Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/ef6277-70b5-4348-a582-904a08031a9f/1/fC7OQfa6rdlb3TzkRfSRsx6d2j4.roa
File: fC7OQfa6rdlb3TzkRfSRsx6d2j4.roa (raw, json)
Hash identifier: yRvENs9EKqeRBqZ+OJQgemO6ylTt7kISm5DKf2aSQLM=
Subject key identifier: 7C:2E:CE:41:F6:BA:AD:D9:5B:DD:3C:E4:45:F4:91:B3:1E:9D:DA:3E
Certificate issuer: /CN=87db71f6919b0ef98eefc9964928a87510236a03
Certificate serial: 0185719E62B0B628FF715302397A130C59EA
Authority key identifier: 87:DB:71:F6:91:9B:0E:F9:8E:EF:C9:96:49:28:A8:75:10:23:6A:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h9tx9pGbDvmO78mWSSiodRAjagM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/ef6277-70b5-4348-a582-904a08031a9f/1/fC7OQfa6rdlb3TzkRfSRsx6d2j4.roa
Signing time: Mon 02 Jan 2023 08:34:43 +0000
ROA not before: Mon 02 Jan 2023 08:34:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 24951
IP address blocks: 185.154.36.0/22 maxlen: 22
185.154.38.0/24 maxlen: 24
195.144.7.0/24 maxlen: 24
212.71.96.0/20 maxlen: 20
212.71.112.0/22 maxlen: 22
212.71.116.0/24 maxlen: 24
212.71.118.0/24 maxlen: 24
212.71.117.0/24 maxlen: 24
212.71.119.0/24 maxlen: 24
212.71.120.0/21 maxlen: 21
217.20.192.0/20 maxlen: 20
217.71.80.0/20 maxlen: 20
217.71.89.0/24 maxlen: 24
2a00:fb00::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 07 Mar 2023 14:57:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:9e:62:b0:b6:28:ff:71:53:02:39:7a:13:0c:59:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=87db71f6919b0ef98eefc9964928a87510236a03
Validity
Not Before: Jan 2 08:34:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7c2ece41f6baadd95bdd3ce445f491b31e9dda3e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:b0:a5:04:c8:f9:b9:cf:34:14:a4:04:df:bc:
c3:0a:64:e6:59:16:db:70:1c:00:69:61:e3:8a:2d:
e0:c2:06:50:d5:47:28:a7:dc:5d:c6:1b:80:96:a3:
ed:c6:7e:55:f8:05:ae:86:ba:f8:9f:32:1c:82:df:
a1:dc:95:98:af:c2:99:80:bf:97:27:89:3b:86:c9:
70:6a:08:34:23:fe:9e:4f:4b:da:1e:cb:15:fe:8e:
61:f3:04:33:84:95:aa:73:79:10:7f:5f:3d:eb:0f:
7e:ee:bd:46:d1:0a:a2:1a:fd:6f:53:8b:96:23:05:
de:5a:5a:e7:dd:45:72:a8:6f:da:ba:85:a7:4f:9e:
b4:72:63:7e:1e:a3:d8:05:2b:76:d2:88:44:c1:0e:
4c:b7:dd:97:05:4e:a7:e2:9c:b5:1f:c4:6d:54:6e:
60:4c:5b:e8:f5:c9:b9:56:86:84:4d:0f:d7:84:85:
82:dc:f4:94:63:3c:91:02:cd:6c:da:8c:39:d5:99:
14:c7:37:cb:60:dc:39:57:32:0d:9f:fd:2e:3c:8a:
2a:6c:fb:50:2e:8c:e6:c2:2a:f6:23:8f:09:83:46:
e3:ef:94:33:1f:03:1a:5d:25:14:0c:94:71:da:fb:
cd:3b:cb:f2:27:7b:37:1e:03:32:36:65:e6:51:2c:
d8:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:2E:CE:41:F6:BA:AD:D9:5B:DD:3C:E4:45:F4:91:B3:1E:9D:DA:3E
X509v3 Authority Key Identifier:
keyid:87:DB:71:F6:91:9B:0E:F9:8E:EF:C9:96:49:28:A8:75:10:23:6A:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h9tx9pGbDvmO78mWSSiodRAjagM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/ef6277-70b5-4348-a582-904a08031a9f/1/fC7OQfa6rdlb3TzkRfSRsx6d2j4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/ef6277-70b5-4348-a582-904a08031a9f/1/h9tx9pGbDvmO78mWSSiodRAjagM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.154.36.0/22
