Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/rKHVa5n5VLvLNCKAx7P7l3f447g.roa
File: rKHVa5n5VLvLNCKAx7P7l3f447g.roa (raw, json)
Hash identifier: Vs9SW+jCVqMsnVJ+n0cngapiN+gbpUT9HQbaPB4Sjmg=
Subject key identifier: AC:A1:D5:6B:99:F9:54:BB:CB:34:22:80:C7:B3:FB:97:77:F8:E3:B8
Certificate issuer: /CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Certificate serial: 018CC56E0BD6CDFD54682AAE193BA4B501C6
Authority key identifier: 6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/rKHVa5n5VLvLNCKAx7P7l3f447g.roa
Signing time: Mon 01 Jan 2024 14:29:32 +0000
ROA not before: Mon 01 Jan 2024 14:29:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7018
IP address blocks: 79.175.95.0/24 maxlen: 24
79.175.96.0/24 maxlen: 24
188.255.128.0/24 maxlen: 24
188.255.144.0/24 maxlen: 24
188.255.212.0/24 maxlen: 24
109.121.38.0/24 maxlen: 24
109.121.36.0/24 maxlen: 24
109.121.37.0/24 maxlen: 24
109.121.33.0/24 maxlen: 24
109.121.43.0/24 maxlen: 24
109.121.42.0/24 maxlen: 24
109.121.40.0/24 maxlen: 24
109.121.39.0/24 maxlen: 24
109.121.47.0/24 maxlen: 24
109.121.45.0/24 maxlen: 24
212.69.11.0/24 maxlen: 24
178.253.237.0/24 maxlen: 24
109.233.185.0/24 maxlen: 24
109.233.184.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 29 Jan 2024 09:09:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:0b:d6:cd:fd:54:68:2a:ae:19:3b:a4:b5:01:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Validity
Not Before: Jan 1 14:29:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=aca1d56b99f954bbcb342280c7b3fb9777f8e3b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:ad:9a:96:20:57:64:d2:d5:0c:59:07:b8:4f:
da:b4:f3:12:d8:ef:92:25:82:6a:3f:13:9f:58:34:
49:15:2c:65:50:c6:3d:4d:2c:83:cb:1d:0d:6d:11:
55:7b:aa:5a:ea:c9:e2:70:3b:4a:d4:13:26:04:66:
f9:38:68:6d:78:b2:0d:34:55:25:e9:e2:29:4a:d3:
08:68:f7:fb:af:64:86:14:fe:90:90:3e:6a:c7:f8:
d3:d5:a5:c2:c4:50:fa:4e:72:67:ea:d1:53:78:96:
ae:9f:e6:b0:96:ef:66:9c:b5:38:a4:32:a9:74:96:
3c:5b:2f:58:77:9c:77:d1:2e:34:f6:48:d1:2b:83:
9d:a7:ca:03:21:30:6a:92:88:05:61:9f:6c:30:9e:
3c:ea:18:76:f6:50:13:db:e9:73:91:ec:70:ac:82:
69:e8:af:fb:1a:32:61:83:a8:1c:2a:d4:2c:c2:e0:
f2:ba:2f:36:d0:f9:d3:3c:4b:9f:68:32:0d:82:70:
d4:a7:0a:95:a5:58:f9:50:07:e2:8e:5b:bb:b0:a5:
84:57:b5:a5:3e:18:e4:fc:ae:7e:4f:51:28:77:38:
49:ad:2b:00:86:1c:46:0f:37:c3:4e:77:c1:da:13:
55:84:c2:33:37:9f:3a:30:a7:d5:dc:e7:c0:f7:70:
90:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:A1:D5:6B:99:F9:54:BB:CB:34:22:80:C7:B3:FB:97:77:F8:E3:B8
X509v3 Authority Key Identifier:
keyid:6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/rKHVa5n5VLvLNCKAx7P7l3f447g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.175.95.0-79.175.96.255
109.121.33.0/24
