Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/6fa5df-fb9f-4ae5-ba89-7faf7c1de7b0/1/7NJlyd6Wb9FaW4Am1tSrAvKi88g.roa
File: 7NJlyd6Wb9FaW4Am1tSrAvKi88g.roa (raw, json)
Hash identifier: DwDurK5Iy9Esctt+HbF/p5Zrm7AxF0oCh+0392fzdpY=
Subject key identifier: EC:D2:65:C9:DE:96:6F:D1:5A:5B:80:26:D6:D4:AB:02:F2:A2:F3:C8
Certificate issuer: /CN=de7c82b2276cbdf130ccad046b65feab2c27ed49
Certificate serial: 018CC26D4264C9F642B423C22A5E4F3824FD
Authority key identifier: DE:7C:82:B2:27:6C:BD:F1:30:CC:AD:04:6B:65:FE:AB:2C:27:ED:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3nyCsidsvfEwzK0Ea2X-qywn7Uk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/6fa5df-fb9f-4ae5-ba89-7faf7c1de7b0/1/7NJlyd6Wb9FaW4Am1tSrAvKi88g.roa
Signing time: Mon 01 Jan 2024 00:29:49 +0000
ROA not before: Mon 01 Jan 2024 00:29:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8423
IP address blocks: 91.207.124.0/23 maxlen: 24
78.31.128.0/21 maxlen: 24
91.200.96.0/22 maxlen: 24
176.118.184.0/22 maxlen: 24
91.223.45.0/24 maxlen: 24
195.225.84.0/22 maxlen: 24
2a0d:ca47:862::/48 maxlen: 48
2001:67c:44::/48 maxlen: 48
2a0d:ca40::/29 maxlen: 48
Validation: Failed, certificate revoked on Mon 22 Jan 2024 14:11:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:42:64:c9:f6:42:b4:23:c2:2a:5e:4f:38:24:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=de7c82b2276cbdf130ccad046b65feab2c27ed49
Validity
Not Before: Jan 1 00:29:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ecd265c9de966fd15a5b8026d6d4ab02f2a2f3c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:9b:d4:2c:e7:71:01:ff:29:03:e7:af:66:be:
e0:a9:f3:90:8d:3b:4f:71:25:75:01:39:fe:53:88:
61:fe:c8:69:1a:ab:75:49:a6:b9:da:dd:4c:1a:f8:
35:0d:22:03:c4:8f:0c:62:38:90:21:63:b3:c5:53:
ea:ae:af:83:13:52:d5:f9:e3:fd:21:5d:f5:0f:17:
a6:d0:5e:02:24:5d:a5:7f:2b:5a:ac:3b:08:08:3b:
6b:7b:ce:bc:11:01:19:37:34:8b:c1:f2:c1:3b:bc:
cf:e6:00:6f:a6:63:83:91:1f:cd:6a:63:1b:cb:54:
c3:38:ee:e2:39:9c:90:17:d8:cd:f2:8e:44:db:c9:
07:30:0c:20:4b:08:d8:6c:60:83:4b:67:6f:f1:25:
b2:21:a1:9c:c7:99:16:d3:02:c0:a6:d7:84:05:17:
de:bf:d7:ca:66:ec:2d:10:9e:d3:1f:ff:93:03:c8:
15:84:91:4e:ed:d6:c8:79:6a:da:ea:31:10:07:d7:
dc:37:ab:d4:a3:13:a6:10:74:c6:37:57:e4:96:dd:
8f:2d:ef:e4:09:34:0f:5b:5e:15:28:38:09:cd:9e:
89:18:96:cd:52:07:6a:ab:02:70:3e:81:a5:32:c3:
47:f2:2a:e0:a1:e5:f0:d3:db:19:82:73:5e:dd:b0:
2c:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:D2:65:C9:DE:96:6F:D1:5A:5B:80:26:D6:D4:AB:02:F2:A2:F3:C8
X509v3 Authority Key Identifier:
keyid:DE:7C:82:B2:27:6C:BD:F1:30:CC:AD:04:6B:65:FE:AB:2C:27:ED:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3nyCsidsvfEwzK0Ea2X-qywn7Uk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/6fa5df-fb9f-4ae5-ba89-7faf7c1de7b0/1/7NJlyd6Wb9FaW4Am1tSrAvKi88g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/6fa5df-fb9f-4ae5-ba89-7faf7c1de7b0/1/3nyCsidsvfEwzK0Ea2X-qywn7Uk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.31.128.0/21
