Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/p7xjpf3XxDZ5goK401Qe5n_rmM8.roa
File: p7xjpf3XxDZ5goK401Qe5n_rmM8.roa (raw, json)
Hash identifier: J3hxWYUJ+9kGSl+2OOnkMl0YvAzAE7XyCWi1u/JIOHQ=
Subject key identifier: A7:BC:63:A5:FD:D7:C4:36:79:82:82:B8:D3:54:1E:E6:7F:EB:98:CF
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 01867E88262D79FB5F6E80879C3AC1A1A675
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/p7xjpf3XxDZ5goK401Qe5n_rmM8.roa
Signing time: Thu 23 Feb 2023 13:48:17 +0000
ROA not before: Thu 23 Feb 2023 13:48:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197518
IP address blocks: 185.255.200.0/22 maxlen: 22
188.95.248.0/21 maxlen: 21
130.193.104.0/24 maxlen: 24
130.193.104.0/21 maxlen: 21
130.193.108.0/24 maxlen: 24
2a03:680::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:31:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:7e:88:26:2d:79:fb:5f:6e:80:87:9c:3a:c1:a1:a6:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: Feb 23 13:48:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a7bc63a5fdd7c436798282b8d3541ee67feb98cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:ca:4d:1b:2c:1f:de:8a:bc:13:7a:99:05:67:
75:2d:cb:db:6e:80:ad:2b:0b:63:27:dc:ed:ba:a9:
02:85:19:37:8b:52:06:a4:9b:dd:9a:9d:7b:1f:33:
ca:b6:81:8e:67:ac:76:be:8e:ba:4b:c8:9a:08:2c:
d2:25:95:3f:91:ed:5e:09:20:20:9a:41:8e:91:22:
4a:11:d3:d3:47:4f:a1:4d:51:8f:04:74:45:e8:ce:
ec:c4:0c:d1:17:2c:29:7e:05:f5:3e:c0:e9:e7:1f:
44:3e:3d:3e:9f:c1:c3:48:0b:65:25:ce:c2:9b:5a:
f3:13:5e:2f:6c:bd:b0:cd:83:59:b2:e6:aa:5d:ac:
40:37:73:d4:f1:71:7e:75:5a:22:9d:d5:c6:d1:d2:
31:25:12:e7:41:7b:6b:37:b6:4b:21:27:cb:c4:dc:
9e:cc:b7:48:1d:31:ce:3c:00:89:b7:0c:74:9b:53:
d7:b5:a9:91:fb:da:ee:2a:f8:96:55:27:35:df:03:
3a:00:8f:0f:d4:22:84:4a:26:27:2b:2d:b4:65:06:
8d:ac:4a:15:e0:98:a9:3d:36:fe:32:b2:a7:12:42:
53:12:f0:5e:eb:3f:c0:56:b5:64:38:ce:a1:96:72:
be:4d:9e:74:8e:b7:aa:d0:28:2e:1e:f6:0e:3e:fa:
1b:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:BC:63:A5:FD:D7:C4:36:79:82:82:B8:D3:54:1E:E6:7F:EB:98:CF
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/p7xjpf3XxDZ5goK401Qe5n_rmM8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
130.193.104.0/21
185.255.200.0/22
188.95.248.0/21
IPv6:
2a03:680::/32
Signature Algorithm: sha256WithRSAEncryption
3e:35:a5:cc:08:d6:22:22:c9:38:f3:f3:b4:46:8e:8a:3d:2a:
62:df:29:de:2a:47:be:f6:52:91:3f:01:7d:3e:66:92:9b:33:
de:67:44:c4:28:09:bf:47:de:3a:f7:13:22:cb:5a:50:1d:2f:
01:a8:30:b3:dc:dc:32:6a:3c:7c:d2:cd:8c:6a:0a:68:32:9f:
21:fe:d3:39:68:f8:4f:ba:4a:ad:67:97:75:8b:dd:7a:3a:55:
e0:97:e2:e9:d9:54:3f:fb:c0:f2:41:b9:84:5c:b9:0f:26:da:
5c:21:72:cd:b2:3a:33:44:19:69:ca:b7:e7:76:6c:4a:f0:51:
55:42:c7:66:6e:6b:4c:93:0a:d8:84:20:b0:44:3f:3d:ea:75:
4c:e7:c1:1f:09:95:25:da:e3:79:5f:f5:53:cb:18:cc:78:a9:
f5:b6:a3:30:48:e7:2e:86:03:db:b1:81:f3:eb:28:5e:fb:52:
bb:b1:81:7f:58:57:36:84:94:e7:a1:fd:a9:67:5c:e1:af:6c:
7b:2e:49:ac:6f:67:aa:89:cb:5c:f3:7f:a2:fd:cf:28:5f:72:
5f:4a:ee:64:14:f3:46:c4:88:d4:3d:39:03:a9:de:bc:0a:46:
f0:78:21:62:da:6e:5e:96:92:a0:5d:b4:88:60:9e:00:22:b7:
3a:18:09:a8
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYZ+iCYteftfboCHnDrBoaZ1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjMwMjIzMTM0ODE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhN2JjNjNhNWZkZDdjNDM2Nzk4MjgyYjhkMzU0MWVlNjdmZWI5OGNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAncpNGywf3oq8E3qZBWd1LcvbboCt
KwtjJ9ztuqkChRk3i1IGpJvdmp17HzPKtoGOZ6x2vo66S8iaCCzSJZU/ke1eCSAg
mkGOkSJKEdPTR0+hTVGPBHRF6M7sxAzRFywpfgX1PsDp5x9EPj0+n8HDSAtlJc7C
m1rzE14vbL2wzYNZsuaqXaxAN3PU8XF+dVoindXG0dIxJRLnQXtrN7ZLISfLxNye
zLdIHTHOPACJtwx0m1PXtamR+9ruKviWVSc13wM6AI8P1CKESiYnKy20ZQaNrEoV
4JipPTb+MrKnEkJTEvBe6z/AVrVkOM6hlnK+TZ50jreq0CguHvYOPvobuQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFKe8Y6X918Q2eYKCuNNUHuZ/65jPMB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEvcDd4anBmM1h4RFo1Z29LNDAxUWU1bl9ybU04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky
LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDgsFoAwQC
uf/IAwQDvF/4MA0EAgACMAcDBQAqAwaAMA0GCSqGSIb3DQEBCwUAA4IBAQA+NaXM
CNYiIsk48/O0Ro6KPSpi3yneKke+9lKRPwF9PmaSmzPeZ0TEKAm/R9469xMiy1pQ
HS8BqDCz3Nwyajx80s2MagpoMp8h/tM5aPhPukqtZ5d1i916OlXgl+Lp2VQ/+8Dy
QbmEXLkPJtpcIXLNsjozRBlpyrfndmxK8FFVQsdmbmtMkwrYhCCwRD896nVM58Ef
CZUl2uN5X/VTyxjMeKn1tqMwSOcuhgPbsYHz6yhe+1K7sYF/WFc2hJTnof2pZ1zh
r2x7Lkmsb2eqictc83+i/c8oX3JfSu5kFPNGxIjUPTkDqd68CkbweCFi2m5elpKg
XbSIYJ4AIrc6GAmo
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:14 2024 by rpki-client on console-fra.rpki-client.org