Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/bdr74qiRLg1pXm1myv93-OUToPA.roa
File: bdr74qiRLg1pXm1myv93-OUToPA.roa (raw, json)
Hash identifier: +PA/FiCO2gZA6GbHp8xoWEhcoEnpGA+1V/O75yk3/kM=
Subject key identifier: 6D:DA:FB:E2:A8:91:2E:0D:69:5E:6D:66:CA:FF:77:F8:E5:13:A0:F0
Certificate issuer: /CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Certificate serial: 018571D7CF392E463E6BDDD7C6132527D87F
Authority key identifier: 6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/bdr74qiRLg1pXm1myv93-OUToPA.roa
Signing time: Mon 02 Jan 2023 09:37:26 +0000
ROA not before: Mon 02 Jan 2023 09:37:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25369
IP address blocks: 109.121.44.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:d7:cf:39:2e:46:3e:6b:dd:d7:c6:13:25:27:d8:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Validity
Not Before: Jan 2 09:37:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6ddafbe2a8912e0d695e6d66caff77f8e513a0f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:17:ca:a0:8c:37:57:37:ca:bf:9c:9e:43:4a:
b4:7e:3c:97:10:e7:74:6d:be:b2:e8:ff:74:b5:fa:
b0:02:33:7d:2a:e6:5f:ee:aa:47:b0:93:a8:8b:28:
0b:fd:3a:55:88:7b:25:5a:82:7e:33:85:79:62:b7:
dc:5c:86:da:fc:46:c5:53:9f:2f:8c:d1:fe:6d:2a:
9e:6c:cd:ef:2d:8e:c2:d2:5f:49:79:68:96:4c:59:
95:6e:18:36:d7:06:79:a9:6e:9a:37:ae:d1:6a:b0:
32:4d:14:61:c8:37:d7:ad:ce:6d:b4:cd:e7:28:f7:
6d:dc:f9:ca:d5:33:f9:0a:e0:8f:d1:8e:da:a4:c0:
93:a3:5a:3e:2a:b9:b2:40:b3:af:ae:05:3d:5c:6e:
04:d8:71:98:99:eb:16:c7:e0:41:1c:2e:52:2e:0a:
01:67:d2:9d:01:23:a3:30:a7:fd:c0:8d:2a:37:1d:
c0:4a:fa:83:da:96:23:b0:25:ab:0d:f7:28:d2:79:
6c:c8:d2:14:93:d8:58:bc:07:06:36:d2:3e:96:61:
5d:95:48:b0:d1:c1:2f:cf:78:fe:b1:cd:e5:6f:fb:
ef:84:65:b9:20:93:23:f4:f1:5a:82:3c:ba:69:e3:
56:d8:a9:01:62:00:75:ad:9d:65:dc:76:25:28:1e:
fb:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:DA:FB:E2:A8:91:2E:0D:69:5E:6D:66:CA:FF:77:F8:E5:13:A0:F0
X509v3 Authority Key Identifier:
keyid:6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/bdr74qiRLg1pXm1myv93-OUToPA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.121.44.0/24
Signature Algorithm: sha256WithRSAEncryption
10:8b:03:60:f5:61:de:2a:df:0b:27:94:b2:97:72:fa:a0:52:
cd:41:df:ea:67:f3:c6:68:91:d7:ff:55:08:51:33:72:fb:39:
26:14:5a:9f:6d:2f:53:5e:36:66:b9:a3:8a:c6:d7:33:d1:c2:
b0:7e:c8:a8:3e:dd:b8:3b:ec:d6:68:0f:60:ac:ff:42:c0:a3:
45:aa:e9:22:e7:13:8c:66:9d:10:00:e5:e8:52:65:58:8c:4d:
f9:aa:b1:8e:8e:3d:e2:68:62:b6:74:9f:d0:a6:cc:c7:35:e3:
2a:85:7d:49:55:c0:25:b2:2b:e5:83:a5:da:9e:fb:7a:05:ba:
de:77:a2:c3:b7:48:1b:05:82:6f:6b:17:06:25:53:d5:d0:19:
f4:8d:d6:9e:c1:fb:ac:35:57:8b:d8:ad:41:01:41:fc:1f:e6:
65:4c:7d:4c:ce:7e:90:82:b5:46:78:0c:72:0c:9e:9d:34:f9:
c5:58:73:de:32:78:6d:c3:3f:1b:8c:e4:3c:97:c0:ec:e3:fc:
74:df:5f:0b:da:24:53:c3:e2:32:4e:8a:1a:2c:4f:78:d0:b7:
59:55:f4:29:36:1d:eb:d9:9a:6c:72:3b:ab:de:d8:77:14:80:
51:92:70:1e:bd:c0:4c:87:7f:56:71:08:f7:5e:49:00:c7:a9:
47:7a:40:30
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVx1885LkY+a93XxhMlJ9h/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmODRlNDczOGE3MGVhMzljMDhjZWYyMTA0MzJhZTM5OWVj
N2U5MTUwHhcNMjMwMTAyMDkzNzI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZGRhZmJlMmE4OTEyZTBkNjk1ZTZkNjZjYWZmNzdmOGU1MTNhMGYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkRfKoIw3VzfKv5yeQ0q0fjyXEOd0
bb6y6P90tfqwAjN9KuZf7qpHsJOoiygL/TpViHslWoJ+M4V5YrfcXIba/EbFU58v
jNH+bSqebM3vLY7C0l9JeWiWTFmVbhg21wZ5qW6aN67RarAyTRRhyDfXrc5ttM3n
KPdt3PnK1TP5CuCP0Y7apMCTo1o+KrmyQLOvrgU9XG4E2HGYmesWx+BBHC5SLgoB
Z9KdASOjMKf9wI0qNx3ASvqD2pYjsCWrDfco0nlsyNIUk9hYvAcGNtI+lmFdlUiw
0cEvz3j+sc3lb/vvhGW5IJMj9PFagjy6aeNW2KkBYgB1rZ1l3HYlKB77pQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG3a++KokS4NaV5tZsr/d/jlE6DwMB8GA1UdIwQY
MBaAFG+E5HOKcOo5wIzvIQQyrjmex+kVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYt
ZmFlNWRiZWQzYjFiLzEvYmRyNzRxaVJMZzFwWG0xbXl2OTMtT1VUb1BBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYtZmFlNWRiZWQzYjFi
LzEvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbXksMA0G
CSqGSIb3DQEBCwUAA4IBAQAQiwNg9WHeKt8LJ5Syl3L6oFLNQd/qZ/PGaJHX/1UI
UTNy+zkmFFqfbS9TXjZmuaOKxtcz0cKwfsioPt24O+zWaA9grP9CwKNFquki5xOM
Zp0QAOXoUmVYjE35qrGOjj3iaGK2dJ/QpszHNeMqhX1JVcAlsivlg6Xanvt6Bbre
d6LDt0gbBYJvaxcGJVPV0Bn0jdaewfusNVeL2K1BAUH8H+ZlTH1Mzn6QgrVGeAxy
DJ6dNPnFWHPeMnhtwz8bjOQ8l8Ds4/x0318L2iRTw+IyTooaLE940LdZVfQpNh3r
2Zpscjur3th3FIBRknAevcBMh39WcQj3XkkAx6lHekAw
-----END CERTIFICATE-----
Generated at Mon Jan 1 17:25:36 2024 by rpki-client on console-fra.rpki-client.org