Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/c27cd1-570b-47d1-b256-1814223d92ce/1/7sJIhuEHThIb29zNFhiZdrrCzHo.roa
File: 7sJIhuEHThIb29zNFhiZdrrCzHo.roa (raw, json)
Hash identifier: De9tTYTgaCN/WZXljSL9DgeG6H3bbrIBRPjsIQtbPuE=
Subject key identifier: EE:C2:48:86:E1:07:4E:12:1B:DB:DC:CD:16:18:99:76:BA:C2:CC:7A
Certificate issuer: /CN=391a0ecc2b9beaba9eb76d5519fe787b4033fc12
Certificate serial: 01862860FAEAC01183588A7CCB8C513F29CF
Authority key identifier: 39:1A:0E:CC:2B:9B:EA:BA:9E:B7:6D:55:19:FE:78:7B:40:33:FC:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ORoOzCub6rqet21VGf54e0Az_BI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/c27cd1-570b-47d1-b256-1814223d92ce/1/7sJIhuEHThIb29zNFhiZdrrCzHo.roa
Signing time: Mon 06 Feb 2023 20:18:09 +0000
ROA not before: Mon 06 Feb 2023 20:18:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212221
IP address blocks: 91.132.4.0/23 maxlen: 23
89.45.206.0/23 maxlen: 23
89.45.200.0/23 maxlen: 23
89.45.200.0/21 maxlen: 21
89.45.203.0/24 maxlen: 24
89.45.204.0/23 maxlen: 23
89.45.202.0/23 maxlen: 23
212.102.106.0/24 maxlen: 24
2a09:b780::/48 maxlen: 48
2a09:b780:1::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:30:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:28:60:fa:ea:c0:11:83:58:8a:7c:cb:8c:51:3f:29:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=391a0ecc2b9beaba9eb76d5519fe787b4033fc12
Validity
Not Before: Feb 6 20:18:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=eec24886e1074e121bdbdccd16189976bac2cc7a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:00:66:bf:fe:d9:7e:46:1c:c0:ae:c1:20:e7:
ed:d7:81:47:05:14:81:b3:be:60:49:dd:ab:b0:5a:
b8:1f:ce:bc:63:f5:ac:89:92:0d:b3:73:c5:e3:e9:
1d:3a:fb:6e:37:f9:ad:af:05:5a:4b:fa:1d:85:88:
8d:b6:4d:6d:0a:6d:0c:96:1a:b0:28:57:97:c5:fe:
62:7e:40:4c:0d:e3:b0:26:24:45:69:16:fe:a9:80:
03:db:d7:e7:e4:1e:00:97:29:eb:9d:c1:a8:e3:8c:
da:d2:99:c4:5f:73:e7:9e:7b:2c:c9:f1:c2:b3:ac:
d6:55:14:0a:b2:fd:99:13:26:1c:d4:73:77:94:86:
37:85:58:04:e9:98:a3:42:73:76:73:55:4e:ed:99:
e8:fa:6a:9d:13:90:62:e8:b7:18:1b:ee:04:ab:53:
63:8e:4c:87:cf:14:d8:d6:b1:e2:d6:c4:53:3d:4c:
49:e5:f3:ea:73:03:97:ea:71:d4:e3:c1:a2:e8:c6:
51:1c:ad:de:c3:87:5c:49:bf:bd:77:13:f3:6c:40:
29:17:5c:02:b5:4a:70:b2:2c:99:d1:f9:cb:70:6a:
53:c9:00:22:fd:55:09:1d:de:a0:da:8d:d0:16:e0:
12:4a:8e:80:83:93:e2:e2:9e:c7:f7:eb:c5:6b:1a:
40:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:C2:48:86:E1:07:4E:12:1B:DB:DC:CD:16:18:99:76:BA:C2:CC:7A
X509v3 Authority Key Identifier:
keyid:39:1A:0E:CC:2B:9B:EA:BA:9E:B7:6D:55:19:FE:78:7B:40:33:FC:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ORoOzCub6rqet21VGf54e0Az_BI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/c27cd1-570b-47d1-b256-1814223d92ce/1/7sJIhuEHThIb29zNFhiZdrrCzHo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/c27cd1-570b-47d1-b256-1814223d92ce/1/ORoOzCub6rqet21VGf54e0Az_BI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.45.200.0/21
