Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/_1LXPDKlWkqDBd0iOvwHyCHKT54.roa
File: _1LXPDKlWkqDBd0iOvwHyCHKT54.roa (raw, json)
Hash identifier: T+mwso1fc+bTqrZE5NlrD2AerBCQ1tj48Hs/YcixHQw=
Subject key identifier: FF:52:D7:3C:32:A5:5A:4A:83:05:DD:22:3A:FC:07:C8:21:CA:4F:9E
Certificate issuer: /CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Certificate serial: 018A6F54AC3AE60CD2DF280D0A89AB5BED60
Authority key identifier: 6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/_1LXPDKlWkqDBd0iOvwHyCHKT54.roa
Signing time: Thu 07 Sep 2023 11:08:54 +0000
ROA not before: Thu 07 Sep 2023 11:08:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 109.121.35.0/24 maxlen: 24
109.121.43.0/24 maxlen: 24
188.255.229.0/24 maxlen: 24
79.175.66.0/24 maxlen: 24
77.105.8.0/24 maxlen: 24
185.47.91.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 13 Sep 2023 07:25:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:6f:54:ac:3a:e6:0c:d2:df:28:0d:0a:89:ab:5b:ed:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Validity
Not Before: Sep 7 11:08:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ff52d73c32a55a4a8305dd223afc07c821ca4f9e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:46:b8:8c:42:6b:55:1c:bf:14:39:6f:36:38:
15:f5:c7:df:83:75:14:3a:c9:d6:ce:e9:f3:9f:c3:
68:a3:6f:17:8e:e3:36:12:75:84:a1:11:25:6d:c3:
f1:d0:4b:a6:eb:d5:6e:06:d3:35:a2:17:c2:84:60:
43:ac:ab:77:d7:56:01:e5:d0:a9:75:90:81:a3:18:
3d:a4:30:a2:64:7d:79:6f:00:cc:e1:6d:3d:8d:bb:
67:52:06:2e:ff:b1:95:03:29:6f:e7:fd:5e:f3:39:
5d:40:8a:f8:16:0f:f6:08:ac:67:aa:63:ec:3e:81:
b8:df:49:11:7d:45:74:43:73:79:e4:c6:e5:e2:3b:
73:bc:b3:73:cf:f9:b0:b6:96:f5:cb:1f:2c:c1:8c:
19:7f:f6:f9:a0:1f:fe:27:a6:51:7b:6b:4d:00:1d:
58:d5:01:1f:f3:6a:46:b3:5c:4e:32:51:7b:f9:d3:
19:e6:96:d6:b6:bc:8d:c7:3d:b7:a9:94:1b:67:57:
74:43:a4:ba:9f:e5:60:af:18:8e:ed:56:a0:e6:77:
f7:58:e3:dd:ae:ce:61:ae:8a:98:4d:4c:ee:aa:e4:
a8:55:1f:4c:d1:60:ca:fc:71:eb:73:b0:1d:51:30:
14:25:f3:fa:bf:8e:e8:9e:74:b1:89:52:00:42:92:
50:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:52:D7:3C:32:A5:5A:4A:83:05:DD:22:3A:FC:07:C8:21:CA:4F:9E
X509v3 Authority Key Identifier:
keyid:6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/_1LXPDKlWkqDBd0iOvwHyCHKT54.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.105.8.0/24
79.175.66.0/24
109.121.35.0/24
109.121.43.0/24
185.47.91.0/24
188.255.229.0/24
Signature Algorithm: sha256WithRSAEncryption
