Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/b10e06-257c-4995-879d-6d07d7f1a701/1/72SYw4UbRYpERJ4VwpnlMfXZ-y0.roa
File: 72SYw4UbRYpERJ4VwpnlMfXZ-y0.roa (raw, json)
Hash identifier: SIeoWCCEIfzGDMVO1eS8sGfM4mxuulQtDleTvHGr/6Q=
Subject key identifier: EF:64:98:C3:85:1B:45:8A:44:44:9E:15:C2:99:E5:31:F5:D9:FB:2D
Certificate issuer: /CN=c17cc37f1ed81ac37b20faf0f42c41ab808f13c1
Certificate serial: 01856FC263AD28272FCE3AD4CDEFE7DCDF36
Authority key identifier: C1:7C:C3:7F:1E:D8:1A:C3:7B:20:FA:F0:F4:2C:41:AB:80:8F:13:C1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wXzDfx7YGsN7IPrw9CxBq4CPE8E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ad/b10e06-257c-4995-879d-6d07d7f1a701/1/72SYw4UbRYpERJ4VwpnlMfXZ-y0.roa
Signing time: Sun 01 Jan 2023 23:54:48 +0000
ROA not before: Sun 01 Jan 2023 23:54:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9051
IP address blocks: 194.126.136.0/21 maxlen: 24
193.188.136.0/24 maxlen: 24
193.188.135.0/24 maxlen: 24
185.7.128.0/22 maxlen: 24
212.36.192.0/19 maxlen: 24
194.126.0.0/19 maxlen: 24
2a00:1590::/32 maxlen: 128
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:31:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:c2:63:ad:28:27:2f:ce:3a:d4:cd:ef:e7:dc:df:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c17cc37f1ed81ac37b20faf0f42c41ab808f13c1
Validity
Not Before: Jan 1 23:54:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ef6498c3851b458a44449e15c299e531f5d9fb2d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:9f:7b:12:40:32:9e:74:f7:a7:0c:0a:09:ec:
06:ac:5e:c0:bf:68:74:82:3c:9e:8c:fe:f0:a7:16:
6e:95:bb:7e:97:85:79:0b:7e:e7:bf:d4:34:86:98:
7a:f6:49:79:d3:94:fa:db:08:1f:56:46:d4:76:7c:
b7:69:44:dc:1a:a6:05:39:b7:16:ad:7b:0f:fc:48:
e8:05:f8:ce:d7:4c:97:7f:26:23:6a:96:20:37:a2:
29:da:65:24:97:4b:c0:15:89:96:41:ba:97:27:a4:
a4:5e:f6:a5:4d:c4:63:c2:e6:c7:ac:8f:15:ff:fe:
04:f6:7d:c8:ae:74:e4:dc:6d:c3:0d:79:06:46:7d:
c8:d9:8a:9e:43:35:4b:18:36:1c:7e:a9:44:5f:f8:
51:20:d2:17:06:1f:59:9d:5c:0b:0d:33:bf:a4:92:
43:09:2e:2e:2d:07:13:f1:da:2d:6c:a6:e9:73:07:
3e:ad:dd:87:0f:9c:60:98:8b:22:b5:43:f0:ab:7d:
9c:3c:9b:09:94:e1:30:09:55:ea:7a:e0:88:13:26:
78:67:1b:ef:22:e2:87:22:54:8f:9e:d6:1a:ec:32:
9d:a3:7f:36:04:ed:f1:f9:6f:01:da:54:76:cf:14:
42:da:28:3f:ac:28:07:73:68:bf:83:6f:cf:ca:f7:
e3:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:64:98:C3:85:1B:45:8A:44:44:9E:15:C2:99:E5:31:F5:D9:FB:2D
X509v3 Authority Key Identifier:
keyid:C1:7C:C3:7F:1E:D8:1A:C3:7B:20:FA:F0:F4:2C:41:AB:80:8F:13:C1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wXzDfx7YGsN7IPrw9CxBq4CPE8E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/b10e06-257c-4995-879d-6d07d7f1a701/1/72SYw4UbRYpERJ4VwpnlMfXZ-y0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/b10e06-257c-4995-879d-6d07d7f1a701/1/wXzDfx7YGsN7IPrw9CxBq4CPE8E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.7.128.0/22
