Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/795DrciMZv4Iuk6WqDzQp89S4-c.roa
File: 795DrciMZv4Iuk6WqDzQp89S4-c.roa (raw, json)
Hash identifier: iZVeb0KFO10ynFB7l750FEjQHodcf8JF+ag6xPOHuCU=
Subject key identifier: EF:DE:43:AD:C8:8C:66:FE:08:BA:4E:96:A8:3C:D0:A7:CF:52:E3:E7
Certificate issuer: /CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d
Certificate serial: 018CC500F96902ECA1B31CCC235423BBC3A6
Authority key identifier: 6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/795DrciMZv4Iuk6WqDzQp89S4-c.roa
Signing time: Mon 01 Jan 2024 12:30:24 +0000
ROA not before: Mon 01 Jan 2024 12:30:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5503
IP address blocks: 217.180.0.0/17 maxlen: 24
194.238.32.0/19 maxlen: 24
213.18.192.0/18 maxlen: 24
194.154.0.0/19 maxlen: 24
194.238.64.0/19 maxlen: 24
217.181.0.0/17 maxlen: 24
62.171.192.0/18 maxlen: 24
217.177.64.0/19 maxlen: 24
185.192.228.0/22 maxlen: 24
217.179.0.0/16 maxlen: 24
217.177.0.0/18 maxlen: 24
2a02:fb0::/32 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Apr 2024 20:25:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:f9:69:02:ec:a1:b3:1c:cc:23:54:23:bb:c3:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d
Validity
Not Before: Jan 1 12:30:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=efde43adc88c66fe08ba4e96a83cd0a7cf52e3e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:8b:5e:e9:ae:83:ac:a5:64:a4:50:9c:1d:82:
e3:a9:1a:53:1a:de:4a:6b:62:64:3f:bd:b9:3d:25:
0b:ef:74:5d:8e:aa:04:74:6c:09:02:c8:9e:5d:b9:
73:86:1f:51:d9:ba:33:d7:06:25:45:46:35:be:99:
6c:fa:f8:9c:51:74:2a:92:ab:0f:33:a2:76:af:2d:
b2:06:86:31:2e:ea:91:0b:34:27:98:ae:c0:5d:93:
f0:a1:4c:f8:17:e5:61:f0:72:53:d5:d4:8d:e5:b1:
a4:d7:48:a2:5d:d2:40:cd:d9:1d:29:44:45:c4:eb:
e5:dd:ae:29:4b:a8:51:3f:8a:fe:62:60:0a:20:02:
3c:38:5f:e6:56:40:60:38:0f:95:b2:2b:01:cf:8c:
3e:a5:a9:16:d5:4d:05:7e:4d:04:af:9b:02:d8:12:
c1:00:d1:d6:e7:7e:c7:ff:e3:5d:f9:a1:dd:90:ae:
52:db:8f:db:29:a9:10:a9:39:ab:85:e9:0e:86:38:
69:e4:d1:ce:ea:5e:ab:b1:71:bd:fb:c4:15:a4:51:
19:f8:e4:e2:86:a8:bc:9e:be:74:13:4e:3c:5f:38:
d2:c1:48:8e:8c:31:56:eb:b5:9f:c4:a1:ff:38:8e:
09:5b:91:cf:69:78:81:95:b9:ae:42:5a:e4:60:9f:
05:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:DE:43:AD:C8:8C:66:FE:08:BA:4E:96:A8:3C:D0:A7:CF:52:E3:E7
X509v3 Authority Key Identifier:
keyid:6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/795DrciMZv4Iuk6WqDzQp89S4-c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/alg23em52u81qKf3TWMm9rQtp00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.171.192.0/18
185.192.228.0/22
194.154.0.0/19
194.238.32.0-194.238.95.255
