Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/hOuwDVtWfGtUcddUU7Z5w5k5QGg.roa
File: hOuwDVtWfGtUcddUU7Z5w5k5QGg.roa (raw, json)
Hash identifier: I/WL8/i/jssMuGfEQowxHWYkm4PGzyynQotx8aR2z5Y=
Subject key identifier: 84:EB:B0:0D:5B:56:7C:6B:54:71:D7:54:53:B6:79:C3:99:39:40:68
Certificate issuer: /CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Certificate serial: 018D0DAAE883E87D2F7D98664AF0403F281C
Authority key identifier: 6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/hOuwDVtWfGtUcddUU7Z5w5k5QGg.roa
Signing time: Mon 15 Jan 2024 15:08:40 +0000
ROA not before: Mon 15 Jan 2024 15:08:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 109.121.41.0/24 maxlen: 24
109.121.43.0/24 maxlen: 24
109.233.189.0/24 maxlen: 24
185.47.91.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 16 Jan 2024 08:36:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:0d:aa:e8:83:e8:7d:2f:7d:98:66:4a:f0:40:3f:28:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Validity
Not Before: Jan 15 15:08:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=84ebb00d5b567c6b5471d75453b679c399394068
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:b9:8b:ad:c0:34:58:88:31:3d:68:89:e7:d1:
27:5c:6b:87:a1:25:0c:f6:9e:4a:e3:e1:2d:d2:35:
f6:6e:cd:42:1c:71:d2:ce:75:47:4b:18:15:9c:b3:
9f:75:f3:77:d3:7e:73:df:25:3b:10:a9:5e:ee:af:
92:05:a1:46:85:9f:62:8a:44:75:c2:43:a5:bb:a2:
03:db:b4:f1:6e:61:1b:9c:a0:5c:5f:82:2c:45:b9:
23:b5:29:73:9f:6e:fc:a6:d9:c6:c5:33:5e:41:f9:
2b:21:04:f6:47:6e:e8:95:ea:1d:b1:e6:ea:5c:52:
cc:c5:1f:df:1a:42:30:b6:c0:ab:85:ca:26:fe:0d:
b2:0f:b8:e4:8f:8d:6f:04:c7:5a:4d:93:fd:df:81:
89:d5:a7:18:59:e7:32:83:1f:06:63:3d:53:66:bc:
18:95:35:c1:6b:c1:35:be:7a:e6:02:34:6d:08:2d:
c6:bf:9c:89:c9:cf:f4:83:27:3a:e1:0f:65:27:62:
8d:42:7a:bb:75:71:28:43:64:2d:06:cb:bb:b6:d5:
e1:38:c8:b9:7b:be:59:a1:2c:40:6e:e2:83:42:4d:
ea:64:fd:12:43:2f:cd:f8:41:10:1d:b1:c2:3b:38:
78:ee:ba:60:c8:45:8d:9a:4e:11:2d:3e:96:ad:7e:
9e:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:EB:B0:0D:5B:56:7C:6B:54:71:D7:54:53:B6:79:C3:99:39:40:68
X509v3 Authority Key Identifier:
keyid:6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/hOuwDVtWfGtUcddUU7Z5w5k5QGg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.121.41.0/24
109.121.43.0/24
109.233.189.0/24
185.47.91.0/24
Signature Algorithm: sha256WithRSAEncryption
