Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/7IEo2vM9DJZ-RhKfQFyveJwzeUc.roa
File: 7IEo2vM9DJZ-RhKfQFyveJwzeUc.roa (raw, json)
Hash identifier: 1VbOsAHjNJKvvPeQ6kkifXIWIUhMxDl9U3fF8X3oh8o=
Subject key identifier: EC:81:28:DA:F3:3D:0C:96:7E:46:12:9F:40:5C:AF:78:9C:33:79:47
Certificate issuer: /CN=1773db17795d2bf1b4b5345c5b29390dbaf4523e
Certificate serial: 018571955A7D149DDCE3CE9AA82373EF6DE9
Authority key identifier: 17:73:DB:17:79:5D:2B:F1:B4:B5:34:5C:5B:29:39:0D:BA:F4:52:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/7IEo2vM9DJZ-RhKfQFyveJwzeUc.roa
Signing time: Mon 02 Jan 2023 08:24:51 +0000
ROA not before: Mon 02 Jan 2023 08:24:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1104
IP address blocks: 145.116.48.0/20 maxlen: 20
194.171.96.0/21 maxlen: 21
145.107.4.0/22 maxlen: 22
145.110.0.0/16 maxlen: 16
145.102.132.0/22 maxlen: 22
145.116.208.0/21 maxlen: 21
2001:610:120::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 12 Apr 2023 14:38:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:95:5a:7d:14:9d:dc:e3:ce:9a:a8:23:73:ef:6d:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1773db17795d2bf1b4b5345c5b29390dbaf4523e
Validity
Not Before: Jan 2 08:24:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ec8128daf33d0c967e46129f405caf789c337947
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:f8:8c:c7:a8:13:cd:b4:87:fd:e1:21:39:8c:
92:59:00:d6:77:4f:9f:a3:b5:ce:6d:85:bf:8d:10:
5c:76:0f:79:b2:72:b4:d7:19:df:3d:44:6c:f2:6f:
cb:09:cd:e9:bf:dc:53:8b:d4:ba:7f:f0:56:45:27:
f7:0d:11:cb:23:96:88:36:55:38:b5:b9:c3:91:66:
b0:49:e7:21:3e:fc:06:be:9e:fd:a4:b3:58:ca:3f:
8c:62:a1:90:5d:e5:8c:19:8a:fd:b1:17:18:32:be:
7e:d3:63:86:15:25:a9:d5:9a:42:e6:81:ac:8c:4f:
e8:be:c2:8c:14:eb:b1:51:72:dd:08:e0:86:b6:2d:
dc:34:db:67:fe:80:0b:d4:ab:aa:82:1d:ce:3e:5f:
c0:aa:20:cc:08:10:13:2d:fa:cf:a1:69:d6:cc:b3:
35:34:ea:65:25:5d:c0:7e:f9:27:48:92:27:cb:7b:
05:34:bc:72:b3:cb:fa:a1:9c:40:ef:2f:32:e8:83:
35:cf:7c:f2:78:e6:2e:b2:bd:fc:e4:c2:e7:21:2c:
10:3b:b6:33:71:7f:2d:32:41:b8:80:f9:c8:8d:9b:
0c:64:03:41:21:78:41:47:e4:d0:1e:b2:51:50:1d:
6f:84:6f:5b:ab:e1:b0:0c:ec:3f:07:e9:0d:b8:f3:
00:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:81:28:DA:F3:3D:0C:96:7E:46:12:9F:40:5C:AF:78:9C:33:79:47
X509v3 Authority Key Identifier:
keyid:17:73:DB:17:79:5D:2B:F1:B4:B5:34:5C:5B:29:39:0D:BA:F4:52:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/7IEo2vM9DJZ-RhKfQFyveJwzeUc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.102.132.0/22
145.107.4.0/22
145.110.0.0/16
145.116.48.0/20
145.116.208.0/21
194.171.96.0/21
IPv6:
2001:610:120::/48
Signature Algorithm: sha256WithRSAEncryption
