Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/C7CNm-vAm61VILRwABksz1FRbBM.roa
File: C7CNm-vAm61VILRwABksz1FRbBM.roa (raw, json)
Hash identifier: X9LqDptd17YD4NSoTygiTLzInhd88Nk23fjL6eQr2MI=
Subject key identifier: 0B:B0:8D:9B:EB:C0:9B:AD:55:20:B4:70:00:19:2C:CF:51:51:6C:13
Certificate issuer: /CN=3183785916cd98d7c770d685145499a8a0a15722
Certificate serial: 018CC64AD703C2D67FB07D09C662E2A6416C
Authority key identifier: 31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/C7CNm-vAm61VILRwABksz1FRbBM.roa
Signing time: Mon 01 Jan 2024 18:30:42 +0000
ROA not before: Mon 01 Jan 2024 18:30:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5606
IP address blocks: 217.156.46.0/24 maxlen: 24
217.156.47.0/24 maxlen: 24
85.120.17.0/24 maxlen: 24
85.120.16.0/24 maxlen: 24
85.120.19.0/24 maxlen: 24
85.120.18.0/24 maxlen: 24
193.226.71.0/24 maxlen: 24
193.226.69.0/24 maxlen: 24
193.226.70.0/24 maxlen: 24
193.226.68.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 12 Mar 2024 11:19:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4a:d7:03:c2:d6:7f:b0:7d:09:c6:62:e2:a6:41:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3183785916cd98d7c770d685145499a8a0a15722
Validity
Not Before: Jan 1 18:30:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0bb08d9bebc09bad5520b47000192ccf51516c13
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:72:76:a1:70:86:61:d2:5e:e4:89:1b:f7:0e:
32:b2:96:c9:cf:04:b8:90:9e:ba:76:98:66:dd:29:
70:91:91:31:fc:d7:fe:71:ca:a6:1d:00:62:d0:43:
20:8e:72:52:d3:99:a8:eb:b0:b3:93:8e:48:6d:df:
35:a5:79:ec:01:03:bc:82:5d:3f:7d:75:e1:85:6e:
f7:98:ee:bb:1b:c2:a4:31:c5:65:64:dc:42:8b:f7:
bf:cb:6e:29:6c:24:91:98:94:72:91:6a:43:07:fe:
45:3e:9c:22:7b:97:68:8c:14:a3:e5:0c:c3:c9:99:
2a:00:0b:65:e4:ab:1a:75:b0:91:29:57:9a:0e:02:
70:83:67:54:7a:b9:3b:b3:16:1a:ab:cb:fd:cb:b2:
50:14:42:7c:e7:81:9d:fe:26:4f:26:87:73:ff:c0:
18:5c:09:66:3d:65:3f:84:e6:df:92:59:37:78:ee:
43:77:b9:8a:3d:fb:f3:f7:e6:b3:ec:eb:4c:87:c0:
9f:bf:af:ab:67:44:9f:23:d3:7b:fa:83:d5:74:3d:
f8:36:c7:05:cb:31:e5:8f:df:a9:91:b0:d5:8c:77:
6b:5e:4d:4b:bf:73:46:e3:71:da:66:9a:a8:f5:1b:
51:9c:29:97:17:e5:db:d2:d9:5c:c3:e7:5a:6b:d6:
e4:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:B0:8D:9B:EB:C0:9B:AD:55:20:B4:70:00:19:2C:CF:51:51:6C:13
X509v3 Authority Key Identifier:
keyid:31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/C7CNm-vAm61VILRwABksz1FRbBM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.120.16.0/22
