Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/1af4a5-0d6c-4776-be5c-be852f644201/1/7vFWkpswQGZvPzvdKbVjd31cD4Q.roa
File: 7vFWkpswQGZvPzvdKbVjd31cD4Q.roa (raw, json)
Hash identifier: AHz8NYYxtFipqGCd02ougefMB2cQMfSJK3fYpfew6lE=
Subject key identifier: EE:F1:56:92:9B:30:40:66:6F:3F:3B:DD:29:B5:63:77:7D:5C:0F:84
Certificate issuer: /CN=e916dc9db4e49de71b2fd0819dae853aeb053b06
Certificate serial: 018C6D8E37B9C907A0F62F6C0F1745186AF4
Authority key identifier: E9:16:DC:9D:B4:E4:9D:E7:1B:2F:D0:81:9D:AE:85:3A:EB:05:3B:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6RbcnbTknecbL9CBna6FOusFOwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/1af4a5-0d6c-4776-be5c-be852f644201/1/7vFWkpswQGZvPzvdKbVjd31cD4Q.roa
Signing time: Fri 15 Dec 2023 12:58:06 +0000
ROA not before: Fri 15 Dec 2023 12:58:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 216129
IP address blocks: 107.161.154.0/24 maxlen: 24
199.83.103.0/24 maxlen: 24
2a13:d200:7::/48 maxlen: 48
2a13:d200::/29 maxlen: 29
2a13:d200:8::/48 maxlen: 48
2a13:d200:6::/48 maxlen: 48
2a13:d200:9::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:6d:8e:37:b9:c9:07:a0:f6:2f:6c:0f:17:45:18:6a:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e916dc9db4e49de71b2fd0819dae853aeb053b06
Validity
Not Before: Dec 15 12:58:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=eef156929b3040666f3f3bdd29b563777d5c0f84
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:a1:4a:29:36:82:a9:b8:a0:81:84:68:37:07:
0b:32:b5:cf:e5:32:4a:21:de:38:64:92:46:29:68:
95:10:ae:fa:29:9c:7d:db:39:c3:d7:41:80:31:1e:
47:61:cc:30:20:fa:b3:99:b3:56:6c:f3:b0:39:64:
d0:0c:bc:99:e0:ec:da:f2:76:19:c0:27:01:ce:4d:
40:f4:e5:c1:29:5f:f8:e8:a7:44:01:a5:f3:2e:e9:
f3:f2:f2:22:41:f4:2c:86:d4:38:93:f3:2e:99:9f:
3c:87:45:5c:ee:d2:49:21:ef:6f:f8:97:0d:c6:4b:
bd:67:fe:e2:db:0b:ae:a6:80:60:16:36:b8:61:dd:
c2:60:6c:35:07:54:3f:b9:f2:5b:cd:79:a0:ad:a3:
5c:0a:03:6a:cf:98:a2:d9:26:f9:b5:b4:b0:07:8a:
6e:1f:d7:29:ce:6e:e0:a3:67:d6:a1:e8:b5:a5:15:
bf:cb:eb:f8:9e:78:54:4c:5e:15:71:0b:c9:38:40:
18:b8:91:37:7f:1c:4f:5e:5d:99:40:2a:72:79:35:
b7:d1:d4:8d:a8:0c:db:91:ad:3f:43:47:a1:f8:de:
6e:ab:df:f6:c1:ce:53:d6:f5:d7:76:f4:69:a2:c1:
3f:76:14:54:a1:01:dd:d6:da:46:59:d4:41:bb:49:
14:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:F1:56:92:9B:30:40:66:6F:3F:3B:DD:29:B5:63:77:7D:5C:0F:84
X509v3 Authority Key Identifier:
keyid:E9:16:DC:9D:B4:E4:9D:E7:1B:2F:D0:81:9D:AE:85:3A:EB:05:3B:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6RbcnbTknecbL9CBna6FOusFOwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/1af4a5-0d6c-4776-be5c-be852f644201/1/7vFWkpswQGZvPzvdKbVjd31cD4Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/1af4a5-0d6c-4776-be5c-be852f644201/1/6RbcnbTknecbL9CBna6FOusFOwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
