Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/21a927-8dd3-48f7-92ce-02ffceff1acc/1/F7r6O25IKfjCBuarLPyWl3upq8M.roa
File: F7r6O25IKfjCBuarLPyWl3upq8M.roa (raw, json)
Hash identifier: ponPpr22Aa7fANE1TtSzBugWZyM32MqivrPQVUIdXX4=
Subject key identifier: 17:BA:FA:3B:6E:48:29:F8:C2:06:E6:AB:2C:FC:96:97:7B:A9:AB:C3
Certificate issuer: /CN=ecb1ea5a1050a829224ea486c0e22ebfc75d640c
Certificate serial: 01856C9CAE0C1417672661A2BF22071E9476
Authority key identifier: EC:B1:EA:5A:10:50:A8:29:22:4E:A4:86:C0:E2:2E:BF:C7:5D:64:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7LHqWhBQqCkiTqSGwOIuv8ddZAw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/21a927-8dd3-48f7-92ce-02ffceff1acc/1/F7r6O25IKfjCBuarLPyWl3upq8M.roa
Signing time: Sun 01 Jan 2023 09:14:45 +0000
ROA not before: Sun 01 Jan 2023 09:14:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62214
IP address blocks: 79.139.56.0/21 maxlen: 21
92.119.120.0/22 maxlen: 22
193.39.12.0/22 maxlen: 22
185.187.72.0/22 maxlen: 22
185.43.204.0/22 maxlen: 22
193.201.184.0/21 maxlen: 21
46.29.136.0/21 maxlen: 21
185.80.48.0/22 maxlen: 22
2a01:6ee0::/40 maxlen: 40
2a01:6ee0::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:29:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:9c:ae:0c:14:17:67:26:61:a2:bf:22:07:1e:94:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ecb1ea5a1050a829224ea486c0e22ebfc75d640c
Validity
Not Before: Jan 1 09:14:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=17bafa3b6e4829f8c206e6ab2cfc96977ba9abc3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:87:5e:8e:14:52:48:4e:64:f3:52:a3:6d:b4:
bc:21:cb:55:6c:12:63:21:5d:f6:97:fa:bc:4c:de:
61:d9:a4:00:d5:53:54:b5:f8:01:22:99:47:38:1e:
e5:6f:3d:bc:14:3a:0d:27:10:27:29:30:70:0e:00:
71:31:ac:3c:86:2a:10:73:2c:4c:44:47:28:5f:75:
8c:d3:eb:c7:77:25:d7:76:82:13:e4:c8:cd:44:30:
0c:44:e2:da:26:16:87:69:e3:f0:bc:52:eb:0f:5d:
f4:71:62:07:03:d7:72:a7:bd:d6:a8:f6:dc:3b:bc:
9b:90:16:3f:09:b1:b3:7d:70:fc:ee:49:be:cd:0a:
59:80:27:8e:a4:b6:b0:89:72:9f:52:e9:2e:f9:87:
87:40:a1:d1:fa:a3:3d:96:f2:4c:16:98:93:89:02:
49:e9:78:2b:52:1d:f8:ff:6c:c1:10:e7:c8:2f:53:
e1:36:d0:3e:44:d8:5e:62:fa:ef:d7:1f:c4:53:cf:
02:af:a7:36:7d:7a:fc:96:e5:bc:ec:d2:8d:54:db:
39:ec:22:8c:31:6c:c7:58:d9:32:e2:24:ae:32:b9:
96:da:18:02:09:d2:0c:b4:e5:08:08:f7:5e:a2:11:
08:9f:87:82:66:ab:14:be:d9:9e:7c:b5:e5:91:ea:
12:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:BA:FA:3B:6E:48:29:F8:C2:06:E6:AB:2C:FC:96:97:7B:A9:AB:C3
X509v3 Authority Key Identifier:
keyid:EC:B1:EA:5A:10:50:A8:29:22:4E:A4:86:C0:E2:2E:BF:C7:5D:64:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7LHqWhBQqCkiTqSGwOIuv8ddZAw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/21a927-8dd3-48f7-92ce-02ffceff1acc/1/F7r6O25IKfjCBuarLPyWl3upq8M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/21a927-8dd3-48f7-92ce-02ffceff1acc/1/7LHqWhBQqCkiTqSGwOIuv8ddZAw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.29.136.0/21