5e:ae:a1:10:e2:67:e9:a2:74:6c:25:74:2c:01:9c:6b:b9:41:
59:43:c0:d0:32:d0:95:54:33:2b:ca:ff:2d:19:6f:c5:f2:b2:
58:1f:73:af:0c:52:d1:85:e3:3b:17:ab:e0:55:c2:d1:20:4c:
30:85:43:06:e3:88:cd:80:09:3e:5a:75:1b:a9:a8:2b:94:f6:
1c:02:19:2d:25:e1:73:d4:25:c3:4e:2b:e7:4e:d0:70:6c:0b:
29:98:d1:2d:d5:55:ab:5c:b1:f4:c7:6d:9a:6b:dd:d2:38:5c:
2d:1f:46:57:09:f9:2b:b9:3d:4c:33:3d:9e:ee:2e:06:c3:c5:
cb:d2:73:e9:83:a2:cf:a5:b1:ba:45:c9:c2:85:ae:9b:11:c4:
fe:ea:63:2a:a9:82:15:b2:07:11:59:0a:fd:2a:e6:61:ef:4c:
80:b2:df:64:44:40:8a:56:20:c9:4c:7c:96:44:38:e5:ba:96:
90:d5:81:a7:72:0e:b9:de:09:bb:45:74:32:a7:8d:f2:0d:42:
42:0d:b0:64:d9:7e:5a:cd:eb:26:ad:22:67:14:7f:ae:57:06:
80:02:0a:be:0c:08:d9:31:85:0c:d4:12:bc:67:89:34:04:d5:
05:f2:42:a7:a9:c7:ba:ea:30:20:a5:e3:b7:1e:0c:14:93:c4:
b5:36:60:1e
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYpvVKw65gzS3ygNComrW+1gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmODRlNDczOGE3MGVhMzljMDhjZWYyMTA0MzJhZTM5OWVj
N2U5MTUwHhcNMjMwOTA3MTEwODU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjUyZDczYzMyYTU1YTRhODMwNWRkMjIzYWZjMDdjODIxY2E0ZjllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg0a4jEJrVRy/FDlvNjgV9cffg3UU
OsnWzunzn8Noo28XjuM2EnWEoRElbcPx0Eum69VuBtM1ohfChGBDrKt311YB5dCp
dZCBoxg9pDCiZH15bwDM4W09jbtnUgYu/7GVAylv5/1e8zldQIr4Fg/2CKxnqmPs
PoG430kRfUV0Q3N55Mbl4jtzvLNzz/mwtpb1yx8swYwZf/b5oB/+J6ZRe2tNAB1Y
1QEf82pGs1xOMlF7+dMZ5pbWtryNxz23qZQbZ1d0Q6S6n+VgrxiO7Vag5nf3WOPd
rs5hroqYTUzuquSoVR9M0WDK/HHrc7AdUTAUJfP6v47onnSxiVIAQpJQgQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFP9S1zwypVpKgwXdIjr8B8ghyk+eMB8GA1UdIwQY
MBaAFG+E5HOKcOo5wIzvIQQyrjmex+kVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYt
ZmFlNWRiZWQzYjFiLzEvXzFMWFBES2xXa3FEQmQwaU92d0h5Q0hLVDU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYtZmFlNWRiZWQzYjFi
LzEvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQATWkIAwQA
T69CAwQAbXkjAwQAbXkrAwQAuS9bAwQAvP/lMA0GCSqGSIb3DQEBCwUAA4IBAQBe
rqEQ4mfponRsJXQsAZxruUFZQ8DQMtCVVDMryv8tGW/F8rJYH3OvDFLRheM7F6vg
VcLRIEwwhUMG44jNgAk+WnUbqagrlPYcAhktJeFz1CXDTivnTtBwbAspmNEt1VWr
XLH0x22aa93SOFwtH0ZXCfkruT1MMz2e7i4Gw8XL0nPpg6LPpbG6RcnCha6bEcT+
6mMqqYIVsgcRWQr9KuZh70yAst9kRECKViDJTHyWRDjlupaQ1YGncg653gm7RXQy
p43yDUJCDbBk2X5azesmrSJnFH+uVwaAAgq+DAjZMYUM1BK8Z4k0BNUF8kKnqce6
6jAgpeO3HgwUk8S1NmAe
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:04 2024 by rpki-client on console-ams.rpki-client.org