Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/cdddd5-817a-4113-8b82-23049e4d2f12/1/b7cP7x7kbAuoqDAzCz2sQx4irrU.roa
File: b7cP7x7kbAuoqDAzCz2sQx4irrU.roa (raw, json)
Hash identifier: y7sSOT/kz8ChZG22ne/l1VTK3O7xBEzFdR6Hr8HH3kU=
Subject key identifier: 6F:B7:0F:EF:1E:E4:6C:0B:A8:A8:30:33:0B:3D:AC:43:1E:22:AE:B5
Certificate issuer: /CN=351a2fd6f5e5af87d5cea095066fbcc3d3e546a4
Certificate serial: 0185714C0EFDDF8D3E24DF6FEBB0AA10CD39
Authority key identifier: 35:1A:2F:D6:F5:E5:AF:87:D5:CE:A0:95:06:6F:BC:C3:D3:E5:46:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NRov1vXlr4fVzqCVBm-8w9PlRqQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/cdddd5-817a-4113-8b82-23049e4d2f12/1/b7cP7x7kbAuoqDAzCz2sQx4irrU.roa
Signing time: Mon 02 Jan 2023 07:04:48 +0000
ROA not before: Mon 02 Jan 2023 07:04:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198156
IP address blocks: 212.7.217.0/24 maxlen: 24
212.7.216.0/22 maxlen: 22
212.7.216.0/24 maxlen: 24
91.106.29.0/24 maxlen: 24
2a01:6e80:fffe::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Feb 2023 12:55:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:4c:0e:fd:df:8d:3e:24:df:6f:eb:b0:aa:10:cd:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=351a2fd6f5e5af87d5cea095066fbcc3d3e546a4
Validity
Not Before: Jan 2 07:04:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6fb70fef1ee46c0ba8a830330b3dac431e22aeb5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:47:88:88:5f:f2:15:b6:ca:ec:fc:d4:39:ee:
3c:8a:2c:14:f7:85:ca:a6:30:a6:91:de:9c:55:b1:
ee:0a:3b:50:a3:b0:9d:f7:11:f5:85:f8:23:c4:99:
65:a0:d4:6f:02:2e:0f:30:04:0a:e8:da:22:be:35:
23:e9:32:42:dd:fa:d6:00:a6:76:0b:0d:15:c8:8e:
2f:fc:68:e5:36:f3:a1:d2:c2:a0:42:89:7f:a6:ef:
17:26:d2:8c:87:e0:60:8b:d4:1a:b8:6f:59:37:46:
1c:ad:38:11:c3:64:55:7f:19:49:1a:3a:15:cf:34:
e0:9c:6d:31:80:70:7e:54:d9:20:73:57:90:14:d8:
ed:06:f7:c4:9d:73:c5:17:2e:9f:80:40:25:a2:cd:
d0:cd:9c:2f:e8:f9:76:29:89:95:55:d8:92:11:bf:
e3:2b:98:61:cd:04:ef:68:91:78:11:1e:83:c3:50:
f6:e2:f6:e9:04:cd:30:6e:25:bc:a3:8f:9c:e2:8d:
3a:ef:a6:13:c0:d0:df:61:93:1e:fd:b9:f7:f8:16:
04:9a:7b:46:92:4f:3c:79:eb:49:54:1f:2c:3f:4f:
9d:72:24:87:4a:9c:d5:34:3a:69:4f:d4:af:c1:ee:
23:fe:94:10:4a:be:5b:6c:ec:82:69:9e:4e:f3:e0:
34:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:B7:0F:EF:1E:E4:6C:0B:A8:A8:30:33:0B:3D:AC:43:1E:22:AE:B5
X509v3 Authority Key Identifier:
keyid:35:1A:2F:D6:F5:E5:AF:87:D5:CE:A0:95:06:6F:BC:C3:D3:E5:46:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NRov1vXlr4fVzqCVBm-8w9PlRqQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/cdddd5-817a-4113-8b82-23049e4d2f12/1/b7cP7x7kbAuoqDAzCz2sQx4irrU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/cdddd5-817a-4113-8b82-23049e4d2f12/1/NRov1vXlr4fVzqCVBm-8w9PlRqQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.106.29.0/24
