Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/b20d83-612c-4b62-97a3-1a5e5f191bfa/1/9y29kzH3cESQsqayQAoy3PAHu78.roa
File: 9y29kzH3cESQsqayQAoy3PAHu78.roa (raw, json)
Hash identifier: DxFFWoW0luzjvjK5iiHj9b1NSrBpNgLEkXlqfPU16ZQ=
Subject key identifier: F7:2D:BD:93:31:F7:70:44:90:B2:A6:B2:40:0A:32:DC:F0:07:BB:BF
Certificate issuer: /CN=307d887c02e07c9e474d1f8e21049caa6ce3fbd3
Certificate serial: 0185729EDD7FA44A49F31338DB2798D95DAB
Authority key identifier: 30:7D:88:7C:02:E0:7C:9E:47:4D:1F:8E:21:04:9C:AA:6C:E3:FB:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MH2IfALgfJ5HTR-OIQScqmzj-9M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/b20d83-612c-4b62-97a3-1a5e5f191bfa/1/9y29kzH3cESQsqayQAoy3PAHu78.roa
Signing time: Mon 02 Jan 2023 13:14:52 +0000
ROA not before: Mon 02 Jan 2023 13:14:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57809
IP address blocks: 109.74.84.0/23 maxlen: 23
109.74.91.0/24 maxlen: 24
85.14.166.0/23 maxlen: 23
85.14.174.0/24 maxlen: 24
85.14.178.0/23 maxlen: 23
217.171.23.0/24 maxlen: 24
217.171.28.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 08:30:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:9e:dd:7f:a4:4a:49:f3:13:38:db:27:98:d9:5d:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=307d887c02e07c9e474d1f8e21049caa6ce3fbd3
Validity
Not Before: Jan 2 13:14:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f72dbd9331f7704490b2a6b2400a32dcf007bbbf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:52:43:24:7a:d6:89:f4:7e:b1:75:4b:6d:8b:
25:26:35:5e:21:00:ee:fb:2b:3a:dc:14:64:50:28:
88:f8:8d:8e:68:b7:4b:a1:70:e3:3a:04:b9:c9:23:
b3:5d:bf:d9:ac:8c:0c:13:7c:b6:2a:23:76:f5:b9:
1a:ff:70:e7:b1:0a:7e:f7:57:a8:03:0e:49:61:f0:
de:4d:45:23:a2:f0:69:1e:73:67:c5:35:20:07:d4:
eb:69:5d:ff:5c:62:09:b9:80:b8:b0:9d:a7:e0:a8:
5b:60:a5:6d:ba:33:a3:5e:b9:b7:e5:ae:b3:6a:6b:
c9:46:2b:33:2d:5a:60:ee:12:6d:85:22:64:40:3c:
b6:e4:23:c0:21:e2:e1:35:df:f8:78:2e:dd:37:72:
e3:af:70:e7:7d:29:87:45:04:ae:2f:b3:3a:c2:d8:
89:b3:3a:1c:0a:1a:c6:9c:6d:9e:a0:24:34:93:1a:
00:2f:0d:84:63:6c:c0:8d:61:87:25:16:f2:c9:c6:
6d:d9:1a:f8:1e:83:fa:2b:23:6f:8a:a9:3a:62:38:
67:86:0c:84:bf:a7:48:90:42:ff:59:53:53:1d:d6:
2a:e1:53:5d:47:c8:86:6f:ee:e4:73:8b:41:f9:23:
cf:18:5b:37:7c:9e:d3:04:18:84:5d:19:34:04:cf:
eb:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:2D:BD:93:31:F7:70:44:90:B2:A6:B2:40:0A:32:DC:F0:07:BB:BF
X509v3 Authority Key Identifier:
keyid:30:7D:88:7C:02:E0:7C:9E:47:4D:1F:8E:21:04:9C:AA:6C:E3:FB:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MH2IfALgfJ5HTR-OIQScqmzj-9M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/b20d83-612c-4b62-97a3-1a5e5f191bfa/1/9y29kzH3cESQsqayQAoy3PAHu78.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/b20d83-612c-4b62-97a3-1a5e5f191bfa/1/MH2IfALgfJ5HTR-OIQScqmzj-9M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.14.166.0/23
