Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/aL1KUcsHLU4Lr3tGP9eoOe8W5qk.roa
File: aL1KUcsHLU4Lr3tGP9eoOe8W5qk.roa (raw, json)
Hash identifier: LFaPk3DnyKkPZawpwwuaSHdw2lmsJYfIHrbGrOVSQWk=
Subject key identifier: 68:BD:4A:51:CB:07:2D:4E:0B:AF:7B:46:3F:D7:A8:39:EF:16:E6:A9
Certificate issuer: /CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Certificate serial: 0188582320680772132F41F9B7DA19EEDBE0
Authority key identifier: 6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/aL1KUcsHLU4Lr3tGP9eoOe8W5qk.roa
Signing time: Fri 26 May 2023 12:57:56 +0000
ROA not before: Fri 26 May 2023 12:57:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 109.121.35.0/24 maxlen: 24
109.121.38.0/24 maxlen: 24
109.121.36.0/24 maxlen: 24
109.121.40.0/24 maxlen: 24
109.233.185.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:58:23:20:68:07:72:13:2f:41:f9:b7:da:19:ee:db:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Validity
Not Before: May 26 12:57:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=68bd4a51cb072d4e0baf7b463fd7a839ef16e6a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:07:0f:2f:eb:56:12:fa:9b:18:e0:50:88:d9:
86:52:d2:1b:34:cb:c5:bc:51:44:b4:d2:73:5a:2d:
db:c6:26:a4:be:47:5c:5b:9b:25:b1:4c:72:de:84:
0d:de:f1:4c:a2:50:40:a9:ad:b0:1a:a5:16:f0:f6:
78:b6:4c:db:ff:98:00:8d:85:24:0c:14:3e:68:a1:
6e:b3:61:1e:4f:b5:ca:5a:0a:e1:d5:55:8c:54:c3:
50:16:c6:33:8c:13:f9:b4:39:7e:c4:83:05:8e:a6:
28:80:cc:61:15:d5:f4:4c:87:d0:18:3b:8c:36:a9:
72:67:55:40:f4:d7:f7:51:44:99:2d:57:6d:b2:cf:
fb:21:45:3a:7d:31:3c:de:04:f4:ed:e1:59:2a:ba:
01:b2:27:1a:64:3b:52:5b:73:39:87:bb:7e:d0:f6:
ee:c6:92:5e:dd:58:4a:2f:9c:99:10:46:ac:a3:cf:
6a:58:d4:15:c8:65:e1:60:ea:fb:47:c7:6f:b0:39:
0f:31:b9:78:71:ce:14:a1:a4:38:95:68:cb:74:70:
c1:d3:46:ca:fd:82:60:9b:f7:9f:65:a6:5c:62:9c:
89:ae:6c:13:70:86:99:f6:37:59:05:4d:59:f0:a7:
dd:8c:aa:4c:3c:ce:da:b9:2e:ca:36:0b:ea:08:c3:
4b:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:BD:4A:51:CB:07:2D:4E:0B:AF:7B:46:3F:D7:A8:39:EF:16:E6:A9
X509v3 Authority Key Identifier:
keyid:6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/aL1KUcsHLU4Lr3tGP9eoOe8W5qk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.121.35.0-109.121.36.255
109.121.38.0/24
109.121.40.0/24
109.233.185.0/24
Signature Algorithm: sha256WithRSAEncryption
69:15:57:9e:17:82:d1:e3:c6:54:20:05:74:b4:13:9d:5a:5a:
