Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/01dc3c-d926-4cdf-9787-be044a4df3a0/1/7Tv2d64TWWTR8eZ7kTkTJxP0nl0.roa
File: 7Tv2d64TWWTR8eZ7kTkTJxP0nl0.roa (raw, json)
Hash identifier: 7c5ZQkw8mOUZTtMEjnUxYEg2uHrFjldSKvamYR+HSUE=
Subject key identifier: ED:3B:F6:77:AE:13:59:64:D1:F1:E6:7B:91:39:13:27:13:F4:9E:5D
Certificate issuer: /CN=3595c7bc7e5fcd769ed6e53111f3c5e4891f9da1
Certificate serial: 01856D386730AAB97EB1AA567A26A6052676
Authority key identifier: 35:95:C7:BC:7E:5F:CD:76:9E:D6:E5:31:11:F3:C5:E4:89:1F:9D:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NZXHvH5fzXae1uUxEfPF5IkfnaE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/01dc3c-d926-4cdf-9787-be044a4df3a0/1/7Tv2d64TWWTR8eZ7kTkTJxP0nl0.roa
Signing time: Sun 01 Jan 2023 12:04:51 +0000
ROA not before: Sun 01 Jan 2023 12:04:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201500
IP address blocks: 185.72.213.0/24 maxlen: 24
185.72.212.0/24 maxlen: 24
185.72.212.0/22 maxlen: 22
185.72.212.0/23 maxlen: 23
185.72.214.0/24 maxlen: 24
185.72.214.0/23 maxlen: 23
185.72.215.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:31:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:38:67:30:aa:b9:7e:b1:aa:56:7a:26:a6:05:26:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3595c7bc7e5fcd769ed6e53111f3c5e4891f9da1
Validity
Not Before: Jan 1 12:04:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ed3bf677ae135964d1f1e67b9139132713f49e5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:6e:11:d6:01:42:7f:8e:0f:43:72:ff:25:02:
2f:86:15:30:f2:0b:2c:d5:c6:b8:d9:95:73:20:a3:
8f:a6:c6:17:34:e3:ec:43:87:85:69:dd:6a:3f:5e:
d8:5f:c6:c5:a3:64:06:4f:8d:11:eb:37:cd:0f:6f:
a1:1f:ba:c2:24:4c:95:b9:cd:d0:12:94:19:f8:07:
8c:78:1b:1f:42:3a:42:0e:9a:36:58:77:14:22:77:
d3:19:b9:ee:e5:91:50:a6:fb:c9:21:b0:dd:29:ba:
3b:25:54:88:b4:ee:c6:59:82:bc:86:48:09:11:bf:
de:78:34:75:21:e5:1e:3d:51:4f:a2:4a:40:b4:d0:
5a:9d:5d:50:e2:c2:6d:aa:a3:b8:5a:cc:2b:0a:bd:
be:22:0f:66:ec:18:92:d7:97:c8:de:f4:78:64:b7:
90:d9:8a:ee:fb:5d:53:87:0a:ac:b4:2a:2b:b8:76:
eb:72:1c:3d:32:74:cb:c5:c0:42:e9:96:71:d8:e4:
90:ed:56:81:3d:08:07:ae:ae:7a:70:00:ff:e2:dd:
e4:5c:80:26:2c:bf:0b:db:f1:ec:21:cc:74:73:06:
df:65:0b:f5:67:ed:4e:d7:d3:5c:62:74:36:cf:48:
15:e7:65:ed:d6:6f:77:d9:fd:a5:05:29:4b:c8:4b:
f6:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:3B:F6:77:AE:13:59:64:D1:F1:E6:7B:91:39:13:27:13:F4:9E:5D
X509v3 Authority Key Identifier:
keyid:35:95:C7:BC:7E:5F:CD:76:9E:D6:E5:31:11:F3:C5:E4:89:1F:9D:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NZXHvH5fzXae1uUxEfPF5IkfnaE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/01dc3c-d926-4cdf-9787-be044a4df3a0/1/7Tv2d64TWWTR8eZ7kTkTJxP0nl0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/01dc3c-d926-4cdf-9787-be044a4df3a0/1/NZXHvH5fzXae1uUxEfPF5IkfnaE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.72.212.0/22
