Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/8de4a3-8d5a-46b1-a735-2f46e9317cc6/1/7ReJQiitPPrdCcyHa2SJdjSMGKs.roa
File: 7ReJQiitPPrdCcyHa2SJdjSMGKs.roa (raw, json)
Hash identifier: 0nzwQs2gsa1RjK1+6W0LVe+l5VTDjktWz1UzWk6wHpg=
Subject key identifier: ED:17:89:42:28:AD:3C:FA:DD:09:CC:87:6B:64:89:76:34:8C:18:AB
Certificate issuer: /CN=b3b6f54ea9b15a8bd4f33825386cb277b03439dd
Certificate serial: 01856DDD285EB21FB21D64D2974CF56DC488
Authority key identifier: B3:B6:F5:4E:A9:B1:5A:8B:D4:F3:38:25:38:6C:B2:77:B0:34:39:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s7b1TqmxWovU8zglOGyyd7A0Od0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/8de4a3-8d5a-46b1-a735-2f46e9317cc6/1/7ReJQiitPPrdCcyHa2SJdjSMGKs.roa
Signing time: Sun 01 Jan 2023 15:04:48 +0000
ROA not before: Sun 01 Jan 2023 15:04:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42184
IP address blocks: 185.64.168.0/22 maxlen: 24
45.82.124.0/22 maxlen: 24
185.143.168.0/22 maxlen: 24
178.251.8.0/21 maxlen: 24
188.64.248.0/21 maxlen: 24
91.190.224.0/21 maxlen: 24
2a02:f08::/32 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:30:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:dd:28:5e:b2:1f:b2:1d:64:d2:97:4c:f5:6d:c4:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b3b6f54ea9b15a8bd4f33825386cb277b03439dd
Validity
Not Before: Jan 1 15:04:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ed17894228ad3cfadd09cc876b648976348c18ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:60:39:df:fa:4a:bb:a3:63:cf:f2:11:8f:bf:
a4:e1:86:51:1d:63:14:15:97:7b:6e:a7:a5:9e:15:
3e:81:d0:3d:fb:3e:22:f8:ac:c9:8f:e8:95:3f:9f:
b6:7b:c3:bd:8c:46:64:b0:0d:8c:76:6c:81:e7:b4:
66:89:33:a5:7c:16:8e:c4:e2:38:16:8f:48:1e:e8:
f5:fb:b8:ea:f9:33:9c:37:5e:2b:53:74:e0:97:cd:
5e:11:64:98:db:d3:0d:a0:5e:74:ad:20:73:98:3a:
8f:f6:3c:03:8d:34:6f:58:a2:6a:bf:63:55:aa:70:
6d:5e:b1:85:76:9e:21:03:2e:14:53:bf:24:93:2b:
8f:e1:8e:c2:11:ca:93:0e:f1:c9:91:8a:8a:18:f2:
1e:94:0d:7b:63:eb:22:9f:23:14:6c:17:ea:c3:03:
78:6b:b7:cf:ae:9d:7d:b1:db:96:36:38:63:62:8e:
b1:26:00:22:b0:a4:7a:b3:55:7a:65:8f:a1:11:dd:
48:b4:32:f1:2c:c8:9b:aa:3d:10:4f:40:42:d0:80:
ca:0c:fb:82:fe:86:d9:bd:ce:70:7d:14:5e:32:25:
71:0e:bc:98:7a:7d:a9:7e:be:d8:12:6f:d6:51:7f:
30:ba:21:f0:eb:73:d5:47:6b:64:2d:a0:fb:2e:8e:
58:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:17:89:42:28:AD:3C:FA:DD:09:CC:87:6B:64:89:76:34:8C:18:AB
X509v3 Authority Key Identifier:
keyid:B3:B6:F5:4E:A9:B1:5A:8B:D4:F3:38:25:38:6C:B2:77:B0:34:39:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s7b1TqmxWovU8zglOGyyd7A0Od0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/8de4a3-8d5a-46b1-a735-2f46e9317cc6/1/7ReJQiitPPrdCcyHa2SJdjSMGKs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/8de4a3-8d5a-46b1-a735-2f46e9317cc6/1/s7b1TqmxWovU8zglOGyyd7A0Od0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.82.124.0/22
