Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/89ae8e-4674-455d-9f23-ac67a36e4aab/1/f_Yn9XaLO1gaZRjbVB4Rmu4DCi4.roa
File: f_Yn9XaLO1gaZRjbVB4Rmu4DCi4.roa (raw, json)
Hash identifier: snnRGqhLIuQSdMYHZapgVTy4WOhJCb2N4LzAZ7+6Yv4=
Subject key identifier: 7F:F6:27:F5:76:8B:3B:58:1A:65:18:DB:54:1E:11:9A:EE:03:0A:2E
Certificate issuer: /CN=17c203e3f365923a843d3220317a1c68cf74de0f
Certificate serial: 018572CCA1B14B7DF9A00743A77FE74581C4
Authority key identifier: 17:C2:03:E3:F3:65:92:3A:84:3D:32:20:31:7A:1C:68:CF:74:DE:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F8ID4_NlkjqEPTIgMXocaM903g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/89ae8e-4674-455d-9f23-ac67a36e4aab/1/f_Yn9XaLO1gaZRjbVB4Rmu4DCi4.roa
Signing time: Mon 02 Jan 2023 14:04:51 +0000
ROA not before: Mon 02 Jan 2023 14:04:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12993
IP address blocks: 185.34.24.0/22 maxlen: 22
185.34.24.0/23 maxlen: 23
178.16.16.0/20 maxlen: 20
193.108.185.0/24 maxlen: 24
37.203.32.0/21 maxlen: 21
37.203.32.0/23 maxlen: 23
185.219.156.0/22 maxlen: 22
89.111.0.0/18 maxlen: 18
193.108.144.0/22 maxlen: 24
193.108.144.0/23 maxlen: 23
89.111.38.0/24 maxlen: 24
194.9.175.0/24 maxlen: 24
185.34.26.0/23 maxlen: 23
81.94.224.0/20 maxlen: 20
81.94.229.0/24 maxlen: 24
2a00:17c0::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:cc:a1:b1:4b:7d:f9:a0:07:43:a7:7f:e7:45:81:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=17c203e3f365923a843d3220317a1c68cf74de0f
Validity
Not Before: Jan 2 14:04:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7ff627f5768b3b581a6518db541e119aee030a2e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:7b:23:28:00:7c:d4:f6:b9:9f:f8:d1:2e:07:
f3:83:01:79:8f:38:a2:43:2c:b4:a5:7d:c2:a3:b8:
ec:72:ce:e9:16:0d:97:88:b6:a2:17:32:a7:b0:0c:
b1:64:db:5f:37:d2:45:3b:2c:59:39:b5:85:26:27:
5e:64:26:98:da:8d:38:d4:b2:4a:23:fe:b0:04:b8:
ac:cf:b9:28:60:72:aa:26:6e:4f:42:c2:05:f6:6a:
09:43:3f:3b:23:bf:17:80:e0:d3:be:9d:b1:c1:e6:
80:ad:38:15:88:20:3a:0b:9b:ec:3c:0c:bd:20:3c:
d1:40:a5:22:80:61:74:91:d8:a0:5e:2b:23:d8:4d:
56:22:0c:6b:cb:d8:95:7e:d4:64:87:45:19:72:0f:
69:e3:17:ec:6c:e3:a7:cf:53:a7:c7:07:86:cf:ca:
e5:1d:35:95:65:35:7a:50:4d:69:46:7e:35:9f:6d:
6a:51:d4:ca:cb:cb:1a:dd:34:90:db:c9:e8:86:f1:
82:af:d0:b3:15:f4:d3:64:86:0a:16:5a:05:0f:86:
3f:51:77:54:e7:7e:71:f5:2b:da:23:cd:3e:59:50:
ad:d6:9e:7a:26:ca:21:e5:c8:16:e7:a9:9e:df:a6:
0d:ff:02:6c:f0:ca:29:6d:93:fc:71:a5:9e:8d:2f:
33:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:F6:27:F5:76:8B:3B:58:1A:65:18:DB:54:1E:11:9A:EE:03:0A:2E
X509v3 Authority Key Identifier:
keyid:17:C2:03:E3:F3:65:92:3A:84:3D:32:20:31:7A:1C:68:CF:74:DE:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F8ID4_NlkjqEPTIgMXocaM903g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/89ae8e-4674-455d-9f23-ac67a36e4aab/1/f_Yn9XaLO1gaZRjbVB4Rmu4DCi4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/89ae8e-4674-455d-9f23-ac67a36e4aab/1/F8ID4_NlkjqEPTIgMXocaM903g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.203.32.0/21