69:af:70:1f:de:01:dd:aa:8a:6d:e4:65:2e:ca:f6:7e:8b:0d:
92:d2:4b:87:f6:71:0c:f1:83:4c:bb:7f:b4:3d:77:a3:7f:fe:
97:dc:f8:31:a2:51:2c:d7:c6:93:28:e7:72:67:08:af:e3:c9:
27:f9:b1:6b:c1:0c:a4:04:ae:91:86:6d:9b:04:31:e5:4f:f4:
50:97:07:2e:97:99:5e:24:3a:72:92:60:61:23:18:c7:07:ed:
ae:f9:22:6f:10:ca:32:2a:11:48:30:90:0c:06:36:e2:3c:4d:
84:30:b8:15:8f:55:e9:25:ae:46:b4:b1:fb:9d:c9:1f:14:1d:
9c:33:3c:32:87:76:d8:a5:c1:41:d0:2f:7b:e8:ad:ae:29:5a:
7a:ef:1c:34:00:0b:04:92:6f:90:65:06:44:3c:9c:28:41:1e:
f8:05:fe:71:4e:c7:25:95:eb:e2:dd:a0:f2:11:63:66:17:02:
65:c5:0c:ff:5c:f2:42:be:89:aa:a9:18:61:c0:e1:8b:58:ee:
5f:ac:ad:50:6a:23:13:a4:6d:5b:28:3e:a3:3f:5f:46:8e:27:
46:10:79:10:24:33:00:e8:2f:5b:1e:45:fd:59:84:f1:df:20:
76:1e:2a:6e:bd:fe:70:e8:f6:0d:d4:f7:71:e4:bd:07:1c:7c:
67:13:22:f9
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAYVxlVp9FJ3c486aqCNz723pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3NzNkYjE3Nzk1ZDJiZjFiNGI1MzQ1YzViMjkzOTBkYmFm
NDUyM2UwHhcNMjMwMTAyMDgyNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYzgxMjhkYWYzM2QwYzk2N2U0NjEyOWY0MDVjYWY3ODljMzM3OTQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwfiMx6gTzbSH/eEhOYySWQDWd0+f
o7XObYW/jRBcdg95snK01xnfPURs8m/LCc3pv9xTi9S6f/BWRSf3DRHLI5aINlU4
tbnDkWawSechPvwGvp79pLNYyj+MYqGQXeWMGYr9sRcYMr5+02OGFSWp1ZpC5oGs
jE/ovsKMFOuxUXLdCOCGti3cNNtn/oAL1Kuqgh3OPl/AqiDMCBATLfrPoWnWzLM1
NOplJV3AfvknSJIny3sFNLxys8v6oZxA7y8y6IM1z3zyeOYusr385MLnISwQO7Yz
cX8tMkG4gPnIjZsMZANBIXhBR+TQHrJRUB1vhG9bq+GwDOw/B+kNuPMAAwIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFOyBKNrzPQyWfkYSn0Bcr3icM3lHMB8GA1UdIwQY
MBaAFBdz2xd5XSvxtLU0XFspOQ269FI+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjNQYkYzbGRLX0cwdFRSY1d5azVEYnIwVWo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC9mNzdjYmQtODkzYi00NjE2LTlkNzYt
NTQ4NjFmMjMyNDlkLzEvN0lFbzJ2TTlESlotUmhLZlFGeXZlSnd6ZVVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC9mNzdjYmQtODkzYi00NjE2LTlkNzYtNTQ4NjFmMjMyNDlk
LzEvRjNQYkYzbGRLX0cwdFRSY1d5azVEYnIwVWo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDApBAIAATAjAwQCkWaEAwQC
kWsEAwMAkW4DBASRdDADBAORdNADBAPCq2AwDwQCAAIwCQMHACABBhABIDANBgkq
hkiG9w0BAQsFAAOCAQEAaa9wH94B3aqKbeRlLsr2fosNktJLh/ZxDPGDTLt/tD13
o3/+l9z4MaJRLNfGkyjncmcIr+PJJ/mxa8EMpASukYZtmwQx5U/0UJcHLpeZXiQ6
cpJgYSMYxwftrvkibxDKMioRSDCQDAY24jxNhDC4FY9V6SWuRrSx+53JHxQdnDM8
Mod22KXBQdAve+itrilaeu8cNAALBJJvkGUGRDycKEEe+AX+cU7HJZXr4t2g8hFj
ZhcCZcUM/1zyQr6JqqkYYcDhi1juX6ytUGojE6RtWyg+oz9fRo4nRhB5ECQzAOgv
Wx5F/VmE8d8gdh4qbr3+cOj2DdT3ceS9Bxx8ZxMi+Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:09 2024 by rpki-client on console-fra.rpki-client.org