Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/A988hCeH31DLfqh6EK3nYBkL_t4.roa
File: A988hCeH31DLfqh6EK3nYBkL_t4.roa (raw, json)
Hash identifier: octg5QO7T/ADeZtRf9xnfVzT588EsRKL5FENEZwI7BU=
Subject key identifier: 03:DF:3C:84:27:87:DF:50:CB:7E:A8:7A:10:AD:E7:60:19:0B:FE:DE
Certificate issuer: /CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Certificate serial: 018CE9CB4104D231656679A1A36340F9AFA8
Authority key identifier: 7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/A988hCeH31DLfqh6EK3nYBkL_t4.roa
Signing time: Mon 08 Jan 2024 15:57:40 +0000
ROA not before: Mon 08 Jan 2024 15:57:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61998
IP address blocks: 217.144.54.0/24 maxlen: 24
217.144.53.0/24 maxlen: 24
87.229.77.0/24 maxlen: 24
87.229.84.0/23 maxlen: 23
213.181.206.0/24 maxlen: 24
178.238.212.0/24 maxlen: 24
79.172.212.0/24 maxlen: 24
79.172.210.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 13 Feb 2024 15:41:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:e9:cb:41:04:d2:31:65:66:79:a1:a3:63:40:f9:af:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Validity
Not Before: Jan 8 15:57:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=03df3c842787df50cb7ea87a10ade760190bfede
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:81:67:ba:34:d2:a2:75:26:39:f7:fb:40:9f:
cf:7b:69:06:98:a0:63:86:75:89:43:0c:95:d0:45:
7a:78:c8:94:d8:0d:2a:3a:a7:1d:d4:b9:cc:8d:0c:
ad:ed:8b:1e:86:45:80:12:0d:d9:d1:e0:47:a5:2d:
71:91:67:fd:e5:4b:2c:b6:ae:70:5f:f7:c7:38:b2:
f5:8f:6f:93:90:c7:e4:74:bd:31:bd:0b:2c:d6:17:
0c:ec:ac:53:b9:08:6c:64:c9:a2:1e:e8:f6:56:44:
45:9e:7c:2c:2f:c5:55:43:57:75:92:52:09:48:16:
21:fb:28:a6:e2:f5:41:a1:e6:f3:d8:7f:65:28:ff:
05:6b:26:67:69:39:09:80:75:c9:54:d2:7a:44:e9:
c9:ff:08:6c:f5:ca:e4:58:f0:ca:be:e0:ba:81:55:
1b:e6:df:99:ef:42:20:ea:5c:f5:11:d8:bd:07:28:
ef:42:89:08:27:02:b5:cd:d1:2d:a3:8d:c4:7d:24:
b1:dd:00:50:fc:ee:23:b6:e1:4d:b8:7a:b4:c5:6b:
fe:b2:68:11:d4:8c:10:f1:db:18:69:d7:b4:ac:ab:
7c:25:27:79:1b:8a:5c:9f:6e:ec:63:9f:21:6b:e6:
7a:6f:b4:a0:a7:15:77:7a:73:c6:30:b0:11:c9:52:
6e:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:DF:3C:84:27:87:DF:50:CB:7E:A8:7A:10:AD:E7:60:19:0B:FE:DE
X509v3 Authority Key Identifier:
keyid:7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/A988hCeH31DLfqh6EK3nYBkL_t4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.172.210.0/24
79.172.212.0/24
87.229.77.0/24
87.229.84.0/23
178.238.212.0/24
213.181.206.0/24
217.144.53.0-217.144.54.255