Signature Algorithm: sha256WithRSAEncryption
01:02:31:b7:3e:86:36:b1:ca:89:ad:b5:c3:1c:2d:ba:22:6e:
95:ef:61:d4:d0:57:d5:5c:08:02:9c:04:45:5c:b7:7f:6f:01:
9b:b0:8b:03:6f:a0:d5:7f:a3:ed:e9:92:4a:8a:87:59:bb:9a:
9a:df:92:6e:29:4e:19:66:e3:d2:23:fa:40:55:f0:46:3a:c9:
cc:e3:5f:1a:ad:52:d9:8f:bc:57:68:da:ce:8d:1c:ca:3c:82:
2a:11:2b:e1:9b:3d:e4:dd:f7:c6:9f:de:1f:c2:e2:52:dd:9d:
21:dc:9b:cd:32:44:58:5e:e6:a7:20:fd:84:37:b1:81:d8:1b:
ef:26:0e:20:77:d0:f8:48:18:a3:08:07:29:e5:4c:87:7d:6c:
57:f2:d0:7b:b0:8d:6b:35:56:c9:10:46:35:11:26:f6:81:f8:
03:4d:44:6a:99:d3:83:36:c6:6b:bd:06:52:2b:cd:c6:da:16:
48:78:39:58:cc:c3:51:f4:a9:fd:64:82:8d:77:bf:7d:40:b7:
43:f5:99:37:12:7b:dd:3d:ab:e4:ca:6b:19:5d:37:d0:d8:1b:
ff:04:77:90:e1:bd:1e:d2:4d:63:45:5b:4f:e7:4f:e9:60:dd:
11:eb:9b:ce:68:23:76:7b:c5:2b:61:0a:8c:90:27:51:27:da:
40:da:ca:07
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtOGcwqrl+sapWeiamBSZ2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1OTVjN2JjN2U1ZmNkNzY5ZWQ2ZTUzMTExZjNjNWU0ODkx
ZjlkYTEwHhcNMjMwMTAxMTIwNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZDNiZjY3N2FlMTM1OTY0ZDFmMWU2N2I5MTM5MTMyNzEzZjQ5ZTVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuG4R1gFCf44PQ3L/JQIvhhUw8gss
1ca42ZVzIKOPpsYXNOPsQ4eFad1qP17YX8bFo2QGT40R6zfND2+hH7rCJEyVuc3Q
EpQZ+AeMeBsfQjpCDpo2WHcUInfTGbnu5ZFQpvvJIbDdKbo7JVSItO7GWYK8hkgJ
Eb/eeDR1IeUePVFPokpAtNBanV1Q4sJtqqO4WswrCr2+Ig9m7BiS15fI3vR4ZLeQ
2Yru+11ThwqstCoruHbrchw9MnTLxcBC6ZZx2OSQ7VaBPQgHrq56cAD/4t3kXIAm
LL8L2/HsIcx0cwbfZQv1Z+1O19NcYnQ2z0gV52Xt1m932f2lBSlLyEv2XwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFO079neuE1lk0fHme5E5EycT9J5dMB8GA1UdIwQY
MBaAFDWVx7x+X812ntblMRHzxeSJH52hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlpYSHZINWZ6WGFlMXVVeEVmUEY1SWtmbmFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi8wMWRjM2MtZDkyNi00Y2RmLTk3ODct
YmUwNDRhNGRmM2EwLzEvN1R2MmQ2NFRXV1RSOGVaN2tUa1RKeFAwbmwwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi8wMWRjM2MtZDkyNi00Y2RmLTk3ODctYmUwNDRhNGRmM2Ew
LzEvTlpYSHZINWZ6WGFlMXVVeEVmUEY1SWtmbmFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuUjUMA0G
CSqGSIb3DQEBCwUAA4IBAQABAjG3PoY2scqJrbXDHC26Im6V72HU0FfVXAgCnARF
XLd/bwGbsIsDb6DVf6Pt6ZJKiodZu5qa35JuKU4ZZuPSI/pAVfBGOsnM418arVLZ
j7xXaNrOjRzKPIIqESvhmz3k3ffGn94fwuJS3Z0h3JvNMkRYXuanIP2EN7GB2Bvv
Jg4gd9D4SBijCAcp5UyHfWxX8tB7sI1rNVbJEEY1ESb2gfgDTURqmdODNsZrvQZS
K83G2hZIeDlYzMNR9Kn9ZIKNd799QLdD9Zk3EnvdPavkymsZXTfQ2Bv/BHeQ4b0e
0k1jRVtP50/pYN0R65vOaCN2e8UrYQqMkCdRJ9pA2soH
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:18 2024 by rpki-client on console-fra.rpki-client.org