Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/663b4d-b80e-4946-84c4-7408eb8bc586/1/7HJEUu9HBMHU1Xk4gm4M6P0qgGM.roa
File: 7HJEUu9HBMHU1Xk4gm4M6P0qgGM.roa (raw, json)
Hash identifier: IyEb6JU8d6m8wC75v0TVdzWHG/VIJUPppHQYUSndB8o=
Subject key identifier: EC:72:44:52:EF:47:04:C1:D4:D5:79:38:82:6E:0C:E8:FD:2A:80:63
Certificate issuer: /CN=64fa66fb84a781a0584fd0d1c2df39bda4760519
Certificate serial: 01857079799D10844014AFDD4AFE47D22D57
Authority key identifier: 64:FA:66:FB:84:A7:81:A0:58:4F:D0:D1:C2:DF:39:BD:A4:76:05:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZPpm-4SngaBYT9DRwt85vaR2BRk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/663b4d-b80e-4946-84c4-7408eb8bc586/1/7HJEUu9HBMHU1Xk4gm4M6P0qgGM.roa
Signing time: Mon 02 Jan 2023 03:14:47 +0000
ROA not before: Mon 02 Jan 2023 03:14:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12874
IP address blocks: 89.39.200.0/23 maxlen: 23
188.215.94.0/24 maxlen: 24
193.169.20.0/24 maxlen: 24
94.177.21.0/24 maxlen: 24
37.153.135.0/24 maxlen: 24
89.43.192.0/24 maxlen: 24
86.107.110.0/24 maxlen: 24
185.36.72.0/22 maxlen: 22
89.40.142.0/23 maxlen: 23
Validation: Failed, certificate revoked on Mon 01 Jan 2024 10:30:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:79:79:9d:10:84:40:14:af:dd:4a:fe:47:d2:2d:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=64fa66fb84a781a0584fd0d1c2df39bda4760519
Validity
Not Before: Jan 2 03:14:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ec724452ef4704c1d4d57938826e0ce8fd2a8063
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:04:af:00:f7:80:f4:97:1c:a6:da:f7:ec:b0:
00:1e:4f:78:c9:69:03:13:14:4d:ea:ad:f4:bc:ff:
91:8f:7c:5f:33:d6:a6:e7:74:da:20:7a:ad:4d:da:
0a:06:46:c4:c4:5a:80:72:80:85:b2:d5:cf:04:86:
69:df:cd:e4:bc:a3:78:ae:52:50:fd:68:51:04:8a:
ae:21:dc:09:61:1f:69:e3:17:22:75:14:d6:b9:42:
c9:43:fc:d1:75:6d:43:bf:b0:87:1f:cd:89:a3:7f:
59:41:7f:d0:1c:89:ab:76:d0:72:75:df:0b:7f:6e:
3c:14:3d:a6:7c:aa:d5:51:d7:00:24:79:67:79:c0:
13:c4:14:10:cb:5e:8f:64:ec:cb:3a:a0:4e:33:21:
06:92:b4:f3:65:03:0e:cc:bd:58:32:c9:31:a0:2b:
f3:25:98:0e:bf:2d:fe:b2:4c:da:9b:ab:52:c4:f9:
84:2a:8f:41:2d:44:44:de:b8:c6:92:56:58:03:4f:
18:73:ed:73:da:9a:ed:15:1b:39:4c:06:e8:b4:94:
63:91:bf:d6:cf:69:7c:f7:ae:2c:0c:06:c5:a6:c9:
ff:35:a4:f3:08:fe:51:b5:46:c1:88:db:c1:ec:aa:
f0:74:8f:90:fb:e7:d6:a1:1b:82:94:44:30:c8:11:
c5:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:72:44:52:EF:47:04:C1:D4:D5:79:38:82:6E:0C:E8:FD:2A:80:63
X509v3 Authority Key Identifier:
keyid:64:FA:66:FB:84:A7:81:A0:58:4F:D0:D1:C2:DF:39:BD:A4:76:05:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZPpm-4SngaBYT9DRwt85vaR2BRk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/663b4d-b80e-4946-84c4-7408eb8bc586/1/7HJEUu9HBMHU1Xk4gm4M6P0qgGM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/663b4d-b80e-4946-84c4-7408eb8bc586/1/ZPpm-4SngaBYT9DRwt85vaR2BRk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.153.135.0/24
