Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/_cdUSSGgNoEV7pvXh8IBJVDozMs.roa
File: _cdUSSGgNoEV7pvXh8IBJVDozMs.roa (raw, json)
Hash identifier: wgaFLEVBbBlFTbSGp4M+aj4emNdrNMD/R9o5Yj5R4BA=
Subject key identifier: FD:C7:54:49:21:A0:36:81:15:EE:9B:D7:87:C2:01:25:50:E8:CC:CB
Certificate issuer: /CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Certificate serial: 01884389E23697ACFC055AFF811A07A90954
Authority key identifier: 6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/_cdUSSGgNoEV7pvXh8IBJVDozMs.roa
Signing time: Mon 22 May 2023 12:58:09 +0000
ROA not before: Mon 22 May 2023 12:58:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 109.121.35.0/24 maxlen: 24
109.121.36.0/24 maxlen: 24
109.121.40.0/24 maxlen: 24
212.69.13.0/24 maxlen: 24
109.233.185.0/24 maxlen: 24
79.175.67.0/24 maxlen: 24
77.105.8.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 24 May 2023 07:57:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:43:89:e2:36:97:ac:fc:05:5a:ff:81:1a:07:a9:09:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Validity
Not Before: May 22 12:58:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fdc7544921a0368115ee9bd787c2012550e8cccb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:65:51:8a:4a:4f:ae:dc:cd:4e:ef:d9:68:2a:
10:51:fb:08:a0:b5:96:12:9e:15:66:2b:60:85:5f:
df:d4:47:44:d0:d2:15:e2:d9:4a:50:38:58:08:22:
76:6f:41:48:d8:1b:b9:1a:61:39:3f:09:3b:41:22:
44:cc:45:39:9d:0b:11:18:2b:5a:67:b2:97:73:2d:
7d:a1:51:b7:03:ed:c8:1d:50:b2:47:59:8c:37:04:
a3:c4:cb:17:09:92:41:dc:d0:7c:e2:e5:e0:59:e7:
2a:5c:fe:97:b7:e0:4b:e6:5f:38:5f:bb:ed:89:ff:
da:e8:da:d6:5e:68:aa:5f:47:db:b3:9e:66:d3:59:
b5:30:10:3d:c4:22:c3:39:30:18:65:7c:56:66:b0:
44:20:a3:53:52:7d:41:c7:7f:be:03:fd:78:c9:0d:
03:2f:06:55:00:69:50:55:63:84:87:29:b6:e6:cc:
0e:23:b5:14:35:d4:11:aa:44:02:5c:a9:96:6d:f7:
7f:63:1a:db:85:1c:32:0f:a8:a1:54:6e:4c:02:95:
66:11:85:b2:a9:4b:e4:dd:bf:fe:da:60:4f:bb:0e:
75:fb:8e:cc:20:f9:bc:6b:b4:9c:9e:56:5b:1b:34:
91:3e:67:d4:7f:22:18:57:8c:10:5f:44:28:0d:a0:
ff:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:C7:54:49:21:A0:36:81:15:EE:9B:D7:87:C2:01:25:50:E8:CC:CB
X509v3 Authority Key Identifier:
keyid:6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/_cdUSSGgNoEV7pvXh8IBJVDozMs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.105.8.0/24
79.175.67.0/24
109.121.35.0-109.121.36.255
109.121.40.0/24
109.233.185.0/24
212.69.13.0/24
