Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/_12AE3vxc256BWiCLvhRzlsUqw4.roa
File: _12AE3vxc256BWiCLvhRzlsUqw4.roa (raw, json)
Hash identifier: /y46Ac1JiuOwrSZvyv72vijUmPwo5nLNqO+QKe/NYpw=
Subject key identifier: FF:5D:80:13:7B:F1:73:6E:7A:05:68:82:2E:F8:51:CE:5B:14:AB:0E
Certificate issuer: /CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Certificate serial: 01884CC3417145D29D1335CF988011A31651
Authority key identifier: 6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/_12AE3vxc256BWiCLvhRzlsUqw4.roa
Signing time: Wed 24 May 2023 07:57:24 +0000
ROA not before: Wed 24 May 2023 07:57:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 109.121.35.0/24 maxlen: 24
109.121.36.0/24 maxlen: 24
109.121.40.0/24 maxlen: 24
109.233.185.0/24 maxlen: 24
79.175.67.0/24 maxlen: 24
77.105.8.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 25 May 2023 08:11:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:4c:c3:41:71:45:d2:9d:13:35:cf:98:80:11:a3:16:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Validity
Not Before: May 24 07:57:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ff5d80137bf1736e7a0568822ef851ce5b14ab0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:e7:2a:ce:9a:5d:07:32:68:f3:15:50:9a:0e:
53:75:6f:22:a5:9a:c7:cc:5b:15:ab:8c:20:e2:58:
63:14:50:fd:c8:b0:a2:e6:a1:ad:7e:cf:43:e7:f2:
28:56:d2:08:e1:74:c5:5c:e7:18:4c:37:f1:8d:fa:
e5:22:83:11:9e:42:14:c3:95:19:a5:9c:22:fa:70:
88:b6:03:e1:95:2a:0c:45:66:4c:27:59:e6:58:39:
64:7f:71:37:e4:90:40:f6:d3:c3:89:a4:4b:f6:70:
a4:aa:d8:f6:d3:eb:ab:81:1a:a8:9c:ce:97:3c:a9:
0d:10:f8:80:d1:db:a0:d2:08:c7:31:aa:e8:fb:57:
aa:de:3b:17:3a:de:42:60:df:4b:8a:12:bf:a7:1f:
a8:2c:b5:b7:a2:54:d9:0e:34:83:69:77:b2:ae:f4:
65:77:98:72:75:32:f1:8c:b0:ee:e1:65:70:e7:36:
3f:d1:bb:37:67:59:e8:77:6f:ed:77:89:8e:53:33:
d2:fc:df:3f:e1:18:7e:94:03:8d:95:c4:c4:f7:c5:
d3:64:07:68:bb:a6:f3:ab:b8:39:06:a3:10:bc:dc:
24:3a:5b:dd:2d:a2:dd:59:d6:02:6c:1b:32:2b:56:
a3:34:ab:81:91:55:cd:64:34:49:5b:01:0f:b4:51:
5a:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:5D:80:13:7B:F1:73:6E:7A:05:68:82:2E:F8:51:CE:5B:14:AB:0E
X509v3 Authority Key Identifier:
keyid:6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/_12AE3vxc256BWiCLvhRzlsUqw4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.105.8.0/24
79.175.67.0/24
109.121.35.0-109.121.36.255
109.121.40.0/24
109.233.185.0/24
Signature Algorithm: sha256WithRSAEncryption
