Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/ff4a67-59fc-4f00-a3ad-b3754afe9529/1/7LOzyp6WH_R4Z-fdIEuXgHET5mU.roa
File: 7LOzyp6WH_R4Z-fdIEuXgHET5mU.roa (raw, json)
Hash identifier: IYxml5KetyjUnXOa/VMaEqoWLzF+NO5CY9OyJUfC/cA=
Subject key identifier: EC:B3:B3:CA:9E:96:1F:F4:78:67:E7:DD:20:4B:97:80:71:13:E6:65
Certificate issuer: /CN=08d0bc8c58902c8ca7bb869ec2e28302fa4515e9
Certificate serial: 0185714C4D1921E7ABCA73F877DEB22B9A8B
Authority key identifier: 08:D0:BC:8C:58:90:2C:8C:A7:BB:86:9E:C2:E2:83:02:FA:45:15:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CNC8jFiQLIynu4aewuKDAvpFFek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/ff4a67-59fc-4f00-a3ad-b3754afe9529/1/7LOzyp6WH_R4Z-fdIEuXgHET5mU.roa
Signing time: Mon 02 Jan 2023 07:05:03 +0000
ROA not before: Mon 02 Jan 2023 07:05:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 680
IP address blocks: 193.17.22.0/24 maxlen: 24
192.76.145.0/24 maxlen: 24
192.109.116.0/24 maxlen: 24
192.109.115.0/24 maxlen: 24
134.96.0.0/16 maxlen: 16
Validation: Failed, certificate revoked on Mon 01 Jan 2024 14:29:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:4c:4d:19:21:e7:ab:ca:73:f8:77:de:b2:2b:9a:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08d0bc8c58902c8ca7bb869ec2e28302fa4515e9
Validity
Not Before: Jan 2 07:05:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ecb3b3ca9e961ff47867e7dd204b97807113e665
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:53:62:a8:e3:cd:be:b6:c7:8a:a4:62:c7:27:
d6:17:9f:51:d1:d2:aa:ec:57:f1:68:16:9f:93:35:
89:4e:ab:00:a8:d3:75:45:be:b4:cb:e3:3d:59:bd:
fd:2f:e6:d5:f1:60:9c:e0:90:c8:c5:5a:57:3c:2f:
80:2e:d7:fa:4f:df:ad:c7:7b:36:37:65:6f:97:10:
a1:dd:a6:33:8c:fb:14:d1:05:84:8f:fd:7e:30:2b:
9d:27:18:32:49:c3:72:cb:7f:40:26:7c:e5:93:2c:
e4:48:a4:a1:9e:d9:25:72:de:44:71:eb:70:01:89:
21:e8:c9:74:a4:11:ed:48:83:36:79:28:28:01:2c:
43:2e:27:2b:7c:d2:aa:fd:d0:5e:6e:b5:24:75:7a:
f7:b7:76:79:76:b6:33:8d:54:0f:e4:38:dd:1f:28:
9b:83:ec:f2:96:98:58:1a:14:a5:f1:5b:26:46:8b:
26:0b:e7:36:ce:83:40:3d:c7:43:6d:ca:df:65:2f:
4d:35:bd:6a:9c:23:11:68:21:a3:89:20:72:2a:4a:
66:8c:7a:ae:9e:6b:62:8f:73:b0:ee:bb:2a:66:21:
c3:93:8e:4c:17:ac:4a:64:66:79:c5:5b:fe:d5:5c:
2e:b6:53:b4:0d:47:f1:ca:58:07:77:68:48:d4:8b:
12:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:B3:B3:CA:9E:96:1F:F4:78:67:E7:DD:20:4B:97:80:71:13:E6:65
X509v3 Authority Key Identifier:
keyid:08:D0:BC:8C:58:90:2C:8C:A7:BB:86:9E:C2:E2:83:02:FA:45:15:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CNC8jFiQLIynu4aewuKDAvpFFek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/ff4a67-59fc-4f00-a3ad-b3754afe9529/1/7LOzyp6WH_R4Z-fdIEuXgHET5mU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/ff4a67-59fc-4f00-a3ad-b3754afe9529/1/CNC8jFiQLIynu4aewuKDAvpFFek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
