Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/wnIDZZwmjIw1uq-K3j_zBomR2-I.roa
File: wnIDZZwmjIw1uq-K3j_zBomR2-I.roa (raw, json)
Hash identifier: /HA29cHL7nCC2IJgKbzxi2IYAB6FZdLOvuq9zqy6/K0=
Subject key identifier: C2:72:03:65:9C:26:8C:8C:35:BA:AF:8A:DE:3F:F3:06:89:91:DB:E2
Certificate issuer: /CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Certificate serial: 0187990D59A1005C9DB3E4B61A26AFB05958
Authority key identifier: 6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/wnIDZZwmjIw1uq-K3j_zBomR2-I.roa
Signing time: Wed 19 Apr 2023 10:26:41 +0000
ROA not before: Wed 19 Apr 2023 10:26:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49999
IP address blocks: 109.121.38.0/24 maxlen: 24
188.255.135.0/24 maxlen: 24
109.233.185.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 26 Apr 2023 07:43:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:99:0d:59:a1:00:5c:9d:b3:e4:b6:1a:26:af:b0:59:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Validity
Not Before: Apr 19 10:26:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c27203659c268c8c35baaf8ade3ff3068991dbe2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:ef:87:2e:bd:e7:b7:75:33:c7:ad:42:87:50:
1a:24:d5:90:8c:61:26:5f:89:e0:ed:b6:9a:91:f0:
5f:38:79:44:c7:cf:3d:8d:81:9f:6d:5f:5d:0a:39:
1e:ee:77:f4:5c:ef:27:04:14:de:ff:60:00:eb:b6:
7d:e1:74:3b:6f:5e:b0:6d:20:cb:7e:ae:00:76:5a:
7c:97:43:5e:06:54:78:cb:15:e8:63:0d:83:42:b7:
fe:a7:26:74:a2:f6:bf:ed:32:43:55:76:25:09:27:
b5:f3:97:b0:37:b4:80:5f:0e:1c:9b:6b:7e:42:31:
cd:62:d1:32:b7:59:cf:19:df:43:a7:92:1d:d7:d6:
b7:17:2d:77:a3:a9:c0:dd:19:a6:e7:41:29:7a:da:
bf:45:f8:7b:88:07:f7:d3:4f:97:a0:10:b1:4b:3d:
1d:21:8d:87:23:5b:dc:e5:c4:b2:f9:a1:e5:58:47:
88:04:78:c9:f5:fe:85:e3:b1:14:43:4d:63:13:31:
e4:f6:80:9d:01:49:d9:bd:94:76:fc:b7:6d:e7:1d:
bb:e1:ba:0a:47:27:58:83:93:da:a0:97:ab:70:ab:
54:f8:4c:18:cb:46:3c:cb:21:68:70:9a:29:9d:28:
fe:73:b7:ef:dd:8c:4c:a1:9e:39:38:96:be:ee:aa:
58:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:72:03:65:9C:26:8C:8C:35:BA:AF:8A:DE:3F:F3:06:89:91:DB:E2
X509v3 Authority Key Identifier:
keyid:6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/wnIDZZwmjIw1uq-K3j_zBomR2-I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.121.38.0/24
109.233.185.0/24
188.255.135.0/24
Signature Algorithm: sha256WithRSAEncryption
55:d5:b3:53:7d:71:ea:36:c9:be:f2:fe:ad:80:93:d4:ed:fc:
dd:32:4b:5c:cc:74:e2:64:41:ba:53:c3:44:5b:f4:a7:aa:07:
86:3e:ed:ae:82:d9:63:58:47:5e:46:40:5a:cb:30:05:a3:65:
74:7e:f6:83:f7:2d:53:b5:bc:3f:31:a6:43:35:07:43:ec:89:
ea:b7:13:8e:7e:e5:3d:46:9a:3e:4f:7e:1b:de:bc:e5:d6:ca:
5f:4d:a6:6b:07:19:62:07:ea:f0:f1:9f:d0:61:0b:d0:80:45:
f9:b0:1f:e9:5e:24:99:b7:6c:e5:8a:81:99:c5:7b:df:b1:ac:
b1:c9:3d:68:e1:bc:c5:ba:4f:a6:c7:9b:fa:3d:19:8d:8e:26:
7b:2d:45:50:69:c5:33:57:fa:2b:ae:94:0b:74:4d:5d:28:a9:
79:97:0b:a1:36:03:8d:cf:d1:24:fa:21:84:c9:a0:5d:ca:22:
69:e9:5a:90:9a:11:07:74:f5:f4:fd:8e:1a:8a:43:de:fe:af:
e8:e6:49:8d:76:c9:7f:47:9a:12:73:a5:ef:ec:b9:58:62:51:
d0:00:97:a0:4f:ac:46:d3:78:72:2a:d9:37:29:e3:35:9e:bc:
e5:97:1f:f5:41:7e:d1:bc:03:d0:4b:09:90:c1:bd:7a:93:96:
2e:89:5e:9c
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYeZDVmhAFyds+S2GiavsFlYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmODRlNDczOGE3MGVhMzljMDhjZWYyMTA0MzJhZTM5OWVj
N2U5MTUwHhcNMjMwNDE5MTAyNjQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMjcyMDM2NTljMjY4YzhjMzViYWFmOGFkZTNmZjMwNjg5OTFkYmUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhO+HLr3nt3Uzx61Ch1AaJNWQjGEm
X4ng7baakfBfOHlEx889jYGfbV9dCjke7nf0XO8nBBTe/2AA67Z94XQ7b16wbSDL
fq4Adlp8l0NeBlR4yxXoYw2DQrf+pyZ0ova/7TJDVXYlCSe185ewN7SAXw4cm2t+
QjHNYtEyt1nPGd9Dp5Id19a3Fy13o6nA3Rmm50Epetq/Rfh7iAf300+XoBCxSz0d
IY2HI1vc5cSy+aHlWEeIBHjJ9f6F47EUQ01jEzHk9oCdAUnZvZR2/Ldt5x274boK
RydYg5PaoJercKtU+EwYy0Y8yyFocJopnSj+c7fv3YxMoZ45OJa+7qpY/QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMJyA2WcJoyMNbqvit4/8waJkdviMB8GA1UdIwQY
MBaAFG+E5HOKcOo5wIzvIQQyrjmex+kVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYt
ZmFlNWRiZWQzYjFiLzEvd25JRFpad21qSXcxdXEtSzNqX3pCb21SMi1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYtZmFlNWRiZWQzYjFi
LzEvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAbXkmAwQA
bem5AwQAvP+HMA0GCSqGSIb3DQEBCwUAA4IBAQBV1bNTfXHqNsm+8v6tgJPU7fzd
MktczHTiZEG6U8NEW/SnqgeGPu2ugtljWEdeRkBayzAFo2V0fvaD9y1Ttbw/MaZD
NQdD7InqtxOOfuU9Rpo+T34b3rzl1spfTaZrBxliB+rw8Z/QYQvQgEX5sB/pXiSZ
t2zlioGZxXvfsayxyT1o4bzFuk+mx5v6PRmNjiZ7LUVQacUzV/orrpQLdE1dKKl5
lwuhNgONz9Ek+iGEyaBdyiJp6VqQmhEHdPX0/Y4aikPe/q/o5kmNdsl/R5oSc6Xv
7LlYYlHQAJegT6xG03hyKtk3KeM1nrzllx/1QX7RvAPQSwmQwb16k5YuiV6c
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:27 2024 by rpki-client on console-fra.rpki-client.org