Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/iK9TvzNyJTvch6k2FvVeufnoztQ.roa
File: iK9TvzNyJTvch6k2FvVeufnoztQ.roa (raw, json)
Hash identifier: 0v3C+KvfHQrahpslmpa0vUwcjJQFd0le771YcAlOk7Y=
Subject key identifier: 88:AF:53:BF:33:72:25:3B:DC:87:A9:36:16:F5:5E:B9:F9:E8:CE:D4
Certificate issuer: /CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Certificate serial: 018B4CEFA71FE936166F2207409EE126A1D3
Authority key identifier: 6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/iK9TvzNyJTvch6k2FvVeufnoztQ.roa
Signing time: Fri 20 Oct 2023 11:54:16 +0000
ROA not before: Fri 20 Oct 2023 11:54:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 188.255.206.0/24 maxlen: 24
109.121.35.0/24 maxlen: 24
109.121.43.0/24 maxlen: 24
212.69.10.0/24 maxlen: 24
188.255.141.0/24 maxlen: 24
79.175.66.0/24 maxlen: 24
185.47.91.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:4c:ef:a7:1f:e9:36:16:6f:22:07:40:9e:e1:26:a1:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Validity
Not Before: Oct 20 11:54:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=88af53bf3372253bdc87a93616f55eb9f9e8ced4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:68:a5:2f:dd:e0:1b:f2:46:35:53:f1:dd:1e:
b5:9a:e0:a7:9c:8b:d2:64:a4:b3:da:6b:c9:72:9e:
1e:bb:c4:40:1c:79:d6:5d:81:cc:d1:48:44:41:ca:
cd:94:38:72:5f:60:57:33:66:21:3a:eb:79:2b:5d:
70:3f:c9:87:e1:7f:3b:7d:df:28:0d:6b:09:ce:1c:
a4:bd:ca:c8:57:1e:ed:ff:75:91:40:15:50:d0:bf:
d6:88:98:89:9b:33:03:f8:34:6f:da:af:4a:c9:b5:
37:6a:00:5c:0b:c7:c0:35:41:bc:d0:27:08:1b:00:
10:fc:15:b6:b5:bd:14:4e:a3:9c:e6:a4:f4:51:5e:
07:4c:78:4c:f6:16:27:fe:52:ce:fd:4e:b6:95:63:
85:1d:83:6d:80:de:24:16:50:e3:a4:c8:d4:cd:7d:
b2:62:4c:67:c7:a6:55:1c:97:38:9b:82:5c:44:bb:
64:8b:fb:4c:b2:9d:b8:db:88:64:26:41:e0:64:f5:
7b:20:9e:74:c1:60:f6:45:43:8c:fa:aa:14:ef:2d:
6e:b1:6f:62:7c:bf:b9:88:72:0e:1b:49:4b:f2:c5:
ae:0c:d0:8e:d9:50:24:90:7e:a7:65:47:50:72:f7:
a4:7e:2f:e9:fd:00:78:20:ca:fa:fb:87:7a:40:99:
8f:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:AF:53:BF:33:72:25:3B:DC:87:A9:36:16:F5:5E:B9:F9:E8:CE:D4
X509v3 Authority Key Identifier:
keyid:6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/iK9TvzNyJTvch6k2FvVeufnoztQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.175.66.0/24
109.121.35.0/24
109.121.43.0/24
185.47.91.0/24
188.255.141.0/24
188.255.206.0/24
212.69.10.0/24
Signature Algorithm: sha256WithRSAEncryption