fb:3e:13:79:47:e6:8c:da:e9:e5:7f:0f:78:87:b8:95:c8:b3:
8d:c4:05:bd:33:00:e4:f5:a6:e8:50:be:0d:c2:ae:d9:5d:ca:
4c:49:8e:25:d3:85:a3:60:a8:ce:90:fd:f6:a5:17:1b:cb:fc:
6e:e8:2d:f4:b5:e4:d5:27:7f:a8:ea:a6:7b:92:7a:b3:3f:65:
0a:5e:3a:c3:63:a4:51:52:91:02:d5:a0:04:e8:8f:47:1a:0b:
f0:a3:53:1d:70:a2:dd:02:e5:01:70:c6:8e:fd:cb:17:fa:4b:
eb:b7:06:4c:55:b7:1c:e1:e6:8b:aa:ae:51:b4:24:ec:e6:36:
07:41:b0:60:74:16:85:4a:53:25:7b:fc:95:f5:12:ff:12:41:
ab:93:7d:12:b9:01:66:95:f1:e5:41:1f:03:59:e9:89:b2:f2:
2d:6b:49:a2:81:1d:1e:b2:7f:64:28:a9:3a:c8:bd:ed:ad:56:
47:54:dc:14:64:96:0c:ca:bf:c6:85:29:1e:58:d6:7b:de:30:
41:fe:fc:60:d7:07:8a:13:16:c8:ae:d4:2e:4f:f2:08:d9:7d:
b9:ac:65:f1:57:43:17:3d:96:46:3f:2f:6d:36:23:bb:a7:89:
5f:09:71:8b
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYhYIyBoB3ITL0H5t9oZ7tvgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmODRlNDczOGE3MGVhMzljMDhjZWYyMTA0MzJhZTM5OWVj
N2U5MTUwHhcNMjMwNTI2MTI1NzU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OGJkNGE1MWNiMDcyZDRlMGJhZjdiNDYzZmQ3YTgzOWVmMTZlNmE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnQcPL+tWEvqbGOBQiNmGUtIbNMvF
vFFEtNJzWi3bxiakvkdcW5slsUxy3oQN3vFMolBAqa2wGqUW8PZ4tkzb/5gAjYUk
DBQ+aKFus2EeT7XKWgrh1VWMVMNQFsYzjBP5tDl+xIMFjqYogMxhFdX0TIfQGDuM
NqlyZ1VA9Nf3UUSZLVdtss/7IUU6fTE83gT07eFZKroBsicaZDtSW3M5h7t+0Pbu
xpJe3VhKL5yZEEaso89qWNQVyGXhYOr7R8dvsDkPMbl4cc4UoaQ4lWjLdHDB00bK
/YJgm/efZaZcYpyJrmwTcIaZ9jdZBU1Z8KfdjKpMPM7auS7KNgvqCMNLCQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFGi9SlHLBy1OC697Rj/XqDnvFuapMB8GA1UdIwQY
MBaAFG+E5HOKcOo5wIzvIQQyrjmex+kVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYt
ZmFlNWRiZWQzYjFiLzEvYUwxS1Vjc0hMVTRMcjN0R1A5ZW9PZThXNXFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYtZmFlNWRiZWQzYjFi
LzEvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgMAwDBABteSMD
BABteSQDBABteSYDBABteSgDBABt6bkwDQYJKoZIhvcNAQELBQADggEBAGkVV54X
gtHjxlQgBXS0E51aWvs+E3lH5oza6eV/D3iHuJXIs43EBb0zAOT1puhQvg3Crtld
ykxJjiXThaNgqM6Q/falFxvL/G7oLfS15NUnf6jqpnuSerM/ZQpeOsNjpFFSkQLV
oAToj0caC/CjUx1wot0C5QFwxo79yxf6S+u3BkxVtxzh5ouqrlG0JOzmNgdBsGB0
FoVKUyV7/JX1Ev8SQauTfRK5AWaV8eVBHwNZ6Ymy8i1rSaKBHR6yf2QoqTrIve2t
VkdU3BRklgzKv8aFKR5Y1nveMEH+/GDXB4oTFsiu1C5P8gjZfbmsZfFXQxc9lkY/
L202I7uniV8JcYs=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:19 2023 by rpki-client on console-ams.rpki-client.org