195.144.7.0/24
212.71.96.0/19
217.20.192.0/20
217.71.80.0/20
IPv6:
2a00:fb00::/29
Signature Algorithm: sha256WithRSAEncryption
25:66:3e:a0:1a:37:1f:7a:0d:35:36:e8:8c:1b:f4:40:b2:8f:
08:ca:36:5e:89:e5:86:69:cf:bf:b2:dc:4f:16:24:22:6a:a0:
1b:fc:5f:9c:5e:4f:3a:64:37:35:c2:6d:6e:e0:aa:f1:0c:e8:
6b:9a:5b:67:7b:5b:83:60:56:9c:6a:58:b0:47:de:1d:fe:86:
9a:f4:de:87:68:64:48:f5:47:76:95:9d:a8:55:6f:54:06:d5:
7a:75:ad:3f:62:86:b2:20:3d:42:06:b2:b9:27:72:07:fb:1e:
1e:e0:ec:9d:7c:3c:e9:2c:c3:52:98:7f:fd:2e:98:be:10:d6:
58:52:dd:b2:2c:64:9f:ca:b1:93:08:86:e4:4e:5a:66:81:b0:
ed:8c:ce:99:c2:b9:64:7d:88:03:32:c9:34:ab:95:e2:4b:82:
83:12:23:be:f2:08:50:09:28:6d:c9:a2:a3:d7:86:c5:2d:a0:
84:e7:05:da:2c:4b:a5:48:06:61:cb:80:f0:ef:4a:53:2a:7f:
ba:bb:6c:7b:66:7c:25:02:6d:a0:75:75:55:87:17:11:e3:e7:
55:83:cd:a9:27:56:16:0e:44:d7:e4:2c:cc:0e:88:aa:8c:81:
5c:54:ab:eb:81:23:ee:ba:28:3a:fc:37:8c:d7:ff:9b:8e:bd:
1b:29:a7:3c
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYVxnmKwtij/cVMCOXoTDFnqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3ZGI3MWY2OTE5YjBlZjk4ZWVmYzk5NjQ5MjhhODc1MTAy
MzZhMDMwHhcNMjMwMTAyMDgzNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YzJlY2U0MWY2YmFhZGQ5NWJkZDNjZTQ0NWY0OTFiMzFlOWRkYTNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxLClBMj5uc80FKQE37zDCmTmWRbb
cBwAaWHjii3gwgZQ1Ucop9xdxhuAlqPtxn5V+AWuhrr4nzIcgt+h3JWYr8KZgL+X
J4k7hslwagg0I/6eT0vaHssV/o5h8wQzhJWqc3kQf1896w9+7r1G0QqiGv1vU4uW
IwXeWlrn3UVyqG/auoWnT560cmN+HqPYBSt20ohEwQ5Mt92XBU6n4py1H8RtVG5g
TFvo9cm5VoaETQ/XhIWC3PSUYzyRAs1s2ow51ZkUxzfLYNw5VzINn/0uPIoqbPtQ
Lozmwir2I48Jg0bj75QzHwMaXSUUDJRx2vvNO8vyJ3s3HgMyNmXmUSzYEQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFHwuzkH2uq3ZW9085EX0kbMendo+MB8GA1UdIwQY
MBaAFIfbcfaRmw75ju/JlkkoqHUQI2oDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDl0eDlwR2JEdm1PNzhtV1NTaW9kUkFqYWdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi9lZjYyNzctNzBiNS00MzQ4LWE1ODIt
OTA0YTA4MDMxYTlmLzEvZkM3T1FmYTZyZGxiM1R6a1JmU1JzeDZkMmo0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi9lZjYyNzctNzBiNS00MzQ4LWE1ODItOTA0YTA4MDMxYTlm
LzEvaDl0eDlwR2JEdm1PNzhtV1NTaW9kUkFqYWdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQCuZokAwQA
w5AHAwQF1EdgAwQE2RTAAwQE2UdQMA0EAgACMAcDBQMqAPsAMA0GCSqGSIb3DQEB
CwUAA4IBAQAlZj6gGjcfeg01NuiMG/RAso8IyjZeieWGac+/stxPFiQiaqAb/F+c
Xk86ZDc1wm1u4KrxDOhrmltne1uDYFacaliwR94d/oaa9N6HaGRI9Ud2lZ2oVW9U
BtV6da0/YoayID1CBrK5J3IH+x4e4OydfDzpLMNSmH/9Lpi+ENZYUt2yLGSfyrGT
CIbkTlpmgbDtjM6ZwrlkfYgDMsk0q5XiS4KDEiO+8ghQCShtyaKj14bFLaCE5wXa
LEulSAZhy4Dw70pTKn+6u2x7ZnwlAm2gdXVVhxcR4+dVg82pJ1YWDkTX5CzMDoiq
jIFcVKvrgSPuuig6/DeM1/+bjr0bKac8
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:55 2024 by rpki-client on console-ams.rpki-client.org