81.94.224.0/20
89.111.0.0/18
178.16.16.0/20
185.34.24.0/22
185.219.156.0/22
193.108.144.0/22
193.108.185.0/24
194.9.175.0/24
IPv6:
2a00:17c0::/32
Signature Algorithm: sha256WithRSAEncryption
09:60:4b:80:af:11:d2:df:d8:a5:12:e9:4e:30:be:17:b0:f0:
19:79:a2:e5:79:7d:8c:c6:f5:f5:23:7d:ba:08:bf:29:52:96:
ef:b3:88:9f:8a:2f:68:e6:80:72:fd:7b:3c:6a:ae:d0:ef:ec:
ce:78:65:7e:d7:76:b2:77:40:3f:09:64:1e:e0:60:3d:1c:01:
de:36:4b:ad:a6:0c:3c:e4:96:ae:9b:6d:1b:df:46:93:fa:8d:
62:a0:34:b3:ac:06:4f:1c:3c:93:99:9d:6d:98:17:d2:ca:e0:
75:a4:44:7e:34:e7:a8:80:8f:47:53:3a:f1:f6:12:f6:77:93:
05:6f:40:58:1c:3d:1a:22:6a:92:ca:ed:90:b6:df:bf:60:03:
b9:2e:09:2e:4b:33:dd:f9:95:ef:07:22:9d:a5:b4:82:68:ee:
77:2c:02:9b:49:15:92:4c:0a:9e:60:dd:78:02:9b:9c:33:a2:
00:26:51:c5:fb:17:c2:cf:50:6e:77:8d:2a:d8:b4:1e:0e:7e:
95:d0:dd:dc:78:09:69:17:dd:24:2d:b3:9b:f9:1b:50:16:98:
cf:41:dc:31:1f:55:fd:2b:64:86:1f:b4:17:74:d1:d1:8d:03:
9a:65:53:41:37:62:12:ac:fa:c0:c8:b3:cb:2f:14:36:c7:2a:
c4:6c:2c:d8
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAYVyzKGxS335oAdDp3/nRYHEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3YzIwM2UzZjM2NTkyM2E4NDNkMzIyMDMxN2ExYzY4Y2Y3
NGRlMGYwHhcNMjMwMTAyMTQwNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZmY2MjdmNTc2OGIzYjU4MWE2NTE4ZGI1NDFlMTE5YWVlMDMwYTJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvnsjKAB81Pa5n/jRLgfzgwF5jzii
Qyy0pX3Co7jscs7pFg2XiLaiFzKnsAyxZNtfN9JFOyxZObWFJideZCaY2o041LJK
I/6wBLisz7koYHKqJm5PQsIF9moJQz87I78XgODTvp2xweaArTgViCA6C5vsPAy9
IDzRQKUigGF0kdigXisj2E1WIgxry9iVftRkh0UZcg9p4xfsbOOnz1OnxweGz8rl
HTWVZTV6UE1pRn41n21qUdTKy8sa3TSQ28nohvGCr9CzFfTTZIYKFloFD4Y/UXdU
535x9SvaI80+WVCt1p56Jsoh5cgW56me36YN/wJs8MopbZP8caWejS8z5wIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFH/2J/V2iztYGmUY21QeEZruAwouMB8GA1UdIwQY
MBaAFBfCA+PzZZI6hD0yIDF6HGjPdN4PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjhJRDRfTmxranFFUFRJZ01Yb2NhTTkwM2c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy84OWFlOGUtNDY3NC00NTVkLTlmMjMt
YWM2N2EzNmU0YWFiLzEvZl9ZbjlYYUxPMWdhWlJqYlZCNFJtdTREQ2k0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy84OWFlOGUtNDY3NC00NTVkLTlmMjMtYWM2N2EzNmU0YWFi
LzEvRjhJRDRfTmxranFFUFRJZ01Yb2NhTTkwM2c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTA8BAIAATA2AwQDJcsgAwQE
UV7gAwQGWW8AAwQEshAQAwQCuSIYAwQCuducAwQCwWyQAwQAwWy5AwQAwgmvMA0E
AgACMAcDBQAqABfAMA0GCSqGSIb3DQEBCwUAA4IBAQAJYEuArxHS39ilEulOML4X
sPAZeaLleX2MxvX1I326CL8pUpbvs4ifii9o5oBy/Xs8aq7Q7+zOeGV+13ayd0A/
CWQe4GA9HAHeNkutpgw85Jaum20b30aT+o1ioDSzrAZPHDyTmZ1tmBfSyuB1pER+
NOeogI9HUzrx9hL2d5MFb0BYHD0aImqSyu2Qtt+/YAO5LgkuSzPd+ZXvByKdpbSC
aO53LAKbSRWSTAqeYN14ApucM6IAJlHF+xfCz1Bud40q2LQeDn6V0N3ceAlpF90k
LbOb+RtQFpjPQdwxH1X9K2SGH7QXdNHRjQOaZVNBN2ISrPrAyLPLLxQ2xyrEbCzY
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:59:59 2023 by rpki-client on console-fra.rpki-client.org