Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/d77e60-8916-4f96-8ed0-e21c436b62ef/1/t7C4O0nSCo7p1HbLiFEXlE7PgKQ.roa
File: t7C4O0nSCo7p1HbLiFEXlE7PgKQ.roa (raw, json)
Hash identifier: hILNP1k/6omglLVGejMPO16JqV3CBXtTbUctKXE9j9o=
Subject key identifier: B7:B0:B8:3B:49:D2:0A:8E:E9:D4:76:CB:88:51:17:94:4E:CF:80:A4
Certificate issuer: /CN=53c912a0411bb0174507092d0ca35a91ad79905c
Certificate serial: 0185A0DF44DA501368604D44CAA9EC800AF7
Authority key identifier: 53:C9:12:A0:41:1B:B0:17:45:07:09:2D:0C:A3:5A:91:AD:79:90:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U8kSoEEbsBdFBwktDKNaka15kFw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/06/d77e60-8916-4f96-8ed0-e21c436b62ef/1/t7C4O0nSCo7p1HbLiFEXlE7PgKQ.roa
Signing time: Wed 11 Jan 2023 12:47:44 +0000
ROA not before: Wed 11 Jan 2023 12:47:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15404
IP address blocks: 194.59.139.0/24 maxlen: 24
194.59.137.0/24 maxlen: 24
2a07:cb81::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 10:30:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:a0:df:44:da:50:13:68:60:4d:44:ca:a9:ec:80:0a:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=53c912a0411bb0174507092d0ca35a91ad79905c
Validity
Not Before: Jan 11 12:47:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b7b0b83b49d20a8ee9d476cb885117944ecf80a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:94:9f:ca:aa:c9:20:07:f9:d2:97:21:4d:71:
57:b7:11:e0:68:89:e2:29:d6:ff:64:05:0e:89:b9:
3b:b0:a0:03:d2:fe:35:ba:67:15:1c:a5:f9:8e:ae:
7c:ea:fe:b0:d7:89:35:63:fb:e1:4d:2d:c9:2c:cf:
f5:e0:7a:9e:72:fa:a4:e6:dc:48:e6:71:2f:59:fe:
79:22:1c:79:58:a7:b8:5a:5a:77:9f:ab:d9:fe:ed:
eb:9c:9a:41:3a:42:f6:ec:ba:de:b9:5d:f7:ab:e5:
ba:a7:9d:6c:21:7e:78:e7:cc:2f:a6:ca:74:6f:9d:
ff:c2:56:fd:48:a0:56:38:0d:0b:b5:2c:b6:14:bd:
71:11:50:7d:17:d3:8d:63:e9:fd:19:04:54:b1:f3:
5b:54:5f:d2:7e:03:15:55:e8:60:40:2d:26:f1:b2:
f0:85:c5:17:80:2b:e4:d7:32:ef:03:13:00:04:d8:
0b:da:2c:d6:9a:00:0b:b6:3d:4e:79:93:e8:10:c0:
97:79:59:8b:cc:54:00:27:e2:c8:9a:16:ca:1a:f5:
67:8d:65:5b:d6:46:c0:d0:12:ad:8f:be:eb:f6:07:
ac:00:b6:9f:3a:38:a3:ff:b3:0d:e4:59:d4:44:d8:
8b:d5:b6:21:dc:a7:a0:f5:e8:de:ea:1e:43:dc:d3:
da:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:B0:B8:3B:49:D2:0A:8E:E9:D4:76:CB:88:51:17:94:4E:CF:80:A4
X509v3 Authority Key Identifier:
keyid:53:C9:12:A0:41:1B:B0:17:45:07:09:2D:0C:A3:5A:91:AD:79:90:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U8kSoEEbsBdFBwktDKNaka15kFw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/d77e60-8916-4f96-8ed0-e21c436b62ef/1/t7C4O0nSCo7p1HbLiFEXlE7PgKQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/06/d77e60-8916-4f96-8ed0-e21c436b62ef/1/U8kSoEEbsBdFBwktDKNaka15kFw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.59.137.0/24
