Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/CWEMSvkN6YTCoUpYuATrP4yLFgM.roa
File: CWEMSvkN6YTCoUpYuATrP4yLFgM.roa (raw, json)
Hash identifier: 6v8LMIZ6jgY9BYuGbpHcZrizvJAuQ3Yuf7gYgyYVcSQ=
Subject key identifier: 09:61:0C:4A:F9:0D:E9:84:C2:A1:4A:58:B8:04:EB:3F:8C:8B:16:03
Certificate issuer: /CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Certificate serial: 0187223DA0874E947568F77F5D4CB4A5F53C
Authority key identifier: 7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/CWEMSvkN6YTCoUpYuATrP4yLFgM.roa
Signing time: Mon 27 Mar 2023 08:44:36 +0000
ROA not before: Mon 27 Mar 2023 08:44:36 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7018
IP address blocks: 79.172.224.0/24 maxlen: 24
217.144.59.0/24 maxlen: 24
217.144.60.0/24 maxlen: 24
79.172.228.0/24 maxlen: 24
79.172.250.0/24 maxlen: 24
213.181.217.0/24 maxlen: 24
213.181.218.0/24 maxlen: 24
213.181.216.0/24 maxlen: 24
213.181.221.0/24 maxlen: 24
79.172.192.0/24 maxlen: 24
79.172.207.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:22:3d:a0:87:4e:94:75:68:f7:7f:5d:4c:b4:a5:f5:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Validity
Not Before: Mar 27 08:44:36 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=09610c4af90de984c2a14a58b804eb3f8c8b1603
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:70:3b:ef:a1:e7:7e:54:c5:48:01:19:c7:38:
4d:f8:8e:23:9e:94:bb:b8:7a:f4:22:c6:45:0c:c3:
1d:88:a5:7a:a5:40:5e:63:d9:c9:1d:6b:2c:ac:49:
36:a3:af:80:5e:89:8f:61:ca:da:4d:b2:a8:cd:7b:
86:33:08:76:4e:f0:49:34:e0:a2:80:5b:38:eb:f8:
55:42:a1:fe:9d:93:e6:a6:59:25:55:f2:4a:94:5a:
d7:93:b3:80:bd:52:bc:4c:26:7f:0d:ff:d0:a7:de:
30:94:eb:a4:2f:ae:c9:56:4c:1f:6c:f5:23:4c:c8:
76:41:9a:f1:32:4d:a7:a0:c1:10:85:04:5b:a5:2e:
59:ff:02:d7:90:7c:6f:80:04:96:38:b0:17:fc:a8:
87:16:6c:c9:f1:cc:88:53:1e:fa:d9:ba:e4:b3:2f:
a5:94:83:18:90:31:a3:d8:3e:1a:1b:65:87:35:3a:
65:b9:d2:00:e1:7a:aa:f1:7a:b8:ea:ab:87:03:0b:
ae:6c:be:e4:d4:7f:ae:b7:be:08:dd:2c:1c:0f:9b:
fa:3b:d9:45:71:28:a2:b0:ea:80:2f:30:c3:fe:b4:
f6:cc:de:1e:4c:ce:de:85:aa:d7:38:92:90:39:7a:
20:a4:ba:b7:fe:8c:b5:1d:16:09:26:14:3b:5d:7f:
28:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:61:0C:4A:F9:0D:E9:84:C2:A1:4A:58:B8:04:EB:3F:8C:8B:16:03
X509v3 Authority Key Identifier:
keyid:7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/CWEMSvkN6YTCoUpYuATrP4yLFgM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.172.192.0/24
79.172.207.0/24
79.172.224.0/24
79.172.228.0/24
79.172.250.0/24
213.181.216.0-213.181.218.255
213.181.221.0/24
