Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/cZlQuuUXDqHIq6jr7nHIK71cAKo.roa
File: cZlQuuUXDqHIq6jr7nHIK71cAKo.roa (raw, json)
Hash identifier: x3OPi7Fwa8D1qHlJVossoap37Y3W9RixdZVfbocVmYY=
Subject key identifier: 71:99:50:BA:E5:17:0E:A1:C8:AB:A8:EB:EE:71:C8:2B:BD:5C:00:AA
Certificate issuer: /CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Certificate serial: 018DC713CD029966FAD8AB9B238337D40409
Authority key identifier: 6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/cZlQuuUXDqHIq6jr7nHIK71cAKo.roa
Signing time: Tue 20 Feb 2024 15:13:00 +0000
ROA not before: Tue 20 Feb 2024 15:13:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 77.105.6.0/24 maxlen: 24
79.175.67.0/24 maxlen: 24
109.121.41.0/24 maxlen: 24
109.121.43.0/24 maxlen: 24
185.47.91.0/24 maxlen: 24
188.255.128.0/24 maxlen: 24
188.255.144.0/24 maxlen: 24
188.255.200.0/24 maxlen: 24
212.69.14.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 26 Feb 2024 22:32:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:c7:13:cd:02:99:66:fa:d8:ab:9b:23:83:37:d4:04:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Validity
Not Before: Feb 20 15:13:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=719950bae5170ea1c8aba8ebee71c82bbd5c00aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:22:48:52:9d:8f:21:66:a8:0b:94:26:e5:67:
4d:26:19:c1:40:4d:24:7a:93:d4:45:ec:14:e5:9a:
1a:c5:4f:61:6b:87:cd:f7:84:c1:06:02:2f:c0:26:
8f:d5:aa:f6:7e:69:f4:9a:17:ed:7e:a6:93:46:65:
a7:10:9c:92:a7:b2:84:c6:d2:b5:c8:11:7c:f8:68:
ba:ef:3e:61:b9:3e:22:bd:15:7f:5f:06:5c:26:55:
83:0c:c7:d7:1f:f5:f8:a4:9a:7d:ff:cf:24:f5:b0:
ef:96:58:40:1c:18:35:37:4e:f3:df:bd:c6:4b:b0:
c2:1b:d5:92:21:05:bc:cc:f5:12:62:56:1c:cc:79:
e2:b6:92:03:41:f7:10:13:13:62:b2:e8:60:1c:1b:
fc:f0:23:46:0e:e3:f4:8a:d6:13:49:dd:16:ed:8a:
2b:0d:a6:20:c0:95:12:cd:58:88:08:7e:49:71:1d:
5a:0b:72:7f:68:9d:c7:94:e4:3b:28:2e:cb:2f:3f:
a8:91:84:e5:32:a2:b8:e3:f3:2e:47:aa:9c:1b:bb:
17:6f:9d:23:c6:14:cb:06:74:9e:02:a4:12:36:98:
41:82:c8:06:88:f2:6d:c5:01:af:1b:e1:b1:cb:87:
b8:1f:ad:9b:32:37:76:9a:70:94:4c:d7:ce:86:f6:
79:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:99:50:BA:E5:17:0E:A1:C8:AB:A8:EB:EE:71:C8:2B:BD:5C:00:AA
X509v3 Authority Key Identifier:
keyid:6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/cZlQuuUXDqHIq6jr7nHIK71cAKo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.105.6.0/24
79.175.67.0/24
109.121.41.0/24
109.121.43.0/24
185.47.91.0/24
188.255.128.0/24
188.255.144.0/24
188.255.200.0/24
