Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/7473ac-8437-4c21-ac13-0b477ca73ac6/1/7o8p8ytJzEjN5SNJLYXR3IrA4rA.roa
File: 7o8p8ytJzEjN5SNJLYXR3IrA4rA.roa (raw, json)
Hash identifier: j9bioba4JAAkG55/rbUCLFVD6zYWuagx1XvfQeQKZyI=
Subject key identifier: EE:8F:29:F3:2B:49:CC:48:CD:E5:23:49:2D:85:D1:DC:8A:C0:E2:B0
Certificate issuer: /CN=509fe7e8b9de675913121e7ebb4226b62d03b1cb
Certificate serial: 01856E265957ACAE9E99356197DAB6E173B8
Authority key identifier: 50:9F:E7:E8:B9:DE:67:59:13:12:1E:7E:BB:42:26:B6:2D:03:B1:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UJ_n6LneZ1kTEh5-u0Imti0Dscs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6c/7473ac-8437-4c21-ac13-0b477ca73ac6/1/7o8p8ytJzEjN5SNJLYXR3IrA4rA.roa
Signing time: Sun 01 Jan 2023 16:24:44 +0000
ROA not before: Sun 01 Jan 2023 16:24:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25413
IP address blocks: 194.105.120.0/21 maxlen: 24
194.156.12.0/22 maxlen: 24
146.106.0.0/16 maxlen: 24
2a0d:c40::/29 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:31:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:26:59:57:ac:ae:9e:99:35:61:97:da:b6:e1:73:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=509fe7e8b9de675913121e7ebb4226b62d03b1cb
Validity
Not Before: Jan 1 16:24:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ee8f29f32b49cc48cde523492d85d1dc8ac0e2b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:8b:b2:c2:7f:ea:f9:54:b1:68:b3:f5:70:13:
d6:b0:c8:56:7d:21:a8:d6:8b:30:0e:63:5f:a3:5f:
59:e8:39:fa:5e:ba:24:d8:96:75:99:f0:54:1c:be:
93:3a:49:99:63:2f:8a:d6:08:fe:6c:0a:ee:0e:ab:
71:5e:a9:cc:08:a9:b0:c5:aa:a9:bd:68:09:8f:80:
98:a8:ce:d9:98:ab:2a:5c:7e:d7:56:53:48:4f:21:
7a:28:90:33:88:27:f0:8d:15:0e:c6:be:4e:0f:b1:
2b:2d:38:ab:eb:11:9b:bc:42:c3:7e:d5:75:a3:48:
2c:91:02:43:0b:b8:4f:16:ee:5e:1d:60:06:0e:e9:
cb:8f:d6:7b:ad:29:ec:1f:8e:de:79:c4:bb:78:5e:
f8:6e:d1:fd:c2:5f:8b:f1:cd:56:c0:c3:e6:48:5f:
44:58:c9:62:8b:4a:76:40:c3:e1:b4:2b:a6:1c:5e:
f5:eb:c3:07:1e:ff:4b:66:d9:72:07:05:28:2c:96:
e2:08:75:d4:00:ac:a6:43:69:04:c1:0f:1d:9c:19:
18:03:49:56:5e:f7:c7:d0:da:89:44:b3:c8:9f:aa:
f9:63:a4:8a:97:f9:32:c7:ec:f6:10:61:a9:6a:d4:
93:ac:ff:8a:ad:04:c2:40:a2:71:e5:b3:1e:79:e1:
75:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:8F:29:F3:2B:49:CC:48:CD:E5:23:49:2D:85:D1:DC:8A:C0:E2:B0
X509v3 Authority Key Identifier:
keyid:50:9F:E7:E8:B9:DE:67:59:13:12:1E:7E:BB:42:26:B6:2D:03:B1:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UJ_n6LneZ1kTEh5-u0Imti0Dscs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/7473ac-8437-4c21-ac13-0b477ca73ac6/1/7o8p8ytJzEjN5SNJLYXR3IrA4rA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/7473ac-8437-4c21-ac13-0b477ca73ac6/1/UJ_n6LneZ1kTEh5-u0Imti0Dscs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.106.0.0/16
