Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/ojgw1CYVGZtq3Z5Zl275RRLD2po.roa
File: ojgw1CYVGZtq3Z5Zl275RRLD2po.roa (raw, json)
Hash identifier: /nWVL9MIdBUM9ZairyWEUMJDo6FOwF12nmq9m9T+7nQ=
Subject key identifier: A2:38:30:D4:26:15:19:9B:6A:DD:9E:59:97:6E:F9:45:12:C3:DA:9A
Certificate issuer: /CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Certificate serial: 018CC500CD6674EB58B0FF8AF81F6D2B0700
Authority key identifier: 7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/ojgw1CYVGZtq3Z5Zl275RRLD2po.roa
Signing time: Mon 01 Jan 2024 12:30:13 +0000
ROA not before: Mon 01 Jan 2024 12:30:13 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7018
IP address blocks: 79.172.224.0/24 maxlen: 24
217.144.59.0/24 maxlen: 24
217.144.60.0/24 maxlen: 24
79.172.228.0/24 maxlen: 24
79.172.250.0/24 maxlen: 24
213.181.217.0/24 maxlen: 24
213.181.218.0/24 maxlen: 24
213.181.216.0/24 maxlen: 24
213.181.221.0/24 maxlen: 24
79.172.192.0/24 maxlen: 24
79.172.207.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 03 Jan 2024 22:47:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:cd:66:74:eb:58:b0:ff:8a:f8:1f:6d:2b:07:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Validity
Not Before: Jan 1 12:30:13 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a23830d42615199b6add9e59976ef94512c3da9a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:83:37:28:cf:60:cf:ed:9e:85:3e:39:f0:f2:
b9:b4:52:d6:08:a9:e6:0b:9c:e2:54:6c:bc:74:7d:
f9:0a:05:89:85:6f:3d:2b:87:d0:2b:83:d3:8f:a1:
5b:15:43:12:3b:94:d1:3e:47:19:e6:1a:15:e5:cf:
e0:80:f8:94:cd:2a:4a:0d:5b:0c:8e:15:7e:6a:d7:
1e:b9:fc:9d:97:6a:67:61:46:31:ff:2c:db:30:01:
94:a8:b3:14:bb:73:51:03:de:01:f0:77:5d:a6:9d:
9c:fc:5e:60:83:a0:87:ae:6c:f4:3b:10:76:66:4c:
9a:f4:a5:15:a6:85:23:2d:ab:58:b5:22:ef:85:b2:
86:be:b3:27:5e:71:27:40:f5:8a:fc:64:17:ee:fd:
c6:1e:ba:2e:c3:8b:54:c8:70:4f:ba:ca:f0:f2:35:
54:b3:09:0c:bd:a6:33:c6:08:21:a0:f0:63:39:2f:
d4:59:31:d8:63:1a:14:03:06:11:14:c0:b2:74:60:
0f:ae:fd:5f:30:df:cc:b9:11:e7:54:32:30:ff:b0:
22:d3:94:b7:3e:cb:c4:01:d7:4f:c3:f5:0b:5e:14:
47:db:dd:5d:33:74:fb:10:f9:22:23:6e:88:33:b1:
90:36:71:3d:9b:a0:21:d2:df:d3:b6:d0:de:cd:98:
2a:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:38:30:D4:26:15:19:9B:6A:DD:9E:59:97:6E:F9:45:12:C3:DA:9A
X509v3 Authority Key Identifier:
keyid:7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/ojgw1CYVGZtq3Z5Zl275RRLD2po.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.172.192.0/24
79.172.207.0/24
79.172.224.0/24
79.172.228.0/24
79.172.250.0/24
213.181.216.0-213.181.218.255