91.132.4.0/23
212.102.106.0/24
IPv6:
2a09:b780::/47
Signature Algorithm: sha256WithRSAEncryption
ab:3b:a7:6b:4a:70:08:80:4b:eb:3b:4c:00:af:56:f2:df:8f:
d1:64:30:5c:00:09:6f:7f:b9:4b:d8:c9:15:80:95:d4:e7:3c:
ba:5f:b8:32:4c:c4:da:73:20:6a:b5:58:2d:b5:53:5e:cc:a8:
8e:1e:b5:a6:3d:81:a8:95:9a:11:34:0e:1a:31:3a:8d:5b:be:
21:4e:b0:05:d0:37:aa:d0:82:1d:3e:45:60:da:df:2f:e6:d5:
71:15:7c:0a:c5:af:3a:8e:99:26:11:ed:72:af:a6:96:37:0e:
71:a1:a6:d2:c4:8a:f9:1a:d4:e8:c7:8b:d9:db:d1:cf:47:b7:
19:f2:2a:a6:bd:1b:7c:91:d1:a5:59:be:2a:fe:26:89:d6:39:
32:32:2d:7b:d1:b5:b5:df:06:cb:d2:61:14:90:00:be:0a:11:
fe:db:b4:2b:d6:58:6d:b4:94:e7:9c:7d:70:27:dc:90:97:9c:
fe:b8:b3:50:62:c9:84:01:c8:94:2f:21:68:06:87:04:37:51:
56:29:d5:0a:61:0e:aa:0c:c9:07:57:c7:b8:9d:ba:d4:b1:32:
74:5b:3e:94:64:5f:cc:24:d7:55:d3:be:97:5d:c7:f1:9f:dd:
5a:9f:e5:3c:f2:7b:c2:7d:8b:5e:41:97:88:f1:73:ce:1f:c0:
74:19:db:d3
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYYoYPrqwBGDWIp8y4xRPynPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5MWEwZWNjMmI5YmVhYmE5ZWI3NmQ1NTE5ZmU3ODdiNDAz
M2ZjMTIwHhcNMjMwMjA2MjAxODA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZWMyNDg4NmUxMDc0ZTEyMWJkYmRjY2QxNjE4OTk3NmJhYzJjYzdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhABmv/7ZfkYcwK7BIOft14FHBRSB
s75gSd2rsFq4H868Y/WsiZINs3PF4+kdOvtuN/mtrwVaS/odhYiNtk1tCm0Mlhqw
KFeXxf5ifkBMDeOwJiRFaRb+qYAD29fn5B4AlynrncGo44za0pnEX3PnnnssyfHC
s6zWVRQKsv2ZEyYc1HN3lIY3hVgE6ZijQnN2c1VO7Zno+mqdE5Bi6LcYG+4Eq1Nj
jkyHzxTY1rHi1sRTPUxJ5fPqcwOX6nHU48Gi6MZRHK3ew4dcSb+9dxPzbEApF1wC
tUpwsiyZ0fnLcGpTyQAi/VUJHd6g2o3QFuASSo6Ag5Pi4p7H9+vFaxpAaQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFO7CSIbhB04SG9vczRYYmXa6wsx6MB8GA1UdIwQY
MBaAFDkaDswrm+q6nrdtVRn+eHtAM/wSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1JvT3pDdWI2cnFldDIxVkdmNTRlMEF6X0JJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9jMjdjZDEtNTcwYi00N2QxLWIyNTYt
MTgxNDIyM2Q5MmNlLzEvN3NKSWh1RUhUaEliMjl6TkZoaVpkcnJDekhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9jMjdjZDEtNTcwYi00N2QxLWIyNTYtMTgxNDIyM2Q5MmNl
LzEvT1JvT3pDdWI2cnFldDIxVkdmNTRlMEF6X0JJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQDWS3IAwQB
W4QEAwQA1GZqMA8EAgACMAkDBwEqCbeAAAAwDQYJKoZIhvcNAQELBQADggEBAKs7
p2tKcAiAS+s7TACvVvLfj9FkMFwACW9/uUvYyRWAldTnPLpfuDJMxNpzIGq1WC21
U17MqI4etaY9gaiVmhE0DhoxOo1bviFOsAXQN6rQgh0+RWDa3y/m1XEVfArFrzqO
mSYR7XKvppY3DnGhptLEivka1OjHi9nb0c9HtxnyKqa9G3yR0aVZvir+JonWOTIy
LXvRtbXfBsvSYRSQAL4KEf7btCvWWG20lOecfXAn3JCXnP64s1BiyYQByJQvIWgG
hwQ3UVYp1QphDqoMyQdXx7idutSxMnRbPpRkX8wk11XTvpddx/Gf3Vqf5Tzye8J9
i15Bl4jxc84fwHQZ29M=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:44 2024 by rpki-client on console-fra.rpki-client.org