Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/kgvfYGLAiL2Dc9JE38WZoh_Mm7Q.roa
File: kgvfYGLAiL2Dc9JE38WZoh_Mm7Q.roa (raw, json)
Hash identifier: lYqbkrxvxLqwoGtWx3qq45uaYds8ozHsM73Nt5opWd8=
Subject key identifier: 92:0B:DF:60:62:C0:88:BD:83:73:D2:44:DF:C5:99:A2:1F:CC:9B:B4
Certificate issuer: /CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Certificate serial: 0189B667B86951908DC9E8BF74D3E7955A73
Authority key identifier: 6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/kgvfYGLAiL2Dc9JE38WZoh_Mm7Q.roa
Signing time: Wed 02 Aug 2023 13:19:57 +0000
ROA not before: Wed 02 Aug 2023 13:19:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 188.255.206.0/24 maxlen: 24
109.121.35.0/24 maxlen: 24
109.121.43.0/24 maxlen: 24
212.69.0.0/24 maxlen: 24
188.255.134.0/24 maxlen: 24
77.105.8.0/24 maxlen: 24
185.47.91.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:b6:67:b8:69:51:90:8d:c9:e8:bf:74:d3:e7:95:5a:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Validity
Not Before: Aug 2 13:19:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=920bdf6062c088bd8373d244dfc599a21fcc9bb4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:1c:a3:f9:4b:ec:df:7d:37:a2:13:bd:6e:bd:
a3:d5:66:92:e0:fc:c0:46:ad:7d:c9:27:aa:a3:a8:
25:ba:cb:88:fc:99:7e:ff:da:ca:87:3a:88:80:9d:
6c:a0:6e:df:19:a5:3a:04:33:59:ad:29:c1:c2:33:
87:18:87:ac:28:91:91:ee:b2:51:49:ba:e4:ab:06:
58:5d:3a:6a:9c:c7:59:b6:80:6c:ac:65:8a:e6:9a:
e2:16:5c:00:4f:4d:ed:ba:58:dc:e6:2a:d8:dc:3a:
fd:15:c1:82:3e:ec:19:19:fe:22:70:18:74:7b:0e:
1b:e5:9b:22:66:b3:7f:98:9a:61:6d:39:e5:fa:95:
11:10:04:08:11:d8:d2:0d:47:cd:05:1d:75:99:95:
50:04:14:a0:c4:52:f2:21:ca:47:2d:90:31:72:49:
f9:aa:2d:b8:7a:2f:2a:27:9c:62:a2:9e:f9:d6:2f:
5b:ae:37:61:bc:97:69:b7:9f:aa:b9:85:36:6d:a2:
a5:8f:3c:e9:33:ba:51:82:c3:f0:d4:69:1b:5a:a0:
ef:9a:cc:fd:d7:3e:9c:86:4e:31:5f:7d:ea:d3:e7:
71:cc:d1:64:af:58:79:c9:57:50:2f:70:97:6b:a5:
1e:51:4f:86:c3:0d:3a:3f:81:99:16:9b:f8:3f:d7:
8a:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:0B:DF:60:62:C0:88:BD:83:73:D2:44:DF:C5:99:A2:1F:CC:9B:B4
X509v3 Authority Key Identifier:
keyid:6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/kgvfYGLAiL2Dc9JE38WZoh_Mm7Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.105.8.0/24
109.121.35.0/24
109.121.43.0/24
185.47.91.0/24
188.255.134.0/24
188.255.206.0/24
212.69.0.0/24
Signature Algorithm: sha256WithRSAEncryption
