Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/846d6e-04ec-4219-8223-8623335c0ee0/1/I17cF5hjY5K1czJBI6dQD8Yvf4s.roa
File: I17cF5hjY5K1czJBI6dQD8Yvf4s.roa (raw, json)
Hash identifier: NM8MucQP2W97v1wc2dONI431dg+7faLAi5U8id4vY1E=
Subject key identifier: 23:5E:DC:17:98:63:63:92:B5:73:32:41:23:A7:50:0F:C6:2F:7F:8B
Certificate issuer: /CN=33b4b5b7b21caebf3d20809f6c570599f1d60468
Certificate serial: 01856DDD6A8E2AAFD7967F72FC059B52EF1E
Authority key identifier: 33:B4:B5:B7:B2:1C:AE:BF:3D:20:80:9F:6C:57:05:99:F1:D6:04:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/M7S1t7Icrr89IICfbFcFmfHWBGg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/846d6e-04ec-4219-8223-8623335c0ee0/1/I17cF5hjY5K1czJBI6dQD8Yvf4s.roa
Signing time: Sun 01 Jan 2023 15:05:05 +0000
ROA not before: Sun 01 Jan 2023 15:05:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201877
IP address blocks: 212.84.32.0/21 maxlen: 22
185.33.56.0/24 maxlen: 24
185.33.58.0/24 maxlen: 24
185.33.56.0/22 maxlen: 22
185.33.57.0/24 maxlen: 24
185.33.59.0/24 maxlen: 24
109.106.28.0/22 maxlen: 22
185.14.8.0/22 maxlen: 23
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:29:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:dd:6a:8e:2a:af:d7:96:7f:72:fc:05:9b:52:ef:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=33b4b5b7b21caebf3d20809f6c570599f1d60468
Validity
Not Before: Jan 1 15:05:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=235edc1798636392b573324123a7500fc62f7f8b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:0a:2f:ad:fa:cb:da:ca:ad:50:61:01:e0:2d:
08:3a:8d:db:a6:fe:3b:66:f8:8e:55:20:7a:45:01:
0e:8d:e7:5b:54:c8:09:cc:d3:8e:fa:64:3e:cf:0d:
fc:05:5f:04:25:2a:c7:8f:82:81:a7:4a:07:cb:16:
67:5a:02:b5:00:f0:14:76:25:26:24:9b:72:98:61:
58:3a:71:60:49:2f:06:0a:5e:94:7e:19:62:ed:e8:
94:85:a3:47:f4:2d:cb:07:c7:8e:7a:e3:b6:77:e9:
1e:78:d0:21:6f:20:ee:15:13:f0:59:ca:83:e3:d5:
3c:b5:25:73:ff:aa:3e:26:a2:8a:9c:a9:b7:e2:1f:
7c:02:d5:74:68:2f:9e:34:c0:0a:30:2e:fd:41:f2:
be:18:c8:52:69:3e:e0:bf:68:a6:f0:14:da:a1:f5:
4b:ce:2c:32:29:6c:87:be:16:d8:7c:65:b2:98:16:
a1:5f:1b:a9:64:0a:36:fa:8d:be:c0:2e:6d:71:a7:
9e:56:fe:0c:8b:7d:19:15:4d:69:8c:1c:bb:0e:50:
cf:29:19:51:fc:ce:b5:f2:82:a0:22:13:cf:b8:9d:
9d:04:06:66:52:cd:ce:ff:d2:65:0c:27:85:d9:69:
38:dd:05:59:c2:5a:fd:23:ae:30:5a:dd:b1:3d:c1:
29:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:5E:DC:17:98:63:63:92:B5:73:32:41:23:A7:50:0F:C6:2F:7F:8B
X509v3 Authority Key Identifier:
keyid:33:B4:B5:B7:B2:1C:AE:BF:3D:20:80:9F:6C:57:05:99:F1:D6:04:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M7S1t7Icrr89IICfbFcFmfHWBGg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/846d6e-04ec-4219-8223-8623335c0ee0/1/I17cF5hjY5K1czJBI6dQD8Yvf4s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/846d6e-04ec-4219-8223-8623335c0ee0/1/M7S1t7Icrr89IICfbFcFmfHWBGg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.106.28.0/22
