Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/uxKXId2CaDDZiiMcCRS9UoeuO6Y.roa
File: uxKXId2CaDDZiiMcCRS9UoeuO6Y.roa (raw, json)
Hash identifier: ojTDK6OKXW6s+9uEsKX0GkhptN+LcuYCKYuHzEmJA1E=
Subject key identifier: BB:12:97:21:DD:82:68:30:D9:8A:23:1C:09:14:BD:52:87:AE:3B:A6
Certificate issuer: /CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Certificate serial: 018B858B88A162C4F41E0A198FE54C6B9E67
Authority key identifier: 6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/uxKXId2CaDDZiiMcCRS9UoeuO6Y.roa
Signing time: Tue 31 Oct 2023 11:43:16 +0000
ROA not before: Tue 31 Oct 2023 11:43:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 109.121.35.0/24 maxlen: 24
109.121.43.0/24 maxlen: 24
212.69.10.0/24 maxlen: 24
188.255.141.0/24 maxlen: 24
79.175.66.0/24 maxlen: 24
185.47.91.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:85:8b:88:a1:62:c4:f4:1e:0a:19:8f:e5:4c:6b:9e:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Validity
Not Before: Oct 31 11:43:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bb129721dd826830d98a231c0914bd5287ae3ba6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:18:16:f8:c5:6c:9d:11:78:0d:7e:5f:8f:b6:
7e:41:9e:de:88:dd:d0:c8:f3:a1:fb:61:66:e1:40:
49:0a:5d:c1:fc:c0:ee:6d:36:f1:4a:ae:29:cc:70:
94:e0:94:b5:c6:75:4c:45:9d:ad:79:c9:5d:f0:ed:
da:56:df:96:b5:1e:72:fc:9f:92:ec:5c:b4:ec:c3:
10:bf:ca:c0:05:7b:50:d0:e4:a3:56:50:c5:14:5d:
36:59:65:84:39:c6:cb:f3:45:43:2f:27:aa:eb:8a:
be:b5:df:3e:a9:38:27:c1:0b:11:5d:4b:49:69:94:
04:ca:4c:70:87:d8:35:5b:cc:0a:02:1a:42:55:6b:
2e:8c:64:6f:03:cd:a0:26:c3:55:f0:9c:7e:1a:16:
fe:a4:6c:ba:f9:3d:3a:27:69:65:c6:39:90:d5:25:
9d:1a:92:dc:67:d6:b4:cb:27:5a:2f:87:13:c0:50:
56:f1:2a:31:af:22:34:f0:57:e8:48:7b:86:be:23:
a1:bb:ad:ca:5c:57:b0:3b:3a:6b:1a:fd:25:c4:7e:
26:6f:dd:82:6b:b4:cf:6b:7a:48:26:0a:7c:ce:80:
7f:99:f3:b5:44:a2:77:f6:f9:5a:08:54:6f:ba:a5:
0d:31:85:bb:2e:61:85:9a:7c:c3:3c:78:f5:be:4f:
6c:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:12:97:21:DD:82:68:30:D9:8A:23:1C:09:14:BD:52:87:AE:3B:A6
X509v3 Authority Key Identifier:
keyid:6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/uxKXId2CaDDZiiMcCRS9UoeuO6Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.175.66.0/24
109.121.35.0/24
109.121.43.0/24
185.47.91.0/24
188.255.141.0/24
212.69.10.0/24
Signature Algorithm: sha256WithRSAEncryption