212.7.216.0/22
IPv6:
2a01:6e80:fffe::/48
Signature Algorithm: sha256WithRSAEncryption
58:5a:7b:d8:9d:99:6b:d3:8f:7a:db:b6:bd:3b:44:e9:eb:74:
5f:91:ce:02:f1:73:d2:29:51:d5:f8:76:eb:87:a7:30:58:be:
31:1d:99:c0:57:f1:cc:8f:5e:08:f0:57:97:f7:9b:d7:9f:10:
42:3f:eb:6d:29:68:fb:3e:97:e3:bf:68:2c:0e:8b:7e:6f:a8:
2d:39:67:8f:18:5d:bd:da:f8:aa:f8:a4:80:40:9f:33:90:5f:
35:d2:e2:cc:60:fe:90:da:25:59:7f:e2:ce:05:57:c1:76:20:
6d:a4:1f:32:bb:ce:ed:ea:d1:64:87:8e:54:1a:83:74:03:85:
29:2a:72:2a:93:f3:ae:62:cd:66:00:7d:df:3c:c2:18:f8:ad:
19:b4:8c:c5:57:5e:93:c1:93:d8:9a:01:98:64:92:58:35:71:
8c:f6:ec:80:1a:66:ae:ed:a1:79:90:3a:f0:22:8a:25:06:ba:
e5:0e:2b:f3:f2:04:ff:7e:6a:f5:72:61:cf:4a:a0:9d:dd:35:
40:bf:32:9d:40:45:f2:f1:bb:1f:49:5d:b4:86:5b:c2:c0:3e:
ec:b9:27:9d:17:09:96:e5:e7:03:de:41:6b:10:f0:1c:9c:c1:
57:74:58:f1:2e:3a:12:15:51:f5:a1:ec:34:e3:fb:38:c2:96:
b1:37:41:b4
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYVxTA79340+JN9v67CqEM05MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1MWEyZmQ2ZjVlNWFmODdkNWNlYTA5NTA2NmZiY2MzZDNl
NTQ2YTQwHhcNMjMwMTAyMDcwNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZmI3MGZlZjFlZTQ2YzBiYThhODMwMzMwYjNkYWM0MzFlMjJhZWI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs0eIiF/yFbbK7PzUOe48iiwU94XK
pjCmkd6cVbHuCjtQo7Cd9xH1hfgjxJlloNRvAi4PMAQK6NoivjUj6TJC3frWAKZ2
Cw0VyI4v/GjlNvOh0sKgQol/pu8XJtKMh+Bgi9QauG9ZN0YcrTgRw2RVfxlJGjoV
zzTgnG0xgHB+VNkgc1eQFNjtBvfEnXPFFy6fgEAlos3QzZwv6Pl2KYmVVdiSEb/j
K5hhzQTvaJF4ER6Dw1D24vbpBM0wbiW8o4+c4o0676YTwNDfYZMe/bn3+BYEmntG
kk88eetJVB8sP0+dciSHSpzVNDppT9Svwe4j/pQQSr5bbOyCaZ5O8+A0lwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFG+3D+8e5GwLqKgwMws9rEMeIq61MB8GA1UdIwQY
MBaAFDUaL9b15a+H1c6glQZvvMPT5UakMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlJvdjF2WGxyNGZWenFDVkJtLTh3OVBsUnFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS9jZGRkZDUtODE3YS00MTEzLThiODIt
MjMwNDllNGQyZjEyLzEvYjdjUDd4N2tiQXVvcURBekN6MnNReDRpcnJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS9jZGRkZDUtODE3YS00MTEzLThiODItMjMwNDllNGQyZjEy
LzEvTlJvdjF2WGxyNGZWenFDVkJtLTh3OVBsUnFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAW2odAwQC
1AfYMA8EAgACMAkDBwAqAW6A//4wDQYJKoZIhvcNAQELBQADggEBAFhae9idmWvT
j3rbtr07ROnrdF+RzgLxc9IpUdX4duuHpzBYvjEdmcBX8cyPXgjwV5f3m9efEEI/
620paPs+l+O/aCwOi35vqC05Z48YXb3a+Kr4pIBAnzOQXzXS4sxg/pDaJVl/4s4F
V8F2IG2kHzK7zu3q0WSHjlQag3QDhSkqciqT865izWYAfd88whj4rRm0jMVXXpPB
k9iaAZhkklg1cYz27IAaZq7toXmQOvAiiiUGuuUOK/PyBP9+avVyYc9KoJ3dNUC/
Mp1ARfLxux9JXbSGW8LAPuy5J50XCZbl5wPeQWsQ8BycwVd0WPEuOhIVUfWh7DTj
+zjClrE3QbQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:12 2024 by rpki-client on console-ams.rpki-client.org