Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/amQQXtZQSBnAMIlLCPH5lvq4zuA.roa
File: amQQXtZQSBnAMIlLCPH5lvq4zuA.roa (raw, json)
Hash identifier: r7hM/NNRqIAuMdtlOCNHaCoYDVcKV48ay6LDVjcaAWQ=
Subject key identifier: 6A:64:10:5E:D6:50:48:19:C0:30:89:4B:08:F1:F9:96:FA:B8:CE:E0
Certificate issuer: /CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Certificate serial: 0188F91B04D135572E5742D6E063854BED1D
Authority key identifier: 6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/amQQXtZQSBnAMIlLCPH5lvq4zuA.roa
Signing time: Mon 26 Jun 2023 19:07:57 +0000
ROA not before: Mon 26 Jun 2023 19:07:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7018
IP address blocks: 79.175.95.0/24 maxlen: 24
79.175.96.0/24 maxlen: 24
188.255.128.0/24 maxlen: 24
188.255.144.0/24 maxlen: 24
188.255.212.0/24 maxlen: 24
109.121.38.0/24 maxlen: 24
109.121.36.0/24 maxlen: 24
109.121.37.0/24 maxlen: 24
109.121.33.0/24 maxlen: 24
109.121.43.0/24 maxlen: 24
109.121.42.0/24 maxlen: 24
109.121.40.0/24 maxlen: 24
109.121.39.0/24 maxlen: 24
109.121.47.0/24 maxlen: 24
109.121.45.0/24 maxlen: 24
212.69.11.0/24 maxlen: 24
178.253.237.0/24 maxlen: 24
109.233.185.0/24 maxlen: 24
109.233.184.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 14:29:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:f9:1b:04:d1:35:57:2e:57:42:d6:e0:63:85:4b:ed:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Validity
Not Before: Jun 26 19:07:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6a64105ed6504819c030894b08f1f996fab8cee0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:1b:39:8d:2b:59:3e:8c:00:2d:b6:9b:46:af:
57:a2:03:7f:0d:23:40:39:90:43:a8:ed:74:72:65:
47:51:fc:41:66:18:c6:82:ec:de:2b:9d:19:e9:7b:
16:7d:bf:12:64:4c:fd:b5:7e:b3:99:8d:5a:8d:a3:
95:d1:e8:38:3a:e7:29:fc:ad:57:92:de:01:ef:64:
d2:be:61:8b:4c:e5:56:9d:3e:28:b9:02:53:fc:19:
a5:f1:f9:02:c7:23:85:e7:75:69:95:40:90:da:f3:
6a:e0:10:92:fa:d4:29:dd:39:38:ef:b7:cc:dc:09:
8b:5d:e0:cc:6f:b8:cb:b1:73:74:84:d1:fd:ab:c3:
23:88:18:e8:46:6a:e6:68:81:de:14:45:2f:ec:d5:
c1:09:00:d8:75:33:b5:87:54:b9:67:bc:f2:15:af:
a5:b0:9d:2f:ae:1c:47:49:f6:28:7d:94:61:89:37:
19:55:18:3c:22:72:53:7e:e5:1d:47:3e:b7:3b:4c:
c9:25:63:8b:d2:06:72:af:59:ff:58:b9:44:c5:59:
29:5a:93:22:b6:2b:0a:e0:d0:fd:bb:65:10:72:48:
80:6a:a0:b0:1b:e1:4e:c4:ea:db:60:a1:6d:4b:40:
72:0d:76:a7:05:8f:9e:b3:ab:ee:f0:72:64:6e:ca:
6a:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:64:10:5E:D6:50:48:19:C0:30:89:4B:08:F1:F9:96:FA:B8:CE:E0
X509v3 Authority Key Identifier:
keyid:6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/amQQXtZQSBnAMIlLCPH5lvq4zuA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.175.95.0-79.175.96.255
109.121.33.0/24