213.18.192.0/18
217.177.0.0-217.177.95.255
217.179.0.0-217.180.127.255
217.181.0.0/17
IPv6:
2a02:fb0::/32
Signature Algorithm: sha256WithRSAEncryption
59:9e:c7:8d:f3:4a:e8:28:31:01:86:93:12:ac:01:e8:fb:31:
1c:22:32:e8:70:9a:92:7b:3f:09:26:d8:da:81:e3:9b:08:e4:
53:36:cd:e6:c1:c0:29:6f:08:7a:0c:e5:b4:f6:3b:02:f8:24:
b7:61:70:b6:a4:cb:57:15:15:d5:f4:2e:4b:10:78:7f:97:b5:
06:0e:2a:2b:3d:e7:69:df:8e:4c:74:20:18:42:fb:4e:f2:34:
51:28:9c:ec:6f:ac:f3:c1:be:27:68:e1:01:de:5d:36:23:e8:
bf:02:75:9b:75:c5:66:4d:34:cc:2c:f2:b4:1b:09:6b:95:0a:
83:e4:7e:52:5f:a0:12:14:c9:b3:c1:93:a6:3d:93:28:9a:bb:
fe:9b:01:02:98:5f:de:9b:bf:92:9e:23:c2:31:55:23:ba:a6:
6f:49:6c:41:46:d6:69:99:fd:01:e2:80:68:60:9e:71:64:1a:
b6:a9:5a:2b:7b:41:ea:14:e0:59:6a:88:f4:e4:8b:0c:34:59:
7a:a5:91:13:65:b3:8a:f8:05:28:ac:50:5e:8e:9e:7c:77:f2:
24:99:cc:a7:6d:59:25:09:00:95:05:7c:0b:78:2f:d3:b3:46:
7e:ec:e0:1f:50:86:d8:f4:eb:d5:1e:b1:f4:43:37:7b:3c:ce:
03:80:fe:64
-----BEGIN CERTIFICATE-----
MIIFTDCCBDSgAwIBAgISAYzFAPlpAuyhsxzMI1Qju8OmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhNTgzNmRkZTliOWRhZWYzNWE4YTdmNzRkNjMyNmY2YjQy
ZGE3NGQwHhcNMjQwMTAxMTIzMDI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZmRlNDNhZGM4OGM2NmZlMDhiYTRlOTZhODNjZDBhN2NmNTJlM2U3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtYte6a6DrKVkpFCcHYLjqRpTGt5K
a2JkP725PSUL73RdjqoEdGwJAsieXblzhh9R2boz1wYlRUY1vpls+vicUXQqkqsP
M6J2ry2yBoYxLuqRCzQnmK7AXZPwoUz4F+Vh8HJT1dSN5bGk10iiXdJAzdkdKURF
xOvl3a4pS6hRP4r+YmAKIAI8OF/mVkBgOA+VsisBz4w+pakW1U0Ffk0Er5sC2BLB
ANHW537H/+Nd+aHdkK5S24/bKakQqTmrhekOhjhp5NHO6l6rsXG9+8QVpFEZ+OTi
hqi8nr50E048XzjSwUiOjDFW67WfxKH/OI4JW5HPaXiBlbmuQlrkYJ8FxwIDAQAB
o4ICWDCCAlQwHQYDVR0OBBYEFO/eQ63IjGb+CLpOlqg80KfPUuPnMB8GA1UdIwQY
MBaAFGpYNt3pudrvNain901jJva0LadNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUt
YzE5OTQyNzM3ZTZkLzEvNzk1RHJjaU1adjRJdWs2V3FEelFwODlTNC1jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUtYzE5OTQyNzM3ZTZk
LzEvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG4GCCsGAQUFBwEHAQH/BF8wXTBMBAIAATBGAwQGPqvAAwQC
ucDkAwQFwpoAMAwDBAXC7iADBAXC7kADBAbVEsAwCwMDANmxAwQF2bFAMAsDAwDZ
swMEB9m0AAMEB9m1ADANBAIAAjAHAwUAKgIPsDANBgkqhkiG9w0BAQsFAAOCAQEA
WZ7HjfNK6CgxAYaTEqwB6PsxHCIy6HCakns/CSbY2oHjmwjkUzbN5sHAKW8Iegzl
tPY7Avgkt2FwtqTLVxUV1fQuSxB4f5e1Bg4qKz3nad+OTHQgGEL7TvI0USic7G+s
88G+J2jhAd5dNiPovwJ1m3XFZk00zCzytBsJa5UKg+R+Ul+gEhTJs8GTpj2TKJq7
/psBAphf3pu/kp4jwjFVI7qmb0lsQUbWaZn9AeKAaGCecWQatqlaK3tB6hTgWWqI
9OSLDDRZeqWRE2WzivgFKKxQXo6efHfyJJnMp21ZJQkAlQV8C3gv07NGfuzgH1CG
2PTr1R6x9EM3ezzOA4D+ZA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:19:30 2024 by rpki-client on console-ams.rpki-client.org