86.107.110.0/24
89.39.200.0/23
89.40.142.0/23
89.43.192.0/24
94.177.21.0/24
185.36.72.0/22
188.215.94.0/24
193.169.20.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:c1:ab:c3:70:c6:65:aa:92:dc:6f:e8:38:e1:58:2c:dd:a7:
76:d4:51:41:86:88:69:2c:3e:a9:ec:b1:07:fa:df:b6:e0:02:
23:7f:ab:56:dd:ab:cc:62:52:22:f6:b2:cd:fa:2f:1d:a5:49:
21:42:95:c3:48:7a:6b:cc:bc:c7:b8:2d:07:81:b1:9b:91:bb:
75:41:e9:ec:cc:40:c3:07:65:89:e9:f8:4a:d1:6a:0b:ae:76:
41:2e:ee:cd:9d:08:6b:b8:46:8c:be:10:5b:88:48:de:a5:67:
76:d8:22:c2:74:4d:f5:a7:eb:6d:b0:bf:ef:79:45:b2:ad:06:
69:3f:d9:88:ba:de:66:f8:76:cb:57:44:f4:92:32:13:24:c6:
39:00:28:a5:43:68:db:07:15:b4:9d:17:73:34:e0:d8:26:ce:
5a:88:f2:a0:64:bf:20:57:00:2a:20:61:84:50:60:62:eb:f3:
d2:81:c3:34:80:ec:df:93:fd:7d:ec:5f:17:04:27:b2:a1:79:
c0:43:dd:83:96:aa:fc:06:25:cc:d9:41:52:e6:65:f7:a6:59:
6b:4d:57:4e:64:c5:de:7f:97:b0:d2:e9:5f:12:5a:1b:95:08:
92:85:e4:4e:d6:0d:21:5c:71:3b:9a:c2:45:1d:09:4e:8c:19:
65:f7:26:f1
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYVweXmdEIRAFK/dSv5H0i1XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0ZmE2NmZiODRhNzgxYTA1ODRmZDBkMWMyZGYzOWJkYTQ3
NjA1MTkwHhcNMjMwMTAyMDMxNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYzcyNDQ1MmVmNDcwNGMxZDRkNTc5Mzg4MjZlMGNlOGZkMmE4MDYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlASvAPeA9Jccptr37LAAHk94yWkD
ExRN6q30vP+Rj3xfM9am53TaIHqtTdoKBkbExFqAcoCFstXPBIZp383kvKN4rlJQ
/WhRBIquIdwJYR9p4xcidRTWuULJQ/zRdW1Dv7CHH82Jo39ZQX/QHImrdtBydd8L
f248FD2mfKrVUdcAJHlnecATxBQQy16PZOzLOqBOMyEGkrTzZQMOzL1YMskxoCvz
JZgOvy3+skzam6tSxPmEKo9BLURE3rjGklZYA08Yc+1z2prtFRs5TAbotJRjkb/W
z2l8964sDAbFpsn/NaTzCP5RtUbBiNvB7KrwdI+Q++fWoRuClEQwyBHFywIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFOxyRFLvRwTB1NV5OIJuDOj9KoBjMB8GA1UdIwQY
MBaAFGT6ZvuEp4GgWE/Q0cLfOb2kdgUZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlBwbS00U25nYUJZVDlEUnd0ODV2YVIyQlJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi82NjNiNGQtYjgwZS00OTQ2LTg0YzQt
NzQwOGViOGJjNTg2LzEvN0hKRVV1OUhCTUhVMVhrNGdtNE02UDBxZ0dNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi82NjNiNGQtYjgwZS00OTQ2LTg0YzQtNzQwOGViOGJjNTg2
LzEvWlBwbS00U25nYUJZVDlEUnd0ODV2YVIyQlJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQAJZmHAwQA
VmtuAwQBWSfIAwQBWSiOAwQAWSvAAwQAXrEVAwQCuSRIAwQAvNdeAwQAwakUMA0G
CSqGSIb3DQEBCwUAA4IBAQBNwavDcMZlqpLcb+g44Vgs3ad21FFBhohpLD6p7LEH
+t+24AIjf6tW3avMYlIi9rLN+i8dpUkhQpXDSHprzLzHuC0HgbGbkbt1QenszEDD
B2WJ6fhK0WoLrnZBLu7NnQhruEaMvhBbiEjepWd22CLCdE31p+ttsL/veUWyrQZp
P9mIut5m+HbLV0T0kjITJMY5ACilQ2jbBxW0nRdzNODYJs5aiPKgZL8gVwAqIGGE
UGBi6/PSgcM0gOzfk/197F8XBCeyoXnAQ92Dlqr8BiXM2UFS5mX3pllrTVdOZMXe
f5ew0ulfEloblQiSheRO1g0hXHE7msJFHQlOjBll9ybx
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:06 2024 by rpki-client on console-ams.rpki-client.org