Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/09ko-QwdxzudAqBdkdeJAhGp1pM.roa
File: 09ko-QwdxzudAqBdkdeJAhGp1pM.roa (raw, json)
Hash identifier: VlYpdcAaL9+JajdC3joYi+pgFGSFVsskYDCRRc8paUU=
Subject key identifier: D3:D9:28:F9:0C:1D:C7:3B:9D:02:A0:5D:91:D7:89:02:11:A9:D6:93
Certificate issuer: /CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Certificate serial: 018E659100749C91306E836FE98AF307D618
Authority key identifier: 6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/09ko-QwdxzudAqBdkdeJAhGp1pM.roa
Signing time: Fri 22 Mar 2024 09:49:45 +0000
ROA not before: Fri 22 Mar 2024 09:49:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 93.186.69.0/24 maxlen: 24
109.121.43.0/24 maxlen: 24
178.253.235.0/24 maxlen: 24
185.47.91.0/24 maxlen: 24
188.255.128.0/24 maxlen: 24
188.255.200.0/24 maxlen: 24
212.69.14.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 22 Mar 2024 10:17:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:65:91:00:74:9c:91:30:6e:83:6f:e9:8a:f3:07:d6:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Validity
Not Before: Mar 22 09:49:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d3d928f90c1dc73b9d02a05d91d7890211a9d693
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:35:85:97:dd:e1:76:f4:12:92:de:4e:2c:a5:
1c:63:54:a9:b6:a7:f0:3c:a3:1b:ea:6d:fa:2f:64:
da:ea:2d:7d:3d:2c:98:0b:9f:3b:5d:02:3d:80:8b:
fc:a1:d0:3c:32:b3:88:09:04:59:4c:b9:ea:54:d6:
c5:31:d3:e8:c9:fa:ca:62:35:92:21:f8:6e:04:f0:
e4:20:e1:0c:55:01:26:7b:27:3a:64:95:9e:5f:9c:
ba:00:02:ae:0e:d9:1c:c8:a2:07:6a:55:33:59:69:
21:fa:9f:73:db:de:10:24:fb:fc:1a:0b:af:59:fc:
d4:7e:4a:b0:06:aa:5b:38:21:2f:5b:cc:df:21:84:
e0:38:f3:d8:c5:2a:09:47:b0:f4:f8:85:03:32:4c:
18:56:11:34:4a:24:67:c5:df:50:17:a6:96:b8:f7:
70:d0:ca:3f:0c:17:9a:cc:c0:aa:c7:11:d7:03:a0:
03:8c:89:27:6b:1e:3e:f4:2d:e0:23:07:74:a2:08:
6c:62:56:15:47:8a:f1:5b:9f:1e:00:23:b4:ac:cb:
35:b2:3f:aa:22:1f:c2:0e:0f:ba:8d:11:bd:d5:52:
02:fb:7f:61:f1:24:95:f8:e4:be:3d:56:43:31:41:
30:69:ac:f2:29:e9:25:67:14:56:0a:25:21:7a:45:
a8:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:D9:28:F9:0C:1D:C7:3B:9D:02:A0:5D:91:D7:89:02:11:A9:D6:93
X509v3 Authority Key Identifier:
keyid:6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/09ko-QwdxzudAqBdkdeJAhGp1pM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.186.69.0/24
109.121.43.0/24
178.253.235.0/24
185.47.91.0/24
188.255.128.0/24
188.255.200.0/24