193.188.135.0-193.188.136.255
194.126.0.0/19
194.126.136.0/21
212.36.192.0/19
IPv6:
2a00:1590::/32
Signature Algorithm: sha256WithRSAEncryption
c9:72:70:ab:c1:0d:ed:4b:79:44:f2:84:c0:90:c3:ba:bd:55:
60:fa:e1:82:53:e0:e1:97:e2:4e:75:69:24:76:40:5e:d6:51:
97:9b:df:21:0b:1b:ab:bc:6d:b3:1e:a4:0e:a0:e8:55:fd:8b:
48:e7:74:ad:0b:a1:0a:9f:1b:f3:24:4c:e4:6b:53:18:3c:e7:
46:89:c6:41:0e:ee:cf:19:e6:c2:0a:83:c8:7a:23:ba:b2:97:
93:dc:f4:7e:bd:8a:d8:6c:e8:9d:f5:9c:cf:20:ff:0f:74:6c:
b0:58:de:4f:04:a8:d2:42:79:ff:29:c8:6d:52:b8:5d:8a:f1:
fc:88:91:39:07:de:ce:a6:5c:0a:0c:4d:31:20:c2:e0:70:81:
f1:ba:1d:b1:3d:a6:aa:6b:66:b7:23:59:c3:9a:ee:75:21:54:
3f:a5:6a:2a:39:6d:f0:f5:2a:d7:d7:d1:ec:bf:83:ab:e7:65:
6b:8d:ff:0d:78:25:31:02:c2:c2:51:af:95:24:38:22:ef:22:
03:56:ff:08:56:14:5d:7b:24:ea:c3:95:22:b5:8d:fa:46:6b:
35:8a:8e:31:e9:9d:44:9f:3c:7a:bb:5a:75:f4:87:68:94:8a:
b3:aa:c4:fa:27:dc:31:62:9f:82:ad:63:68:06:5c:1e:0f:55:
df:66:6f:a8
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAYVvwmOtKCcvzjrUze/n3N82MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxN2NjMzdmMWVkODFhYzM3YjIwZmFmMGY0MmM0MWFiODA4
ZjEzYzEwHhcNMjMwMTAxMjM1NDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZjY0OThjMzg1MWI0NThhNDQ0NDllMTVjMjk5ZTUzMWY1ZDlmYjJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiJ97EkAynnT3pwwKCewGrF7Av2h0
gjyejP7wpxZulbt+l4V5C37nv9Q0hph69kl505T62wgfVkbUdny3aUTcGqYFObcW
rXsP/EjoBfjO10yXfyYjapYgN6Ip2mUkl0vAFYmWQbqXJ6SkXvalTcRjwubHrI8V
//4E9n3IrnTk3G3DDXkGRn3I2YqeQzVLGDYcfqlEX/hRINIXBh9ZnVwLDTO/pJJD
CS4uLQcT8dotbKbpcwc+rd2HD5xgmIsitUPwq32cPJsJlOEwCVXqeuCIEyZ4Zxvv
IuKHIlSPntYa7DKdo382BO3x+W8B2lR2zxRC2ig/rCgHc2i/g2/Pyvfj2QIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFO9kmMOFG0WKRESeFcKZ5TH12fstMB8GA1UdIwQY
MBaAFMF8w38e2BrDeyD68PQsQauAjxPBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd1h6RGZ4N1lHc043SVBydzlDeEJxNENQRThFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC9iMTBlMDYtMjU3Yy00OTk1LTg3OWQt
NmQwN2Q3ZjFhNzAxLzEvNzJTWXc0VWJSWXBFUko0VndwbmxNZlhaLXkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC9iMTBlMDYtMjU3Yy00OTk1LTg3OWQtNmQwN2Q3ZjFhNzAx
LzEvd1h6RGZ4N1lHc043SVBydzlDeEJxNENQRThFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAsBAIAATAmAwQCuQeAMAwD
BADBvIcDBADBvIgDBAXCfgADBAPCfogDBAXUJMAwDQQCAAIwBwMFACoAFZAwDQYJ
KoZIhvcNAQELBQADggEBAMlycKvBDe1LeUTyhMCQw7q9VWD64YJT4OGX4k51aSR2
QF7WUZeb3yELG6u8bbMepA6g6FX9i0jndK0LoQqfG/MkTORrUxg850aJxkEO7s8Z
5sIKg8h6I7qyl5Pc9H69iths6J31nM8g/w90bLBY3k8EqNJCef8pyG1SuF2K8fyI
kTkH3s6mXAoMTTEgwuBwgfG6HbE9pqprZrcjWcOa7nUhVD+laio5bfD1KtfX0ey/
g6vnZWuN/w14JTECwsJRr5UkOCLvIgNW/whWFF17JOrDlSK1jfpGazWKjjHpnUSf
PHq7WnX0h2iUirOqxPon3DFin4KtY2gGXB4PVd9mb6g=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:13 2024 by rpki-client on console-ams.rpki-client.org