42:a7:eb:b9:6c:cb:2e:9d:b7:0e:a6:bf:30:2b:8c:70:bf:7d:
65:8d:6f:a9:7a:0b:df:6a:94:48:19:51:88:cd:6f:83:aa:23:
cf:07:f0:fb:d9:3f:2b:d6:41:95:ce:2e:d2:80:72:74:ad:30:
4a:02:f8:67:97:ee:b1:8b:4f:27:e5:9f:03:a8:a3:7e:e5:63:
59:9c:2e:88:fd:11:6d:d9:fa:a7:d9:8d:87:13:4f:da:ac:69:
f3:3f:29:6c:3a:da:3c:5a:63:eb:d8:ee:89:2a:9f:11:e3:61:
b3:5c:07:54:e4:3e:ef:34:e0:39:7d:72:6a:dd:4a:22:e7:58:
72:fb:52:d5:fd:16:22:23:03:f5:7b:58:ae:f3:a9:02:13:0a:
a2:61:7a:e1:08:3b:21:3e:e7:62:60:6b:f4:54:c4:fb:b8:d6:
d9:0a:f1:17:4d:f6:e4:41:7d:08:59:50:b9:c9:a8:9e:4c:7e:
26:f3:83:36:f5:33:c6:9c:8c:e3:8e:93:5e:af:43:0d:82:57:
17:eb:5d:e0:b3:25:cf:e2:f0:84:be:20:b4:68:72:7d:98:ac:
e8:03:e1:e3:92:75:dd:09:5f:da:fe:5a:dc:ae:7c:3d:83:d2:
8c:59:cf:d6:ab:48:0a:bb:6c:0b:ff:34:30:e6:c3:27:1a:32:
be:33:94:39
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYm2Z7hpUZCNyei/dNPnlVpzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmODRlNDczOGE3MGVhMzljMDhjZWYyMTA0MzJhZTM5OWVj
N2U5MTUwHhcNMjMwODAyMTMxOTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjBiZGY2MDYyYzA4OGJkODM3M2QyNDRkZmM1OTlhMjFmY2M5YmI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtByj+Uvs3303ohO9br2j1WaS4PzA
Rq19ySeqo6glusuI/Jl+/9rKhzqIgJ1soG7fGaU6BDNZrSnBwjOHGIesKJGR7rJR
SbrkqwZYXTpqnMdZtoBsrGWK5priFlwAT03tuljc5irY3Dr9FcGCPuwZGf4icBh0
ew4b5ZsiZrN/mJphbTnl+pUREAQIEdjSDUfNBR11mZVQBBSgxFLyIcpHLZAxckn5
qi24ei8qJ5xiop751i9brjdhvJdpt5+quYU2baKljzzpM7pRgsPw1GkbWqDvmsz9
1z6chk4xX33q0+dxzNFkr1h5yVdQL3CXa6UeUU+Gww06P4GZFpv4P9eKDwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFJIL32BiwIi9g3PSRN/FmaIfzJu0MB8GA1UdIwQY
MBaAFG+E5HOKcOo5wIzvIQQyrjmex+kVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYt
ZmFlNWRiZWQzYjFiLzEva2d2ZllHTEFpTDJEYzlKRTM4V1pvaF9NbTdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYtZmFlNWRiZWQzYjFi
LzEvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQATWkIAwQA
bXkjAwQAbXkrAwQAuS9bAwQAvP+GAwQAvP/OAwQA1EUAMA0GCSqGSIb3DQEBCwUA
A4IBAQBCp+u5bMsunbcOpr8wK4xwv31ljW+pegvfapRIGVGIzW+DqiPPB/D72T8r
1kGVzi7SgHJ0rTBKAvhnl+6xi08n5Z8DqKN+5WNZnC6I/RFt2fqn2Y2HE0/arGnz
PylsOto8WmPr2O6JKp8R42GzXAdU5D7vNOA5fXJq3Uoi51hy+1LV/RYiIwP1e1iu
86kCEwqiYXrhCDshPudiYGv0VMT7uNbZCvEXTfbkQX0IWVC5yaieTH4m84M29TPG
nIzjjpNer0MNglcX613gsyXP4vCEviC0aHJ9mKzoA+HjknXdCV/a/lrcrnw9g9KM
Wc/Wq0gKu2wL/zQw5sMnGjK+M5Q5
-----END CERTIFICATE-----
Generated at Sat Aug 5 11:42:00 2023 by rpki-client on console-ams.rpki-client.org