Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/azrNIz5icoH6Clw-0PESKlFZrhc.roa
File: azrNIz5icoH6Clw-0PESKlFZrhc.roa (raw, json)
Hash identifier: kn7c7IkfNXroBKqHGqhgmvJFZNNjZsNzmLVFOKCOzSg=
Subject key identifier: 6B:3A:CD:23:3E:62:72:81:FA:0A:5C:3E:D0:F1:12:2A:51:59:AE:17
Certificate issuer: /CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Certificate serial: 018CEDEE8441C04E5EB90E34B0A817BF7D33
Authority key identifier: 6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/azrNIz5icoH6Clw-0PESKlFZrhc.roa
Signing time: Tue 09 Jan 2024 11:14:40 +0000
ROA not before: Tue 09 Jan 2024 11:14:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 109.121.41.0/24 maxlen: 24
109.121.43.0/24 maxlen: 24
185.47.91.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 15 Jan 2024 15:08:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ed:ee:84:41:c0:4e:5e:b9:0e:34:b0:a8:17:bf:7d:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Validity
Not Before: Jan 9 11:14:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6b3acd233e627281fa0a5c3ed0f1122a5159ae17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:3a:20:a5:84:19:cc:ee:7f:60:a1:69:61:f5:
67:7b:52:94:33:97:e9:fd:26:36:c5:77:cc:6d:97:
ec:af:c4:f9:81:cb:ca:9e:ff:2f:36:db:23:92:f5:
bc:af:e9:68:4a:c0:ad:fe:ae:a8:b3:f7:ca:78:5c:
18:fb:18:07:87:f6:ed:e0:12:69:28:12:02:42:ae:
a6:17:cd:4a:ff:a4:9a:a9:c5:93:19:c5:eb:ec:3c:
d3:7d:53:3e:be:3b:d0:de:eb:e0:79:3d:7a:11:1f:
0c:4a:3a:e4:28:a1:56:6f:58:53:c6:2c:34:db:ab:
4e:12:af:11:e7:ec:1c:54:d9:da:88:81:a6:3f:ae:
4f:cf:ef:ef:1d:27:14:eb:de:4e:84:89:b4:65:de:
e0:14:26:be:84:93:8d:94:b1:54:02:69:96:e7:04:
8f:b3:1e:9a:11:07:df:62:11:44:f5:8b:7f:68:9a:
ea:e8:e9:0b:5f:1d:b8:a7:d2:a7:78:ca:5f:7e:2d:
a9:30:0f:89:67:40:8f:bc:b5:55:2e:51:a6:dd:19:
26:32:cd:0e:83:38:80:d2:e9:d5:f9:fe:36:8a:30:
c2:b1:a1:9c:c2:bb:cc:70:90:8b:35:61:0c:75:81:
7b:74:98:ac:7e:1d:aa:0e:83:37:a0:84:a5:16:bc:
34:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:3A:CD:23:3E:62:72:81:FA:0A:5C:3E:D0:F1:12:2A:51:59:AE:17
X509v3 Authority Key Identifier:
keyid:6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/azrNIz5icoH6Clw-0PESKlFZrhc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.121.41.0/24
109.121.43.0/24
185.47.91.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:74:e3:7f:c3:ac:72:da:0f:31:36:32:ff:6f:45:5b:f5:2a:
37:12:49:84:2c:57:68:4e:28:ce:56:d5:88:ec:40:2e:f8:a4:
e4:b1:16:07:eb:8a:1f:0f:ee:c9:46:cd:8f:49:2c:cf:c6:24:
6f:46:47:7b:28:fb:87:ad:de:01:2e:f3:6f:73:f4:df:fe:82:
f7:fb:68:a4:10:46:75:c1:80:78:a5:ac:f4:c1:cd:fb:d4:19:
a2:55:b2:e7:be:eb:e4:35:ab:b7:83:23:d6:e0:84:43:a0:11:
32:a4:5b:2e:5b:7d:8e:49:7a:6e:87:5f:bc:f4:66:3f:19:91:
5f:69:8d:1e:05:eb:a9:09:f9:cb:db:45:53:4c:34:04:9c:9c:
35:04:0d:bd:b2:45:21:c1:54:c2:9a:9d:dc:ff:b9:a4:af:0f:
d9:ce:ce:c8:0a:aa:cd:04:e6:50:10:a6:e0:7a:cc:74:15:78:
29:7c:1a:be:6b:ff:bc:63:d6:52:9d:f9:fd:ec:6f:b8:81:55:
53:d0:7c:e9:ad:57:4a:62:0e:6b:f1:4a:cf:56:85:e6:91:62:
d6:b2:1a:5a:72:7c:d3:2a:31:27:4e:2b:f3:19:ec:60:59:1a:
f0:94:14:13:af:18:1b:22:bd:98:66:ce:5c:f7:2f:42:80:12:
dc:f6:db:a1
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzt7oRBwE5euQ40sKgXv30zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmODRlNDczOGE3MGVhMzljMDhjZWYyMTA0MzJhZTM5OWVj
N2U5MTUwHhcNMjQwMTA5MTExNDQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YjNhY2QyMzNlNjI3MjgxZmEwYTVjM2VkMGYxMTIyYTUxNTlhZTE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApjogpYQZzO5/YKFpYfVne1KUM5fp
/SY2xXfMbZfsr8T5gcvKnv8vNtsjkvW8r+loSsCt/q6os/fKeFwY+xgHh/bt4BJp
KBICQq6mF81K/6SaqcWTGcXr7DzTfVM+vjvQ3uvgeT16ER8MSjrkKKFWb1hTxiw0
26tOEq8R5+wcVNnaiIGmP65Pz+/vHScU695OhIm0Zd7gFCa+hJONlLFUAmmW5wSP
sx6aEQffYhFE9Yt/aJrq6OkLXx24p9KneMpffi2pMA+JZ0CPvLVVLlGm3RkmMs0O
gziA0unV+f42ijDCsaGcwrvMcJCLNWEMdYF7dJisfh2qDoM3oISlFrw0swIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGs6zSM+YnKB+gpcPtDxEipRWa4XMB8GA1UdIwQY
MBaAFG+E5HOKcOo5wIzvIQQyrjmex+kVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYt
ZmFlNWRiZWQzYjFiLzEvYXpyTkl6NWljb0g2Q2x3LTBQRVNLbEZacmhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYtZmFlNWRiZWQzYjFi
LzEvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAbXkpAwQA
bXkrAwQAuS9bMA0GCSqGSIb3DQEBCwUAA4IBAQBPdON/w6xy2g8xNjL/b0Vb9So3
EkmELFdoTijOVtWI7EAu+KTksRYH64ofD+7JRs2PSSzPxiRvRkd7KPuHrd4BLvNv
c/Tf/oL3+2ikEEZ1wYB4paz0wc371BmiVbLnvuvkNau3gyPW4IRDoBEypFsuW32O
SXpuh1+89GY/GZFfaY0eBeupCfnL20VTTDQEnJw1BA29skUhwVTCmp3c/7mkrw/Z
zs7ICqrNBOZQEKbgesx0FXgpfBq+a/+8Y9ZSnfn97G+4gVVT0HzprVdKYg5r8UrP
VoXmkWLWshpacnzTKjEnTivzGexgWRrwlBQTrxgbIr2YZs5c9y9CgBLc9tuh
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:04 2024 by rpki-client on console-ams.rpki-client.org