Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/7VfVigf9Gso3NB3XezON165TV9Y.roa
File: 7VfVigf9Gso3NB3XezON165TV9Y.roa (raw, json)
Hash identifier: uOxKN0CdNvKUkhtAoXYBeJzq1LaxfLVfvrLcSDrlpu0=
Subject key identifier: ED:57:D5:8A:07:FD:1A:CA:37:34:1D:D7:7B:33:8D:D7:AE:53:57:D6
Certificate issuer: /CN=ec6b42021886d8eedbae90d9e6ab1de533c50d20
Certificate serial: 018CC94E5A968BB176F2348C1CD7C2D23E59
Authority key identifier: EC:6B:42:02:18:86:D8:EE:DB:AE:90:D9:E6:AB:1D:E5:33:C5:0D:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7GtCAhiG2O7brpDZ5qsd5TPFDSA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/7VfVigf9Gso3NB3XezON165TV9Y.roa
Signing time: Tue 02 Jan 2024 08:33:24 +0000
ROA not before: Tue 02 Jan 2024 08:33:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 1299
IP address blocks: 46.245.176.0/21 maxlen: 24
89.38.36.0/23 maxlen: 24
185.187.64.0/22 maxlen: 24
91.230.172.0/22 maxlen: 24
91.90.144.0/20 maxlen: 24
195.93.242.0/23 maxlen: 24
109.70.216.0/21 maxlen: 24
86.105.222.0/23 maxlen: 24
2a00:14e0::/29 maxlen: 48
Validation: Failed, certificate revoked on Fri 26 Apr 2024 15:59:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:5a:96:8b:b1:76:f2:34:8c:1c:d7:c2:d2:3e:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ec6b42021886d8eedbae90d9e6ab1de533c50d20
Validity
Not Before: Jan 2 08:33:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ed57d58a07fd1aca37341dd77b338dd7ae5357d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:ed:d1:ca:4c:64:a8:7b:a1:af:a4:f0:87:06:
a4:8d:29:56:95:3d:25:6d:de:3a:2c:28:9f:93:ef:
ac:e1:32:c8:7a:88:58:16:d6:d6:9b:2e:bc:bc:8e:
e0:e5:d5:f0:f7:b6:64:37:21:43:83:1e:b3:54:c4:
c8:3f:af:b1:e8:e0:ad:2d:f9:3b:fd:99:82:df:6b:
07:60:0a:ad:63:76:24:5b:73:38:89:0d:08:dd:7d:
54:59:86:70:37:f2:5a:13:1c:e4:3b:97:25:aa:98:
be:b0:23:49:7d:00:76:62:09:d8:ad:6d:09:cb:db:
4f:11:9c:13:38:dd:aa:4a:60:c3:2f:3e:61:4e:45:
3c:e2:fe:5a:96:6c:af:55:83:25:6a:b8:98:a5:03:
53:a2:7a:65:72:4e:76:50:f2:cb:3e:e4:80:0a:a6:
e5:28:e2:c2:d3:af:0d:bc:80:c4:a7:ed:03:6f:84:
eb:88:ea:86:9e:b7:81:2f:9f:e0:e5:6f:2d:b7:85:
6c:a0:18:a2:d6:01:3c:e7:be:63:ce:60:3d:24:80:
2a:05:66:c0:ac:1c:72:04:e2:2f:e9:a5:c2:a6:03:
8f:a2:c0:f4:8c:2a:3c:e4:eb:18:03:26:a4:21:44:
c3:c7:13:f4:f3:5b:be:eb:b5:c9:16:59:c1:76:9b:
f1:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:57:D5:8A:07:FD:1A:CA:37:34:1D:D7:7B:33:8D:D7:AE:53:57:D6
X509v3 Authority Key Identifier:
keyid:EC:6B:42:02:18:86:D8:EE:DB:AE:90:D9:E6:AB:1D:E5:33:C5:0D:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7GtCAhiG2O7brpDZ5qsd5TPFDSA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/7VfVigf9Gso3NB3XezON165TV9Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/7GtCAhiG2O7brpDZ5qsd5TPFDSA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.245.176.0/21
