Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/b3ExQWcTrBZqMFXGxfJOLCQODTs.roa
File: b3ExQWcTrBZqMFXGxfJOLCQODTs.roa (raw, json)
Hash identifier: KGtEDB1BVx2J7GGQlh2vibNAfmxl4D5z787tcHx6mLo=
Subject key identifier: 6F:71:31:41:67:13:AC:16:6A:30:55:C6:C5:F2:4E:2C:24:0E:0D:3B
Certificate issuer: /CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Certificate serial: 018DA2B8E181EF8A53CA832907106055406C
Authority key identifier: 7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/b3ExQWcTrBZqMFXGxfJOLCQODTs.roa
Signing time: Tue 13 Feb 2024 13:47:21 +0000
ROA not before: Tue 13 Feb 2024 13:47:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29278
IP address blocks: 79.172.192.0/18 maxlen: 18
84.21.0.0/19 maxlen: 19
84.21.7.0/24 maxlen: 24
84.21.8.0/24 maxlen: 24
84.21.11.0/24 maxlen: 24
84.21.15.0/24 maxlen: 24
84.21.16.0/24 maxlen: 24
84.21.18.0/24 maxlen: 24
84.21.19.0/24 maxlen: 24
87.229.0.0/17 maxlen: 17
87.229.12.0/24 maxlen: 24
87.229.14.0/24 maxlen: 24
87.229.26.0/24 maxlen: 24
87.229.32.0/24 maxlen: 24
87.229.33.0/24 maxlen: 24
87.229.40.0/23 maxlen: 23
87.229.45.0/24 maxlen: 24
87.229.53.0/24 maxlen: 24
87.229.54.0/24 maxlen: 24
87.229.55.0/24 maxlen: 24
87.229.58.0/24 maxlen: 24
87.229.64.0/19 maxlen: 24
87.229.96.0/23 maxlen: 24
87.229.105.0/24 maxlen: 24
87.229.112.0/20 maxlen: 24
87.229.115.0/24 maxlen: 24
95.138.192.0/21 maxlen: 21
178.238.208.0/20 maxlen: 20
178.238.208.0/21 maxlen: 21
178.238.216.0/21 maxlen: 21
213.181.200.0/24 maxlen: 24
213.181.204.0/24 maxlen: 24
213.181.205.0/24 maxlen: 24
213.181.207.0/24 maxlen: 24
213.181.210.0/24 maxlen: 24
213.181.211.0/24 maxlen: 24
213.181.219.0/24 maxlen: 24
213.181.221.0/24 maxlen: 24
217.113.49.0/24 maxlen: 24
217.113.50.0/24 maxlen: 24
217.113.51.0/24 maxlen: 24
217.113.53.0/24 maxlen: 24
217.113.61.0/24 maxlen: 24
217.113.63.0/24 maxlen: 24
217.144.48.0/23 maxlen: 23
217.144.50.0/24 maxlen: 24
217.144.56.0/21 maxlen: 21
2a02:730::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 22 Feb 2024 15:12:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:a2:b8:e1:81:ef:8a:53:ca:83:29:07:10:60:55:40:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Validity
Not Before: Feb 13 13:47:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6f7131416713ac166a3055c6c5f24e2c240e0d3b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:d0:d1:22:b9:ba:8a:05:7c:b7:f5:5e:67:d1:
c9:25:d8:3b:96:ab:6a:24:92:fc:6f:c6:b0:36:9a:
16:63:55:e8:2e:2f:5e:b2:b4:9c:3d:ad:75:e5:e0:
5f:5f:37:df:9e:36:e9:ba:6b:e3:e4:1d:47:f5:98:
28:69:cc:a3:ec:fe:b2:30:a0:79:dd:5c:09:45:22:
02:f4:d0:06:38:f2:15:3c:c3:48:d0:cf:fd:09:1e:
db:39:22:49:d4:33:b1:67:7d:1e:c3:68:2b:e9:b5:
6b:80:65:10:a8:72:88:bb:32:17:d0:0d:2b:1e:b6:
c0:21:49:51:32:0b:cd:7f:a2:88:d4:2f:b1:21:b2:
0a:60:cd:2a:16:f6:71:84:76:3f:dd:b4:a1:56:65:
50:6a:cb:b0:cf:cb:e7:d2:c8:f9:e7:47:00:38:ef:
3a:62:b1:41:cb:c8:93:a5:16:6a:29:04:d7:24:83:
51:cb:cd:d4:11:29:29:14:a9:36:c4:27:20:bc:34:
4c:ec:fe:be:f1:57:ad:36:25:f5:ef:67:87:7f:4f:
98:7d:50:16:a3:ec:39:bf:14:b3:ea:6e:5b:b7:45:
3d:d5:2a:66:1f:b6:f1:88:36:35:01:1c:9c:e7:73:
fa:6a:84:f6:62:ca:2e:29:15:ea:c9:05:13:f3:c6:
