoXm+KzdDk5W2gFOf5YOt25MxK0/hiI7Z+aOpDvTx4viCwinir6QFt0
xoIE8qMRaVIupN5k4oVXjHf1MB7lQ2a/JcgBg4LIBo0fe1dek9pTIg37k3hi23vX
UVuan4KjZO1jeTxFy6VbxtKSFZzOJOIV0PtZKOFWzZDOqCXvQREIF3VYN1kpPxUp
irNicYsgpL1qur31ihz9mQf5D5t6TXPgmjWx+sN81gs9XGtvhHnP
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:26 2024 by rpki-client on console-fra.rpki-client.org