Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/e7zLMv6sZi85CQ6M5OtBKZsV6YA.roa
File: e7zLMv6sZi85CQ6M5OtBKZsV6YA.roa (raw, json)
Hash identifier: 0mA/WXuyATibjNgmDxVKpJdx1IToE3Bb9HC4gnggbrw=
Subject key identifier: 7B:BC:CB:32:FE:AC:66:2F:39:09:0E:8C:E4:EB:41:29:9B:15:E9:80
Certificate issuer: /CN=3263787fd0f94b37813eef16bc8137423ee3fef3
Certificate serial: 018B29C14CD58716D6A81692BFBA6BA80263
Authority key identifier: 32:63:78:7F:D0:F9:4B:37:81:3E:EF:16:BC:81:37:42:3E:E3:FE:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MmN4f9D5SzeBPu8WvIE3Qj7j_vM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/e7zLMv6sZi85CQ6M5OtBKZsV6YA.roa
Signing time: Fri 13 Oct 2023 15:56:55 +0000
ROA not before: Fri 13 Oct 2023 15:56:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60800
IP address blocks: 91.210.100.0/22 maxlen: 24
103.82.0.0/22 maxlen: 24
185.42.16.0/22 maxlen: 24
125.62.72.0/22 maxlen: 24
185.17.172.0/22 maxlen: 24
185.222.112.0/22 maxlen: 24
2a03:ec40::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:29:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:29:c1:4c:d5:87:16:d6:a8:16:92:bf:ba:6b:a8:02:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3263787fd0f94b37813eef16bc8137423ee3fef3
Validity
Not Before: Oct 13 15:56:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7bbccb32feac662f39090e8ce4eb41299b15e980
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:ce:ae:8f:d8:1a:d5:58:e0:a1:f6:63:f5:f3:
f9:ac:88:c7:1c:03:1d:6f:9e:a1:0c:1e:f1:bb:2f:
17:5d:7b:a6:9f:8e:7a:f3:08:b3:e0:ea:f6:b5:c8:
9e:ea:c3:82:b4:84:19:04:65:46:f5:8b:4c:10:e9:
94:71:dd:fa:e8:58:81:4e:c8:01:30:37:61:04:36:
bd:9c:a3:db:89:ab:5e:4b:2c:3a:73:41:e0:a5:48:
a9:2e:0d:f8:ae:42:6e:1c:e3:ff:d4:4e:31:38:4b:
40:35:36:53:05:30:0a:c5:e2:84:6e:d4:1a:e8:e7:
dc:78:62:ea:ce:18:3b:57:0b:11:80:3b:fe:69:33:
ad:84:88:3e:77:6a:93:aa:87:f2:c0:c1:e6:57:f1:
c6:1c:88:37:cc:67:a8:e2:ba:f3:0d:7e:b4:64:2e:
99:b6:b0:1c:78:55:93:21:21:fc:12:90:e1:4e:fc:
a6:6a:bb:7f:70:0a:1a:12:07:92:52:20:b7:28:39:
5e:64:e9:55:7f:5d:df:ab:21:61:08:0a:44:5b:cb:
96:9f:f4:e3:45:b8:26:01:88:bf:02:82:0f:6b:a3:
51:ae:32:c6:66:4e:ae:be:6e:eb:bc:a0:f7:5e:ff:
d0:a2:b8:5f:95:69:b4:d3:c7:68:ac:af:8e:11:9a:
05:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:BC:CB:32:FE:AC:66:2F:39:09:0E:8C:E4:EB:41:29:9B:15:E9:80
X509v3 Authority Key Identifier:
keyid:32:63:78:7F:D0:F9:4B:37:81:3E:EF:16:BC:81:37:42:3E:E3:FE:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MmN4f9D5SzeBPu8WvIE3Qj7j_vM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/e7zLMv6sZi85CQ6M5OtBKZsV6YA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/MmN4f9D5SzeBPu8WvIE3Qj7j_vM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.210.100.0/22
103.82.0.0/22
