Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/tIaqw6JLtvgKL6YTALGis38UeN8.roa
File: tIaqw6JLtvgKL6YTALGis38UeN8.roa (raw, json)
Hash identifier: x+sUSsMdNVTrgQfdv1GDIvMtXSGBkhn06X+T2n+ycHc=
Subject key identifier: B4:86:AA:C3:A2:4B:B6:F8:0A:2F:A6:13:00:B1:A2:B3:7F:14:78:DF
Certificate issuer: /CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Certificate serial: 018851F66F6DC4E51F7745B676927093A036
Authority key identifier: 6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/tIaqw6JLtvgKL6YTALGis38UeN8.roa
Signing time: Thu 25 May 2023 08:11:24 +0000
ROA not before: Thu 25 May 2023 08:11:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 109.121.35.0/24 maxlen: 24
109.121.38.0/24 maxlen: 24
109.121.36.0/24 maxlen: 24
109.121.40.0/24 maxlen: 24
109.233.185.0/24 maxlen: 24
79.175.67.0/24 maxlen: 24
77.105.8.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 26 May 2023 12:57:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:51:f6:6f:6d:c4:e5:1f:77:45:b6:76:92:70:93:a0:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Validity
Not Before: May 25 08:11:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b486aac3a24bb6f80a2fa61300b1a2b37f1478df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:5b:02:3c:c5:e3:71:dc:ae:93:df:12:5d:a9:
8f:40:5c:b5:5e:85:4d:53:68:77:e6:c1:28:26:30:
b9:0e:72:60:84:13:11:39:dd:be:e0:18:8b:56:85:
46:36:a6:50:67:75:59:33:4a:48:02:79:61:09:04:
28:73:1a:ec:6e:41:19:1d:dd:03:a1:aa:3d:74:3f:
e2:86:77:17:8d:20:6f:4e:96:22:85:58:4e:12:1e:
0e:a7:c9:bc:6e:4b:0e:92:57:c9:d8:2a:a5:b2:b8:
3d:50:82:9a:e4:0b:17:c9:80:b7:ff:23:82:23:df:
88:13:98:3d:56:cc:c8:17:6e:7e:98:6b:97:a2:4d:
8a:1a:7c:ce:3d:ec:c6:06:19:40:32:3a:2d:38:8c:
3b:97:87:3a:c8:7e:6d:25:8f:80:4a:0b:39:d7:e4:
fe:64:56:ae:04:6a:49:8c:46:6b:ef:39:65:57:83:
28:b1:f6:df:bc:1d:61:7b:ec:bb:97:d2:e9:c4:d9:
90:af:e2:97:22:c2:b1:de:cb:f8:22:90:89:ad:26:
db:c1:f0:e6:48:87:a5:6a:9b:74:f6:20:7a:fd:f0:
0c:a4:1a:44:e8:9c:02:5f:e5:4f:b1:94:c4:ec:f4:
7f:c9:00:95:0b:81:f7:e2:97:39:5f:04:31:8d:23:
15:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:86:AA:C3:A2:4B:B6:F8:0A:2F:A6:13:00:B1:A2:B3:7F:14:78:DF
X509v3 Authority Key Identifier:
keyid:6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/tIaqw6JLtvgKL6YTALGis38UeN8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.105.8.0/24
79.175.67.0/24
109.121.35.0-109.121.36.255
109.121.38.0/24
109.121.40.0/24
109.233.185.0/24