91.200.96.0/22
91.207.124.0/23
91.223.45.0/24
176.118.184.0/22
195.225.84.0/22
IPv6:
2001:67c:44::/48
2a0d:ca40::/29
Signature Algorithm: sha256WithRSAEncryption
80:ec:fe:59:24:30:89:c5:42:c8:22:f2:53:3c:af:d8:be:2b:
96:ce:6f:40:22:06:e0:c1:b1:ef:70:fd:24:2f:22:d6:29:62:
8f:8e:64:38:f3:88:1b:9b:a1:e7:45:97:22:c2:4d:c5:9c:22:
bc:1e:1e:b0:b4:1d:8e:b5:0d:93:c2:1f:33:24:b1:6d:4f:8f:
a4:c8:a5:48:b9:84:10:a6:81:50:c6:94:1f:8b:cd:1d:7c:96:
62:e5:5d:8e:8b:4c:ca:1f:c4:fa:6a:eb:98:1a:94:d9:ef:7d:
95:e0:30:22:de:a0:ac:5e:c8:25:b9:e6:d8:12:8b:88:e0:9b:
50:85:c0:2f:d9:f0:ea:6b:5c:f0:a9:16:e6:ea:9f:9e:7e:f1:
25:e7:af:a9:d9:a7:be:c1:4f:58:99:d4:6a:27:46:e6:28:1c:
85:9e:64:d2:39:fe:03:21:55:55:c1:af:a2:ca:79:b7:54:53:
af:e4:92:61:56:2b:6a:57:14:2f:04:3d:d4:54:5f:c9:ea:ce:
86:c0:7d:59:3a:7b:59:62:84:ed:4b:07:e1:d1:7d:9c:bc:c2:
76:89:68:80:77:e3:3b:7f:19:b0:66:ab:fd:e0:90:54:a0:7c:
b0:3e:73:51:5b:b2:1e:f3:bf:c4:17:a1:06:ef:4e:9a:dc:81:
45:cf:55:e8
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYzCbUJkyfZCtCPCKl5POCT9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlN2M4MmIyMjc2Y2JkZjEzMGNjYWQwNDZiNjVmZWFiMmMy
N2VkNDkwHhcNMjQwMTAxMDAyOTQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlY2QyNjVjOWRlOTY2ZmQxNWE1YjgwMjZkNmQ0YWIwMmYyYTJmM2M4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqpvULOdxAf8pA+evZr7gqfOQjTtP
cSV1ATn+U4hh/shpGqt1Saa52t1MGvg1DSIDxI8MYjiQIWOzxVPqrq+DE1LV+eP9
IV31Dxem0F4CJF2lfytarDsICDtre868EQEZNzSLwfLBO7zP5gBvpmODkR/NamMb
y1TDOO7iOZyQF9jN8o5E28kHMAwgSwjYbGCDS2dv8SWyIaGcx5kW0wLApteEBRfe
v9fKZuwtEJ7TH/+TA8gVhJFO7dbIeWra6jEQB9fcN6vUoxOmEHTGN1fklt2PLe/k
CTQPW14VKDgJzZ6JGJbNUgdqqwJwPoGlMsNH8irgoeXw09sZgnNe3bAsHwIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFOzSZcnelm/RWluAJtbUqwLyovPIMB8GA1UdIwQY
MBaAFN58grInbL3xMMytBGtl/qssJ+1JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM255Q3NpZHN2ZkV3ekswRWEyWC1xeXduN1VrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi82ZmE1ZGYtZmI5Zi00YWU1LWJhODkt
N2ZhZjdjMWRlN2IwLzEvN05KbHlkNldiOUZhVzRBbTF0U3JBdktpODhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi82ZmE1ZGYtZmI5Zi00YWU1LWJhODktN2ZhZjdjMWRlN2Iw
LzEvM255Q3NpZHN2ZkV3ekswRWEyWC1xeXduN1VrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDAqBAIAATAkAwQDTh+AAwQC
W8hgAwQBW898AwQAW98tAwQCsHa4AwQCw+FUMBYEAgACMBADBwAgAQZ8AEQDBQMq
DcpAMA0GCSqGSIb3DQEBCwUAA4IBAQCA7P5ZJDCJxULIIvJTPK/YviuWzm9AIgbg
wbHvcP0kLyLWKWKPjmQ484gbm6HnRZciwk3FnCK8Hh6wtB2OtQ2Twh8zJLFtT4+k
yKVIuYQQpoFQxpQfi80dfJZi5V2Oi0zKH8T6auuYGpTZ732V4DAi3qCsXsgluebY
EouI4JtQhcAv2fDqa1zwqRbm6p+efvEl56+p2ae+wU9YmdRqJ0bmKByFnmTSOf4D
IVVVwa+iynm3VFOv5JJhVitqVxQvBD3UVF/J6s6GwH1ZOntZYoTtSwfh0X2cvMJ2
iWiAd+M7fxmwZqv94JBUoHywPnNRW7Ie87/EF6EG706a3IFFz1Xo
-----END CERTIFICATE-----
Generated at Mon Jan 22 19:25:31 2024 by rpki-client on console-ams.rpki-client.org