85.14.174.0/24
85.14.178.0/23
109.74.84.0/23
109.74.91.0/24
217.171.23.0/24
217.171.28.0/24
Signature Algorithm: sha256WithRSAEncryption
5e:ec:a3:e6:5e:78:ba:52:6b:7c:70:f7:ea:9c:b9:76:d2:41:
4e:ab:83:45:02:d0:23:29:67:a0:b0:1e:bf:9a:7c:7d:5c:35:
c7:f2:44:bc:a6:e8:2a:4b:80:d4:03:fd:37:9d:24:c1:83:74:
6c:4d:14:62:5c:c0:62:84:3e:70:7c:dc:03:66:f6:ad:15:7d:
85:70:1b:4d:8a:f8:b4:81:e1:27:e1:1c:9d:94:f2:d8:5f:d1:
9b:2c:63:9b:be:02:62:48:7e:20:63:58:5f:6b:9f:94:34:0a:
72:51:8b:46:61:a2:fe:06:3b:d6:bb:f9:8e:78:2c:a4:0c:e7:
d8:26:13:79:e7:e7:14:23:3a:85:19:0b:bc:3e:32:ff:aa:62:
50:a4:b7:fa:dd:65:3b:9c:43:61:ea:cd:97:a0:66:48:d2:fd:
26:c4:d6:c9:f7:3a:16:dd:3f:1f:11:cf:35:b2:fc:72:e3:25:
4a:70:4f:b9:5f:f8:be:ce:77:68:d5:33:5e:09:00:0a:12:f8:
22:4c:5b:c6:52:b3:1c:7a:26:ba:53:08:75:c0:e2:5a:20:72:
82:9b:ff:07:c4:63:c7:a1:42:e2:47:80:62:3b:de:5c:e0:5e:
c5:61:ee:46:8c:b7:a5:0d:61:3c:2d:42:12:a0:d6:f2:cc:12:
26:64:52:f9
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYVynt1/pEpJ8xM42yeY2V2rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwN2Q4ODdjMDJlMDdjOWU0NzRkMWY4ZTIxMDQ5Y2FhNmNl
M2ZiZDMwHhcNMjMwMTAyMTMxNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNzJkYmQ5MzMxZjc3MDQ0OTBiMmE2YjI0MDBhMzJkY2YwMDdiYmJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhVJDJHrWifR+sXVLbYslJjVeIQDu
+ys63BRkUCiI+I2OaLdLoXDjOgS5ySOzXb/ZrIwME3y2KiN29bka/3DnsQp+91eo
Aw5JYfDeTUUjovBpHnNnxTUgB9TraV3/XGIJuYC4sJ2n4KhbYKVtujOjXrm35a6z
amvJRiszLVpg7hJthSJkQDy25CPAIeLhNd/4eC7dN3Ljr3DnfSmHRQSuL7M6wtiJ
szocChrGnG2eoCQ0kxoALw2EY2zAjWGHJRbyycZt2Rr4HoP6KyNviqk6YjhnhgyE
v6dIkEL/WVNTHdYq4VNdR8iGb+7kc4tB+SPPGFs3fJ7TBBiEXRk0BM/rEQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFPctvZMx93BEkLKmskAKMtzwB7u/MB8GA1UdIwQY
MBaAFDB9iHwC4HyeR00fjiEEnKps4/vTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUgySWZBTGdmSjVIVFItT0lRU2NxbXpqLTlNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9iMjBkODMtNjEyYy00YjYyLTk3YTMt
MWE1ZTVmMTkxYmZhLzEvOXkyOWt6SDNjRVNRc3FheVFBb3kzUEFIdTc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9iMjBkODMtNjEyYy00YjYyLTk3YTMtMWE1ZTVmMTkxYmZh
LzEvTUgySWZBTGdmSjVIVFItT0lRU2NxbXpqLTlNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQBVQ6mAwQA
VQ6uAwQBVQ6yAwQBbUpUAwQAbUpbAwQA2asXAwQA2ascMA0GCSqGSIb3DQEBCwUA
A4IBAQBe7KPmXni6Umt8cPfqnLl20kFOq4NFAtAjKWegsB6/mnx9XDXH8kS8pugq
S4DUA/03nSTBg3RsTRRiXMBihD5wfNwDZvatFX2FcBtNivi0geEn4RydlPLYX9Gb
LGObvgJiSH4gY1hfa5+UNApyUYtGYaL+BjvWu/mOeCykDOfYJhN55+cUIzqFGQu8
PjL/qmJQpLf63WU7nENh6s2XoGZI0v0mxNbJ9zoW3T8fEc81svxy4yVKcE+5X/i+
zndo1TNeCQAKEvgiTFvGUrMceia6Uwh1wOJaIHKCm/8HxGPHoULiR4BiO95c4F7F
Ye5GjLelDWE8LUISoNbyzBImZFL5
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:35 2024 by rpki-client on console-fra.rpki-client.org