213.181.221.0/24
217.144.59.0-217.144.60.255
Signature Algorithm: sha256WithRSAEncryption
6f:36:6f:e4:cd:d2:5d:03:95:cb:85:c9:e1:35:d3:d7:69:a9:
64:d8:e4:05:3e:25:d7:96:79:f8:ed:81:8a:5d:62:d8:28:7a:
af:36:a2:47:f7:c1:90:6a:87:a4:df:e4:2b:96:35:75:61:a3:
12:0d:9c:a3:18:47:77:28:ea:ff:e6:26:01:ba:56:e6:9c:f5:
c8:2a:4a:d0:a2:d2:e4:cd:b4:67:90:5e:30:28:b4:6f:6f:be:
f6:68:70:74:a5:8d:63:44:e3:de:50:fd:ea:57:53:e9:3d:e5:
e4:3f:e1:58:a8:f9:70:d2:e5:7d:4f:b1:fe:78:85:4c:4b:83:
d4:2a:cf:4f:9b:82:e8:d2:1c:c5:8f:07:8e:02:23:a4:32:2d:
ae:97:83:4a:1a:ae:ff:72:f8:e2:47:b0:82:8e:41:f0:dc:c7:
7a:1c:37:2a:20:cb:36:a0:da:4a:8c:7a:a7:25:91:9f:f7:44:
b5:07:eb:06:7b:ed:e5:23:63:fd:24:3a:ed:cb:14:02:b1:88:
d3:18:03:75:5b:16:ba:70:1b:e1:8e:86:a9:1d:12:49:15:39:
93:04:d2:08:65:32:8d:7c:f2:11:ae:c5:b8:db:c7:71:ed:fe:
d6:bd:dc:90:f7:ec:fc:8b:4d:77:46:ed:ba:34:05:02:3a:32:
9b:27:f7:6a
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISAYzFAM1mdOtYsP+K+B9tKwcAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiNWUzN2Y2ZTNiOWJkMWNmMzY4NGI5YzAzYzAzYWQxY2E2
NDI0OTcwHhcNMjQwMTAxMTIzMDEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjM4MzBkNDI2MTUxOTliNmFkZDllNTk5NzZlZjk0NTEyYzNkYTlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs4M3KM9gz+2ehT458PK5tFLWCKnm
C5ziVGy8dH35CgWJhW89K4fQK4PTj6FbFUMSO5TRPkcZ5hoV5c/ggPiUzSpKDVsM
jhV+atceufydl2pnYUYx/yzbMAGUqLMUu3NRA94B8Hddpp2c/F5gg6CHrmz0OxB2
Zkya9KUVpoUjLatYtSLvhbKGvrMnXnEnQPWK/GQX7v3GHrouw4tUyHBPusrw8jVU
swkMvaYzxgghoPBjOS/UWTHYYxoUAwYRFMCydGAPrv1fMN/MuRHnVDIw/7Ai05S3
PsvEAddPw/ULXhRH291dM3T7EPkiI26IM7GQNnE9m6Ah0t/TttDezZgqTQIDAQAB
o4ICQzCCAj8wHQYDVR0OBBYEFKI4MNQmFRmbat2eWZdu+UUSw9qaMB8GA1UdIwQY
MBaAFHteN/bjub0c82hLnAPAOtHKZCSXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUt
OTU5M2E0ODhhZmNjLzEvb2pndzFDWVZHWnRxM1o1WmwyNzVSUkxEMnBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUtOTU5M2E0ODhhZmNj
LzEvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFkGCCsGAQUFBwEHAQH/BEowSDBGBAIAATBAAwQAT6zAAwQA
T6zPAwQAT6zgAwQAT6zkAwQAT6z6MAwDBAPVtdgDBADVtdoDBADVtd0wDAMEANmQ
OwMEANmQPDANBgkqhkiG9w0BAQsFAAOCAQEAbzZv5M3SXQOVy4XJ4TXT12mpZNjk
BT4l15Z5+O2Bil1i2Ch6rzaiR/fBkGqHpN/kK5Y1dWGjEg2coxhHdyjq/+YmAbpW
5pz1yCpK0KLS5M20Z5BeMCi0b2++9mhwdKWNY0Tj3lD96ldT6T3l5D/hWKj5cNLl
fU+x/niFTEuD1CrPT5uC6NIcxY8HjgIjpDItrpeDShqu/3L44kewgo5B8NzHehw3
KiDLNqDaSox6pyWRn/dEtQfrBnvt5SNj/SQ67csUArGI0xgDdVsWunAb4Y6GqR0S
SRU5kwTSCGUyjXzyEa7FuNvHce3+1r3ckPfs/ItNd0btujQFAjoymyf3ag==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:10:38 2024 by rpki-client on console-ams.rpki-client.org