194.59.139.0/24
IPv6:
2a07:cb81::/32
Signature Algorithm: sha256WithRSAEncryption
85:6d:40:5d:02:89:32:a5:31:63:0e:ba:f0:65:f7:e4:de:34:
93:b2:8c:39:c6:73:0c:9f:25:7a:b2:10:00:f1:9d:51:5c:95:
78:8b:b0:72:b1:10:72:89:38:41:2c:0e:3a:8b:28:f5:82:5f:
fb:e7:b6:ad:8d:55:30:5c:40:15:b6:37:18:a8:5e:4c:97:3e:
f2:8b:22:40:2d:d3:98:15:03:6d:7d:52:b4:4d:06:11:0e:a1:
fd:dd:94:03:29:de:ca:cf:ae:9d:bf:8f:5c:8e:04:32:9b:26:
fc:ff:fc:5c:0b:0d:33:2e:9b:84:16:f8:87:d5:aa:89:47:82:
e5:2d:8a:89:6d:d5:fe:e6:f9:87:36:8d:ea:af:38:15:af:93:
bf:56:2c:c3:40:a5:f1:f2:72:d1:f4:23:da:12:46:8d:70:38:
71:93:8d:ec:6b:12:c8:43:3d:1e:0c:31:ae:33:32:c4:e0:86:
aa:c6:79:e0:8b:21:9c:06:40:1e:67:c3:0a:c0:29:f0:66:42:
f2:f3:8e:1b:18:b6:35:6b:68:f2:3c:42:62:d9:46:86:e3:44:
e8:0c:29:89:89:bc:ad:7d:ea:b7:5d:af:a3:12:bd:e7:b0:39:
42:0b:ee:f3:df:ad:eb:8c:bf:09:a1:b6:40:a0:f1:e5:0c:04:
8e:d5:3e:e4
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYWg30TaUBNoYE1EyqnsgAr3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzYzkxMmEwNDExYmIwMTc0NTA3MDkyZDBjYTM1YTkxYWQ3
OTkwNWMwHhcNMjMwMTExMTI0NzQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiN2IwYjgzYjQ5ZDIwYThlZTlkNDc2Y2I4ODUxMTc5NDRlY2Y4MGE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqpSfyqrJIAf50pchTXFXtxHgaIni
Kdb/ZAUOibk7sKAD0v41umcVHKX5jq586v6w14k1Y/vhTS3JLM/14Hqecvqk5txI
5nEvWf55Ihx5WKe4Wlp3n6vZ/u3rnJpBOkL27LreuV33q+W6p51sIX5458wvpsp0
b53/wlb9SKBWOA0LtSy2FL1xEVB9F9ONY+n9GQRUsfNbVF/SfgMVVehgQC0m8bLw
hcUXgCvk1zLvAxMABNgL2izWmgALtj1OeZPoEMCXeVmLzFQAJ+LImhbKGvVnjWVb
1kbA0BKtj77r9gesALafOjij/7MN5FnURNiL1bYh3Keg9eje6h5D3NPaFQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFLewuDtJ0gqO6dR2y4hRF5ROz4CkMB8GA1UdIwQY
MBaAFFPJEqBBG7AXRQcJLQyjWpGteZBcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVThrU29FRWJzQmRGQndrdERLTmFrYTE1a0Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi9kNzdlNjAtODkxNi00Zjk2LThlZDAt
ZTIxYzQzNmI2MmVmLzEvdDdDNE8wblNDbzdwMUhiTGlGRVhsRTdQZ0tRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi9kNzdlNjAtODkxNi00Zjk2LThlZDAtZTIxYzQzNmI2MmVm
LzEvVThrU29FRWJzQmRGQndrdERLTmFrYTE1a0Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAwjuJAwQA
wjuLMA0EAgACMAcDBQAqB8uBMA0GCSqGSIb3DQEBCwUAA4IBAQCFbUBdAokypTFj
DrrwZffk3jSTsow5xnMMnyV6shAA8Z1RXJV4i7BysRByiThBLA46iyj1gl/757at
jVUwXEAVtjcYqF5Mlz7yiyJALdOYFQNtfVK0TQYRDqH93ZQDKd7Kz66dv49cjgQy
myb8//xcCw0zLpuEFviH1aqJR4LlLYqJbdX+5vmHNo3qrzgVr5O/VizDQKXx8nLR
9CPaEkaNcDhxk43saxLIQz0eDDGuMzLE4IaqxnngiyGcBkAeZ8MKwCnwZkLy844b
GLY1a2jyPEJi2UaG40ToDCmJibytfeq3Xa+jEr3nsDlCC+7z363rjL8JobZAoPHl
DASO1T7k
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:51:23 2024 by rpki-client on console-ams.rpki-client.org