Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/lJU7rP0nn-odLkEGNUp6LW0_zvc.roa
File: lJU7rP0nn-odLkEGNUp6LW0_zvc.roa (raw, json)
Hash identifier: zOuin5ST8Mnjmm4siBi7vJlpc6PpWo6hzF7mG2KoFKA=
Subject key identifier: 94:95:3B:AC:FD:27:9F:EA:1D:2E:41:06:35:4A:7A:2D:6D:3F:CE:F7
Certificate issuer: /CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Certificate serial: 01883FC351778207FCE59913A856B8DF9652
Authority key identifier: 6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/lJU7rP0nn-odLkEGNUp6LW0_zvc.roa
Signing time: Sun 21 May 2023 19:22:24 +0000
ROA not before: Sun 21 May 2023 19:22:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 77.105.22.0/24 maxlen: 24
109.121.36.0/24 maxlen: 24
109.121.40.0/24 maxlen: 24
212.69.13.0/24 maxlen: 24
109.233.185.0/24 maxlen: 24
178.219.14.0/24 maxlen: 24
79.175.67.0/24 maxlen: 24
77.105.8.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 22 May 2023 07:32:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:3f:c3:51:77:82:07:fc:e5:99:13:a8:56:b8:df:96:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Validity
Not Before: May 21 19:22:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=94953bacfd279fea1d2e4106354a7a2d6d3fcef7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:64:c7:0d:74:1a:68:ec:79:72:8b:da:4f:4a:
82:7e:8a:52:b0:15:57:d7:01:0b:ef:7a:ed:b2:ed:
21:02:7c:89:20:5a:de:56:48:00:bd:7f:70:60:b7:
ba:98:c1:68:66:d7:52:25:ea:eb:71:8a:a7:6e:49:
7e:dc:dd:1a:c8:c1:bf:9f:38:45:27:f0:42:6f:8a:
1a:4b:0c:98:da:a1:0b:b8:df:ae:a7:30:87:f1:39:
21:ac:3f:04:b4:69:03:10:2b:07:7b:ee:8f:48:40:
02:64:e8:a4:93:90:de:68:5b:52:77:e4:6f:f9:40:
bf:73:de:91:b8:7c:c6:27:ca:d9:15:f1:ff:26:d5:
7d:48:d7:51:9e:07:be:a8:4d:db:c2:2f:b7:8c:f9:
28:d2:8c:97:00:3f:29:da:fc:9b:64:06:a4:a3:ca:
97:2f:5c:c2:aa:82:ff:4a:4e:77:e0:01:40:a5:ea:
c2:e3:95:ab:74:bd:b4:8c:d7:b1:0c:90:16:dc:48:
e0:ac:58:74:d4:2e:51:4f:c8:01:45:d9:b6:aa:74:
13:18:b4:7c:1f:0e:99:38:2e:75:41:30:9f:c0:14:
3a:d8:6f:8e:e6:99:ba:02:2a:e8:3e:65:20:96:6d:
99:09:21:56:07:75:53:72:d9:04:01:7e:c2:e5:1f:
5f:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:95:3B:AC:FD:27:9F:EA:1D:2E:41:06:35:4A:7A:2D:6D:3F:CE:F7
X509v3 Authority Key Identifier:
keyid:6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/lJU7rP0nn-odLkEGNUp6LW0_zvc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.105.8.0/24
77.105.22.0/24
79.175.67.0/24
109.121.36.0/24
109.121.40.0/24
109.233.185.0/24
178.219.14.0/24
212.69.13.0/24
