Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/bIWL_wiGQh98ZBu279JdRq_GqcU.roa
File: bIWL_wiGQh98ZBu279JdRq_GqcU.roa (raw, json)
Hash identifier: TdQAyiOf/xMsheU5myBEPoO0J/dfCIlqn7FfzD2tuDs=
Subject key identifier: 6C:85:8B:FF:08:86:42:1F:7C:64:1B:B6:EF:D2:5D:46:AF:C6:A9:C5
Certificate issuer: /CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Certificate serial: 0189C557E47836EE4C92B7870D5DEB2D2F52
Authority key identifier: 6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/bIWL_wiGQh98ZBu279JdRq_GqcU.roa
Signing time: Sat 05 Aug 2023 10:56:58 +0000
ROA not before: Sat 05 Aug 2023 10:56:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 188.255.206.0/24 maxlen: 24
109.121.35.0/24 maxlen: 24
109.121.43.0/24 maxlen: 24
212.69.0.0/24 maxlen: 24
188.255.134.0/24 maxlen: 24
212.69.14.0/24 maxlen: 24
77.105.8.0/24 maxlen: 24
185.47.91.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 08 Aug 2023 19:57:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:c5:57:e4:78:36:ee:4c:92:b7:87:0d:5d:eb:2d:2f:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Validity
Not Before: Aug 5 10:56:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6c858bff0886421f7c641bb6efd25d46afc6a9c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:54:20:c1:56:89:31:2b:6f:80:20:ab:8d:f4:
88:e7:a1:7c:62:2a:2b:54:f0:3c:de:39:47:c5:e5:
30:c4:17:f9:89:7b:66:1a:30:da:ad:1a:9c:b9:e4:
20:22:1a:74:42:43:aa:ee:d1:ae:16:90:7e:d5:a8:
9b:bf:1d:23:dc:22:25:41:d0:40:70:06:ac:77:95:
12:ae:b9:c1:09:ef:a9:ae:f8:49:ad:70:5e:6c:9c:
01:a1:39:96:92:54:bb:c4:f8:fa:c0:04:c1:7c:60:
0b:05:52:68:d3:af:8d:31:09:cd:62:d9:25:57:b4:
49:8f:a8:e3:8a:e7:f3:39:1f:0a:ad:89:f3:3f:d9:
ea:8d:0f:31:88:f4:1c:66:f2:d1:a2:1e:90:88:77:
d3:08:5f:bc:71:dc:ab:ba:06:67:42:53:8b:b7:d6:
43:a9:1d:2e:c2:a6:4f:3a:10:3d:d5:24:b4:03:80:
64:38:cf:5d:ed:2f:0e:11:1e:0e:1c:85:1d:48:ee:
32:f7:6a:b1:ab:ad:eb:82:bf:42:74:18:41:d4:3c:
22:09:63:61:04:33:f4:0c:df:ee:94:2d:ae:c1:74:
cb:02:5b:fe:a0:8a:7b:0d:bf:9c:d5:ad:b9:79:4c:
59:1f:04:01:bc:9b:2a:27:d8:e0:97:e6:7a:b3:16:
43:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:85:8B:FF:08:86:42:1F:7C:64:1B:B6:EF:D2:5D:46:AF:C6:A9:C5
X509v3 Authority Key Identifier:
keyid:6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/bIWL_wiGQh98ZBu279JdRq_GqcU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.105.8.0/24
109.121.35.0/24
109.121.43.0/24
185.47.91.0/24
188.255.134.0/24
188.255.206.0/24
212.69.0.0/24
212.69.14.0/24