Signature Algorithm: sha256WithRSAEncryption
86:7b:ed:3d:38:1d:9b:22:ba:31:4a:42:92:63:71:82:0f:a1:
f8:13:4c:7f:12:92:0b:71:f5:08:be:91:1f:fd:89:a4:9a:82:
83:61:8d:fc:c2:ad:79:f2:c1:c0:83:b8:f3:2a:1d:7e:1b:cc:
67:3d:04:fd:58:59:be:40:3d:e6:56:50:d5:15:72:ac:96:38:
25:1c:05:c2:51:96:3d:9e:55:45:8a:6c:10:4c:d1:21:52:c9:
74:29:54:0a:1e:e2:a8:4b:7f:8f:e1:4b:e0:88:8f:a1:84:d2:
a5:7d:21:f8:ee:75:60:b7:09:82:e4:9d:ac:fe:6b:27:d5:70:
79:4e:0c:cb:a5:51:90:0e:8d:43:88:85:30:5b:bf:7d:51:3c:
c6:91:19:db:92:93:98:c4:f9:51:f5:f2:c7:09:e9:3d:be:df:
33:36:c4:f4:15:07:ec:78:a5:33:d8:08:4a:84:29:1b:52:d6:
a9:5b:c2:92:ab:cd:f2:e2:d9:05:d6:32:8d:b0:ac:ea:0c:6b:
ea:e3:a1:df:e4:a2:d9:dd:aa:39:a6:eb:05:21:d5:29:67:4d:
50:3f:22:59:c1:72:2b:59:dd:58:82:1e:08:dd:cc:8e:d2:61:
4f:f9:49:37:71:c8:9d:3b:db:07:f7:06:03:e4:c9:78:a0:2a:
52:7d:3a:7c
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYhDieI2l6z8BVr/gRoHqQlUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmODRlNDczOGE3MGVhMzljMDhjZWYyMTA0MzJhZTM5OWVj
N2U5MTUwHhcNMjMwNTIyMTI1ODA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZGM3NTQ0OTIxYTAzNjgxMTVlZTliZDc4N2MyMDEyNTUwZThjY2NiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu2VRikpPrtzNTu/ZaCoQUfsIoLWW
Ep4VZitghV/f1EdE0NIV4tlKUDhYCCJ2b0FI2Bu5GmE5Pwk7QSJEzEU5nQsRGCta
Z7KXcy19oVG3A+3IHVCyR1mMNwSjxMsXCZJB3NB84uXgWecqXP6Xt+BL5l84X7vt
if/a6NrWXmiqX0fbs55m01m1MBA9xCLDOTAYZXxWZrBEIKNTUn1Bx3++A/14yQ0D
LwZVAGlQVWOEhym25swOI7UUNdQRqkQCXKmWbfd/YxrbhRwyD6ihVG5MApVmEYWy
qUvk3b/+2mBPuw51+47MIPm8a7ScnlZbGzSRPmfUfyIYV4wQX0QoDaD/rwIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFP3HVEkhoDaBFe6b14fCASVQ6MzLMB8GA1UdIwQY
MBaAFG+E5HOKcOo5wIzvIQQyrjmex+kVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYt
ZmFlNWRiZWQzYjFiLzEvX2NkVVNTR2dOb0VWN3B2WGg4SUJKVkRvek1zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYtZmFlNWRiZWQzYjFi
LzEvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQATWkIAwQA
T69DMAwDBABteSMDBABteSQDBABteSgDBABt6bkDBADURQ0wDQYJKoZIhvcNAQEL
BQADggEBAIZ77T04HZsiujFKQpJjcYIPofgTTH8Skgtx9Qi+kR/9iaSagoNhjfzC
rXnywcCDuPMqHX4bzGc9BP1YWb5APeZWUNUVcqyWOCUcBcJRlj2eVUWKbBBM0SFS
yXQpVAoe4qhLf4/hS+CIj6GE0qV9IfjudWC3CYLknaz+ayfVcHlODMulUZAOjUOI
hTBbv31RPMaRGduSk5jE+VH18scJ6T2+3zM2xPQVB+x4pTPYCEqEKRtS1qlbwpKr
zfLi2QXWMo2wrOoMa+rjod/kotndqjmm6wUh1SlnTVA/IlnBcitZ3ViCHgjdzI7S
YU/5STdxyJ072wf3BgPkyXigKlJ9Onw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:26 2024 by rpki-client on console-fra.rpki-client.org