Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/oB3k1c26xGNNAArCYhceZanHIGo.roa
File: oB3k1c26xGNNAArCYhceZanHIGo.roa (raw, json)
Hash identifier: i3kfnfAgWsRGLNzxWMmtEO5WRaiv3vruIZfzDvL46Ak=
Subject key identifier: A0:1D:E4:D5:CD:BA:C4:63:4D:00:0A:C2:62:17:1E:65:A9:C7:20:6A
Certificate issuer: /CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Certificate serial: 018D116A334100353C4B3CE6BF8EDA4A4070
Authority key identifier: 6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/oB3k1c26xGNNAArCYhceZanHIGo.roa
Signing time: Tue 16 Jan 2024 08:36:29 +0000
ROA not before: Tue 16 Jan 2024 08:36:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 109.121.41.0/24 maxlen: 24
109.121.43.0/24 maxlen: 24
185.47.91.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 28 Jan 2024 21:27:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:11:6a:33:41:00:35:3c:4b:3c:e6:bf:8e:da:4a:40:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Validity
Not Before: Jan 16 08:36:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a01de4d5cdbac4634d000ac262171e65a9c7206a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:d1:59:7b:22:18:37:84:56:c7:f8:b5:1c:20:
e4:37:20:cf:41:77:4a:7c:ae:4c:c6:eb:ca:4b:c5:
98:95:79:81:bb:b3:9b:cc:eb:82:07:8d:48:7f:83:
01:6c:17:d7:81:f8:8b:0a:d0:e4:48:c3:46:ca:7b:
4c:fe:b7:3c:12:bf:0e:a6:a2:9f:bf:8c:a7:e4:60:
c4:d7:94:86:16:f4:2f:81:91:df:0a:4c:56:51:41:
5b:77:ac:ed:e8:72:64:1d:1d:d2:46:41:cb:47:74:
50:5c:5f:b5:4e:97:cf:4d:9b:b4:0d:db:89:56:c5:
cb:0d:e1:b7:7a:d4:66:4b:ae:b8:26:e4:15:d6:bb:
39:f2:f8:6c:5a:1e:a7:f5:61:6b:d8:d6:96:6f:4a:
35:39:e3:15:37:d1:fa:88:7d:c7:bd:0b:6a:8e:11:
d3:fe:f7:ed:db:6c:e8:4f:ce:1b:75:da:a4:2a:fe:
a9:3b:f5:ed:f1:df:24:a3:81:08:40:0b:f1:98:30:
64:5f:98:7d:df:78:48:5d:a6:7a:33:76:0a:8a:8e:
99:ea:63:51:9f:49:08:a8:be:c7:b1:62:6a:24:83:
9d:3a:37:f9:81:4f:de:a8:8a:50:ea:47:ca:93:56:
7a:30:5f:c5:25:b5:ae:dd:49:8b:50:75:2e:3d:61:
63:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:1D:E4:D5:CD:BA:C4:63:4D:00:0A:C2:62:17:1E:65:A9:C7:20:6A
X509v3 Authority Key Identifier:
keyid:6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/oB3k1c26xGNNAArCYhceZanHIGo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.121.41.0/24
109.121.43.0/24
185.47.91.0/24
Signature Algorithm: sha256WithRSAEncryption
64:16:30:63:3b:a1:80:87:a8:3c:9a:86:93:ed:1c:74:8f:ae:
6b:51:0e:36:e8:2e:5b:e7:43:f9:2d:4d:d7:ea:59:a8:40:8a:
8f:6d:ab:1e:a0:11:a9:8f:81:36:15:51:4c:12:94:fd:de:02:
56:aa:95:6a:18:84:5b:67:f9:4a:56:cc:77:87:32:b2:67:e6:
4a:0a:08:d6:34:e4:2b:50:4c:3a:e4:ed:4d:7f:b5:bf:00:5a:
09:55:eb:cd:70:3a:8b:11:98:11:2f:bf:d8:2c:30:24:de:14:
38:a8:5e:c2:3a:7c:fb:89:34:e7:83:28:b2:06:78:99:58:7f:
66:22:02:d1:ce:0b:ed:b8:55:22:ae:14:61:66:11:16:4b:44:
47:16:76:03:ff:ea:53:ce:f3:aa:00:14:b3:da:53:78:d3:41:
bb:f5:b9:7c:2f:fe:2e:4c:c1:0e:03:67:c9:b0:c9:ba:ab:d9:
00:27:23:be:93:7f:2b:ef:20:4d:ba:62:e8:ff:a3:5f:b2:14:
90:3e:87:d6:29:de:82:56:cc:7c:51:10:dc:95:16:ff:b4:df:
38:c8:22:29:f1:f7:87:bf:91:19:47:ad:d7:94:83:d3:75:53:
79:30:bf:9c:01:3a:f7:45:d1:a2:d9:e9:ac:85:88:34:ff:69:
15:28:26:a0
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY0RajNBADU8Szzmv47aSkBwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmODRlNDczOGE3MGVhMzljMDhjZWYyMTA0MzJhZTM5OWVj
N2U5MTUwHhcNMjQwMTE2MDgzNjI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDFkZTRkNWNkYmFjNDYzNGQwMDBhYzI2MjE3MWU2NWE5YzcyMDZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAldFZeyIYN4RWx/i1HCDkNyDPQXdK
fK5MxuvKS8WYlXmBu7ObzOuCB41If4MBbBfXgfiLCtDkSMNGyntM/rc8Er8OpqKf
v4yn5GDE15SGFvQvgZHfCkxWUUFbd6zt6HJkHR3SRkHLR3RQXF+1TpfPTZu0DduJ
VsXLDeG3etRmS664JuQV1rs58vhsWh6n9WFr2NaWb0o1OeMVN9H6iH3HvQtqjhHT
/vft22zoT84bddqkKv6pO/Xt8d8ko4EIQAvxmDBkX5h933hIXaZ6M3YKio6Z6mNR
n0kIqL7HsWJqJIOdOjf5gU/eqIpQ6kfKk1Z6MF/FJbWu3UmLUHUuPWFjgQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKAd5NXNusRjTQAKwmIXHmWpxyBqMB8GA1UdIwQY
MBaAFG+E5HOKcOo5wIzvIQQyrjmex+kVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYt
ZmFlNWRiZWQzYjFiLzEvb0IzazFjMjZ4R05OQUFyQ1loY2VaYW5ISUdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYtZmFlNWRiZWQzYjFi
LzEvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAbXkpAwQA
bXkrAwQAuS9bMA0GCSqGSIb3DQEBCwUAA4IBAQBkFjBjO6GAh6g8moaT7Rx0j65r
UQ426C5b50P5LU3X6lmoQIqPbaseoBGpj4E2FVFMEpT93gJWqpVqGIRbZ/lKVsx3
hzKyZ+ZKCgjWNOQrUEw65O1Nf7W/AFoJVevNcDqLEZgRL7/YLDAk3hQ4qF7COnz7
iTTngyiyBniZWH9mIgLRzgvtuFUirhRhZhEWS0RHFnYD/+pTzvOqABSz2lN400G7
9bl8L/4uTMEOA2fJsMm6q9kAJyO+k38r7yBNumLo/6NfshSQPofWKd6CVsx8URDc
lRb/tN84yCIp8feHv5EZR63XlIPTdVN5ML+cATr3RdGi2emshYg0/2kVKCag
-----END CERTIFICATE-----
Generated at Mon Jan 29 01:19:38 2024 by rpki-client on console-ams.rpki-client.org