15:6c:84:b8:f6:05:52:9d:80:a8:e6:b0:84:56:d1:7c:71:47:
61:e2:22:1b:2f:44:ff:66:86:de:a3:d3:86:91:c0:bd:e9:a4:
29:d2:ef:0f:46:2e:47:3f:cf:58:e3:64:d1:00:cc:62:b7:2e:
cf:44:06:96:c3:83:92:81:c8:a1:fd:5a:46:1f:8a:37:98:35:
fd:d7:3e:61:f5:1c:64:64:6c:d0:87:2b:1c:92:c4:b3:30:79:
20:03:0e:51:19:be:75:e5:c7:10:4f:39:e3:63:80:a6:be:bc:
bb:d3:1c:0f:d3:4e:d3:65:49:c9:c5:93:77:3c:06:0a:a7:b7:
ba:db:db:02:71:f5:98:d6:32:47:af:93:c2:9a:ae:16:c9:a3:
6e:a2:db:fd:4c:b5:6f:d2:6f:0e:fe:f6:6d:f7:3d:7b:98:a1:
85:8f:01:e8:cc:a7:79:f9:99:76:fd:64:3d:b2:3c:45:d0:63:
a6:39:05:06:df:1f:78:5c:fa:92:d8:cd:cd:d7:e4:ce:65:5e:
5a:6c:e9:2a:a6:4c:ef:1b:b9:fa:3f:89:8e:99:17:b4:94:ab:
c4:4c:52:dd:5f:28:6a:2e:ad:3d:93:50:9c:7d:e5:ee:91:1e:
fe:86:23:2c:52:25:df:a7:5a:10:35:a5:3d:42:74:ba:5f:fc:
ef:a5:d1:35
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYuFi4ihYsT0HgoZj+VMa55nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmODRlNDczOGE3MGVhMzljMDhjZWYyMTA0MzJhZTM5OWVj
N2U5MTUwHhcNMjMxMDMxMTE0MzE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjEyOTcyMWRkODI2ODMwZDk4YTIzMWMwOTE0YmQ1Mjg3YWUzYmE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAihgW+MVsnRF4DX5fj7Z+QZ7eiN3Q
yPOh+2Fm4UBJCl3B/MDubTbxSq4pzHCU4JS1xnVMRZ2tecld8O3aVt+WtR5y/J+S
7Fy07MMQv8rABXtQ0OSjVlDFFF02WWWEOcbL80VDLyeq64q+td8+qTgnwQsRXUtJ
aZQEykxwh9g1W8wKAhpCVWsujGRvA82gJsNV8Jx+Ghb+pGy6+T06J2llxjmQ1SWd
GpLcZ9a0yydaL4cTwFBW8SoxryI08FfoSHuGviOhu63KXFewOzprGv0lxH4mb92C
a7TPa3pIJgp8zoB/mfO1RKJ39vlaCFRvuqUNMYW7LmGFmnzDPHj1vk9s5wIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFLsSlyHdgmgw2YojHAkUvVKHrjumMB8GA1UdIwQY
MBaAFG+E5HOKcOo5wIzvIQQyrjmex+kVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYt
ZmFlNWRiZWQzYjFiLzEvdXhLWElkMkNhRERaaWlNY0NSUzlVb2V1TzZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYtZmFlNWRiZWQzYjFi
LzEvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAT69CAwQA
bXkjAwQAbXkrAwQAuS9bAwQAvP+NAwQA1EUKMA0GCSqGSIb3DQEBCwUAA4IBAQAV
bIS49gVSnYCo5rCEVtF8cUdh4iIbL0T/Zobeo9OGkcC96aQp0u8PRi5HP89Y42TR
AMxity7PRAaWw4OSgcih/VpGH4o3mDX91z5h9RxkZGzQhyscksSzMHkgAw5RGb51
5ccQTznjY4Cmvry70xwP007TZUnJxZN3PAYKp7e629sCcfWY1jJHr5PCmq4WyaNu
otv9TLVv0m8O/vZt9z17mKGFjwHozKd5+Zl2/WQ9sjxF0GOmOQUG3x94XPqS2M3N
1+TOZV5abOkqpkzvG7n6P4mOmRe0lKvETFLdXyhqLq09k1CcfeXukR7+hiMsUiXf
p1oQNaU9QnS6X/zvpdE1
-----END CERTIFICATE-----
Generated at Mon Nov 6 12:41:43 2023 by rpki-client on console-ams.rpki-client.org