Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/7ccwlMFGKtNXA3yk-qpIcxVkl0k.roa
File: 7ccwlMFGKtNXA3yk-qpIcxVkl0k.roa (raw, json)
Hash identifier: RUP1LC4brm9kkrg9QAgNDK9QLLteBKX56Q7Nf16VOfc=
Subject key identifier: ED:C7:30:94:C1:46:2A:D3:57:03:7C:A4:FA:AA:48:73:15:64:97:49
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 01856ED4EDFCFDB861146D607E4CE18E600D
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/7ccwlMFGKtNXA3yk-qpIcxVkl0k.roa
Signing time: Sun 01 Jan 2023 19:35:26 +0000
ROA not before: Sun 01 Jan 2023 19:35:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50928
IP address blocks: 46.29.192.0/21 maxlen: 21
46.29.199.0/24 maxlen: 24
46.29.194.0/24 maxlen: 24
46.29.196.0/24 maxlen: 24
188.170.244.0/23 maxlen: 23
188.170.244.0/24 maxlen: 24
188.170.245.0/24 maxlen: 24
188.170.250.0/24 maxlen: 24
188.170.251.0/24 maxlen: 24
188.170.252.0/24 maxlen: 24
188.170.248.0/24 maxlen: 24
188.170.249.0/24 maxlen: 24
178.23.144.0/21 maxlen: 21
178.23.149.0/24 maxlen: 24
178.23.148.0/24 maxlen: 24
178.23.151.0/24 maxlen: 24
178.23.150.0/24 maxlen: 24
178.176.250.0/24 maxlen: 24
178.176.251.0/24 maxlen: 24
178.176.252.0/24 maxlen: 24
178.176.248.0/24 maxlen: 24
178.176.253.0/24 maxlen: 24
178.176.249.0/24 maxlen: 24
37.29.81.0/24 maxlen: 24
37.29.80.0/24 maxlen: 24
37.29.83.0/24 maxlen: 24
37.29.80.0/22 maxlen: 22
37.29.82.0/24 maxlen: 24
31.173.248.0/21 maxlen: 21
31.173.248.0/24 maxlen: 24
31.173.252.0/24 maxlen: 24
31.173.253.0/24 maxlen: 24
31.173.249.0/24 maxlen: 24
31.173.250.0/24 maxlen: 24
31.173.251.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 25 Jan 2023 10:49:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:d4:ed:fc:fd:b8:61:14:6d:60:7e:4c:e1:8e:60:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Jan 1 19:35:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=edc73094c1462ad357037ca4faaa487315649749
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:ab:fb:94:0d:d7:4e:c8:d3:d8:fe:31:e1:ac:
77:a9:18:f0:42:89:30:d5:ec:48:79:03:0a:0f:45:
c0:96:40:ec:7d:3b:3b:9e:96:43:74:c7:61:fc:da:
4f:8b:f4:72:f1:c6:66:71:64:21:b7:ae:f7:f7:c5:
33:1d:f3:df:2a:a9:69:22:91:01:8f:50:9f:36:98:
b2:62:7b:b1:1f:91:24:83:85:80:c6:80:2f:0f:78:
e3:ec:5c:ec:cc:98:23:93:fc:2a:74:77:12:32:f5:
69:0d:10:58:1b:70:dc:ee:91:cb:64:4e:07:ff:68:
95:23:36:61:f3:0d:ba:5f:08:6e:f2:bf:d3:fa:94:
b8:b3:7b:40:ce:cd:e1:9e:62:d5:e2:aa:83:6f:48:
0e:23:8b:e6:3a:7b:d8:ff:17:f1:4b:bd:27:77:2d:
ce:81:4f:3d:a9:2c:6f:19:04:b9:41:98:28:13:58:
76:cf:c0:c1:0f:98:2f:f3:bc:7a:74:83:1b:8b:52:
4f:15:1e:f7:b0:af:d2:1b:95:18:a9:8b:40:c3:32:
a5:c1:44:6d:48:ce:f1:02:5a:03:cb:e3:b1:92:44:
da:3e:2e:35:58:d0:71:1d:bd:ef:ab:a8:c9:3a:94:
64:cc:6c:1a:9a:ed:0e:e8:f7:1b:be:ce:0f:d2:07:
67:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:C7:30:94:C1:46:2A:D3:57:03:7C:A4:FA:AA:48:73:15:64:97:49
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/7ccwlMFGKtNXA3yk-qpIcxVkl0k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.173.248.0/21
37.29.80.0/22
46.29.192.0/21
178.23.144.0/21
178.176.248.0-178.176.253.255
188.170.244.0/23
188.170.248.0-188.170.252.255
Signature Algorithm: sha256WithRSAEncryption
0f:6e:20:36:c6:ff:45:99:d4:55:5a:3d:d9:8d:ee:f1:67:92:
dd:83:54:a1:5b:43:b7:d0:cb:39:12:62:7d:71:b4:47:67:a0:
28:d5:0a:ff:d6:1b:9f:84:bd:83:65:37:cf:d0:f6:bb:14:84:
a6:65:c4:73:3a:cc:21:db:12:d8:5e:a3:22:d4:94:9f:32:3b:
e8:18:16:b2:94:69:8a:58:46:2b:00:15:55:10:84:2b:96:b4:
51:8b:d9:c4:ec:db:43:b8:8e:56:e3:46:f8:b1:8d:19:48:75:
84:f0:e1:aa:b8:9d:32:ed:8b:65:1f:f5:70:80:a5:03:15:b3:
14:91:28:b2:9e:aa:a8:de:02:93:96:7c:6a:56:e9:16:39:e5:
95:41:78:03:61:9c:d1:c1:e2:81:fb:a9:de:ed:38:72:ee:17:
07:a4:fb:2a:a6:5f:8d:86:25:94:77:ed:5f:bc:de:36:f5:c4:
04:5a:31:dd:c0:bf:87:78:9a:18:95:87:3d:f4:c9:c4:66:b9:
1a:05:c9:d8:1c:3f:77:2d:fb:47:92:90:c5:81:cb:09:5b:33:
1c:1c:47:5b:a1:ac:9e:94:df:21:87:16:fb:cb:01:82:38:c4:
e0:28:05:74:7e:86:bd:13:78:85:a2:64:bc:24:73:83:af:ae:
44:d9:2f:b9
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAYVu1O38/bhhFG1gfkzhjmANMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjMwMTAxMTkzNTI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZGM3MzA5NGMxNDYyYWQzNTcwMzdjYTRmYWFhNDg3MzE1NjQ5NzQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg6v7lA3XTsjT2P4x4ax3qRjwQokw
1exIeQMKD0XAlkDsfTs7npZDdMdh/NpPi/Ry8cZmcWQht67398UzHfPfKqlpIpEB
j1CfNpiyYnuxH5Ekg4WAxoAvD3jj7FzszJgjk/wqdHcSMvVpDRBYG3Dc7pHLZE4H
/2iVIzZh8w26Xwhu8r/T+pS4s3tAzs3hnmLV4qqDb0gOI4vmOnvY/xfxS70ndy3O
gU89qSxvGQS5QZgoE1h2z8DBD5gv87x6dIMbi1JPFR73sK/SG5UYqYtAwzKlwURt
SM7xAloDy+OxkkTaPi41WNBxHb3vq6jJOpRkzGwamu0O6Pcbvs4P0gdnhwIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFO3HMJTBRirTVwN8pPqqSHMVZJdJMB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvN2Njd2xNRkdLdE5YQTN5ay1xcEljeFZrbDBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjBABAIAATA6AwQDH634AwQC
JR1QAwQDLh3AAwQDsheQMAwDBAOysPgDBAGysPwDBAG8qvQwDAMEA7yq+AMEALyq
/DANBgkqhkiG9w0BAQsFAAOCAQEAD24gNsb/RZnUVVo92Y3u8WeS3YNUoVtDt9DL
ORJifXG0R2egKNUK/9Ybn4S9g2U3z9D2uxSEpmXEczrMIdsS2F6jItSUnzI76BgW
spRpilhGKwAVVRCEK5a0UYvZxOzbQ7iOVuNG+LGNGUh1hPDhqridMu2LZR/1cICl
AxWzFJEosp6qqN4Ck5Z8albpFjnllUF4A2Gc0cHigfup3u04cu4XB6T7KqZfjYYl
lHftX7zeNvXEBFox3cC/h3iaGJWHPfTJxGa5GgXJ2Bw/dy37R5KQxYHLCVszHBxH
W6GsnpTfIYcW+8sBgjjE4CgFdH6GvRN4haJkvCRzg6+uRNkvuQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:24 2024 by rpki-client on console-fra.rpki-client.org