217.144.59.0-217.144.60.255
Signature Algorithm: sha256WithRSAEncryption
33:7a:22:03:73:16:9f:7d:44:6a:73:ca:eb:f6:0c:8b:6a:9a:
71:43:78:ea:33:4b:aa:4e:03:02:e8:6b:b7:89:c5:c2:f3:45:
fe:cf:61:bc:cd:24:24:f0:9e:59:53:e8:46:5a:aa:34:4d:ae:
22:34:45:00:61:e5:05:d9:a0:f1:0a:73:f5:6c:bf:1c:64:af:
ed:60:7d:f3:ec:0c:a8:e6:8b:72:83:c8:37:e7:7d:1b:83:2b:
6f:b0:e4:d6:76:79:6b:54:8b:17:55:52:64:6b:6c:0a:b5:e7:
f0:52:bf:ef:8b:d3:40:b2:35:9c:36:d4:60:7d:6d:42:10:cb:
08:94:16:71:a3:48:26:a7:9d:5a:3e:f6:6b:45:7c:37:f6:2b:
d5:4c:6e:9a:10:db:b4:de:e6:d3:7e:33:1e:10:95:85:2c:e3:
c0:94:51:42:96:52:0f:04:56:b2:65:88:5b:af:b5:d6:0a:ee:
a0:b6:4e:56:3f:03:bf:e2:83:10:82:9c:7d:4a:0a:d5:57:65:
79:b7:25:8d:78:ce:e0:b2:64:dc:81:78:c0:b8:42:c0:2b:dd:
bf:f1:c7:d2:d5:9a:7d:d3:6a:74:60:c1:1b:f5:68:fd:68:59:
e6:96:cf:c1:d7:1b:20:04:d7:f3:63:77:70:99:a6:bb:de:86:
a7:d9:a1:aa
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISAYciPaCHTpR1aPd/XUy0pfU8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiNWUzN2Y2ZTNiOWJkMWNmMzY4NGI5YzAzYzAzYWQxY2E2
NDI0OTcwHhcNMjMwMzI3MDg0NDM2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTYxMGM0YWY5MGRlOTg0YzJhMTRhNThiODA0ZWIzZjhjOGIxNjAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu3A776HnflTFSAEZxzhN+I4jnpS7
uHr0IsZFDMMdiKV6pUBeY9nJHWssrEk2o6+AXomPYcraTbKozXuGMwh2TvBJNOCi
gFs46/hVQqH+nZPmplklVfJKlFrXk7OAvVK8TCZ/Df/Qp94wlOukL67JVkwfbPUj
TMh2QZrxMk2noMEQhQRbpS5Z/wLXkHxvgASWOLAX/KiHFmzJ8cyIUx762brksy+l
lIMYkDGj2D4aG2WHNTpludIA4Xqq8Xq46quHAwuubL7k1H+ut74I3SwcD5v6O9lF
cSiisOqALzDD/rT2zN4eTM7eharXOJKQOXogpLq3/oy1HRYJJhQ7XX8o4QIDAQAB
o4ICQzCCAj8wHQYDVR0OBBYEFAlhDEr5DemEwqFKWLgE6z+MixYDMB8GA1UdIwQY
MBaAFHteN/bjub0c82hLnAPAOtHKZCSXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUt
OTU5M2E0ODhhZmNjLzEvQ1dFTVN2a042WVRDb1VwWXVBVHJQNHlMRmdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUtOTU5M2E0ODhhZmNj
LzEvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFkGCCsGAQUFBwEHAQH/BEowSDBGBAIAATBAAwQAT6zAAwQA
T6zPAwQAT6zgAwQAT6zkAwQAT6z6MAwDBAPVtdgDBADVtdoDBADVtd0wDAMEANmQ
OwMEANmQPDANBgkqhkiG9w0BAQsFAAOCAQEAM3oiA3MWn31EanPK6/YMi2qacUN4
6jNLqk4DAuhrt4nFwvNF/s9hvM0kJPCeWVPoRlqqNE2uIjRFAGHlBdmg8Qpz9Wy/
HGSv7WB98+wMqOaLcoPIN+d9G4Mrb7Dk1nZ5a1SLF1VSZGtsCrXn8FK/74vTQLI1
nDbUYH1tQhDLCJQWcaNIJqedWj72a0V8N/Yr1UxumhDbtN7m034zHhCVhSzjwJRR
QpZSDwRWsmWIW6+11gruoLZOVj8Dv+KDEIKcfUoK1VdlebcljXjO4LJk3IF4wLhC
wCvdv/HH0tWafdNqdGDBG/Vo/WhZ5pbPwdcbIATX82N3cJmmu96Gp9mhqg==
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:02:44 2024 by rpki-client on console-ams.rpki-client.org