86.105.222.0/23
89.38.36.0/23
91.90.144.0/20
91.230.172.0/22
109.70.216.0/21
185.187.64.0/22
195.93.242.0/23
IPv6:
2a00:14e0::/29
Signature Algorithm: sha256WithRSAEncryption
a8:91:24:c6:c4:13:cc:a7:cb:ce:7c:43:65:c0:90:2f:60:ba:
f6:d6:b8:10:48:a2:88:3b:c6:17:93:01:31:e6:4c:5a:3b:bc:
9b:e4:fc:e7:7c:45:cb:9d:77:ef:80:e9:23:6b:96:64:49:2c:
be:dd:03:04:68:1e:01:c5:67:21:b3:08:d5:12:ab:58:0a:f9:
81:4b:71:23:d5:03:d7:21:b9:87:f6:cb:08:8e:d4:60:f1:f9:
e1:72:ce:3d:0c:98:61:c2:ca:e2:a5:86:ca:2b:22:21:6d:3d:
01:3e:c7:84:c6:a2:28:ea:18:90:2f:8c:ee:3f:69:44:8b:5e:
2f:5a:92:24:73:de:f1:f5:78:bc:41:55:9c:23:75:34:ef:ad:
50:d7:02:9c:65:a7:fc:21:4c:2f:9a:4b:04:2a:29:15:02:a8:
f7:c9:a4:7e:eb:a8:b3:9f:8b:58:a3:be:71:31:8e:95:03:5e:
41:96:63:3d:75:09:5e:78:bf:8c:c7:d1:a1:54:78:b3:62:e2:
6f:80:ec:9b:11:84:1e:5d:0a:d8:fc:98:3c:85:af:3e:af:59:
7f:e0:1d:13:0c:02:d9:29:08:10:be:2e:86:f3:94:4d:4d:28:
22:ae:08:db:e2:37:df:aa:c8:60:5e:a5:16:52:34:fc:b8:bc:
6d:f2:d3:85
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAYzJTlqWi7F28jSMHNfC0j5ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVjNmI0MjAyMTg4NmQ4ZWVkYmFlOTBkOWU2YWIxZGU1MzNj
NTBkMjAwHhcNMjQwMTAyMDgzMzI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZDU3ZDU4YTA3ZmQxYWNhMzczNDFkZDc3YjMzOGRkN2FlNTM1N2Q2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAse3RykxkqHuhr6TwhwakjSlWlT0l
bd46LCifk++s4TLIeohYFtbWmy68vI7g5dXw97ZkNyFDgx6zVMTIP6+x6OCtLfk7
/ZmC32sHYAqtY3YkW3M4iQ0I3X1UWYZwN/JaExzkO5clqpi+sCNJfQB2YgnYrW0J
y9tPEZwTON2qSmDDLz5hTkU84v5almyvVYMlariYpQNTonplck52UPLLPuSACqbl
KOLC068NvIDEp+0Db4TriOqGnreBL5/g5W8tt4VsoBii1gE8575jzmA9JIAqBWbA
rBxyBOIv6aXCpgOPosD0jCo85OsYAyakIUTDxxP081u+67XJFlnBdpvxlwIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFO1X1YoH/RrKNzQd13szjdeuU1fWMB8GA1UdIwQY
MBaAFOxrQgIYhtju266Q2earHeUzxQ0gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN0d0Q0FoaUcyTzdicnBEWjVxc2Q1VFBGRFNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8yNmMzZTEtNjQ4Ni00ZTA5LTk5YTQt
YTY4NzNiMzc0ZTI2LzEvN1ZmVmlnZjlHc28zTkIzWGV6T04xNjVUVjlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8yNmMzZTEtNjQ4Ni00ZTA5LTk5YTQtYTY4NzNiMzc0ZTI2
LzEvN0d0Q0FoaUcyTzdicnBEWjVxc2Q1VFBGRFNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQDLvWwAwQB
VmneAwQBWSYkAwQEW1qQAwQCW+asAwQDbUbYAwQCubtAAwQBw13yMA0EAgACMAcD
BQMqABTgMA0GCSqGSIb3DQEBCwUAA4IBAQCokSTGxBPMp8vOfENlwJAvYLr21rgQ
SKKIO8YXkwEx5kxaO7yb5PznfEXLnXfvgOkja5ZkSSy+3QMEaB4BxWchswjVEqtY
CvmBS3Ej1QPXIbmH9ssIjtRg8fnhcs49DJhhwsripYbKKyIhbT0BPseExqIo6hiQ
L4zuP2lEi14vWpIkc97x9Xi8QVWcI3U0761Q1wKcZaf8IUwvmksEKikVAqj3yaR+
66izn4tYo75xMY6VA15BlmM9dQleeL+Mx9GhVHizYuJvgOybEYQeXQrY/Jg8ha8+
r1l/4B0TDALZKQgQvi6G85RNTSgirgjb4jffqshgXqUWUjT8uLxt8tOF
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:21 2024 by rpki-client on console-ams.rpki-client.org