212.69.14.0/24
Signature Algorithm: sha256WithRSAEncryption
24:0a:5f:4d:98:52:cb:fb:8f:83:ce:59:20:34:47:2a:7f:01:
64:eb:27:46:24:92:ec:92:bd:3c:f5:01:0b:7c:6d:02:b7:61:
5a:18:10:86:af:3f:90:e7:b1:db:77:dc:1a:5c:0a:50:07:6e:
33:f2:8c:7b:ea:ea:8b:1e:0f:b5:76:6d:54:81:7a:54:17:44:
82:92:15:e5:2b:8b:05:d1:8b:65:e2:37:65:6a:84:80:3c:af:
df:5e:7d:e5:fe:ee:6b:a1:18:43:db:f1:8d:e4:64:bb:14:ec:
6b:78:4a:9f:22:73:89:cd:c0:f5:a3:7f:1a:51:12:34:e6:0b:
91:3f:97:bc:0a:99:1b:32:4a:f1:11:f0:53:0d:a2:39:e4:3c:
d1:a5:2d:21:c3:39:e1:e5:54:7f:54:3e:14:84:92:e3:a4:a7:
df:5a:bb:32:71:11:4d:a5:29:6c:73:3a:b4:d9:25:ee:e2:25:
7c:25:7c:2f:43:ec:bb:76:45:98:cf:2f:29:53:4f:0c:ac:d9:
d1:75:59:4f:1f:e4:90:82:aa:33:95:75:72:c2:0a:f2:96:ce:
f1:02:c7:37:7d:b0:88:a3:98:89:4a:2d:bd:1b:d4:e5:60:5f:
8c:4b:4e:8e:25:23:ef:6b:26:d0:f3:d2:b3:dc:40:c0:61:86:
d8:c2:6a:3e
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAY3HE80CmWb62KubI4M31AQJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmODRlNDczOGE3MGVhMzljMDhjZWYyMTA0MzJhZTM5OWVj
N2U5MTUwHhcNMjQwMjIwMTUxMzAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MTk5NTBiYWU1MTcwZWExYzhhYmE4ZWJlZTcxYzgyYmJkNWMwMGFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArCJIUp2PIWaoC5Qm5WdNJhnBQE0k
epPURewU5ZoaxU9ha4fN94TBBgIvwCaP1ar2fmn0mhftfqaTRmWnEJySp7KExtK1
yBF8+Gi67z5huT4ivRV/XwZcJlWDDMfXH/X4pJp9/88k9bDvllhAHBg1N07z373G
S7DCG9WSIQW8zPUSYlYczHnitpIDQfcQExNisuhgHBv88CNGDuP0itYTSd0W7Yor
DaYgwJUSzViICH5JcR1aC3J/aJ3HlOQ7KC7LLz+okYTlMqK44/MuR6qcG7sXb50j
xhTLBnSeAqQSNphBgsgGiPJtxQGvG+Gxy4e4H62bMjd2mnCUTNfOhvZ5nQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFHGZULrlFw6hyKuo6+5xyCu9XACqMB8GA1UdIwQY
MBaAFG+E5HOKcOo5wIzvIQQyrjmex+kVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYt
ZmFlNWRiZWQzYjFiLzEvY1psUXV1VVhEcUhJcTZqcjduSElLNzFjQUtvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYtZmFlNWRiZWQzYjFi
LzEvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQATWkGAwQA
T69DAwQAbXkpAwQAbXkrAwQAuS9bAwQAvP+AAwQAvP+QAwQAvP/IAwQA1EUOMA0G
CSqGSIb3DQEBCwUAA4IBAQAkCl9NmFLL+4+DzlkgNEcqfwFk6ydGJJLskr089QEL
fG0Ct2FaGBCGrz+Q57Hbd9waXApQB24z8ox76uqLHg+1dm1UgXpUF0SCkhXlK4sF
0Ytl4jdlaoSAPK/fXn3l/u5roRhD2/GN5GS7FOxreEqfInOJzcD1o38aURI05guR
P5e8CpkbMkrxEfBTDaI55DzRpS0hwznh5VR/VD4UhJLjpKffWrsycRFNpSlsczq0
2SXu4iV8JXwvQ+y7dkWYzy8pU08MrNnRdVlPH+SQgqozlXVywgryls7xAsc3fbCI
o5iJSi29G9TlYF+MS06OJSPvaybQ89Kz3EDAYYbYwmo+
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:04 2024 by rpki-client on console-ams.rpki-client.org