Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/da85e7-a452-4b1d-b5ae-9b11804ecd39/1/7MP2Bd6qRDCl7CDZ88QCzeYGhrg.roa
File: 7MP2Bd6qRDCl7CDZ88QCzeYGhrg.roa (raw, json)
Hash identifier: zm2HP98t6jnw//rFtksR5+5hGvbkF0SnRPTctGnmFxQ=
Subject key identifier: EC:C3:F6:05:DE:AA:44:30:A5:EC:20:D9:F3:C4:02:CD:E6:06:86:B8
Certificate issuer: /CN=a9b75b64d5da17d70bbabd811a39a602ddaf963a
Certificate serial: 01856EA6AC29B22298AC87CD56AFBFD2DC98
Authority key identifier: A9:B7:5B:64:D5:DA:17:D7:0B:BA:BD:81:1A:39:A6:02:DD:AF:96:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qbdbZNXaF9cLur2BGjmmAt2vljo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/da85e7-a452-4b1d-b5ae-9b11804ecd39/1/7MP2Bd6qRDCl7CDZ88QCzeYGhrg.roa
Signing time: Sun 01 Jan 2023 18:44:54 +0000
ROA not before: Sun 01 Jan 2023 18:44:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201011
IP address blocks: 83.142.80.0/21 maxlen: 21
82.199.147.0/24 maxlen: 24
82.199.148.0/24 maxlen: 24
82.199.149.0/24 maxlen: 24
82.199.153.0/24 maxlen: 24
195.138.249.0/24 maxlen: 24
195.138.250.0/24 maxlen: 24
82.199.157.0/24 maxlen: 24
82.199.158.0/24 maxlen: 24
82.199.159.0/24 maxlen: 24
195.138.248.0/21 maxlen: 21
31.7.177.0/24 maxlen: 24
31.7.176.0/20 maxlen: 24
92.43.104.0/21 maxlen: 24
80.255.0.0/20 maxlen: 20
81.95.0.0/20 maxlen: 24
82.199.128.0/24 maxlen: 24
82.199.128.0/19 maxlen: 24
82.199.130.0/24 maxlen: 24
82.199.131.0/24 maxlen: 24
82.199.138.0/24 maxlen: 24
82.199.141.0/24 maxlen: 24
5.56.16.0/21 maxlen: 21
2a01:4a0:47::/48 maxlen: 48
2a01:4a0:42::/48 maxlen: 48
2a0b:76c0::/29 maxlen: 29
2a01:4a0:38::/48 maxlen: 48
2a01:4a0:56::/48 maxlen: 48
2a01:4a0:30::/48 maxlen: 48
2a01:4a0:50::/48 maxlen: 48
2a01:4a0:e::/48 maxlen: 48
2a01:4a0::/29 maxlen: 48
2a01:4a0:17::/48 maxlen: 48
2a01:4a0:48::/48 maxlen: 48
2a01:4a0:b::/48 maxlen: 48
2a01:4a0:46::/48 maxlen: 48
2a01:4a0:45::/48 maxlen: 48
2a01:4a0:43::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 03 Feb 2023 07:43:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:a6:ac:29:b2:22:98:ac:87:cd:56:af:bf:d2:dc:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9b75b64d5da17d70bbabd811a39a602ddaf963a
Validity
Not Before: Jan 1 18:44:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ecc3f605deaa4430a5ec20d9f3c402cde60686b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:ad:39:88:5b:e1:68:fa:d0:f8:ba:ac:b5:ef:
fa:96:59:5a:1b:ac:08:1d:c9:11:4e:ae:ef:56:3b:
be:92:e9:11:2e:c1:d6:30:7e:57:47:c8:89:98:af:
2e:bf:30:68:4b:ec:a1:55:18:fc:07:a7:be:b5:57:
88:39:54:d5:42:8e:16:bb:01:52:8e:bf:53:e5:a4:
ed:1a:58:c7:c5:60:83:d2:14:c6:cf:fc:68:ae:30:
2e:ba:ec:83:32:ce:c4:c3:da:48:14:ff:80:ca:70:
4c:fb:6c:04:02:cc:b9:d0:c0:03:61:7c:27:95:3f:
27:45:cf:7f:08:5e:91:b6:f1:91:87:12:72:6c:3b:
a2:14:8a:3e:05:d2:16:80:44:e2:6f:47:64:da:55:
4e:bb:78:7c:42:ca:31:0f:5b:a3:9b:eb:ba:f5:1c:
3b:be:00:81:ec:23:45:e3:90:f3:e4:fc:c3:3f:ff:
3b:bf:a5:46:22:45:6b:f8:39:92:7b:4d:2d:da:2b:
d8:e3:31:ec:34:c1:86:c3:1d:5e:f8:6c:09:36:85:
3c:0d:f8:b4:de:81:e1:30:c6:c9:28:37:52:ba:d7:
ee:c7:ec:bf:89:59:97:5f:33:5b:24:22:be:6e:d5:
21:b3:f1:95:4f:86:bd:47:88:45:6c:4e:95:9c:2e:
df:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:C3:F6:05:DE:AA:44:30:A5:EC:20:D9:F3:C4:02:CD:E6:06:86:B8
X509v3 Authority Key Identifier:
keyid:A9:B7:5B:64:D5:DA:17:D7:0B:BA:BD:81:1A:39:A6:02:DD:AF:96:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qbdbZNXaF9cLur2BGjmmAt2vljo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/da85e7-a452-4b1d-b5ae-9b11804ecd39/1/7MP2Bd6qRDCl7CDZ88QCzeYGhrg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/da85e7-a452-4b1d-b5ae-9b11804ecd39/1/qbdbZNXaF9cLur2BGjmmAt2vljo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.56.16.0/21
31.7.176.0/20
80.255.0.0/20
81.95.0.0/20
82.199.128.0/19
83.142.80.0/21
92.43.104.0/21
195.138.248.0/21
IPv6:
2a01:4a0::/29
2a0b:76c0::/29
Signature Algorithm: sha256WithRSAEncryption
76:f7:7e:6d:3e:23:54:98:56:cc:a3:9c:d4:e2:9f:77:ec:1c:
c4:40:2e:6c:d1:86:ca:d1:eb:72:b8:b3:57:43:be:fd:ae:9c:
36:b7:cd:1d:6d:be:da:c0:70:e9:07:fe:67:40:d1:86:33:89:
b9:c9:38:bf:fc:9c:4f:86:38:37:60:70:83:5c:c9:bb:93:bc:
cf:3b:b3:68:12:08:d8:dd:c3:96:52:f1:0c:a7:5c:eb:a4:64:
b5:c3:45:56:fc:d2:4c:0e:b3:5d:c4:4e:4f:78:66:49:2c:f2:
4a:63:84:07:aa:c9:5d:5d:7d:75:c4:63:c3:3d:50:47:b1:6e:
3e:1d:9b:14:b1:a9:aa:d7:19:49:59:ef:fb:01:0f:8f:6d:00:
b7:1a:f4:ba:0d:ea:01:27:ec:90:65:22:0a:75:2e:a3:e1:e1:
51:ad:df:de:d8:f5:cb:b7:18:e3:a7:f4:14:b0:7a:cc:88:e6:
db:11:8a:e3:ab:8a:68:49:ce:89:fb:f6:89:ae:64:06:fc:d2:
00:51:24:23:1e:3c:1c:77:15:38:56:9a:2d:fc:23:fa:87:b3:
0f:ae:ef:90:2a:04:ec:1a:11:eb:e2:26:53:38:37:b8:55:77:
e8:2d:f6:15:60:ac:15:84:9c:87:aa:91:7f:ee:b4:36:06:a5:
8f:3d:77:eb
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAYVupqwpsiKYrIfNVq+/0tyYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5Yjc1YjY0ZDVkYTE3ZDcwYmJhYmQ4MTFhMzlhNjAyZGRh
Zjk2M2EwHhcNMjMwMTAxMTg0NDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlY2MzZjYwNWRlYWE0NDMwYTVlYzIwZDlmM2M0MDJjZGU2MDY4NmI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsq05iFvhaPrQ+Lqste/6lllaG6wI
HckRTq7vVju+kukRLsHWMH5XR8iJmK8uvzBoS+yhVRj8B6e+tVeIOVTVQo4WuwFS
jr9T5aTtGljHxWCD0hTGz/xorjAuuuyDMs7Ew9pIFP+AynBM+2wEAsy50MADYXwn
lT8nRc9/CF6RtvGRhxJybDuiFIo+BdIWgETib0dk2lVOu3h8QsoxD1ujm+u69Rw7
vgCB7CNF45Dz5PzDP/87v6VGIkVr+DmSe00t2ivY4zHsNMGGwx1e+GwJNoU8Dfi0
3oHhMMbJKDdSutfux+y/iVmXXzNbJCK+btUhs/GVT4a9R4hFbE6VnC7fdwIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFOzD9gXeqkQwpewg2fPEAs3mBoa4MB8GA1UdIwQY
MBaAFKm3W2TV2hfXC7q9gRo5pgLdr5Y6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWJkYlpOWGFGOWNMdXIyQkdqbW1BdDJ2bGpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS9kYTg1ZTctYTQ1Mi00YjFkLWI1YWUt
OWIxMTgwNGVjZDM5LzEvN01QMkJkNnFSRENsN0NEWjg4UUN6ZVlHaHJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS9kYTg1ZTctYTQ1Mi00YjFkLWI1YWUtOWIxMTgwNGVjZDM5
LzEvcWJkYlpOWGFGOWNMdXIyQkdqbW1BdDJ2bGpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjA2BAIAATAwAwQDBTgQAwQE
HwewAwQEUP8AAwQEUV8AAwQFUseAAwQDU45QAwQDXCtoAwQDw4r4MBQEAgACMA4D
BQMqAQSgAwUDKgt2wDANBgkqhkiG9w0BAQsFAAOCAQEAdvd+bT4jVJhWzKOc1OKf
d+wcxEAubNGGytHrcrizV0O+/a6cNrfNHW2+2sBw6Qf+Z0DRhjOJuck4v/ycT4Y4
N2Bwg1zJu5O8zzuzaBII2N3DllLxDKdc66RktcNFVvzSTA6zXcROT3hmSSzySmOE
B6rJXV19dcRjwz1QR7FuPh2bFLGpqtcZSVnv+wEPj20Atxr0ug3qASfskGUiCnUu
o+HhUa3f3tj1y7cY46f0FLB6zIjm2xGK46uKaEnOifv2ia5kBvzSAFEkIx48HHcV
OFaaLfwj+oezD67vkCoE7BoR6+ImUzg3uFV36C32FWCsFYSch6qRf+60Ngaljz13
6w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:40 2024 by rpki-client on console-ams.rpki-client.org