194.105.120.0/21
194.156.12.0/22
IPv6:
2a0d:c40::/29
Signature Algorithm: sha256WithRSAEncryption
3a:b8:2e:00:24:14:ba:fe:93:6a:7e:96:60:8a:7a:d1:a2:f1:
85:b1:7e:98:e2:5c:94:ad:f5:47:55:38:24:ea:41:e5:c4:2d:
fd:1f:4a:31:de:dd:72:3d:0a:e9:1e:2a:35:a0:82:b6:8e:cd:
00:cd:1c:80:48:c3:4e:2b:b3:12:2f:ab:ae:65:84:95:27:7f:
a1:19:8d:81:9a:3f:fd:7e:3e:69:5c:50:8c:ac:c4:66:b5:4e:
17:d2:51:c4:30:ad:e6:7b:80:0d:0d:1b:97:d2:e3:db:35:70:
e4:c9:3c:c3:f1:6b:d6:06:30:cf:7e:18:d0:04:07:3d:61:46:
9c:e7:2f:fe:f0:f3:e0:47:0e:1a:97:74:ad:07:f7:6d:4b:b7:
53:2a:f1:45:56:ed:57:0d:8d:14:36:00:6e:ba:63:6d:05:d2:
d2:2c:5a:17:86:f8:3b:9b:51:4a:48:fe:f6:e8:24:61:56:09:
d4:db:dd:06:91:07:86:6e:0e:25:60:81:5d:d3:45:39:c8:d6:
57:95:77:2f:ce:ad:43:b5:3b:9d:0b:13:67:7e:3c:24:dc:be:
a3:08:98:a6:c3:e9:94:ab:8d:15:fb:1b:1d:c1:18:0d:ff:ec:
ee:e9:43:bd:34:db:70:68:aa:be:7d:45:4f:24:50:ba:7f:f0:
dd:fb:b5:e3
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYVuJllXrK6emTVhl9q24XO4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwOWZlN2U4YjlkZTY3NTkxMzEyMWU3ZWJiNDIyNmI2MmQw
M2IxY2IwHhcNMjMwMTAxMTYyNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZThmMjlmMzJiNDljYzQ4Y2RlNTIzNDkyZDg1ZDFkYzhhYzBlMmIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyouywn/q+VSxaLP1cBPWsMhWfSGo
1oswDmNfo19Z6Dn6Xrok2JZ1mfBUHL6TOkmZYy+K1gj+bAruDqtxXqnMCKmwxaqp
vWgJj4CYqM7ZmKsqXH7XVlNITyF6KJAziCfwjRUOxr5OD7ErLTir6xGbvELDftV1
o0gskQJDC7hPFu5eHWAGDunLj9Z7rSnsH47eecS7eF74btH9wl+L8c1WwMPmSF9E
WMlii0p2QMPhtCumHF7168MHHv9LZtlyBwUoLJbiCHXUAKymQ2kEwQ8dnBkYA0lW
XvfH0NqJRLPIn6r5Y6SKl/kyx+z2EGGpatSTrP+KrQTCQKJx5bMeeeF1bQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFO6PKfMrScxIzeUjSS2F0dyKwOKwMB8GA1UdIwQY
MBaAFFCf5+i53mdZExIefrtCJrYtA7HLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUpfbjZMbmVaMWtURWg1LXUwSW10aTBEc2NzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy83NDczYWMtODQzNy00YzIxLWFjMTMt
MGI0NzdjYTczYWM2LzEvN284cDh5dEp6RWpONVNOSkxZWFIzSXJBNHJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy83NDczYWMtODQzNy00YzIxLWFjMTMtMGI0NzdjYTczYWM2
LzEvVUpfbjZMbmVaMWtURWg1LXUwSW10aTBEc2NzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAXBAIAATARAwMAkmoDBAPC
aXgDBALCnAwwDQQCAAIwBwMFAyoNDEAwDQYJKoZIhvcNAQELBQADggEBADq4LgAk
FLr+k2p+lmCKetGi8YWxfpjiXJSt9UdVOCTqQeXELf0fSjHe3XI9CukeKjWggraO
zQDNHIBIw04rsxIvq65lhJUnf6EZjYGaP/1+PmlcUIysxGa1ThfSUcQwreZ7gA0N
G5fS49s1cOTJPMPxa9YGMM9+GNAEBz1hRpznL/7w8+BHDhqXdK0H921Lt1Mq8UVW
7VcNjRQ2AG66Y20F0tIsWheG+DubUUpI/vboJGFWCdTb3QaRB4ZuDiVggV3TRTnI
1leVdy/OrUO1O50LE2d+PCTcvqMImKbD6ZSrjRX7Gx3BGA3/7O7pQ70023Boqr59
RU8kULp/8N37teM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:59 2024 by rpki-client on console-fra.rpki-client.org