91:3b:f1:2b:cf:d0:6f:88:8a:7b:ce:ce:a0:1a:ba:0c:25:bd:
86:88:00:4c:91:6b:47:4b:49:31:cb:40:a1:35:66:eb:77:4f:
ef:f7:4d:1b:63:f0:30:ab:74:7e:6f:60:4a:5b:23:ee:0b:04:
ce:8d:36:26:3c:01:0a:7d:c0:d2:a5:3b:33:fc:48:62:7c:42:
66:51:99:4d:93:2a:f6:16:9e:9b:e6:cb:fd:bd:8a:09:29:12:
6d:4c:0a:16:0a:79:8e:75:a7:a1:87:14:d9:76:cd:ab:53:98:
6a:04:f5:0c:6a:fb:d2:b9:c0:21:7d:fb:6f:d6:9d:3e:52:17:
bb:22:55:c0:ac:52:ba:f8:5c:97:fc:4c:fc:49:f1:99:48:99:
3c:5e:b6:1e:f3:fe:31:42:f5:76:ef:0c:41:bb:62:c4:6e:2f:
f1:01:2b:e8:5f:4f:6a:1f:1a:a8:f9:da:2a:d4:f9:0d:c6:50:
91:85:d8:93:ef:49:d9:3f:e0:b0:f1:34:a0:16:53:ef:b2:bd:
19:c9:18:ad:b8:99:95:a5:e5:b6:bc:fb:f3:e0:9d:57:0c:bc:
a6:9d:07:14:7d:05:c4:48:4d:e4:21:ac:57:2a:9b:08:cd:eb:
7c:31:4a:30:2b:08:c9:85:e6:34:ed:6b:9a:71:51:d5:38:d3:
67:69:c8:19
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY0NquiD6H0vfZhmSvBAPygcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmODRlNDczOGE3MGVhMzljMDhjZWYyMTA0MzJhZTM5OWVj
N2U5MTUwHhcNMjQwMTE1MTUwODQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NGViYjAwZDViNTY3YzZiNTQ3MWQ3NTQ1M2I2NzljMzk5Mzk0MDY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlbmLrcA0WIgxPWiJ59EnXGuHoSUM
9p5K4+Et0jX2bs1CHHHSznVHSxgVnLOfdfN3035z3yU7EKle7q+SBaFGhZ9iikR1
wkOlu6ID27TxbmEbnKBcX4IsRbkjtSlzn278ptnGxTNeQfkrIQT2R27oleodsebq
XFLMxR/fGkIwtsCrhcom/g2yD7jkj41vBMdaTZP934GJ1acYWecygx8GYz1TZrwY
lTXBa8E1vnrmAjRtCC3Gv5yJyc/0gyc64Q9lJ2KNQnq7dXEoQ2QtBsu7ttXhOMi5
e75ZoSxAbuKDQk3qZP0SQy/N+EEQHbHCOzh47rpgyEWNmk4RLT6WrX6e6wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFITrsA1bVnxrVHHXVFO2ecOZOUBoMB8GA1UdIwQY
MBaAFG+E5HOKcOo5wIzvIQQyrjmex+kVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYt
ZmFlNWRiZWQzYjFiLzEvaE91d0RWdFdmR3RVY2RkVVU3WjV3NWs1UUdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYtZmFlNWRiZWQzYjFi
LzEvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAbXkpAwQA
bXkrAwQAbem9AwQAuS9bMA0GCSqGSIb3DQEBCwUAA4IBAQCRO/Erz9BviIp7zs6g
GroMJb2GiABMkWtHS0kxy0ChNWbrd0/v900bY/Awq3R+b2BKWyPuCwTOjTYmPAEK
fcDSpTsz/EhifEJmUZlNkyr2Fp6b5sv9vYoJKRJtTAoWCnmOdaehhxTZds2rU5hq
BPUMavvSucAhfftv1p0+Uhe7IlXArFK6+FyX/Ez8SfGZSJk8XrYe8/4xQvV27wxB
u2LEbi/xASvoX09qHxqo+doq1PkNxlCRhdiT70nZP+Cw8TSgFlPvsr0ZyRituJmV
peW2vPvz4J1XDLymnQcUfQXESE3kIaxXKpsIzet8MUowKwjJheY07WuacVHVONNn
acgZ
-----END CERTIFICATE-----
Generated at Tue Jan 16 12:45:16 2024 by rpki-client on console-ams.rpki-client.org