Signature Algorithm: sha256WithRSAEncryption
16:5e:c1:e6:21:c8:9d:0f:95:43:a8:b6:c6:b8:69:34:ed:c5:
2e:d0:33:58:6b:78:88:ee:c2:82:f9:e8:3c:e7:b9:a8:d3:e2:
43:17:e1:8d:e1:b7:e8:cc:0b:ee:ee:9f:d6:3e:95:8a:db:8b:
6f:90:39:23:0b:1d:34:23:c3:e2:23:cb:36:6b:02:e8:00:9e:
d0:1c:6d:88:69:75:da:a5:2f:e5:36:1d:c9:e3:b4:b3:89:f5:
f0:ab:a0:5b:45:c7:2c:db:3a:03:fe:9c:29:1c:47:f3:a7:ab:
e2:8d:98:95:e3:c5:39:07:ca:4e:c8:a8:6f:0d:be:d7:a1:5c:
55:39:b6:a9:ac:88:b7:0c:de:82:9d:db:5c:f9:80:0a:61:73:
81:ba:46:0e:b4:65:17:0c:be:2c:88:35:c5:54:39:75:b0:d2:
81:8d:aa:0c:13:c6:3b:2d:32:d4:a0:84:63:2a:a9:f3:d3:8d:
57:f9:8d:82:2c:26:89:74:08:92:b5:8f:2c:ca:42:45:27:3e:
4e:58:1f:bb:f8:19:6b:39:c2:7d:7d:71:df:e4:6c:3c:d7:2f:
27:ef:23:5d:d8:de:eb:5b:80:9b:86:8d:b0:77:6a:68:81:e2:
2d:ab:4b:90:af:08:6e:09:42:e2:34:5a:6d:46:2f:41:40:67:
f6:ba:80:09
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYg/w1F3ggf85ZkTqFa435ZSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmODRlNDczOGE3MGVhMzljMDhjZWYyMTA0MzJhZTM5OWVj
N2U5MTUwHhcNMjMwNTIxMTkyMjI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDk1M2JhY2ZkMjc5ZmVhMWQyZTQxMDYzNTRhN2EyZDZkM2ZjZWY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjmTHDXQaaOx5covaT0qCfopSsBVX
1wEL73rtsu0hAnyJIFreVkgAvX9wYLe6mMFoZtdSJerrcYqnbkl+3N0ayMG/nzhF
J/BCb4oaSwyY2qELuN+upzCH8TkhrD8EtGkDECsHe+6PSEACZOikk5DeaFtSd+Rv
+UC/c96RuHzGJ8rZFfH/JtV9SNdRnge+qE3bwi+3jPko0oyXAD8p2vybZAako8qX
L1zCqoL/Sk534AFAperC45WrdL20jNexDJAW3EjgrFh01C5RT8gBRdm2qnQTGLR8
Hw6ZOC51QTCfwBQ62G+O5pm6AiroPmUglm2ZCSFWB3VTctkEAX7C5R9fbQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFJSVO6z9J5/qHS5BBjVKei1tP873MB8GA1UdIwQY
MBaAFG+E5HOKcOo5wIzvIQQyrjmex+kVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYt
ZmFlNWRiZWQzYjFiLzEvbEpVN3JQMG5uLW9kTGtFR05VcDZMVzBfenZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYtZmFlNWRiZWQzYjFi
LzEvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQATWkIAwQA
TWkWAwQAT69DAwQAbXkkAwQAbXkoAwQAbem5AwQAstsOAwQA1EUNMA0GCSqGSIb3
DQEBCwUAA4IBAQAWXsHmIcidD5VDqLbGuGk07cUu0DNYa3iI7sKC+eg857mo0+JD
F+GN4bfozAvu7p/WPpWK24tvkDkjCx00I8PiI8s2awLoAJ7QHG2IaXXapS/lNh3J
47SzifXwq6BbRccs2zoD/pwpHEfzp6vijZiV48U5B8pOyKhvDb7XoVxVObaprIi3
DN6Cndtc+YAKYXOBukYOtGUXDL4siDXFVDl1sNKBjaoME8Y7LTLUoIRjKqnz041X
+Y2CLCaJdAiStY8sykJFJz5OWB+7+BlrOcJ9fXHf5Gw81y8n7yNd2N7rW4Cbho2w
d2pogeItq0uQrwhuCULiNFptRi9BQGf2uoAJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:05 2024 by rpki-client on console-ams.rpki-client.org