Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/421498-28d3-4376-b625-31af3e294671/1/d7MctGntlbidxZx8sOv5DKLqnyo.roa
File: d7MctGntlbidxZx8sOv5DKLqnyo.roa (raw, json)
Hash identifier: AQNLlFNosPF3RyN/fRam85ZoIejMnKz9ugoMadqaYmM=
Subject key identifier: 77:B3:1C:B4:69:ED:95:B8:9D:C5:9C:7C:B0:EB:F9:0C:A2:EA:9F:2A
Certificate issuer: /CN=1120a0ce013e2d52a6ff354a270894bb998e4547
Certificate serial: 019100752BBE837CEDEFDC1DA74EE363D8F3
Authority key identifier: 11:20:A0:CE:01:3E:2D:52:A6:FF:35:4A:27:08:94:BB:99:8E:45:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ESCgzgE-LVKm_zVKJwiUu5mORUc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/421498-28d3-4376-b625-31af3e294671/1/d7MctGntlbidxZx8sOv5DKLqnyo.roa
Signing time: Mon 29 Jul 2024 21:46:04 +0000
ROA not before: Mon 29 Jul 2024 21:46:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8075
IP address blocks: 193.17.104.0/21 maxlen: 24
193.17.104.0/22 maxlen: 24
193.17.108.0/22 maxlen: 24
193.17.112.0/21 maxlen: 24
193.17.112.0/22 maxlen: 24
193.17.116.0/22 maxlen: 24
193.17.120.0/21 maxlen: 24
193.17.120.0/22 maxlen: 24
193.17.124.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 29 Jul 2024 23:22:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:00:75:2b:be:83:7c:ed:ef:dc:1d:a7:4e:e3:63:d8:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1120a0ce013e2d52a6ff354a270894bb998e4547
Validity
Not Before: Jul 29 21:46:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=77b31cb469ed95b89dc59c7cb0ebf90ca2ea9f2a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:66:85:85:46:64:8b:d8:48:48:ad:7b:49:58:
da:5a:26:db:f3:37:26:89:24:f2:d2:5d:7a:de:16:
a6:67:f8:17:d7:d7:a8:af:a9:9d:06:16:39:ad:2e:
d4:ee:1b:2c:19:dd:3e:ce:6e:87:ac:8e:2c:a6:24:
5c:32:aa:6d:8f:1b:d1:b6:ef:c1:56:c1:1a:7f:0f:
95:5e:cf:5a:50:e6:7b:3e:35:6c:37:b8:34:6d:ff:
71:fe:eb:05:73:45:df:c5:a0:1e:39:a1:8a:64:28:
fb:24:b1:c9:71:16:a9:e9:2f:2f:ac:fb:27:4c:9c:
8a:91:c2:a5:e4:99:69:9e:3c:5a:78:4a:47:f0:ec:
0a:c6:a0:1f:a9:6f:5b:6d:c4:57:4b:7c:c8:9c:ce:
45:7b:5f:69:64:7f:a8:a4:1c:82:f0:e0:ef:d9:44:
a0:70:0f:8c:54:e9:9b:5c:8a:62:8f:75:7b:ee:b5:
88:82:5e:1e:af:da:19:1d:2e:ae:fb:b5:da:79:31:
1f:6c:f2:84:7e:08:ef:c6:a7:1d:df:86:de:e5:fc:
2b:6c:1f:b1:90:b2:68:0f:a0:1f:63:ba:02:7a:81:
59:38:62:fc:1d:a6:89:dc:8c:4f:75:be:3d:27:63:
16:49:09:0a:ef:b2:cf:71:ea:54:13:b2:a9:f9:ea:
df:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:B3:1C:B4:69:ED:95:B8:9D:C5:9C:7C:B0:EB:F9:0C:A2:EA:9F:2A
X509v3 Authority Key Identifier:
keyid:11:20:A0:CE:01:3E:2D:52:A6:FF:35:4A:27:08:94:BB:99:8E:45:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ESCgzgE-LVKm_zVKJwiUu5mORUc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/421498-28d3-4376-b625-31af3e294671/1/d7MctGntlbidxZx8sOv5DKLqnyo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/421498-28d3-4376-b625-31af3e294671/1/ESCgzgE-LVKm_zVKJwiUu5mORUc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.17.104.0-193.17.127.255