193.226.68.0/22
217.156.46.0/23
Signature Algorithm: sha256WithRSAEncryption
27:91:98:44:27:28:87:c1:a2:d0:73:f5:35:86:14:cb:50:f1:
5f:0f:30:52:2f:40:5c:06:2a:d1:3a:cf:8f:71:0c:6a:5d:bc:
49:a8:ee:c6:e3:e7:0c:b5:29:bd:4b:19:df:66:16:96:ef:ee:
8b:79:57:30:af:e7:21:79:4e:24:fa:60:27:b9:d4:6a:12:bf:
78:d4:eb:04:71:41:74:8e:25:2b:7a:95:24:cc:c6:75:f4:fb:
b6:0a:2f:b2:12:20:1a:34:f5:68:c7:22:74:ec:dc:81:4a:fc:
17:47:7b:8b:2d:ab:f5:1a:ee:a9:0e:6b:31:0f:67:a5:57:2b:
d0:a3:a7:de:ab:95:db:76:69:83:f9:49:16:33:93:10:bc:f6:
ca:3c:07:4a:16:93:b7:24:fd:03:49:b6:16:56:c5:fa:8d:a9:
c9:e3:d1:3c:4c:5d:33:0a:84:ab:80:a3:de:3d:68:3b:8d:10:
1b:4e:ff:7b:d9:32:a7:70:0e:00:3b:68:a6:bf:22:62:3d:b7:
bc:f5:87:5e:e1:bd:13:10:6f:e4:39:a0:a3:93:48:c5:28:76:
e1:df:f1:7e:d3:5a:06:84:21:93:f5:ec:b1:98:45:4a:d3:53:
0a:fa:4f:9d:a4:2a:0e:da:33:d6:da:08:96:89:36:85:75:c9:
2c:6d:5f:35
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzGStcDwtZ/sH0JxmLipkFsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxODM3ODU5MTZjZDk4ZDdjNzcwZDY4NTE0NTQ5OWE4YTBh
MTU3MjIwHhcNMjQwMTAxMTgzMDQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYmIwOGQ5YmViYzA5YmFkNTUyMGI0NzAwMDE5MmNjZjUxNTE2YzEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnHJ2oXCGYdJe5Ikb9w4yspbJzwS4
kJ66dphm3SlwkZEx/Nf+ccqmHQBi0EMgjnJS05mo67Czk45Ibd81pXnsAQO8gl0/
fXXhhW73mO67G8KkMcVlZNxCi/e/y24pbCSRmJRykWpDB/5FPpwie5dojBSj5QzD
yZkqAAtl5KsadbCRKVeaDgJwg2dUerk7sxYaq8v9y7JQFEJ854Gd/iZPJodz/8AY
XAlmPWU/hObfklk3eO5Dd7mKPfvz9+az7OtMh8Cfv6+rZ0SfI9N7+oPVdD34NscF
yzHlj9+pkbDVjHdrXk1Lv3NG43HaZpqo9RtRnCmXF+Xb0tlcw+daa9bkawIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFAuwjZvrwJutVSC0cAAZLM9RUWwTMB8GA1UdIwQY
MBaAFDGDeFkWzZjXx3DWhRRUmaigoVciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEt
ZjUyYzQ3YzIyNWRiLzEvQzdDTm0tdkFtNjFWSUxSd0FCa3N6MUZSYkJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEtZjUyYzQ3YzIyNWRi
LzEvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCVXgQAwQC
weJEAwQB2ZwuMA0GCSqGSIb3DQEBCwUAA4IBAQAnkZhEJyiHwaLQc/U1hhTLUPFf
DzBSL0BcBirROs+PcQxqXbxJqO7G4+cMtSm9SxnfZhaW7+6LeVcwr+cheU4k+mAn
udRqEr941OsEcUF0jiUrepUkzMZ19Pu2Ci+yEiAaNPVoxyJ07NyBSvwXR3uLLav1
Gu6pDmsxD2elVyvQo6feq5XbdmmD+UkWM5MQvPbKPAdKFpO3JP0DSbYWVsX6janJ
49E8TF0zCoSrgKPePWg7jRAbTv972TKncA4AO2imvyJiPbe89Yde4b0TEG/kOaCj
k0jFKHbh3/F+01oGhCGT9eyxmEVK01MK+k+dpCoO2jPW2giWiTaFdcksbV81
-----END CERTIFICATE-----
Generated at Tue Mar 12 14:23:33 2024 by rpki-client on console-fra.rpki-client.org