Signature Algorithm: sha256WithRSAEncryption
a6:24:4b:56:22:7e:74:8b:85:e8:bf:79:aa:b2:76:d3:77:be:
df:9a:7a:28:2a:17:14:9c:fe:a5:65:2f:02:68:9b:c0:5a:6c:
d8:30:52:a9:d9:e1:df:f0:b1:5d:fd:d1:4c:26:aa:3c:52:aa:
6e:90:44:d7:5b:ba:59:8a:4a:92:a7:f8:65:46:14:ae:e0:cc:
ba:a4:ac:4c:0b:a2:87:4c:e9:5d:8f:6f:a2:38:c3:08:38:58:
9c:c1:87:c0:99:84:00:dc:13:c0:3d:0c:78:8b:3b:8f:d8:73:
18:6d:0d:37:ae:a4:68:6c:37:24:97:31:ac:02:95:da:e4:13:
ce:01:1d:58:90:06:38:58:cf:be:b7:8c:f5:70:6c:79:d0:cc:
32:9b:67:8b:7c:1b:8c:af:db:95:8c:a1:c6:15:02:bf:67:f0:
d9:90:ae:40:bc:9f:1c:ae:99:19:7a:4e:f1:47:32:e1:83:d2:
a3:51:6f:2b:e5:1c:86:94:45:d3:0b:f3:df:a1:57:47:a7:a1:
07:64:19:fb:05:ab:f2:d5:fa:c2:cb:6d:b6:74:dc:31:34:da:
2a:4c:b9:1e:2d:08:0a:d0:0e:41:b7:a2:ae:71:5d:4c:1f:74:
c0:70:9a:b3:1c:56:dd:89:21:a8:03:94:a5:a0:07:1f:83:f2:
b9:fe:50:de
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYhR9m9txOUfd0W2dpJwk6A2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmODRlNDczOGE3MGVhMzljMDhjZWYyMTA0MzJhZTM5OWVj
N2U5MTUwHhcNMjMwNTI1MDgxMTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDg2YWFjM2EyNGJiNmY4MGEyZmE2MTMwMGIxYTJiMzdmMTQ3OGRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhlsCPMXjcdyuk98SXamPQFy1XoVN
U2h35sEoJjC5DnJghBMROd2+4BiLVoVGNqZQZ3VZM0pIAnlhCQQocxrsbkEZHd0D
oao9dD/ihncXjSBvTpYihVhOEh4Op8m8bksOklfJ2Cqlsrg9UIKa5AsXyYC3/yOC
I9+IE5g9VszIF25+mGuXok2KGnzOPezGBhlAMjotOIw7l4c6yH5tJY+ASgs51+T+
ZFauBGpJjEZr7zllV4MosfbfvB1he+y7l9LpxNmQr+KXIsKx3sv4IpCJrSbbwfDm
SIelapt09iB6/fAMpBpE6JwCX+VPsZTE7PR/yQCVC4H34pc5XwQxjSMVNwIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFLSGqsOiS7b4Ci+mEwCxorN/FHjfMB8GA1UdIwQY
MBaAFG+E5HOKcOo5wIzvIQQyrjmex+kVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYt
ZmFlNWRiZWQzYjFiLzEvdElhcXc2Skx0dmdLTDZZVEFMR2lzMzhVZU44LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYtZmFlNWRiZWQzYjFi
LzEvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQATWkIAwQA
T69DMAwDBABteSMDBABteSQDBABteSYDBABteSgDBABt6bkwDQYJKoZIhvcNAQEL
BQADggEBAKYkS1YifnSLhei/eaqydtN3vt+aeigqFxSc/qVlLwJom8BabNgwUqnZ
4d/wsV390UwmqjxSqm6QRNdbulmKSpKn+GVGFK7gzLqkrEwLoodM6V2Pb6I4wwg4
WJzBh8CZhADcE8A9DHiLO4/YcxhtDTeupGhsNySXMawCldrkE84BHViQBjhYz763
jPVwbHnQzDKbZ4t8G4yv25WMocYVAr9n8NmQrkC8nxyumRl6TvFHMuGD0qNRbyvl
HIaURdML89+hV0enoQdkGfsFq/LV+sLLbbZ03DE02ipMuR4tCArQDkG3oq5xXUwf
dMBwmrMcVt2JIagDlKWgBx+D8rn+UN4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:05 2024 by rpki-client on console-ams.rpki-client.org