Signature Algorithm: sha256WithRSAEncryption
42:fe:fc:0a:57:07:ff:ff:69:72:d7:42:c6:8c:21:9b:b8:29:
a5:c8:b5:65:d2:15:d9:d9:a5:89:54:52:80:25:9f:60:d4:45:
28:dc:66:d9:6e:6e:53:b0:f5:8a:2b:15:51:46:a4:c8:10:9e:
b6:3b:7b:91:91:5b:c3:4b:9e:f5:f8:bc:87:50:a1:a0:4e:3e:
67:28:56:1e:4c:3d:41:fd:cd:ad:b3:d1:20:ac:ec:a3:c0:a4:
84:7e:dd:a6:31:08:d3:4e:59:30:22:a2:74:f3:ca:92:b4:cc:
c9:00:c2:1b:64:45:07:51:9a:51:ac:b8:5a:52:c4:75:12:c7:
9c:b6:33:fa:58:8c:1e:16:0b:2c:34:e4:d1:51:b6:d5:8d:d6:
fd:42:d8:8b:f2:0c:66:1b:dd:48:fc:34:ff:48:28:d7:67:7b:
27:51:47:dc:29:c7:fa:7d:14:26:28:6e:d4:4b:15:c6:71:e3:
7d:27:cf:7e:40:e3:4a:f4:82:0d:90:0b:65:34:bf:30:51:2e:
28:10:d3:56:1f:f1:85:45:ce:69:5d:d3:0f:2a:e8:e0:2a:9f:
8c:9d:0d:d6:08:99:44:73:ef:b1:69:d9:d1:3d:a8:16:c8:df:
99:8f:07:71:0b:93:41:24:73:ae:57:e4:47:5c:d3:27:c4:32:
2d:4a:82:7a
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYnFV+R4Nu5MkreHDV3rLS9SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmODRlNDczOGE3MGVhMzljMDhjZWYyMTA0MzJhZTM5OWVj
N2U5MTUwHhcNMjMwODA1MTA1NjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Yzg1OGJmZjA4ODY0MjFmN2M2NDFiYjZlZmQyNWQ0NmFmYzZhOWM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjFQgwVaJMStvgCCrjfSI56F8Yior
VPA83jlHxeUwxBf5iXtmGjDarRqcueQgIhp0QkOq7tGuFpB+1aibvx0j3CIlQdBA
cAasd5USrrnBCe+prvhJrXBebJwBoTmWklS7xPj6wATBfGALBVJo06+NMQnNYtkl
V7RJj6jjiufzOR8KrYnzP9nqjQ8xiPQcZvLRoh6QiHfTCF+8cdyrugZnQlOLt9ZD
qR0uwqZPOhA91SS0A4BkOM9d7S8OER4OHIUdSO4y92qxq63rgr9CdBhB1DwiCWNh
BDP0DN/ulC2uwXTLAlv+oIp7Db+c1a25eUxZHwQBvJsqJ9jgl+Z6sxZDhQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFGyFi/8IhkIffGQbtu/SXUavxqnFMB8GA1UdIwQY
MBaAFG+E5HOKcOo5wIzvIQQyrjmex+kVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYt
ZmFlNWRiZWQzYjFiLzEvYklXTF93aUdRaDk4WkJ1Mjc5SmRScV9HcWNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYtZmFlNWRiZWQzYjFi
LzEvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQATWkIAwQA
bXkjAwQAbXkrAwQAuS9bAwQAvP+GAwQAvP/OAwQA1EUAAwQA1EUOMA0GCSqGSIb3
DQEBCwUAA4IBAQBC/vwKVwf//2ly10LGjCGbuCmlyLVl0hXZ2aWJVFKAJZ9g1EUo
3GbZbm5TsPWKKxVRRqTIEJ62O3uRkVvDS571+LyHUKGgTj5nKFYeTD1B/c2ts9Eg
rOyjwKSEft2mMQjTTlkwIqJ088qStMzJAMIbZEUHUZpRrLhaUsR1EsectjP6WIwe
FgssNOTRUbbVjdb9QtiL8gxmG91I/DT/SCjXZ3snUUfcKcf6fRQmKG7USxXGceN9
J89+QONK9IINkAtlNL8wUS4oENNWH/GFRc5pXdMPKujgKp+MnQ3WCJlEc++xadnR
PagWyN+ZjwdxC5NBJHOuV+RHXNMnxDItSoJ6
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:04 2024 by rpki-client on console-ams.rpki-client.org