Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/Z-5igPn7tg3Lqine37BXeL6gFCk.roa
File: Z-5igPn7tg3Lqine37BXeL6gFCk.roa (raw, json)
Hash identifier: OxlOw6OejfX/Na1+KTWysL357a4aD4SBPjjxNlMujM0=
Subject key identifier: 67:EE:62:80:F9:FB:B6:0D:CB:AA:29:DE:DF:B0:57:78:BE:A0:14:29
Certificate issuer: /CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Certificate serial: 0189009C15C18CDA7F9FDEAA6FB4AB8F210F
Authority key identifier: 6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/Z-5igPn7tg3Lqine37BXeL6gFCk.roa
Signing time: Wed 28 Jun 2023 06:06:16 +0000
ROA not before: Wed 28 Jun 2023 06:06:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 109.121.35.0/24 maxlen: 24
109.121.43.0/24 maxlen: 24
77.105.8.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 30 Jun 2023 20:56:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:00:9c:15:c1:8c:da:7f:9f:de:aa:6f:b4:ab:8f:21:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Validity
Not Before: Jun 28 06:06:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=67ee6280f9fbb60dcbaa29dedfb05778bea01429
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:eb:cf:55:2a:23:14:8d:89:90:5b:2d:dd:6e:
5b:17:03:20:48:4f:5e:60:23:ac:8c:17:05:4b:16:
dc:9d:16:6f:cb:f0:15:18:70:24:fc:36:1d:ad:1b:
e2:36:8c:96:e6:b9:5f:71:ab:09:54:78:9c:85:08:
a9:c4:e9:16:2b:3a:93:6a:96:f2:92:16:5c:a2:63:
12:b8:85:25:ba:09:3e:d1:e6:0a:bf:ca:15:81:a6:
23:83:95:e7:11:a8:fd:39:3f:17:80:0e:2b:51:df:
b6:3c:18:2e:11:d9:7e:0f:d9:f1:19:85:a0:c9:19:
54:91:30:1b:24:a9:4a:8a:f9:80:66:97:c4:04:b7:
08:b5:c7:48:ea:03:be:e2:64:13:8d:24:24:00:ac:
c5:81:40:43:cf:02:9b:6b:31:c7:bc:48:5b:82:f6:
f4:ba:f4:d6:b2:dd:28:87:1e:8c:5f:66:b7:b9:ad:
d2:82:ea:ad:51:16:a2:91:f5:7b:ef:ca:82:aa:37:
43:c9:e2:2b:5d:6c:18:48:b3:0b:54:8e:fa:e3:ad:
01:e0:98:5d:ef:14:42:07:c4:71:03:90:a8:95:71:
ad:6a:7e:b7:0a:f7:75:b7:c2:7d:dd:35:ae:09:e6:
21:b2:e9:e4:49:6f:c6:67:3d:95:e0:8d:95:18:53:
67:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:EE:62:80:F9:FB:B6:0D:CB:AA:29:DE:DF:B0:57:78:BE:A0:14:29
X509v3 Authority Key Identifier:
keyid:6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/Z-5igPn7tg3Lqine37BXeL6gFCk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.105.8.0/24
109.121.35.0/24
109.121.43.0/24
Signature Algorithm: sha256WithRSAEncryption
1f:c8:7a:ca:d4:8a:31:28:7f:30:21:68:48:38:83:18:cb:ae:
08:35:90:80:84:87:60:9c:4b:33:36:88:48:0f:14:c0:2c:f7:
a5:d4:2e:a0:d4:c3:7c:53:2b:ed:75:4d:b8:96:0f:cd:42:58:
ff:39:62:56:c2:31:04:67:46:0a:af:3c:42:8c:1b:00:1c:38:
91:c1:86:7a:42:57:03:2b:e8:e4:51:f8:b7:4e:81:43:eb:89:
3b:0a:6e:b0:bc:1c:b2:0b:e9:c0:f0:eb:ef:c4:a0:d2:9a:ab:
43:8c:d3:5a:9d:86:85:26:7f:98:18:b7:09:3e:22:8a:20:77:
a7:c0:2d:7b:25:77:00:b9:9b:4a:77:2c:6c:ef:b3:b3:89:b2:
0d:f7:eb:17:d1:46:d2:28:a3:7b:87:5e:da:66:01:b6:5d:50:
4e:3b:de:94:8c:60:82:7c:32:a2:68:02:55:b6:64:2c:59:5a:
9b:da:6f:61:bd:9e:d6:06:44:97:ed:76:6b:99:42:ad:b3:1f:
ac:af:2a:37:a2:f1:b3:da:c8:73:27:8b:2d:36:30:40:34:d5:
8b:29:77:78:30:60:88:7b:96:8d:1a:0b:1f:d1:8c:85:4a:a8:
27:98:28:95:bd:b1:24:3f:6f:17:e7:5b:d4:61:a9:ed:6c:7f:
26:59:82:db
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYkAnBXBjNp/n96qb7SrjyEPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmODRlNDczOGE3MGVhMzljMDhjZWYyMTA0MzJhZTM5OWVj
N2U5MTUwHhcNMjMwNjI4MDYwNjE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2N2VlNjI4MGY5ZmJiNjBkY2JhYTI5ZGVkZmIwNTc3OGJlYTAxNDI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArevPVSojFI2JkFst3W5bFwMgSE9e
YCOsjBcFSxbcnRZvy/AVGHAk/DYdrRviNoyW5rlfcasJVHichQipxOkWKzqTapby
khZcomMSuIUlugk+0eYKv8oVgaYjg5XnEaj9OT8XgA4rUd+2PBguEdl+D9nxGYWg
yRlUkTAbJKlKivmAZpfEBLcItcdI6gO+4mQTjSQkAKzFgUBDzwKbazHHvEhbgvb0
uvTWst0ohx6MX2a3ua3SguqtURaikfV778qCqjdDyeIrXWwYSLMLVI76460B4Jhd
7xRCB8RxA5ColXGtan63Cvd1t8J93TWuCeYhsunkSW/GZz2V4I2VGFNnOwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGfuYoD5+7YNy6op3t+wV3i+oBQpMB8GA1UdIwQY
MBaAFG+E5HOKcOo5wIzvIQQyrjmex+kVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYt
ZmFlNWRiZWQzYjFiLzEvWi01aWdQbjd0ZzNMcWluZTM3QlhlTDZnRkNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYtZmFlNWRiZWQzYjFi
LzEvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQATWkIAwQA
bXkjAwQAbXkrMA0GCSqGSIb3DQEBCwUAA4IBAQAfyHrK1IoxKH8wIWhIOIMYy64I
NZCAhIdgnEszNohIDxTALPel1C6g1MN8UyvtdU24lg/NQlj/OWJWwjEEZ0YKrzxC
jBsAHDiRwYZ6QlcDK+jkUfi3ToFD64k7Cm6wvByyC+nA8OvvxKDSmqtDjNNanYaF
Jn+YGLcJPiKKIHenwC17JXcAuZtKdyxs77OzibIN9+sX0UbSKKN7h17aZgG2XVBO
O96UjGCCfDKiaAJVtmQsWVqb2m9hvZ7WBkSX7XZrmUKtsx+sryo3ovGz2shzJ4st
NjBANNWLKXd4MGCIe5aNGgsf0YyFSqgnmCiVvbEkP28X51vUYantbH8mWYLb
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:04 2024 by rpki-client on console-ams.rpki-client.org