2a:54:e8:23:dd:bb:8e:c9:55:47:16:22:56:b1:d6:b7:79:a8:
eb:cb:9d:99:d8:14:cd:48:ef:ab:a3:8c:ad:59:46:b9:1d:9b:
40:a2:48:e7:87:6e:36:f3:9d:1a:cc:48:88:56:24:0e:8e:5a:
0f:76:12:f5:d9:e6:8b:9f:87:b8:29:5d:0d:fe:74:0e:9a:b5:
11:04:0a:20:2d:f7:11:d7:64:69:60:f4:bf:42:32:78:b4:ca:
81:6a:21:d0:64:c0:b4:c1:80:8c:c1:84:d0:87:f0:bb:98:41:
a4:4e:0b:a0:19:56:8a:b8:97:34:cd:ad:fc:ef:69:1f:14:f0:
f9:63:04:e1:40:a2:f8:60:dc:86:c0:ef:69:29:d8:50:32:8e:
2c:6b:46:83:57:4d:5b:6f:52:a9:d6:42:35:5f:2e:df:73:b3:
4e:3b:55:9d:eb:3a:c8:78:2e:3e:e1:df:ab:13:a3:73:09:32:
ee:df:50:1e:ea:96:97:15:26:2d:e4:5d:c8:65:93:ae:30:31:
f2:de:67:15:74:2e:8c:0b:cb:a3:5d:99:3c:13:61:fa:1a:df:
de:c5:7f:dc:9b:be:37:d5:63:38:36:8a:3c:ee:36:a2:7e:9f:
51:fd:6f:b6:e3:92:90:d7:03:49:c1:39:3c:90:9d:06:f4:10:
54:95:33:34
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYhMw0FxRdKdEzXPmIARoxZRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmODRlNDczOGE3MGVhMzljMDhjZWYyMTA0MzJhZTM5OWVj
N2U5MTUwHhcNMjMwNTI0MDc1NzI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjVkODAxMzdiZjE3MzZlN2EwNTY4ODIyZWY4NTFjZTViMTRhYjBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgecqzppdBzJo8xVQmg5TdW8ipZrH
zFsVq4wg4lhjFFD9yLCi5qGtfs9D5/IoVtII4XTFXOcYTDfxjfrlIoMRnkIUw5UZ
pZwi+nCItgPhlSoMRWZMJ1nmWDlkf3E35JBA9tPDiaRL9nCkqtj20+urgRqonM6X
PKkNEPiA0dug0gjHMaro+1eq3jsXOt5CYN9LihK/px+oLLW3olTZDjSDaXeyrvRl
d5hydTLxjLDu4WVw5zY/0bs3Z1nod2/td4mOUzPS/N8/4Rh+lAONlcTE98XTZAdo
u6bzq7g5BqMQvNwkOlvdLaLdWdYCbBsyK1ajNKuBkVXNZDRJWwEPtFFaqQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFP9dgBN78XNuegVogi74Uc5bFKsOMB8GA1UdIwQY
MBaAFG+E5HOKcOo5wIzvIQQyrjmex+kVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYt
ZmFlNWRiZWQzYjFiLzEvXzEyQUUzdnhjMjU2QldpQ0x2aFJ6bHNVcXc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYtZmFlNWRiZWQzYjFi
LzEvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQATWkIAwQA
T69DMAwDBABteSMDBABteSQDBABteSgDBABt6bkwDQYJKoZIhvcNAQELBQADggEB
ACpU6CPdu47JVUcWIlax1rd5qOvLnZnYFM1I76ujjK1ZRrkdm0CiSOeHbjbznRrM
SIhWJA6OWg92EvXZ5oufh7gpXQ3+dA6atREECiAt9xHXZGlg9L9CMni0yoFqIdBk
wLTBgIzBhNCH8LuYQaROC6AZVoq4lzTNrfzvaR8U8PljBOFAovhg3IbA72kp2FAy
jixrRoNXTVtvUqnWQjVfLt9zs047VZ3rOsh4Lj7h36sTo3MJMu7fUB7qlpcVJi3k
Xchlk64wMfLeZxV0LowLy6NdmTwTYfoa397Ff9ybvjfVYzg2ijzuNqJ+n1H9b7bj
kpDXA0nBOTyQnQb0EFSVMzQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:04 2024 by rpki-client on console-ams.rpki-client.org