Signature Algorithm: sha256WithRSAEncryption
5b:d1:90:9c:12:b3:9c:52:ab:b2:5a:b5:7e:c3:74:80:fd:47:
96:fa:55:4a:01:50:af:57:1e:da:2c:4b:d5:8e:12:42:eb:03:
0b:50:e3:be:62:68:8d:4f:43:e3:98:26:3f:d1:a8:d0:7f:f5:
7e:88:c1:e2:2a:c3:b1:62:3f:94:3e:0b:49:5f:d5:bb:fb:05:
f2:18:94:a4:a9:0a:36:d4:21:15:2a:42:e7:a0:b4:d0:fb:a5:
67:38:51:22:49:37:de:94:d4:5d:30:30:59:1b:d9:ff:d8:0d:
f3:b1:c9:89:e0:62:c4:13:ce:a3:b8:7c:f6:c2:f9:78:8d:e5:
d5:48:50:d7:dc:00:bf:fc:2b:74:d8:4e:ce:1b:e4:95:e2:04:
31:7b:a2:6b:ab:f8:dd:06:e2:cc:1d:5b:d4:33:a4:95:7a:7a:
90:47:cb:94:45:da:bd:85:3c:d2:74:65:08:21:60:a5:62:87:
44:66:d6:b3:68:d9:64:c7:b3:da:1e:26:07:30:04:9f:fa:6f:
5c:70:73:5f:ab:61:b2:d8:15:95:7f:2d:c7:04:99:92:a9:13:
e4:d9:4f:0b:e4:24:82:e7:cd:f1:99:36:cd:6f:5e:8b:b6:96:
78:4c:e0:5d:a4:bc:e9:93:a5:3d:23:d9:4f:11:30:c3:36:b5:
94:41:83:ac
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAYzpy0EE0jFlZnmho2NA+a+oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiNWUzN2Y2ZTNiOWJkMWNmMzY4NGI5YzAzYzAzYWQxY2E2
NDI0OTcwHhcNMjQwMTA4MTU1NzQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwM2RmM2M4NDI3ODdkZjUwY2I3ZWE4N2ExMGFkZTc2MDE5MGJmZWRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmoFnujTSonUmOff7QJ/Pe2kGmKBj
hnWJQwyV0EV6eMiU2A0qOqcd1LnMjQyt7YsehkWAEg3Z0eBHpS1xkWf95Usstq5w
X/fHOLL1j2+TkMfkdL0xvQss1hcM7KxTuQhsZMmiHuj2VkRFnnwsL8VVQ1d1klIJ
SBYh+yim4vVBoebz2H9lKP8FayZnaTkJgHXJVNJ6ROnJ/whs9crkWPDKvuC6gVUb
5t+Z70Ig6lz1Edi9ByjvQokIJwK1zdEto43EfSSx3QBQ/O4jtuFNuHq0xWv+smgR
1IwQ8dsYade0rKt8JSd5G4pcn27sY58ha+Z6b7SgpxV3enPGMLARyVJuAwIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFAPfPIQnh99Qy36oehCt52AZC/7eMB8GA1UdIwQY
MBaAFHteN/bjub0c82hLnAPAOtHKZCSXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUt
OTU5M2E0ODhhZmNjLzEvQTk4OGhDZUgzMURMZnFoNkVLM25ZQmtMX3Q0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUtOTU5M2E0ODhhZmNj
LzEvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQAT6zSAwQA
T6zUAwQAV+VNAwQBV+VUAwQAsu7UAwQA1bXOMAwDBADZkDUDBADZkDYwDQYJKoZI
hvcNAQELBQADggEBAFvRkJwSs5xSq7JatX7DdID9R5b6VUoBUK9XHtosS9WOEkLr
AwtQ475iaI1PQ+OYJj/RqNB/9X6IweIqw7FiP5Q+C0lf1bv7BfIYlKSpCjbUIRUq
QuegtND7pWc4USJJN96U1F0wMFkb2f/YDfOxyYngYsQTzqO4fPbC+XiN5dVIUNfc
AL/8K3TYTs4b5JXiBDF7omur+N0G4swdW9QzpJV6epBHy5RF2r2FPNJ0ZQghYKVi
h0Rm1rNo2WTHs9oeJgcwBJ/6b1xwc1+rYbLYFZV/LccEmZKpE+TZTwvkJILnzfGZ
Ns1vXou2lnhM4F2kvOmTpT0j2U8RMMM2tZRBg6w=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:10:38 2024 by rpki-client on console-ams.rpki-client.org