6d:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:71:31:41:67:13:AC:16:6A:30:55:C6:C5:F2:4E:2C:24:0E:0D:3B
X509v3 Authority Key Identifier:
keyid:7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/b3ExQWcTrBZqMFXGxfJOLCQODTs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.172.192.0/18
84.21.0.0/19
87.229.0.0/17
95.138.192.0/21
178.238.208.0/20
213.181.200.0/24
213.181.204.0/23
213.181.207.0/24
213.181.210.0/23
213.181.219.0/24
213.181.221.0/24
217.113.49.0-217.113.51.255
217.113.53.0/24
217.113.61.0/24
217.113.63.0/24
217.144.48.0-217.144.50.255
217.144.56.0/21
IPv6:
2a02:730::/32
Signature Algorithm: sha256WithRSAEncryption
1b:75:21:9f:97:6a:44:d8:a3:80:a2:86:22:f6:9b:1c:37:4c:
0a:c6:2d:13:76:a7:96:fc:df:b2:b7:7d:74:03:00:cf:00:1b:
1b:c9:60:1b:5e:ad:64:a7:43:da:d1:1b:f7:53:e9:25:fc:1e:
97:95:f2:af:c8:22:4f:b1:fd:86:23:04:3b:72:90:80:7b:67:
ae:b6:a0:8c:f2:d6:b8:5d:17:04:e8:f8:de:5e:4b:74:d7:d0:
e5:97:bd:19:c4:a7:aa:09:41:6f:7d:4d:6d:4c:ab:e3:55:85:
1b:13:c8:21:04:93:b5:c9:e5:24:81:0a:14:e7:d6:97:b0:72:
a6:83:bb:8e:b8:a8:9a:90:3a:66:2b:f8:d6:21:71:65:81:e8:
3c:3f:6d:0b:6f:5d:4b:f1:5b:78:f4:83:9c:b4:fb:2e:9a:43:
b9:b5:9e:c1:19:b2:4b:29:22:d7:f6:60:c3:d3:1e:70:c0:47:
7a:6a:0d:52:80:e6:e3:b5:02:69:da:70:57:d8:60:d2:60:1d:
c0:1b:36:fc:9b:25:fc:9a:ab:20:47:d8:aa:05:63:66:66:94:
1e:bb:eb:fe:64:74:67:fd:0c:e4:c1:f3:fd:a4:2f:1a:c4:db:
8e:b5:54:dc:6a:d9:11:28:59:49:6e:8a:33:12:0d:78:bf:97:
90:f5:59:26
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgISAY2iuOGB74pTyoMpBxBgVUBsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiNWUzN2Y2ZTNiOWJkMWNmMzY4NGI5YzAzYzAzYWQxY2E2
NDI0OTcwHhcNMjQwMjEzMTM0NzIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZjcxMzE0MTY3MTNhYzE2NmEzMDU1YzZjNWYyNGUyYzI0MGUwZDNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5NDRIrm6igV8t/VeZ9HJJdg7lqtq
JJL8b8awNpoWY1XoLi9esrScPa115eBfXzffnjbpumvj5B1H9Zgoacyj7P6yMKB5
3VwJRSIC9NAGOPIVPMNI0M/9CR7bOSJJ1DOxZ30ew2gr6bVrgGUQqHKIuzIX0A0r
HrbAIUlRMgvNf6KI1C+xIbIKYM0qFvZxhHY/3bShVmVQasuwz8vn0sj550cAOO86
YrFBy8iTpRZqKQTXJINRy83UESkpFKk2xCcgvDRM7P6+8VetNiX172eHf0+YfVAW
o+w5vxSz6m5bt0U91SpmH7bxiDY1ARyc53P6aoT2YsouKRXqyQUT88ZtqQIDAQAB
o4ICizCCAocwHQYDVR0OBBYEFG9xMUFnE6wWajBVxsXyTiwkDg07MB8GA1UdIwQY
MBaAFHteN/bjub0c82hLnAPAOtHKZCSXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUt
OTU5M2E0ODhhZmNjLzEvYjNFeFFXY1RyQlpxTUZYR3hmSk9MQ1FPRFRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUtOTU5M2E0ODhhZmNj
LzEvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGgBggrBgEFBQcBBwEB/wSBkDCBjTB8BAIAATB2AwQGT6zA
AwQFVBUAAwQHV+UAAwQDX4rAAwQEsu7QAwQA1bXIAwQB1bXMAwQA1bXPAwQB1bXS
AwQA1bXbAwQA1bXdMAwDBADZcTEDBALZcTADBADZcTUDBADZcT0DBADZcT8wDAME
BNmQMAMEANmQMgMEA9mQODANBAIAAjAHAwUAKgIHMDANBgkqhkiG9w0BAQsFAAOC
AQEAG3Uhn5dqRNijgKKGIvabHDdMCsYtE3anlvzfsrd9dAMAzwAbG8lgG16tZKdD
2tEb91PpJfwel5Xyr8giT7H9hiMEO3KQgHtnrragjPLWuF0XBOj43l5LdNfQ5Ze9
GcSnqglBb31NbUyr41WFGxPIIQSTtcnlJIEKFOfWl7BypoO7jriompA6Ziv41iFx
ZYHoPD9tC29dS/FbePSDnLT7LppDubWewRmySyki1/Zgw9MecMBHemoNUoDm47UC
adpwV9hg0mAdwBs2/Jsl/JqrIEfYqgVjZmaUHrvr/mR0Z/0M5MHz/aQvGsTbjrVU
3GrZEShZSW6KMxINeL+XkPVZJg==
-----END CERTIFICATE-----
Generated at Thu Feb 22 18:56:47 2024 by rpki-client on console-ams.rpki-client.org