91.190.224.0/21
178.251.8.0/21
185.64.168.0/22
185.143.168.0/22
188.64.248.0/21
IPv6:
2a02:f08::/32
Signature Algorithm: sha256WithRSAEncryption
0e:75:cb:3e:0c:5b:e7:e8:9c:85:59:5d:bd:f5:32:69:f9:2b:
5c:4e:3f:ff:3c:ef:ad:98:eb:ef:ba:b4:5c:5f:8c:ea:e9:66:
a7:d2:9c:06:08:db:db:a8:ec:06:5a:44:35:a9:c8:2b:d2:47:
56:a9:fe:3f:13:69:12:5f:e2:0c:9f:93:ca:79:83:a9:b4:d5:
6d:89:2c:75:fb:27:b3:0c:68:79:71:62:0b:52:d5:f2:36:a1:
18:47:97:5a:f8:d5:e9:45:bc:c9:5a:23:5d:45:ea:78:40:23:
85:33:56:67:34:11:89:8d:02:53:e6:5e:99:6c:4e:78:63:92:
dc:ea:78:12:cd:8e:70:5a:14:be:3d:82:9a:81:bd:70:f4:5b:
bf:c3:25:5d:1a:c1:27:a8:54:87:d2:64:17:f9:95:81:7e:b3:
00:20:50:e9:0a:f2:1a:52:99:91:53:df:6b:29:3c:b0:ea:33:
bb:ba:7c:98:d9:0f:52:03:54:ef:8e:51:13:70:c3:60:de:b2:
61:6d:db:82:1d:ba:d0:5a:54:fe:1a:5c:36:8a:a2:43:f5:87:
1c:c3:86:44:4a:5a:5b:ce:f4:04:2c:cd:3f:81:6f:e1:3b:dd:
ab:22:3a:b0:dd:28:21:66:6f:33:4e:a7:05:42:99:c9:79:d4:
da:f3:07:1a
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYVt3Shesh+yHWTSl0z1bcSIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzYjZmNTRlYTliMTVhOGJkNGYzMzgyNTM4NmNiMjc3YjAz
NDM5ZGQwHhcNMjMwMTAxMTUwNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZDE3ODk0MjI4YWQzY2ZhZGQwOWNjODc2YjY0ODk3NjM0OGMxOGFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsWA53/pKu6Njz/IRj7+k4YZRHWMU
FZd7bqelnhU+gdA9+z4i+KzJj+iVP5+2e8O9jEZksA2MdmyB57RmiTOlfBaOxOI4
Fo9IHuj1+7jq+TOcN14rU3Tgl81eEWSY29MNoF50rSBzmDqP9jwDjTRvWKJqv2NV
qnBtXrGFdp4hAy4UU78kkyuP4Y7CEcqTDvHJkYqKGPIelA17Y+sinyMUbBfqwwN4
a7fPrp19sduWNjhjYo6xJgAisKR6s1V6ZY+hEd1ItDLxLMibqj0QT0BC0IDKDPuC
/obZvc5wfRReMiVxDryYen2pfr7YEm/WUX8wuiHw63PVR2tkLaD7Lo5YnwIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFO0XiUIorTz63QnMh2tkiXY0jBirMB8GA1UdIwQY
MBaAFLO29U6psVqL1PM4JThssnewNDndMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczdiMVRxbXhXb3ZVOHpnbE9HeXlkN0EwT2QwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi84ZGU0YTMtOGQ1YS00NmIxLWE3MzUt
MmY0NmU5MzE3Y2M2LzEvN1JlSlFpaXRQUHJkQ2N5SGEyU0pkalNNR0tzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi84ZGU0YTMtOGQ1YS00NmIxLWE3MzUtMmY0NmU5MzE3Y2M2
LzEvczdiMVRxbXhXb3ZVOHpnbE9HeXlkN0EwT2QwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQCLVJ8AwQD
W77gAwQDsvsIAwQCuUCoAwQCuY+oAwQDvED4MA0EAgACMAcDBQAqAg8IMA0GCSqG
SIb3DQEBCwUAA4IBAQAOdcs+DFvn6JyFWV299TJp+StcTj//PO+tmOvvurRcX4zq
6Wan0pwGCNvbqOwGWkQ1qcgr0kdWqf4/E2kSX+IMn5PKeYOptNVtiSx1+yezDGh5
cWILUtXyNqEYR5da+NXpRbzJWiNdRep4QCOFM1ZnNBGJjQJT5l6ZbE54Y5Lc6ngS
zY5wWhS+PYKagb1w9Fu/wyVdGsEnqFSH0mQX+ZWBfrMAIFDpCvIaUpmRU99rKTyw
6jO7unyY2Q9SA1TvjlETcMNg3rJhbduCHbrQWlT+Glw2iqJD9Yccw4ZESlpbzvQE
LM0/gW/hO92rIjqw3SghZm8zTqcFQpnJedTa8wca
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:57 2024 by rpki-client on console-ams.rpki-client.org