134.96.0.0/16
192.76.145.0/24
192.109.115.0-192.109.116.255
193.17.22.0/24
Signature Algorithm: sha256WithRSAEncryption
94:04:8f:9b:e6:4b:e6:76:22:3f:2e:47:d9:b5:4d:cb:e9:32:
69:32:2b:57:fe:82:09:64:53:f5:1a:60:3c:76:e2:5c:b3:dc:
e6:fa:69:c4:78:70:0b:be:3a:cf:73:15:0d:07:d5:49:ea:40:
12:b5:83:a2:4f:1a:4a:5b:7f:df:64:d2:1b:6b:5b:fc:ad:04:
1f:55:8d:1d:2d:4e:5b:b3:6f:18:3b:96:88:c1:ef:96:9e:21:
d8:6f:52:be:24:8d:7b:ea:31:0b:1d:e0:62:b6:75:d1:19:9f:
06:6b:3f:de:14:c3:64:7b:a6:32:ff:53:63:1d:c8:6d:ce:ae:
ee:5e:8f:5b:4d:2c:05:e3:f5:a0:5f:91:ed:f7:96:5a:61:1b:
4c:f0:f4:31:cb:1d:ea:a7:35:9f:54:86:2a:57:e7:cc:5c:fa:
dd:bf:42:a6:39:b5:8d:ab:f7:d2:61:71:27:c9:2b:0e:1a:5f:
4f:fc:b4:50:94:f1:48:68:19:07:20:14:a8:9e:07:9d:83:14:
55:07:44:f9:aa:68:f5:ba:8b:a6:e8:f8:45:e9:4b:42:a3:d4:
18:22:e8:3d:d1:2b:40:ea:69:12:5d:b3:f3:4d:bb:04:9d:39:
d6:c4:28:c9:17:aa:80:26:ff:ef:72:28:6c:a8:d5:52:d5:f7:
0b:e4:a2:5f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAYVxTE0ZIeerynP4d96yK5qLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4ZDBiYzhjNTg5MDJjOGNhN2JiODY5ZWMyZTI4MzAyZmE0
NTE1ZTkwHhcNMjMwMTAyMDcwNTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlY2IzYjNjYTllOTYxZmY0Nzg2N2U3ZGQyMDRiOTc4MDcxMTNlNjY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAylNiqOPNvrbHiqRixyfWF59R0dKq
7FfxaBafkzWJTqsAqNN1Rb60y+M9Wb39L+bV8WCc4JDIxVpXPC+ALtf6T9+tx3s2
N2VvlxCh3aYzjPsU0QWEj/1+MCudJxgyScNyy39AJnzlkyzkSKShntklct5Ecetw
AYkh6Ml0pBHtSIM2eSgoASxDLicrfNKq/dBebrUkdXr3t3Z5drYzjVQP5DjdHyib
g+zylphYGhSl8VsmRosmC+c2zoNAPcdDbcrfZS9NNb1qnCMRaCGjiSByKkpmjHqu
nmtij3Ow7rsqZiHDk45MF6xKZGZ5xVv+1VwutlO0DUfxylgHd2hI1IsSRQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOyzs8qelh/0eGfn3SBLl4BxE+ZlMB8GA1UdIwQY
MBaAFAjQvIxYkCyMp7uGnsLigwL6RRXpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ05DOGpGaVFMSXludTRhZXd1S0RBdnBGRmVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC9mZjRhNjctNTlmYy00ZjAwLWEzYWQt
YjM3NTRhZmU5NTI5LzEvN0xPenlwNldIX1I0Wi1mZElFdVhnSEVUNW1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC9mZjRhNjctNTlmYy00ZjAwLWEzYWQtYjM3NTRhZmU5NTI5
LzEvQ05DOGpGaVFMSXludTRhZXd1S0RBdnBGRmVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDgGCCsGAQUFBwEHAQH/BCkwJzAlBAIAATAfAwMAhmADBADA
TJEwDAMEAMBtcwMEAMBtdAMEAMERFjANBgkqhkiG9w0BAQsFAAOCAQEAlASPm+ZL
5nYiPy5H2bVNy+kyaTIrV/6CCWRT9RpgPHbiXLPc5vppxHhwC746z3MVDQfVSepA
ErWDok8aSlt/32TSG2tb/K0EH1WNHS1OW7NvGDuWiMHvlp4h2G9SviSNe+oxCx3g
YrZ10RmfBms/3hTDZHumMv9TYx3Ibc6u7l6PW00sBeP1oF+R7feWWmEbTPD0Mcsd
6qc1n1SGKlfnzFz63b9Cpjm1jav30mFxJ8krDhpfT/y0UJTxSGgZByAUqJ4HnYMU
VQdE+apo9bqLpuj4RelLQqPUGCLoPdErQOppEl2z8027BJ051sQoyReqgCb/73Io
bKjVUtX3C+SiXw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:02 2024 by rpki-client on console-fra.rpki-client.org