06:bb:6b:74:20:53:1c:a1:c3:86:ed:8a:fa:f8:fd:da:6a:d9:
5b:46:17:11:a8:ba:eb:0a:57:ee:44:1f:5d:3f:19:4e:63:1b:
96:93:20:4f:c1:78:27:33:cd:56:2f:5d:20:1d:ea:f4:35:50:
5f:b3:be:8c:53:45:0c:8d:f5:66:f5:fb:60:af:12:9b:68:de:
e0:f3:cf:d8:9e:5e:2f:40:7f:80:99:cf:2f:28:0b:79:94:66:
d4:20:ea:9a:97:d5:41:95:30:b3:8c:a6:35:c5:dd:e0:b0:c1:
8b:ca:1a:7b:3a:7e:4f:5b:f5:df:b0:5e:e9:2d:01:99:1b:18:
5b:c1:07:6b:4b:2f:30:df:9b:c9:92:ba:56:dd:0e:91:40:e6:
c0:1d:99:46:6e:2c:93:ca:d1:f6:ef:3f:de:85:6b:77:58:cd:
63:ee:08:41:d2:6a:55:e5:a0:17:37:86:1e:8d:93:23:1e:42:
4b:22:cc:29:ca:86:dc:96:42:48:b6:0d:84:38:23:e2:6a:14:
3d:82:b4:30:bb:bc:9e:0d:db:49:87:2c:be:8f:f3:e9:9e:62:
f3:07:46:94:7c:17:eb:81:23:b3:9d:fb:36:fd:ed:8b:4b:9f:
9c:1a:22:64:88:73:05:61:41:31:6e:ba:35:68:97:79:69:55:
5d:d8:88:f9
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYtM76cf6TYWbyIHQJ7hJqHTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmODRlNDczOGE3MGVhMzljMDhjZWYyMTA0MzJhZTM5OWVj
N2U5MTUwHhcNMjMxMDIwMTE1NDE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OGFmNTNiZjMzNzIyNTNiZGM4N2E5MzYxNmY1NWViOWY5ZThjZWQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwmilL93gG/JGNVPx3R61muCnnIvS
ZKSz2mvJcp4eu8RAHHnWXYHM0UhEQcrNlDhyX2BXM2YhOut5K11wP8mH4X87fd8o
DWsJzhykvcrIVx7t/3WRQBVQ0L/WiJiJmzMD+DRv2q9KybU3agBcC8fANUG80CcI
GwAQ/BW2tb0UTqOc5qT0UV4HTHhM9hYn/lLO/U62lWOFHYNtgN4kFlDjpMjUzX2y
Ykxnx6ZVHJc4m4JcRLtki/tMsp2424hkJkHgZPV7IJ50wWD2RUOM+qoU7y1usW9i
fL+5iHIOG0lL8sWuDNCO2VAkkH6nZUdQcvekfi/p/QB4IMr6+4d6QJmPNwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFIivU78zciU73IepNhb1Xrn56M7UMB8GA1UdIwQY
MBaAFG+E5HOKcOo5wIzvIQQyrjmex+kVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYt
ZmFlNWRiZWQzYjFiLzEvaUs5VHZ6TnlKVHZjaDZrMkZ2VmV1Zm5venRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYtZmFlNWRiZWQzYjFi
LzEvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAT69CAwQA
bXkjAwQAbXkrAwQAuS9bAwQAvP+NAwQAvP/OAwQA1EUKMA0GCSqGSIb3DQEBCwUA
A4IBAQAGu2t0IFMcocOG7Yr6+P3aatlbRhcRqLrrClfuRB9dPxlOYxuWkyBPwXgn
M81WL10gHer0NVBfs76MU0UMjfVm9ftgrxKbaN7g88/Ynl4vQH+Amc8vKAt5lGbU
IOqal9VBlTCzjKY1xd3gsMGLyhp7On5PW/XfsF7pLQGZGxhbwQdrSy8w35vJkrpW
3Q6RQObAHZlGbiyTytH27z/ehWt3WM1j7ghB0mpV5aAXN4YejZMjHkJLIswpyobc
lkJItg2EOCPiahQ9grQwu7yeDdtJhyy+j/PpnmLzB0aUfBfrgSOznfs2/e2LS5+c
GiJkiHMFYUExbro1aJd5aVVd2Ij5
-----END CERTIFICATE-----
Generated at Tue Oct 31 12:32:32 2023 by rpki-client on console-ams.rpki-client.org