Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/e9THFH12hrWiOT-nCA4CH4WL1HE.roa
File: e9THFH12hrWiOT-nCA4CH4WL1HE.roa (raw, json)
Hash identifier: fplBTpbzWLeVyp/Ts+Oip4j32kTCZo/XF+DjBeO7H/s=
Subject key identifier: 7B:D4:C7:14:7D:76:86:B5:A2:39:3F:A7:08:0E:02:1F:85:8B:D4:71
Certificate issuer: /CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Certificate serial: 018FDD073384A075EA0C3E7D2A77E7090433
Authority key identifier: 6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/e9THFH12hrWiOT-nCA4CH4WL1HE.roa
Signing time: Mon 03 Jun 2024 07:36:27 +0000
ROA not before: Mon 03 Jun 2024 07:36:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 109.121.41.0/24 maxlen: 24
109.121.43.0/24 maxlen: 24
185.47.91.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 08 Jul 2024 10:34:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:dd:07:33:84:a0:75:ea:0c:3e:7d:2a:77:e7:09:04:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Validity
Not Before: Jun 3 07:36:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7bd4c7147d7686b5a2393fa7080e021f858bd471
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:d2:7a:73:0e:f7:f8:f1:b2:c1:71:c1:de:fb:
5e:62:9b:f3:b7:a8:23:7d:6a:88:ab:b4:b3:f2:2d:
17:e0:5d:e2:9c:d4:62:ac:06:de:45:04:29:85:0a:
b7:f7:c2:cd:b8:3a:58:61:19:9f:7c:9f:bf:cf:6a:
f6:ae:de:a1:ca:99:98:82:4b:68:a7:99:37:f2:3a:
70:05:2a:ef:88:11:f1:b4:e1:ad:3c:d7:c9:23:2b:
eb:bb:47:79:b8:48:eb:83:ac:10:7f:9a:3f:db:b4:
da:a4:41:4e:8f:98:cb:d7:09:fe:08:b6:6f:d9:c8:
f5:58:f7:ed:e8:47:b1:62:3f:d9:2e:64:cc:c5:41:
90:c5:7c:4c:eb:d9:99:71:7c:23:d4:03:8b:3b:26:
5a:19:60:00:04:21:78:8e:23:12:67:d0:6f:6c:af:
cd:7d:de:28:5c:61:68:b8:57:bd:34:10:86:53:12:
55:fa:33:b4:8d:f7:45:e3:1e:03:ed:33:f9:60:36:
1b:43:a5:30:6c:7f:77:ae:19:89:ea:61:29:cb:2b:
68:51:71:01:00:b4:d8:93:3a:41:80:cf:a1:06:0e:
af:9c:1f:04:b0:e7:8a:ae:d4:16:7e:64:0e:11:9c:
57:f6:6b:0a:be:fb:09:53:b4:c3:68:c9:b1:69:46:
5c:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:D4:C7:14:7D:76:86:B5:A2:39:3F:A7:08:0E:02:1F:85:8B:D4:71
X509v3 Authority Key Identifier:
keyid:6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/e9THFH12hrWiOT-nCA4CH4WL1HE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.121.41.0/24
109.121.43.0/24
185.47.91.0/24
Signature Algorithm: sha256WithRSAEncryption
58:ec:33:7c:31:7b:0f:a4:c6:a4:b4:58:e6:d4:66:ec:94:c5:
80:df:4f:32:c8:b5:24:63:d1:ea:64:5d:2d:d7:12:9d:39:e9:
96:f8:03:1d:8a:02:23:ea:ca:80:49:ea:04:1a:87:e9:bd:54:
7e:e6:64:19:b2:92:9c:69:13:6b:61:8c:47:4f:4b:53:ed:4d:
be:60:5f:5f:3e:2f:dc:04:aa:01:f1:ea:dd:90:d7:7c:20:7e:
ae:db:9d:f1:cc:fd:09:92:8b:e9:53:06:9f:a2:e2:ac:c2:19:
fd:eb:58:d7:23:c2:03:63:06:05:9e:1c:de:0b:21:cd:b3:16:
cd:e7:4d:d9:9b:7f:ef:f9:6d:33:a6:29:72:b9:3a:47:e8:02:
57:01:7f:aa:03:98:ee:15:75:98:4a:11:4f:02:67:cb:88:18:
cb:ca:5f:6d:a4:ec:ec:40:f4:f9:ab:a4:a0:8c:5a:33:7c:75:
71:9a:a0:eb:af:a2:a2:49:77:a7:e7:7f:75:df:84:ee:b9:d4:
e6:70:a9:24:5b:c6:d9:a5:36:5e:73:f8:a9:2a:11:62:86:b8:
b4:9f:97:18:f6:34:2d:5a:49:16:0b:8c:2c:b7:34:cd:51:91:
42:5d:8e:c4:0a:23:35:2f:35:ac:f2:a2:42:0c:24:cd:f0:53:
09:77:3a:93
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY/dBzOEoHXqDD59KnfnCQQzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmODRlNDczOGE3MGVhMzljMDhjZWYyMTA0MzJhZTM5OWVj
N2U5MTUwHhcNMjQwNjAzMDczNjI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YmQ0YzcxNDdkNzY4NmI1YTIzOTNmYTcwODBlMDIxZjg1OGJkNDcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqNJ6cw73+PGywXHB3vteYpvzt6gj
fWqIq7Sz8i0X4F3inNRirAbeRQQphQq398LNuDpYYRmffJ+/z2r2rt6hypmYgkto
p5k38jpwBSrviBHxtOGtPNfJIyvru0d5uEjrg6wQf5o/27TapEFOj5jL1wn+CLZv
2cj1WPft6EexYj/ZLmTMxUGQxXxM69mZcXwj1AOLOyZaGWAABCF4jiMSZ9BvbK/N
fd4oXGFouFe9NBCGUxJV+jO0jfdF4x4D7TP5YDYbQ6UwbH93rhmJ6mEpyytoUXEB
ALTYkzpBgM+hBg6vnB8EsOeKrtQWfmQOEZxX9msKvvsJU7TDaMmxaUZcqwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHvUxxR9doa1ojk/pwgOAh+Fi9RxMB8GA1UdIwQY
MBaAFG+E5HOKcOo5wIzvIQQyrjmex+kVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYt
ZmFlNWRiZWQzYjFiLzEvZTlUSEZIMTJocldpT1QtbkNBNENINFdMMUhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYtZmFlNWRiZWQzYjFi
LzEvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAbXkpAwQA
bXkrAwQAuS9bMA0GCSqGSIb3DQEBCwUAA4IBAQBY7DN8MXsPpMaktFjm1GbslMWA
308yyLUkY9HqZF0t1xKdOemW+AMdigIj6sqASeoEGofpvVR+5mQZspKcaRNrYYxH
T0tT7U2+YF9fPi/cBKoB8erdkNd8IH6u253xzP0JkovpUwafouKswhn961jXI8ID
YwYFnhzeCyHNsxbN503Zm3/v+W0zpilyuTpH6AJXAX+qA5juFXWYShFPAmfLiBjL
yl9tpOzsQPT5q6SgjFozfHVxmqDrr6KiSXen539134TuudTmcKkkW8bZpTZec/ip
KhFihri0n5cY9jQtWkkWC4wstzTNUZFCXY7ECiM1LzWs8qJCDCTN8FMJdzqT
-----END CERTIFICATE-----
Generated at Mon Jul 8 12:31:32 2024 by rpki-client on console-ams.rpki-client.org