Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/e75e41-a828-4dc5-8ed3-9fc36411accc/1/1-7A2_o5RoE0R8AV9Y4vS-4oIjpE.roa
File: 1-7A2_o5RoE0R8AV9Y4vS-4oIjpE.roa (raw, json)
Hash identifier: Xlh+VqVyfykqh6wBoLVm5h+vx0e/y9MVy1Ir9gcUUuo=
Subject key identifier: FB:B0:36:FE:8E:51:A0:4D:11:F0:05:7D:63:8B:D2:FB:8A:08:8E:91
Certificate issuer: /CN=3939f92b825ce110903c31d522b0f50cafd74a6f
Certificate serial: 0192F7493096861DA8F6B4FA5EEF3E54277E
Authority key identifier: 39:39:F9:2B:82:5C:E1:10:90:3C:31:D5:22:B0:F5:0C:AF:D7:4A:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OTn5K4Jc4RCQPDHVIrD1DK_XSm8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/e75e41-a828-4dc5-8ed3-9fc36411accc/1/1-7A2_o5RoE0R8AV9Y4vS-4oIjpE.roa
Signing time: Mon 04 Nov 2024 13:07:01 +0000
ROA not before: Mon 04 Nov 2024 13:07:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34285
IP address blocks: 185.197.244.0/22 maxlen: 22
217.12.16.0/24 maxlen: 24
217.12.17.0/24 maxlen: 24
217.12.18.0/24 maxlen: 24
217.12.19.0/24 maxlen: 24
217.12.20.0/22 maxlen: 22
217.12.20.0/23 maxlen: 23
217.12.22.0/23 maxlen: 23
217.12.24.0/22 maxlen: 22
217.12.24.0/24 maxlen: 24
217.12.25.0/24 maxlen: 24
217.12.26.0/24 maxlen: 24
217.12.27.0/24 maxlen: 24
217.12.28.0/22 maxlen: 22
217.12.28.0/24 maxlen: 24
217.12.29.0/24 maxlen: 24
217.12.30.0/24 maxlen: 24
217.12.31.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 06 Nov 2024 08:32:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:f7:49:30:96:86:1d:a8:f6:b4:fa:5e:ef:3e:54:27:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3939f92b825ce110903c31d522b0f50cafd74a6f
Validity
Not Before: Nov 4 13:07:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fbb036fe8e51a04d11f0057d638bd2fb8a088e91
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:6a:48:67:af:24:2f:84:57:5f:0a:7c:71:bd:
26:39:1e:e4:a7:ed:83:40:29:1a:21:82:ae:1b:82:
52:d8:bf:c1:10:c7:c2:22:40:a8:a6:33:e0:87:2f:
c3:60:56:61:6f:c3:87:53:d3:5f:ea:43:44:fd:6e:
9e:d1:4d:20:d8:68:00:6c:6d:2c:43:ec:05:61:57:
9d:52:09:c1:d9:ba:3e:00:e1:c9:9c:f9:79:e5:97:
8e:ac:8a:be:e5:6a:56:52:19:2d:d7:d4:8c:90:37:
00:13:5d:19:52:58:59:00:6c:90:b3:e7:e2:8c:16:
f6:2d:7c:19:d1:a4:4d:0f:b0:ca:ba:4d:2a:02:d4:
02:bc:e2:99:e7:59:76:e5:33:4b:a3:43:ad:56:bd:
55:29:b3:1f:21:99:c8:49:2d:f9:47:43:9a:4f:5f:
45:87:82:8a:72:86:ae:64:64:0c:95:2b:6e:4c:ca:
6e:52:00:6b:1d:66:89:2d:a6:58:16:ef:8a:c4:5a:
08:4f:ed:76:e5:0e:e6:8e:cb:72:9e:99:85:fd:80:
99:f7:ec:95:16:c3:ca:52:04:1f:62:47:5b:9f:e8:
c3:50:f9:bd:56:25:f4:1e:4d:db:51:54:ad:1e:d2:
b2:96:4c:2a:6e:d4:dc:66:79:63:52:58:60:31:0a:
ad:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:B0:36:FE:8E:51:A0:4D:11:F0:05:7D:63:8B:D2:FB:8A:08:8E:91
X509v3 Authority Key Identifier:
keyid:39:39:F9:2B:82:5C:E1:10:90:3C:31:D5:22:B0:F5:0C:AF:D7:4A:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OTn5K4Jc4RCQPDHVIrD1DK_XSm8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/e75e41-a828-4dc5-8ed3-9fc36411accc/1/1-7A2_o5RoE0R8AV9Y4vS-4oIjpE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/e75e41-a828-4dc5-8ed3-9fc36411accc/1/OTn5K4Jc4RCQPDHVIrD1DK_XSm8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.197.244.0/22
217.12.16.0/20
Signature Algorithm: sha256WithRSAEncryption
3d:1a:12:0b:ca:8e:52:10:61:48:d1:02:69:d8:0a:e1:07:c5:
ce:62:25:fa:a0:ae:5d:32:dc:17:0a:e4:2e:c2:03:c4:07:30:
69:bb:2a:df:ce:9c:34:f4:bc:cd:60:85:c6:3c:db:45:b5:6a:
e1:9c:2e:e0:9f:9e:f7:99:c1:bd:22:fc:16:03:ec:ea:60:32:
bf:c5:85:ba:ed:4e:8d:49:18:6a:f8:e0:27:89:01:18:31:40:
38:ce:04:d8:01:4c:0d:61:85:b7:48:47:d6:57:99:10:b0:60:
e7:b1:89:f4:0f:a1:5b:ae:ef:3c:a6:52:2f:e0:52:ba:ba:37:
0c:a0:7f:f0:41:6b:c8:e6:14:05:bd:fb:70:93:a1:c8:00:b6:
27:55:00:74:d3:94:93:16:a8:63:fe:f9:b6:1e:0e:56:32:84:
90:08:4e:71:3b:e6:14:3a:ca:bf:6e:cb:fd:7d:a0:6e:3c:4b:
86:7e:8c:fe:a2:2c:75:53:e1:67:78:72:2b:bf:ee:24:27:01:
7b:13:2f:1b:a3:ef:bc:ae:17:b3:2f:ff:92:b9:0c:42:71:85:
8c:e0:7a:02:a3:81:a8:42:35:2e:3e:29:9d:9b:33:f1:47:9d:
de:5f:1b:c6:6f:9c:91:3b:c2:f3:a4:a4:f6:b0:b2:96:d9:93:
1f:2f:6a:39
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAZL3STCWhh2o9rT6Xu8+VCd+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5MzlmOTJiODI1Y2UxMTA5MDNjMzFkNTIyYjBmNTBjYWZk
NzRhNmYwHhcNMjQxMTA0MTMwNzAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYmIwMzZmZThlNTFhMDRkMTFmMDA1N2Q2MzhiZDJmYjhhMDg4ZTkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0mpIZ68kL4RXXwp8cb0mOR7kp+2D
QCkaIYKuG4JS2L/BEMfCIkCopjPghy/DYFZhb8OHU9Nf6kNE/W6e0U0g2GgAbG0s
Q+wFYVedUgnB2bo+AOHJnPl55ZeOrIq+5WpWUhkt19SMkDcAE10ZUlhZAGyQs+fi
jBb2LXwZ0aRND7DKuk0qAtQCvOKZ51l25TNLo0OtVr1VKbMfIZnISS35R0OaT19F
h4KKcoauZGQMlStuTMpuUgBrHWaJLaZYFu+KxFoIT+125Q7mjstynpmF/YCZ9+yV
FsPKUgQfYkdbn+jDUPm9ViX0Hk3bUVStHtKylkwqbtTcZnljUlhgMQqtlQIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFPuwNv6OUaBNEfAFfWOL0vuKCI6RMB8GA1UdIwQY
MBaAFDk5+SuCXOEQkDwx1SKw9Qyv10pvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1RuNUs0SmM0UkNRUERIVklyRDFES19YU204LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS9lNzVlNDEtYTgyOC00ZGM1LThlZDMt
OWZjMzY0MTFhY2NjLzEvMS03QTJfbzVSb0UwUjhBVjlZNHZTLTRvSWpwRS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMWUvZTc1ZTQxLWE4MjgtNGRjNS04ZWQzLTlmYzM2NDExYWNj
Yy8xL09UbjVLNEpjNFJDUVBESFZJckQxREtfWFNtOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEArnF9AME
BNkMEDANBgkqhkiG9w0BAQsFAAOCAQEAPRoSC8qOUhBhSNECadgK4QfFzmIl+qCu
XTLcFwrkLsIDxAcwabsq386cNPS8zWCFxjzbRbVq4Zwu4J+e95nBvSL8FgPs6mAy
v8WFuu1OjUkYavjgJ4kBGDFAOM4E2AFMDWGFt0hH1leZELBg57GJ9A+hW67vPKZS
L+BSuro3DKB/8EFryOYUBb37cJOhyAC2J1UAdNOUkxaoY/75th4OVjKEkAhOcTvm
FDrKv27L/X2gbjxLhn6M/qIsdVPhZ3hyK7/uJCcBexMvG6PvvK4Xsy//krkMQnGF
jOB6AqOBqEI1Lj4pnZsz8Ued3l8bxm+ckTvC86Sk9rCyltmTHy9qOQ==
-----END CERTIFICATE-----
Generated at Wed Nov 6 10:44:28 2024 by rpki-client on console-ams.rpki-client.org