79.139.56.0/21
92.119.120.0/22
185.43.204.0/22
185.80.48.0/22
185.187.72.0/22
193.39.12.0/22
193.201.184.0/21
IPv6:
2a01:6ee0::/32
Signature Algorithm: sha256WithRSAEncryption
6c:4f:e5:35:ed:16:16:d9:ef:fb:96:10:fd:e9:16:23:a7:bf:
22:99:a4:ff:40:6c:71:1b:e3:ff:bc:84:2a:2a:63:85:39:de:
8f:60:21:aa:f9:4c:a7:24:31:c1:92:b0:f1:d7:c2:14:96:47:
9f:39:ea:a2:e4:a4:4c:4a:0a:0d:3c:59:02:6a:92:99:27:be:
87:c9:7f:7a:5f:84:22:a8:88:67:26:2b:d3:dd:dd:0c:27:a0:
02:e9:f4:32:00:b6:a6:03:c5:74:9e:12:86:36:c4:16:d1:fa:
95:bf:f6:d1:e5:95:53:66:5f:d3:d5:ce:4b:f3:2a:bc:23:26:
93:c5:a4:56:cf:a8:44:fa:fb:cf:71:a7:f8:1b:a7:74:83:d8:
66:64:98:5d:8c:1b:3d:e0:0c:6a:88:89:28:0b:33:b2:4b:a4:
c4:be:3b:99:b7:3b:1c:4f:15:2b:17:0f:ea:ff:d8:75:b2:51:
78:b6:66:f5:bf:a8:39:d7:ca:41:d2:63:7b:3d:2b:be:6b:dc:
f3:3d:3b:4c:8e:7b:76:bd:94:1b:6f:13:8b:be:44:de:99:f1:
78:f6:33:cb:b5:f7:43:93:ef:be:e2:08:d6:9e:73:78:70:54:
a8:ef:f3:7b:a9:25:e5:ce:5a:6a:ad:8f:98:d3:bc:f6:78:48:
11:d3:e0:44
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAYVsnK4MFBdnJmGivyIHHpR2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVjYjFlYTVhMTA1MGE4MjkyMjRlYTQ4NmMwZTIyZWJmYzc1
ZDY0MGMwHhcNMjMwMTAxMDkxNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxN2JhZmEzYjZlNDgyOWY4YzIwNmU2YWIyY2ZjOTY5NzdiYTlhYmMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj4dejhRSSE5k81KjbbS8IctVbBJj
IV32l/q8TN5h2aQA1VNUtfgBIplHOB7lbz28FDoNJxAnKTBwDgBxMaw8hioQcyxM
REcoX3WM0+vHdyXXdoIT5MjNRDAMROLaJhaHaePwvFLrD130cWIHA9dyp73WqPbc
O7ybkBY/CbGzfXD87km+zQpZgCeOpLawiXKfUuku+YeHQKHR+qM9lvJMFpiTiQJJ
6XgrUh34/2zBEOfIL1PhNtA+RNheYvrv1x/EU88Cr6c2fXr8luW87NKNVNs57CKM
MWzHWNky4iSuMrmW2hgCCdIMtOUICPdeohEIn4eCZqsUvtmefLXlkeoSIQIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFBe6+jtuSCn4wgbmqyz8lpd7qavDMB8GA1UdIwQY
MBaAFOyx6loQUKgpIk6khsDiLr/HXWQMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN0xIcVdoQlFxQ2tpVHFTR3dPSXV2OGRkWkF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8yMWE5MjctOGRkMy00OGY3LTkyY2Ut
MDJmZmNlZmYxYWNjLzEvRjdyNk8yNUlLZmpDQnVhckxQeVdsM3VwcThNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC8yMWE5MjctOGRkMy00OGY3LTkyY2UtMDJmZmNlZmYxYWNj
LzEvN0xIcVdoQlFxQ2tpVHFTR3dPSXV2OGRkWkF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQDLh2IAwQD
T4s4AwQCXHd4AwQCuSvMAwQCuVAwAwQCubtIAwQCwScMAwQDwcm4MA0EAgACMAcD
BQAqAW7gMA0GCSqGSIb3DQEBCwUAA4IBAQBsT+U17RYW2e/7lhD96RYjp78imaT/
QGxxG+P/vIQqKmOFOd6PYCGq+UynJDHBkrDx18IUlkefOeqi5KRMSgoNPFkCapKZ
J76HyX96X4QiqIhnJivT3d0MJ6AC6fQyALamA8V0nhKGNsQW0fqVv/bR5ZVTZl/T
1c5L8yq8IyaTxaRWz6hE+vvPcaf4G6d0g9hmZJhdjBs94AxqiIkoCzOyS6TEvjuZ
tzscTxUrFw/q/9h1slF4tmb1v6g518pB0mN7PSu+a9zzPTtMjnt2vZQbbxOLvkTe
mfF49jPLtfdDk+++4gjWnnN4cFSo7/N7qSXlzlpqrY+Y07z2eEgR0+BE
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:59 2024 by rpki-client on console-ams.rpki-client.org