Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/G7vnItzYkT1aMWYGpMfsvT3Ptyk.roa
File: G7vnItzYkT1aMWYGpMfsvT3Ptyk.roa (raw, json)
Hash identifier: QEMnGVIj+y+FzmLMeuTco7fGZ4nZj9rg5eF9zV81q5Q=
Subject key identifier: 1B:BB:E7:22:DC:D8:91:3D:5A:31:66:06:A4:C7:EC:BD:3D:CF:B7:29
Certificate issuer: /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial: 0185738FE17C5EA3BAAD11464645A11C6A46
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/G7vnItzYkT1aMWYGpMfsvT3Ptyk.roa
Signing time: Mon 02 Jan 2023 17:38:07 +0000
ROA not before: Mon 02 Jan 2023 17:38:07 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 30823
IP address blocks: 78.108.216.0/24 maxlen: 24
85.202.163.0/24 maxlen: 24
185.234.72.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:8f:e1:7c:5e:a3:ba:ad:11:46:46:45:a1:1c:6a:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Validity
Not Before: Jan 2 17:38:07 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1bbbe722dcd8913d5a316606a4c7ecbd3dcfb729
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:e0:17:72:9e:99:22:4b:cc:3d:fd:4a:f9:28:
75:50:d3:a8:cf:11:e0:c0:9e:e6:d7:8f:21:d2:09:
77:b1:30:08:d0:c5:ce:8a:5a:68:dd:b8:b5:3e:7c:
78:87:58:7d:e3:a2:8e:ed:a7:e8:2e:c9:5f:86:e2:
d1:87:1c:79:b0:ab:85:bd:46:20:de:4e:58:fc:42:
ef:36:47:0e:5d:76:21:b6:a7:06:d6:5d:79:e9:33:
6e:d8:6f:c4:90:04:81:db:88:4a:78:30:a7:25:63:
66:7a:b4:9e:b3:87:14:0b:29:57:e5:95:48:c1:22:
ed:0e:bf:f7:c1:d1:7a:81:bf:54:b0:dc:ab:ac:a7:
7b:88:fc:b1:89:99:f9:97:2e:33:e0:09:cf:19:08:
98:c0:38:0e:a3:70:e4:0f:82:a6:86:97:d8:29:df:
52:c6:50:f4:de:f9:fe:eb:19:c5:3d:cb:9d:59:ec:
43:57:9e:16:51:ca:d4:a0:60:a8:7b:14:fe:61:49:
49:ad:79:ab:8b:67:a4:ff:e0:41:17:80:a7:fa:67:
41:32:50:14:c5:82:18:0c:66:3b:5a:77:39:aa:44:
27:7e:87:91:11:27:72:88:e4:a1:07:a7:0a:f9:15:
f1:39:39:12:d9:07:19:e1:a4:ef:5d:fe:97:ad:da:
8a:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:BB:E7:22:DC:D8:91:3D:5A:31:66:06:A4:C7:EC:BD:3D:CF:B7:29
X509v3 Authority Key Identifier:
keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/G7vnItzYkT1aMWYGpMfsvT3Ptyk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.108.216.0/24
85.202.163.0/24
185.234.72.0/24
Signature Algorithm: sha256WithRSAEncryption
af:59:8f:6b:93:b5:2e:bb:6a:49:b9:dc:06:4d:65:2b:42:af:
89:d0:55:bb:0c:30:57:a7:81:c2:e7:ab:84:0d:b3:b5:74:ff:
b0:0c:b6:6c:8b:3f:29:1d:8d:2b:68:1f:1c:0f:8c:35:0a:d5:
3f:07:f3:eb:91:3e:26:18:da:7d:ce:cd:0f:75:d8:e0:42:83:
78:d9:bd:19:cf:03:dd:92:13:99:6d:ae:b5:5e:c3:67:b1:26:
56:81:81:cd:d8:bd:ea:c8:12:c9:10:d5:21:06:32:97:33:ad:
13:96:d3:48:21:ce:fa:cc:19:52:51:48:05:17:58:58:fc:de:
e9:1b:19:ab:70:a2:67:f9:31:dd:da:5c:53:f7:2d:24:4b:dd:
dd:3f:5c:bd:7e:7f:5c:d7:ce:85:e8:86:32:85:8c:a1:45:15:
7b:57:67:84:cd:cc:05:74:84:9c:a0:a4:e5:9e:90:42:7d:79:
d0:83:ae:03:cc:bd:79:8a:43:88:79:5c:e3:b5:e8:64:da:a3:
f9:bc:97:5f:dc:67:b3:a9:65:41:ed:a9:6c:1d:b6:d4:53:20:
6d:79:cf:23:bd:59:e6:48:1c:7b:0b:d9:4f:6e:44:85:f2:f8:
45:f9:a0:e7:35:b4:ae:81:25:1c:8c:08:91:1f:29:83:a6:71:
c8:8d:08:57
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVzj+F8XqO6rRFGRkWhHGpGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjMwMTAyMTczODA3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYmJiZTcyMmRjZDg5MTNkNWEzMTY2MDZhNGM3ZWNiZDNkY2ZiNzI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsOAXcp6ZIkvMPf1K+Sh1UNOozxHg
wJ7m148h0gl3sTAI0MXOilpo3bi1Pnx4h1h946KO7afoLslfhuLRhxx5sKuFvUYg
3k5Y/ELvNkcOXXYhtqcG1l156TNu2G/EkASB24hKeDCnJWNmerSes4cUCylX5ZVI
wSLtDr/3wdF6gb9UsNyrrKd7iPyxiZn5ly4z4AnPGQiYwDgOo3DkD4KmhpfYKd9S
xlD03vn+6xnFPcudWexDV54WUcrUoGCoexT+YUlJrXmri2ek/+BBF4Cn+mdBMlAU
xYIYDGY7Wnc5qkQnfoeRESdyiOShB6cK+RXxOTkS2QcZ4aTvXf6XrdqKFwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFBu75yLc2JE9WjFmBqTH7L09z7cpMB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEvRzd2bkl0ellrVDFhTVdZR3BNZnN2VDNQdHlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQATmzYAwQA
VcqjAwQAuepIMA0GCSqGSIb3DQEBCwUAA4IBAQCvWY9rk7Uuu2pJudwGTWUrQq+J
0FW7DDBXp4HC56uEDbO1dP+wDLZsiz8pHY0raB8cD4w1CtU/B/PrkT4mGNp9zs0P
ddjgQoN42b0ZzwPdkhOZba61XsNnsSZWgYHN2L3qyBLJENUhBjKXM60TltNIIc76
zBlSUUgFF1hY/N7pGxmrcKJn+THd2lxT9y0kS93dP1y9fn9c186F6IYyhYyhRRV7
V2eEzcwFdIScoKTlnpBCfXnQg64DzL15ikOIeVzjtehk2qP5vJdf3GezqWVB7als
HbbUUyBtec8jvVnmSBx7C9lPbkSF8vhF+aDnNbSugSUcjAiRHymDpnHIjQhX
-----END CERTIFICATE-----
Generated at Mon Jan 1 11:15:34 2024 by rpki-client on console-ams.rpki-client.org