212.69.14.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:8b:20:77:07:56:ee:be:b5:d4:c1:1d:f1:a8:76:b5:6b:1c:
09:70:c4:8a:f4:01:51:4d:d8:3d:30:4b:be:4a:3b:f2:0d:f9:
21:84:8e:e9:8b:86:24:9f:a6:ee:57:1d:18:51:24:4b:d2:d9:
50:92:24:f7:c6:77:6d:53:7b:d0:23:f2:d5:d2:46:31:3a:48:
77:e1:e3:f7:91:d4:05:3c:c6:2e:28:b8:d1:80:39:62:cd:be:
1d:dc:ae:73:ce:bd:7f:eb:28:57:4d:5c:2d:1c:f1:81:7d:83:
79:47:04:98:71:09:7d:55:47:70:ec:4a:7d:04:fa:e7:79:0e:
39:c2:d6:dc:45:95:66:65:02:fa:00:ad:b6:e7:c5:7f:a7:49:
c1:53:97:d3:0f:4a:e4:1a:f7:84:f8:02:36:55:e4:d6:0a:73:
21:8b:27:c4:c8:da:50:67:52:e3:dd:0d:ae:a2:2f:44:de:45:
62:cf:0d:44:7a:c2:ca:fc:54:d4:0a:64:72:2c:f4:c9:a8:b6:
be:84:6f:88:82:fd:57:cf:01:76:7d:c5:b5:65:0a:18:79:f7:
30:cd:30:20:fa:e9:b4:97:f9:14:bd:2d:14:40:5c:d0:16:99:
7e:43:99:fd:c2:6a:b1:ce:b7:1e:ad:76:24:df:92:7b:5b:eb:
e4:19:d7:36
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAY5lkQB0nJEwboNv6YrzB9YYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmODRlNDczOGE3MGVhMzljMDhjZWYyMTA0MzJhZTM5OWVj
N2U5MTUwHhcNMjQwMzIyMDk0OTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkM2Q5MjhmOTBjMWRjNzNiOWQwMmEwNWQ5MWQ3ODkwMjExYTlkNjkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiDWFl93hdvQSkt5OLKUcY1Sptqfw
PKMb6m36L2Ta6i19PSyYC587XQI9gIv8odA8MrOICQRZTLnqVNbFMdPoyfrKYjWS
IfhuBPDkIOEMVQEmeyc6ZJWeX5y6AAKuDtkcyKIHalUzWWkh+p9z294QJPv8Gguv
WfzUfkqwBqpbOCEvW8zfIYTgOPPYxSoJR7D0+IUDMkwYVhE0SiRnxd9QF6aWuPdw
0Mo/DBeazMCqxxHXA6ADjIknax4+9C3gIwd0oghsYlYVR4rxW58eACO0rMs1sj+q
Ih/CDg+6jRG91VIC+39h8SSV+OS+PVZDMUEwaazyKeklZxRWCiUhekWoKwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFNPZKPkMHcc7nQKgXZHXiQIRqdaTMB8GA1UdIwQY
MBaAFG+E5HOKcOo5wIzvIQQyrjmex+kVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYt
ZmFlNWRiZWQzYjFiLzEvMDlrby1Rd2R4enVkQXFCZGtkZUpBaEdwMXBNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYtZmFlNWRiZWQzYjFi
LzEvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAXbpFAwQA
bXkrAwQAsv3rAwQAuS9bAwQAvP+AAwQAvP/IAwQA1EUOMA0GCSqGSIb3DQEBCwUA
A4IBAQB6iyB3B1buvrXUwR3xqHa1axwJcMSK9AFRTdg9MEu+SjvyDfkhhI7pi4Yk
n6buVx0YUSRL0tlQkiT3xndtU3vQI/LV0kYxOkh34eP3kdQFPMYuKLjRgDlizb4d
3K5zzr1/6yhXTVwtHPGBfYN5RwSYcQl9VUdw7Ep9BPrneQ45wtbcRZVmZQL6AK22
58V/p0nBU5fTD0rkGveE+AI2VeTWCnMhiyfEyNpQZ1Lj3Q2uoi9E3kVizw1EesLK
/FTUCmRyLPTJqLa+hG+Igv1XzwF2fcW1ZQoYefcwzTAg+um0l/kUvS0UQFzQFpl+
Q5n9wmqxzrcerXYk35J7W+vkGdc2
-----END CERTIFICATE-----
Generated at Sun Apr 27 05:49:47 2025 by rpki-client