Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/rFg-YmmJ2f9ZnD48c5efR11UGBo.roa
File: rFg-YmmJ2f9ZnD48c5efR11UGBo.roa (raw, json)
Hash identifier: dU8+Morqx9knLuDOAGY/Xo5aC6M2T2ocNWdneE8NKQ4=
Subject key identifier: AC:58:3E:62:69:89:D9:FF:59:9C:3E:3C:73:97:9F:47:5D:54:18:1A
Certificate issuer: /CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Certificate serial: 018D51F80F1AB01708A04E3CC080120060DD
Authority key identifier: 6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/rFg-YmmJ2f9ZnD48c5efR11UGBo.roa
Signing time: Sun 28 Jan 2024 21:27:07 +0000
ROA not before: Sun 28 Jan 2024 21:27:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 79.175.67.0/24 maxlen: 24
109.121.41.0/24 maxlen: 24
109.121.43.0/24 maxlen: 24
185.47.91.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 29 Jan 2024 09:09:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:51:f8:0f:1a:b0:17:08:a0:4e:3c:c0:80:12:00:60:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Validity
Not Before: Jan 28 21:27:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ac583e626989d9ff599c3e3c73979f475d54181a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:ba:ad:c0:2f:83:e2:2c:bb:5c:59:70:77:72:
dc:ce:c5:17:08:35:2b:12:68:7b:37:ae:16:42:80:
22:27:09:84:77:81:08:aa:2a:d6:81:05:1c:76:62:
c5:60:74:7a:08:03:0b:c0:42:b5:d9:fd:3c:95:72:
c4:45:1c:28:2f:5e:87:b0:43:7c:39:37:e4:6b:91:
ad:e5:f2:d9:f6:df:f1:44:1d:e9:de:1a:3e:29:d4:
46:9a:77:0a:aa:98:a1:b4:2b:85:b2:a1:42:fb:5b:
63:b1:66:10:48:bc:e5:c5:31:d6:3d:b4:ea:22:f5:
3a:45:9f:b1:3a:cf:d8:61:06:48:cd:1f:86:9e:54:
bb:48:ca:e3:ec:6c:71:61:7e:8c:6d:15:4c:7a:c3:
a6:1b:ff:30:72:34:d3:af:e6:11:c5:70:f5:5c:48:
4b:76:2b:3c:d2:d6:50:c7:26:3a:6d:e0:94:5f:06:
88:c7:47:0d:e2:9b:ac:30:d9:54:db:e4:cf:76:38:
8f:67:5e:25:f3:df:2d:9b:46:75:dc:d4:e7:db:8c:
35:4a:6d:b2:18:f7:c6:44:1f:5f:4a:9b:35:86:92:
34:f9:17:75:35:d9:11:11:47:b0:d4:3a:2d:4f:19:
b7:04:5d:14:1c:06:ac:8f:ad:70:ad:70:73:d1:65:
15:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:58:3E:62:69:89:D9:FF:59:9C:3E:3C:73:97:9F:47:5D:54:18:1A
X509v3 Authority Key Identifier:
keyid:6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/rFg-YmmJ2f9ZnD48c5efR11UGBo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.175.67.0/24
109.121.41.0/24
109.121.43.0/24
185.47.91.0/24
Signature Algorithm: sha256WithRSAEncryption
60:b3:85:7e:5d:34:83:49:9e:32:40:5c:c2:27:43:9d:b5:7b:
50:e4:9f:36:d4:48:99:5b:83:b0:03:b1:03:eb:06:04:04:3d:
68:8f:c2:81:79:20:c7:bd:6e:48:99:e5:ee:16:01:52:0e:67:
19:ec:6a:89:66:34:96:06:aa:d6:b3:e1:fc:90:e4:07:0d:07:
b4:60:b2:b1:31:ac:e5:12:1d:c4:75:d8:d5:91:16:ea:6c:4e:
83:f8:84:45:b5:0a:b3:0e:5c:30:4c:38:e0:c7:2f:00:18:08:
f9:6b:d6:09:03:0d:64:54:bf:13:3f:b7:5a:96:10:a9:67:e1:
c2:e3:c3:22:ba:4d:c7:c7:f7:a1:4f:ee:62:3d:11:cf:d1:8c:
3d:d6:10:6e:fa:45:3e:b3:7c:3c:54:a6:5e:e5:17:cd:9b:32:
71:64:6b:23:03:c4:35:f8:16:7a:b5:0d:d8:0b:c9:b3:ca:59:
45:ab:52:87:d1:f5:a3:d6:c3:0c:3d:0a:53:ef:f6:97:8a:21:
b1:04:5d:f8:0c:9f:87:0a:16:00:d7:71:5c:f7:4f:55:22:5b:
14:82:37:38:1e:de:05:d5:d7:f1:27:25:8a:a3:94:a1:f0:7d:
9c:ac:e2:cf:9e:fd:2c:05:35:9a:d6:dd:86:aa:28:34:be:82:
89:a3:03:6b
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY1R+A8asBcIoE48wIASAGDdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmODRlNDczOGE3MGVhMzljMDhjZWYyMTA0MzJhZTM5OWVj
N2U5MTUwHhcNMjQwMTI4MjEyNzA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzU4M2U2MjY5ODlkOWZmNTk5YzNlM2M3Mzk3OWY0NzVkNTQxODFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlbqtwC+D4iy7XFlwd3LczsUXCDUr
Emh7N64WQoAiJwmEd4EIqirWgQUcdmLFYHR6CAMLwEK12f08lXLERRwoL16HsEN8
OTfka5Gt5fLZ9t/xRB3p3ho+KdRGmncKqpihtCuFsqFC+1tjsWYQSLzlxTHWPbTq
IvU6RZ+xOs/YYQZIzR+GnlS7SMrj7GxxYX6MbRVMesOmG/8wcjTTr+YRxXD1XEhL
dis80tZQxyY6beCUXwaIx0cN4pusMNlU2+TPdjiPZ14l898tm0Z13NTn24w1Sm2y
GPfGRB9fSps1hpI0+Rd1NdkREUew1DotTxm3BF0UHAasj61wrXBz0WUV8QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFKxYPmJpidn/WZw+PHOXn0ddVBgaMB8GA1UdIwQY
MBaAFG+E5HOKcOo5wIzvIQQyrjmex+kVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYt
ZmFlNWRiZWQzYjFiLzEvckZnLVltbUoyZjlabkQ0OGM1ZWZSMTFVR0JvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYtZmFlNWRiZWQzYjFi
LzEvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAT69DAwQA
bXkpAwQAbXkrAwQAuS9bMA0GCSqGSIb3DQEBCwUAA4IBAQBgs4V+XTSDSZ4yQFzC
J0OdtXtQ5J821EiZW4OwA7ED6wYEBD1oj8KBeSDHvW5ImeXuFgFSDmcZ7GqJZjSW
BqrWs+H8kOQHDQe0YLKxMazlEh3EddjVkRbqbE6D+IRFtQqzDlwwTDjgxy8AGAj5
a9YJAw1kVL8TP7dalhCpZ+HC48Miuk3Hx/ehT+5iPRHP0Yw91hBu+kU+s3w8VKZe
5RfNmzJxZGsjA8Q1+BZ6tQ3YC8mzyllFq1KH0fWj1sMMPQpT7/aXiiGxBF34DJ+H
ChYA13Fc909VIlsUgjc4Ht4F1dfxJyWKo5Sh8H2crOLPnv0sBTWa1t2Gqig0voKJ
owNr
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:05 2024 by rpki-client on console-ams.rpki-client.org