125.62.72.0/22
185.17.172.0/22
185.42.16.0/22
185.222.112.0/22
IPv6:
2a03:ec40::/29
Signature Algorithm: sha256WithRSAEncryption
69:44:60:e4:b4:f9:90:e4:3b:31:86:1c:b2:1f:5b:07:2b:0d:
7f:64:49:a3:2d:2a:72:f9:56:c9:5b:92:b5:29:da:4d:35:31:
ea:92:35:3e:21:db:c4:20:3d:aa:ee:cd:49:1c:f7:26:c8:a5:
25:55:42:e3:38:c7:39:c7:e2:93:aa:75:d9:5a:44:a6:3d:91:
1b:a3:43:10:c8:e6:80:ef:45:74:e2:f8:b5:d8:6a:39:e1:8d:
97:ca:4d:d8:a9:7e:62:9c:ce:ab:ab:97:05:3f:9d:7b:dc:68:
5b:3c:10:95:b0:85:c3:6d:8d:7d:5d:40:23:78:74:37:e0:5f:
4c:6b:35:03:57:33:36:dc:36:c2:d1:e2:a9:40:08:49:7c:3c:
2a:8f:72:01:67:1e:22:c4:66:28:c3:6c:6b:82:e4:c0:89:cc:
ab:af:e3:cc:51:33:e3:f5:2d:25:6c:dd:9c:b3:73:38:cb:35:
ab:39:02:ba:33:f9:d1:7d:c7:13:e2:82:24:a9:b7:65:3b:59:
9a:b8:22:8e:82:cc:00:2b:97:16:d2:59:5d:ec:ae:d5:71:a6:
86:a2:d1:e4:c7:ad:20:e5:dd:73:05:57:45:14:9f:b9:35:9d:
9b:ae:8d:7d:ef:7d:bf:9f:e2:3e:a1:2d:81:5f:ce:e3:fc:8f:
9a:25:94:df
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYspwUzVhxbWqBaSv7prqAJjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyNjM3ODdmZDBmOTRiMzc4MTNlZWYxNmJjODEzNzQyM2Vl
M2ZlZjMwHhcNMjMxMDEzMTU1NjU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YmJjY2IzMmZlYWM2NjJmMzkwOTBlOGNlNGViNDEyOTliMTVlOTgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm86uj9ga1VjgofZj9fP5rIjHHAMd
b56hDB7xuy8XXXumn4568wiz4Or2tcie6sOCtIQZBGVG9YtMEOmUcd366FiBTsgB
MDdhBDa9nKPbiateSyw6c0HgpUipLg34rkJuHOP/1E4xOEtANTZTBTAKxeKEbtQa
6OfceGLqzhg7VwsRgDv+aTOthIg+d2qTqofywMHmV/HGHIg3zGeo4rrzDX60ZC6Z
trAceFWTISH8EpDhTvymart/cAoaEgeSUiC3KDleZOlVf13fqyFhCApEW8uWn/Tj
RbgmAYi/AoIPa6NRrjLGZk6uvm7rvKD3Xv/QorhflWm008dorK+OEZoFVwIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFHu8yzL+rGYvOQkOjOTrQSmbFemAMB8GA1UdIwQY
MBaAFDJjeH/Q+Us3gT7vFryBN0I+4/7zMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTW1ONGY5RDVTemVCUHU4V3ZJRTNRajdqX3ZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS83NzAzZWYtMjQyMi00MzdjLWI5M2Qt
NTk1ZTBiZjVjNjEzLzEvZTd6TE12NnNaaTg1Q1E2TTVPdEJLWnNWNllBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS83NzAzZWYtMjQyMi00MzdjLWI5M2QtNTk1ZTBiZjVjNjEz
LzEvTW1ONGY5RDVTemVCUHU4V3ZJRTNRajdqX3ZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQCW9JkAwQC
Z1IAAwQCfT5IAwQCuRGsAwQCuSoQAwQCud5wMA0EAgACMAcDBQMqA+xAMA0GCSqG
SIb3DQEBCwUAA4IBAQBpRGDktPmQ5DsxhhyyH1sHKw1/ZEmjLSpy+VbJW5K1KdpN
NTHqkjU+IdvEID2q7s1JHPcmyKUlVULjOMc5x+KTqnXZWkSmPZEbo0MQyOaA70V0
4vi12Go54Y2Xyk3YqX5inM6rq5cFP5173GhbPBCVsIXDbY19XUAjeHQ34F9MazUD
VzM23DbC0eKpQAhJfDwqj3IBZx4ixGYow2xrguTAicyrr+PMUTPj9S0lbN2cs3M4
yzWrOQK6M/nRfccT4oIkqbdlO1mauCKOgswAK5cW0lld7K7VcaaGotHkx60g5d1z
BVdFFJ+5NZ2bro19732/n+I+oS2BX87j/I+aJZTf
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:15 2024 by rpki-client on console-fra.rpki-client.org