109.121.36.0-109.121.40.255
109.121.42.0/23
109.121.45.0/24
109.121.47.0/24
109.233.184.0/23
178.253.237.0/24
188.255.128.0/24
188.255.144.0/24
188.255.212.0/24
212.69.11.0/24
Signature Algorithm: sha256WithRSAEncryption
66:fc:94:5a:9c:58:93:3e:bf:87:5e:9a:89:e9:71:62:e6:39:
03:e9:60:e4:ed:da:6b:96:16:46:2a:39:85:0b:64:9c:42:a7:
3c:d9:7c:f8:43:44:42:6f:f6:c5:0d:da:08:44:0d:b2:bb:bc:
0e:24:92:82:91:d2:65:32:df:d0:b7:b7:39:5f:40:af:c1:86:
6a:bd:fc:23:65:b1:1e:ca:1c:dc:65:8d:3d:d0:68:b8:aa:0d:
3b:29:c3:7c:65:77:57:45:56:27:19:6f:04:ad:31:30:8a:f8:
35:cf:91:72:71:f3:f8:86:86:97:e1:80:e8:25:48:f1:66:01:
23:d6:67:98:9b:ea:91:d4:38:74:6b:f6:d7:b2:02:ba:a1:8f:
e1:03:f5:db:fa:72:ed:6f:09:40:cf:a6:2f:9e:cb:91:b6:53:
6d:3e:ff:43:07:e0:cb:00:39:23:e4:b7:fd:67:bd:69:cc:d9:
da:a0:b1:1d:30:2d:2f:bb:37:68:55:08:51:72:0a:9b:e4:ee:
8e:bf:98:ef:85:b1:1a:bf:74:ce:75:cc:78:0e:56:fe:a8:86:
62:bc:40:df:62:9d:fd:e4:0e:2b:7e:40:19:a0:87:8f:dd:12:
c6:61:c8:54:23:ca:a9:2e:81:dc:c7:47:db:7f:a8:bb:d2:f2:
00:f2:73:0e
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgISAYj5GwTRNVcuV0LW4GOFS+0dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmODRlNDczOGE3MGVhMzljMDhjZWYyMTA0MzJhZTM5OWVj
N2U5MTUwHhcNMjMwNjI2MTkwNzU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTY0MTA1ZWQ2NTA0ODE5YzAzMDg5NGIwOGYxZjk5NmZhYjhjZWUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoxs5jStZPowALbabRq9XogN/DSNA
OZBDqO10cmVHUfxBZhjGguzeK50Z6XsWfb8SZEz9tX6zmY1ajaOV0eg4Oucp/K1X
kt4B72TSvmGLTOVWnT4ouQJT/Bml8fkCxyOF53VplUCQ2vNq4BCS+tQp3Tk477fM
3AmLXeDMb7jLsXN0hNH9q8MjiBjoRmrmaIHeFEUv7NXBCQDYdTO1h1S5Z7zyFa+l
sJ0vrhxHSfYofZRhiTcZVRg8InJTfuUdRz63O0zJJWOL0gZyr1n/WLlExVkpWpMi
tisK4ND9u2UQckiAaqCwG+FOxOrbYKFtS0ByDXanBY+es6vu8HJkbspqQQIDAQAB
o4ICWzCCAlcwHQYDVR0OBBYEFGpkEF7WUEgZwDCJSwjx+Zb6uM7gMB8GA1UdIwQY
MBaAFG+E5HOKcOo5wIzvIQQyrjmex+kVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYt
ZmFlNWRiZWQzYjFiLzEvYW1RUVh0WlFTQm5BTUlsTENQSDVsdnE0enVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYtZmFlNWRiZWQzYjFi
LzEvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHEGCCsGAQUFBwEHAQH/BGIwYDBeBAIAATBYMAwDBABPr18D
BABPr2ADBABteSEwDAMEAm15JAMEAG15KAMEAW15KgMEAG15LQMEAG15LwMEAW3p
uAMEALL97QMEALz/gAMEALz/kAMEALz/1AMEANRFCzANBgkqhkiG9w0BAQsFAAOC
AQEAZvyUWpxYkz6/h16aielxYuY5A+lg5O3aa5YWRio5hQtknEKnPNl8+ENEQm/2
xQ3aCEQNsru8DiSSgpHSZTLf0Le3OV9Ar8GGar38I2WxHsoc3GWNPdBouKoNOynD
fGV3V0VWJxlvBK0xMIr4Nc+RcnHz+IaGl+GA6CVI8WYBI9ZnmJvqkdQ4dGv217IC
uqGP4QP12/py7W8JQM+mL57LkbZTbT7/QwfgywA5I+S3/We9aczZ2qCxHTAtL7s3
aFUIUXIKm+Tujr+Y74WxGr90znXMeA5W/qiGYrxA32Kd/eQOK35AGaCHj90SxmHI
VCPKqS6B3MdH23+ou9LyAPJzDg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:04 2024 by rpki-client on console-ams.rpki-client.org