185.14.8.0/22
185.33.56.0/22
212.84.32.0/21
Signature Algorithm: sha256WithRSAEncryption
a8:89:d3:67:33:c9:61:81:4d:67:38:67:44:8d:1c:9a:22:b8:
89:0e:06:45:c7:98:f2:ac:e2:b6:05:49:82:0d:b8:b9:c9:eb:
ed:4e:5d:fc:09:3a:9f:1c:46:e5:2b:06:e4:d9:f2:b3:8b:44:
98:d0:79:39:ea:ac:42:79:f5:d9:75:a8:18:dc:15:d1:7e:db:
61:75:08:05:f7:fc:0e:9d:d0:a5:00:fa:a2:c9:42:ad:0f:49:
a6:d5:50:44:cd:98:f3:03:3d:67:c6:e5:58:64:d2:8e:1e:65:
b5:97:9b:b4:f2:6d:17:ff:b0:4e:f1:2a:46:66:a2:9d:14:0a:
4c:9f:2c:57:03:41:a1:35:02:eb:20:ab:f5:6f:30:5e:ca:30:
87:db:53:62:2d:4c:19:3c:e8:03:27:13:42:83:b5:97:2c:98:
e8:3b:1b:69:76:ad:ca:a5:45:04:2c:18:09:94:24:9c:9f:ee:
fa:80:9e:81:29:20:dc:29:f1:8c:62:58:35:a1:65:fd:99:d4:
86:78:78:0e:4a:5a:23:75:17:1c:6f:06:77:c4:68:f8:2a:9f:
7a:f4:cf:29:23:b4:cb:f9:fb:07:07:79:85:1f:67:ea:9b:76:
d3:a1:61:3c:50:eb:d0:7f:f0:17:95:75:92:14:13:21:ba:4c:
9f:84:17:7d
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVt3WqOKq/Xln9y/AWbUu8eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzYjRiNWI3YjIxY2FlYmYzZDIwODA5ZjZjNTcwNTk5ZjFk
NjA0NjgwHhcNMjMwMTAxMTUwNTA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzVlZGMxNzk4NjM2MzkyYjU3MzMyNDEyM2E3NTAwZmM2MmY3ZjhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtQovrfrL2sqtUGEB4C0IOo3bpv47
ZviOVSB6RQEOjedbVMgJzNOO+mQ+zw38BV8EJSrHj4KBp0oHyxZnWgK1APAUdiUm
JJtymGFYOnFgSS8GCl6Ufhli7eiUhaNH9C3LB8eOeuO2d+keeNAhbyDuFRPwWcqD
49U8tSVz/6o+JqKKnKm34h98AtV0aC+eNMAKMC79QfK+GMhSaT7gv2im8BTaofVL
ziwyKWyHvhbYfGWymBahXxupZAo2+o2+wC5tcaeeVv4Mi30ZFU1pjBy7DlDPKRlR
/M618oKgIhPPuJ2dBAZmUs3O/9JlDCeF2Wk43QVZwlr9I64wWt2xPcEpPQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFCNe3BeYY2OStXMyQSOnUA/GL3+LMB8GA1UdIwQY
MBaAFDO0tbeyHK6/PSCAn2xXBZnx1gRoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTTdTMXQ3SWNycjg5SUlDZmJGY0ZtZkhXQkdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi84NDZkNmUtMDRlYy00MjE5LTgyMjMt
ODYyMzMzNWMwZWUwLzEvSTE3Y0Y1aGpZNUsxY3pKQkk2ZFFEOFl2ZjRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi84NDZkNmUtMDRlYy00MjE5LTgyMjMtODYyMzMzNWMwZWUw
LzEvTTdTMXQ3SWNycjg5SUlDZmJGY0ZtZkhXQkdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCbWocAwQC
uQ4IAwQCuSE4AwQD1FQgMA0GCSqGSIb3DQEBCwUAA4IBAQCoidNnM8lhgU1nOGdE
jRyaIriJDgZFx5jyrOK2BUmCDbi5yevtTl38CTqfHEblKwbk2fKzi0SY0Hk56qxC
efXZdagY3BXRftthdQgF9/wOndClAPqiyUKtD0mm1VBEzZjzAz1nxuVYZNKOHmW1
l5u08m0X/7BO8SpGZqKdFApMnyxXA0GhNQLrIKv1bzBeyjCH21NiLUwZPOgDJxNC
g7WXLJjoOxtpdq3KpUUELBgJlCScn+76gJ6BKSDcKfGMYlg1oWX9mdSGeHgOSloj
dRccbwZ3xGj4Kp969M8pI7TL+fsHB3mFH2fqm3bToWE8UOvQf/AXlXWSFBMhukyf
hBd9
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:21 2024 by rpki-client on console-fra.rpki-client.org