107.161.154.0/24
199.83.103.0/24
IPv6:
2a13:d200::/29
Signature Algorithm: sha256WithRSAEncryption
8f:8b:8e:76:69:58:2d:2f:9c:68:58:b1:56:92:6f:b2:61:db:
db:69:b2:14:c8:71:d9:9d:99:ab:d1:1a:1a:44:e9:8a:dc:85:
7f:d8:74:bc:a8:e1:a0:e2:0b:91:2c:07:17:78:9f:d0:3f:f7:
e8:22:83:80:45:ac:b2:5c:05:84:3a:72:64:44:55:60:79:28:
e9:82:72:8b:34:17:fe:da:98:9b:73:76:3f:8b:1b:f6:1f:20:
bb:b3:18:2c:6e:e3:e8:6d:a4:6f:3e:23:d7:e6:4c:5f:bf:f0:
51:cb:08:31:4b:5f:12:26:31:1d:17:77:3e:d7:72:76:e1:10:
6c:17:8f:1b:cc:5a:f6:40:b1:be:d3:e2:d3:6d:61:1a:f6:04:
b4:fe:3a:61:cf:7d:dd:4f:89:ae:a7:4b:f4:f7:8a:50:f2:94:
25:77:2a:56:a2:ea:70:78:69:f4:51:22:00:fc:9c:1d:bf:79:
ed:fc:50:6d:ca:e1:9c:d7:45:fb:0d:24:79:a5:77:51:ae:64:
d5:38:5e:c2:3f:07:05:85:55:08:57:ab:8b:85:8e:8c:23:e2:
34:c7:58:05:26:f8:e3:97:b6:9c:2f:01:de:15:38:74:c8:dd:
eb:d4:0f:2c:b7:0b:95:20:7c:1d:b2:14:9b:9c:cd:3e:47:c7:
e0:46:9d:0f
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYxtjje5yQeg9i9sDxdFGGr0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5MTZkYzlkYjRlNDlkZTcxYjJmZDA4MTlkYWU4NTNhZWIw
NTNiMDYwHhcNMjMxMjE1MTI1ODA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZWYxNTY5MjliMzA0MDY2NmYzZjNiZGQyOWI1NjM3NzdkNWMwZjg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1aFKKTaCqbiggYRoNwcLMrXP5TJK
Id44ZJJGKWiVEK76KZx92znD10GAMR5HYcwwIPqzmbNWbPOwOWTQDLyZ4Oza8nYZ
wCcBzk1A9OXBKV/46KdEAaXzLunz8vIiQfQshtQ4k/MumZ88h0Vc7tJJIe9v+JcN
xku9Z/7i2wuupoBgFja4Yd3CYGw1B1Q/ufJbzXmgraNcCgNqz5ii2Sb5tbSwB4pu
H9cpzm7go2fWoei1pRW/y+v4nnhUTF4VcQvJOEAYuJE3fxxPXl2ZQCpyeTW30dSN
qAzbka0/Q0eh+N5uq9/2wc5T1vXXdvRposE/dhRUoQHd1tpGWdRBu0kUXwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFO7xVpKbMEBmbz873Sm1Y3d9XA+EMB8GA1UdIwQY
MBaAFOkW3J205J3nGy/QgZ2uhTrrBTsGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNlJiY25iVGtuZWNiTDlDQm5hNkZPdXNGT3dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS8xYWY0YTUtMGQ2Yy00Nzc2LWJlNWMt
YmU4NTJmNjQ0MjAxLzEvN3ZGV2twc3dRR1p2UHp2ZEtiVmpkMzFjRDRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS8xYWY0YTUtMGQ2Yy00Nzc2LWJlNWMtYmU4NTJmNjQ0MjAx
LzEvNlJiY25iVGtuZWNiTDlDQm5hNkZPdXNGT3dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAa6GaAwQA
x1NnMA0EAgACMAcDBQMqE9IAMA0GCSqGSIb3DQEBCwUAA4IBAQCPi452aVgtL5xo
WLFWkm+yYdvbabIUyHHZnZmr0RoaROmK3IV/2HS8qOGg4guRLAcXeJ/QP/foIoOA
RayyXAWEOnJkRFVgeSjpgnKLNBf+2pibc3Y/ixv2HyC7sxgsbuPobaRvPiPX5kxf
v/BRywgxS18SJjEdF3c+13J24RBsF48bzFr2QLG+0+LTbWEa9gS0/jphz33dT4mu
p0v094pQ8pQldypWoupweGn0USIA/Jwdv3nt/FBtyuGc10X7DSR5pXdRrmTVOF7C
PwcFhVUIV6uLhY6MI+I0x1gFJvjjl7acLwHeFTh0yN3r1A8stwuVIHwdshSbnM0+
R8fgRp0P
-----END CERTIFICATE-----
Generated at Mon Jan 1 23:38:10 2024 by rpki-client on console-fra.rpki-client.org