109.121.36.0-109.121.40.255
109.121.42.0/23
109.121.45.0/24
109.121.47.0/24
109.233.184.0/23
178.253.237.0/24
188.255.128.0/24
188.255.144.0/24
188.255.212.0/24
212.69.11.0/24
Signature Algorithm: sha256WithRSAEncryption
63:c2:16:5c:00:b2:15:da:2d:90:9c:7a:91:f3:4d:28:18:1d:
59:0a:09:b2:0d:9d:52:ae:f6:24:2e:1d:95:30:84:1c:22:80:
15:e9:9b:e1:8b:e2:ff:42:dd:88:2f:98:aa:77:ab:dc:fe:1c:
c0:2f:17:45:e6:68:86:98:4a:43:3d:a9:5e:d6:82:a1:64:af:
a0:8d:f4:f8:31:83:5c:be:ac:61:a2:9c:dd:eb:d7:5e:a5:95:
21:9d:46:fc:dd:86:6a:75:61:80:63:6b:3b:73:4f:34:cd:d0:
80:f7:39:6c:50:a7:2d:72:c8:88:f2:03:99:ef:d8:b8:17:98:
96:a9:fe:51:00:8e:66:1c:78:ae:c5:3a:7b:83:3c:c4:42:ea:
fe:b1:ef:2f:cf:60:bb:6a:df:66:5f:c1:8a:24:d8:05:9e:07:
a9:e7:a1:d0:7b:32:1e:d5:c5:39:a6:f0:1b:e5:43:93:06:bb:
f4:0c:e4:3e:91:fb:96:74:ea:ee:75:71:e6:db:b1:7d:91:c0:
5c:ea:56:cc:22:53:76:ac:17:76:3a:5f:f1:5f:e0:79:2a:f7:
ff:ba:d4:88:ce:79:8f:c6:49:f7:66:0e:74:df:e2:7e:29:ba:
30:cc:24:eb:c5:32:eb:07:42:56:30:c0:d5:d7:90:06:71:cf:
1f:99:31:a5
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgISAYzFbgvWzf1UaCquGTuktQHGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmODRlNDczOGE3MGVhMzljMDhjZWYyMTA0MzJhZTM5OWVj
N2U5MTUwHhcNMjQwMTAxMTQyOTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhY2ExZDU2Yjk5Zjk1NGJiY2IzNDIyODBjN2IzZmI5Nzc3ZjhlM2I4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjK2aliBXZNLVDFkHuE/atPMS2O+S
JYJqPxOfWDRJFSxlUMY9TSyDyx0NbRFVe6pa6snicDtK1BMmBGb5OGhteLINNFUl
6eIpStMIaPf7r2SGFP6QkD5qx/jT1aXCxFD6TnJn6tFTeJaun+awlu9mnLU4pDKp
dJY8Wy9Yd5x30S409kjRK4Odp8oDITBqkogFYZ9sMJ486hh29lAT2+lzkexwrIJp
6K/7GjJhg6gcKtQswuDyui820PnTPEufaDINgnDUpwqVpVj5UAfijlu7sKWEV7Wl
Phjk/K5+T1EodzhJrSsAhhxGDzfDTnfB2hNVhMIzN586MKfV3OfA93CQYQIDAQAB
o4ICWzCCAlcwHQYDVR0OBBYEFKyh1WuZ+VS7yzQigMez+5d3+OO4MB8GA1UdIwQY
MBaAFG+E5HOKcOo5wIzvIQQyrjmex+kVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYt
ZmFlNWRiZWQzYjFiLzEvcktIVmE1bjVWTHZMTkNLQXg3UDdsM2Y0NDdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYtZmFlNWRiZWQzYjFi
LzEvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHEGCCsGAQUFBwEHAQH/BGIwYDBeBAIAATBYMAwDBABPr18D
BABPr2ADBABteSEwDAMEAm15JAMEAG15KAMEAW15KgMEAG15LQMEAG15LwMEAW3p
uAMEALL97QMEALz/gAMEALz/kAMEALz/1AMEANRFCzANBgkqhkiG9w0BAQsFAAOC
AQEAY8IWXACyFdotkJx6kfNNKBgdWQoJsg2dUq72JC4dlTCEHCKAFemb4Yvi/0Ld
iC+Yqner3P4cwC8XReZohphKQz2pXtaCoWSvoI30+DGDXL6sYaKc3evXXqWVIZ1G
/N2GanVhgGNrO3NPNM3QgPc5bFCnLXLIiPIDme/YuBeYlqn+UQCOZhx4rsU6e4M8
xELq/rHvL89gu2rfZl/BiiTYBZ4Hqeeh0HsyHtXFOabwG+VDkwa79AzkPpH7lnTq
7nVx5tuxfZHAXOpWzCJTdqwXdjpf8V/geSr3/7rUiM55j8ZJ92YOdN/ifim6MMwk
68Uy6wdCVjDA1deQBnHPH5kxpQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:27 2024 by rpki-client on console-fra.rpki-client.org