Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/oxH7H5SDrhy8kz2yYI2VNWBz1ac.roa
File: oxH7H5SDrhy8kz2yYI2VNWBz1ac.roa (raw, json)
Hash identifier: hv7Nqn9VcinVk59I+3RemLGIxIznFz9Lc5EuJ8t3EVI=
Subject key identifier: A3:11:FB:1F:94:83:AE:1C:BC:93:3D:B2:60:8D:95:35:60:73:D5:A7
Certificate issuer: /CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Certificate serial: 0187BD6A6DFE1D62C33FB0BFFFBF263687CD
Authority key identifier: 6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/oxH7H5SDrhy8kz2yYI2VNWBz1ac.roa
Signing time: Wed 26 Apr 2023 11:54:41 +0000
ROA not before: Wed 26 Apr 2023 11:54:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 77.105.22.0/24 maxlen: 24
109.121.40.0/24 maxlen: 24
188.255.140.0/24 maxlen: 24
212.69.13.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:bd:6a:6d:fe:1d:62:c3:3f:b0:bf:ff:bf:26:36:87:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Validity
Not Before: Apr 26 11:54:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a311fb1f9483ae1cbc933db2608d95356073d5a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:8a:e6:08:8f:f6:60:1c:b9:71:3d:db:97:f6:
4e:97:44:4a:52:57:27:e7:e0:bf:25:cf:86:32:ac:
58:b2:c9:f5:b7:4d:89:30:05:0f:01:17:ce:69:5a:
5b:97:1b:8d:af:fb:30:75:ee:ee:a1:a5:32:69:3f:
a1:88:e5:8f:8a:94:17:91:dc:72:4d:28:a7:f7:d5:
bc:e9:a5:e8:f0:1f:ca:04:cd:d4:c6:a7:2a:66:0a:
44:d3:b5:e7:01:e7:17:59:e1:37:6c:c4:1e:fc:f1:
d3:2c:9e:91:46:5b:6c:86:eb:59:ce:8c:b2:d4:f9:
89:db:fd:95:b3:43:7e:58:06:e3:36:ef:f1:70:a8:
70:05:6f:1e:07:91:68:c4:1c:73:aa:d9:3a:a6:07:
8e:3d:d9:34:6f:8f:c4:25:bf:0b:6b:2f:b4:6e:1d:
17:34:1f:b2:7c:37:8b:f9:58:0d:17:87:e6:bb:4f:
ec:f7:b8:e6:60:37:0d:e0:4e:e0:36:ca:b0:3b:7d:
7e:15:1b:8a:9c:81:8d:e8:4e:b4:fc:3f:66:8d:68:
a5:e9:35:64:21:e3:23:07:a0:11:46:33:51:3f:8d:
50:71:5f:27:4d:ab:9d:4a:a8:1e:36:57:af:c4:08:
24:31:3e:5d:92:44:4e:ab:69:d2:2a:74:a9:b7:12:
f5:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:11:FB:1F:94:83:AE:1C:BC:93:3D:B2:60:8D:95:35:60:73:D5:A7
X509v3 Authority Key Identifier:
keyid:6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/oxH7H5SDrhy8kz2yYI2VNWBz1ac.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.105.22.0/24
109.121.40.0/24
188.255.140.0/24
212.69.13.0/24
Signature Algorithm: sha256WithRSAEncryption
55:d9:c8:f9:f7:eb:b0:9b:9f:27:0f:9a:b0:40:d1:a2:8c:38:
38:72:06:05:eb:f7:fd:4e:11:95:c0:81:c4:74:de:cf:ec:59:
c5:48:9b:14:20:62:c1:50:3f:c4:51:8b:f3:ec:62:09:d7:36:
8a:37:9f:56:88:a7:8a:bb:24:76:31:ab:74:3a:49:ed:bf:3c:
4e:c3:77:58:01:c2:0b:24:04:69:44:5f:ef:b5:0c:c2:25:2c:
53:af:b9:b6:80:5a:86:8d:a8:76:25:a2:9e:30:d1:6f:fb:81:
11:c5:40:7c:ec:2c:46:4f:87:8a:cf:7c:0e:f9:cc:0c:14:27:
ee:47:92:bf:3e:01:05:8b:30:98:a4:6e:a0:33:f2:55:86:d7:
66:87:3f:07:61:b5:f9:ea:84:bb:82:56:35:ba:73:ed:44:4c:
04:b9:f5:5b:a5:8b:f5:05:89:29:2e:cd:54:1e:64:8c:b2:be:
b7:bd:e2:8b:6a:cc:d0:93:06:80:67:04:e3:f8:72:14:44:11:
64:1d:2e:25:3e:4b:cc:b5:77:18:ec:00:85:c2:ae:24:78:f9:
5f:3f:76:92:e7:50:21:e8:d9:b4:f7:52:42:ba:21:0c:8f:39:
9d:b1:78:a3:88:a7:58:b5:f7:f8:48:21:1f:6e:9c:5f:15:82:
ef:e7:29:61
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYe9am3+HWLDP7C//78mNofNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmODRlNDczOGE3MGVhMzljMDhjZWYyMTA0MzJhZTM5OWVj
N2U5MTUwHhcNMjMwNDI2MTE1NDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzExZmIxZjk0ODNhZTFjYmM5MzNkYjI2MDhkOTUzNTYwNzNkNWE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7YrmCI/2YBy5cT3bl/ZOl0RKUlcn
5+C/Jc+GMqxYssn1t02JMAUPARfOaVpblxuNr/swde7uoaUyaT+hiOWPipQXkdxy
TSin99W86aXo8B/KBM3UxqcqZgpE07XnAecXWeE3bMQe/PHTLJ6RRltshutZzoyy
1PmJ2/2Vs0N+WAbjNu/xcKhwBW8eB5FoxBxzqtk6pgeOPdk0b4/EJb8Lay+0bh0X
NB+yfDeL+VgNF4fmu0/s97jmYDcN4E7gNsqwO31+FRuKnIGN6E60/D9mjWil6TVk
IeMjB6ARRjNRP41QcV8nTaudSqgeNlevxAgkMT5dkkROq2nSKnSptxL1LQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFKMR+x+Ug64cvJM9smCNlTVgc9WnMB8GA1UdIwQY
MBaAFG+E5HOKcOo5wIzvIQQyrjmex+kVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYt
ZmFlNWRiZWQzYjFiLzEvb3hIN0g1U0RyaHk4a3oyeVlJMlZOV0J6MWFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYtZmFlNWRiZWQzYjFi
LzEvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQATWkWAwQA
bXkoAwQAvP+MAwQA1EUNMA0GCSqGSIb3DQEBCwUAA4IBAQBV2cj59+uwm58nD5qw
QNGijDg4cgYF6/f9ThGVwIHEdN7P7FnFSJsUIGLBUD/EUYvz7GIJ1zaKN59WiKeK
uyR2Mat0OkntvzxOw3dYAcILJARpRF/vtQzCJSxTr7m2gFqGjah2JaKeMNFv+4ER
xUB87CxGT4eKz3wO+cwMFCfuR5K/PgEFizCYpG6gM/JVhtdmhz8HYbX56oS7glY1
unPtREwEufVbpYv1BYkpLs1UHmSMsr63veKLaszQkwaAZwTj+HIURBFkHS4lPkvM
tXcY7ACFwq4kePlfP3aS51Ah6Nm091JCuiEMjzmdsXijiKdYtff4SCEfbpxfFYLv
5ylh
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:35 2023 by rpki-client on console-fra.rpki-client.org