Signature Algorithm: sha256WithRSAEncryption
ab:c5:9d:2f:24:e1:4e:2f:09:5b:5e:52:f2:21:cf:98:9d:52:
1c:f3:b0:67:14:1e:2f:9a:64:a9:b1:0b:86:9d:65:c4:ae:aa:
ee:a3:81:b4:b0:73:89:27:04:35:46:75:8a:f9:e3:43:bd:19:
d9:68:0a:b3:a5:a2:85:e2:7b:ab:61:35:b6:d5:df:c5:7e:d9:
f1:77:83:4c:6a:43:7f:62:9a:1d:15:73:e6:de:66:fb:c7:00:
ba:b3:bb:40:41:78:7f:c6:a7:1e:7d:d9:54:c6:71:58:0c:99:
63:61:69:b1:2b:99:74:e4:68:5b:32:1a:61:2f:cb:32:ee:f9:
97:39:50:79:5c:6b:99:0a:fe:76:1f:9e:b2:5b:29:f6:f7:b7:
b5:13:a3:ae:5a:fb:ce:14:10:ce:bc:7a:8e:81:4a:5b:51:9f:
6a:ec:cf:78:9a:b5:b2:8d:d0:78:7c:2f:1a:f9:de:f2:c5:fd:
85:de:a6:93:87:23:f3:b1:d3:12:e2:00:1a:12:88:ea:b3:5b:
a3:e1:aa:34:a5:7f:0e:25:6d:5c:04:60:f2:d7:44:3e:cb:d3:
d2:cd:03:01:9e:b6:f9:15:06:4d:52:57:46:9e:f2:64:62:ae:
03:24:71:e1:a4:c7:e0:dd:55:38:85:ed:8a:29:39:b0:38:cc:
e9:96:02:14
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZEAdSu+g3zt79wdp07jY9jzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExMjBhMGNlMDEzZTJkNTJhNmZmMzU0YTI3MDg5NGJiOTk4
ZTQ1NDcwHhcNMjQwNzI5MjE0NjA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3N2IzMWNiNDY5ZWQ5NWI4OWRjNTljN2NiMGViZjkwY2EyZWE5ZjJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArmaFhUZki9hISK17SVjaWibb8zcm
iSTy0l163hamZ/gX19eor6mdBhY5rS7U7hssGd0+zm6HrI4spiRcMqptjxvRtu/B
VsEafw+VXs9aUOZ7PjVsN7g0bf9x/usFc0XfxaAeOaGKZCj7JLHJcRap6S8vrPsn
TJyKkcKl5JlpnjxaeEpH8OwKxqAfqW9bbcRXS3zInM5Fe19pZH+opByC8ODv2USg
cA+MVOmbXIpij3V77rWIgl4er9oZHS6u+7XaeTEfbPKEfgjvxqcd34be5fwrbB+x
kLJoD6AfY7oCeoFZOGL8HaaJ3IxPdb49J2MWSQkK77LPcepUE7Kp+erfOQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFHezHLRp7ZW4ncWcfLDr+Qyi6p8qMB8GA1UdIwQY
MBaAFBEgoM4BPi1Spv81SicIlLuZjkVHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRVNDZ3pnRS1MVkttX3pWS0p3aVV1NW1PUlVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC80MjE0OTgtMjhkMy00Mzc2LWI2MjUt
MzFhZjNlMjk0NjcxLzEvZDdNY3RHbnRsYmlkeFp4OHNPdjVES0xxbnlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC80MjE0OTgtMjhkMy00Mzc2LWI2MjUtMzFhZjNlMjk0Njcx
LzEvRVNDZ3pnRS1MVkttX3pWS0p3aVV1NW1PUlVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAPBEWgD
BAfBEQAwDQYJKoZIhvcNAQELBQADggEBAKvFnS8k4U4vCVteUvIhz5idUhzzsGcU
Hi+aZKmxC4adZcSuqu6jgbSwc4knBDVGdYr540O9GdloCrOlooXie6thNbbV38V+
2fF3g0xqQ39imh0Vc+beZvvHALqzu0BBeH/Gpx592VTGcVgMmWNhabErmXTkaFsy
GmEvyzLu+Zc5UHlca5kK/nYfnrJbKfb3t7UTo65a+84UEM68eo6BSltRn2rsz3ia
tbKN0Hh8Lxr53vLF/YXeppOHI/Ox0xLiABoSiOqzW6PhqjSlfw4lbVwEYPLXRD7L
09LNAwGetvkVBk1SV0ae8mRirgMkceGkx+DdVTiF7YopObA4zOmWAhQ=
-----END CERTIFICATE-----
Generated at Tue Jul 30 01:55:45 2024 by rpki-client on console-fra.rpki-client.org