Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/94ea4b-3ff0-4f7b-9d83-c310eca3c07b/1/efNB7N1c-dF0lehWx2dCa2mTZJE.roa
File: efNB7N1c-dF0lehWx2dCa2mTZJE.roa (raw, json)
Hash identifier: PpUFuNfFgRuIxUN/kO/7ve1VfUrTgmRY+1ukXhXAiA4=
Subject key identifier: 79:F3:41:EC:DD:5C:F9:D1:74:95:E8:56:C7:67:42:6B:69:93:64:91
Certificate issuer: /CN=caf613311a7869c335ca66cb423cc6e8b2fa902c
Certificate serial: 01856EEFEEE9286B3BC3DBF301AC4DE1CF10
Authority key identifier: CA:F6:13:31:1A:78:69:C3:35:CA:66:CB:42:3C:C6:E8:B2:FA:90:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yvYTMRp4acM1ymbLQjzG6LL6kCw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/94ea4b-3ff0-4f7b-9d83-c310eca3c07b/1/efNB7N1c-dF0lehWx2dCa2mTZJE.roa
Signing time: Sun 01 Jan 2023 20:04:56 +0000
ROA not before: Sun 01 Jan 2023 20:04:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 6786
IP address blocks: 217.74.192.0/20 maxlen: 24
185.156.224.0/22 maxlen: 24
192.166.192.0/21 maxlen: 24
192.166.200.0/23 maxlen: 24
2a07:a240::/29 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:31:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:ef:ee:e9:28:6b:3b:c3:db:f3:01:ac:4d:e1:cf:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=caf613311a7869c335ca66cb423cc6e8b2fa902c
Validity
Not Before: Jan 1 20:04:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=79f341ecdd5cf9d17495e856c767426b69936491
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:11:d5:b1:a2:9f:a6:47:a2:fd:e0:e2:17:5a:
a6:4c:84:a4:8c:fa:9e:8c:29:26:f3:f6:6c:2e:d8:
b4:c4:1f:6c:8a:bd:db:c6:7e:98:2f:8d:a9:9d:b5:
2e:a3:26:53:dc:f5:76:55:70:1e:d7:4d:d8:f6:db:
31:ca:a2:0e:b3:b7:62:b2:c5:ea:9a:21:20:44:4d:
55:3c:df:7a:e2:e8:34:ab:42:25:9c:97:98:08:75:
56:c0:51:55:93:6d:4f:43:f1:40:76:61:3e:7f:13:
0a:33:08:14:62:95:5e:98:54:74:d5:4a:52:0d:0f:
af:e0:95:69:ed:bd:18:e4:2f:49:d3:3c:0a:67:f1:
7f:ef:da:40:b8:a6:12:15:30:02:98:a9:19:f5:e4:
94:45:df:58:9e:53:11:72:df:42:9c:1e:c7:84:00:
32:13:3a:94:b4:5d:7b:2d:39:00:38:4a:d1:d3:30:
fe:59:45:c3:1c:38:a4:4a:0a:61:9b:85:e0:59:a4:
15:e4:48:2a:e4:f0:74:13:42:34:55:2d:41:46:ca:
4a:92:d1:a1:6d:c7:a9:87:58:5a:a0:50:d5:c1:ae:
c0:78:5f:5c:39:66:1e:c3:5d:f5:56:59:7a:ca:ff:
df:7b:da:f7:06:90:96:e4:70:6e:51:d9:1e:4a:68:
c2:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:F3:41:EC:DD:5C:F9:D1:74:95:E8:56:C7:67:42:6B:69:93:64:91
X509v3 Authority Key Identifier:
keyid:CA:F6:13:31:1A:78:69:C3:35:CA:66:CB:42:3C:C6:E8:B2:FA:90:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yvYTMRp4acM1ymbLQjzG6LL6kCw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/94ea4b-3ff0-4f7b-9d83-c310eca3c07b/1/efNB7N1c-dF0lehWx2dCa2mTZJE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/94ea4b-3ff0-4f7b-9d83-c310eca3c07b/1/yvYTMRp4acM1ymbLQjzG6LL6kCw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.156.224.0/22
192.166.192.0-192.166.201.255
217.74.192.0/20
IPv6:
2a07:a240::/29
Signature Algorithm: sha256WithRSAEncryption
22:ad:98:e7:87:2f:70:79:0d:16:fa:d2:20:d1:c5:59:13:59:
9e:72:c5:63:f1:89:2d:3f:92:77:80:16:92:49:ae:bf:b4:96:
5b:fe:58:6c:2d:53:5d:9b:dd:91:88:75:c2:b7:a5:4d:d8:f5:
24:64:5d:3d:f7:51:e8:8c:24:23:a2:27:a7:5f:dd:e5:2f:93:
0c:5a:0e:fb:d9:39:ae:9f:5c:97:87:8a:1c:7e:33:bd:42:9c:
ef:1e:41:f5:3e:28:a3:f3:79:da:99:21:64:2d:14:04:72:0f:
82:15:35:6b:af:34:46:29:c1:2e:29:c3:4a:48:ab:05:93:5c:
ba:a2:20:ba:80:3c:22:f3:95:c0:eb:2f:17:54:05:45:88:bb:
8c:fb:5c:59:84:ce:67:04:6d:e4:92:3d:4b:cd:5a:f4:e6:6d:
9c:6b:28:dd:8c:a1:7f:d3:ab:37:89:a6:38:0c:2a:ea:19:bc:
81:8c:f9:a1:b4:26:34:a5:c9:5d:9b:f7:f4:2e:44:7a:38:c1:
9a:50:ef:de:c7:d4:c0:cc:15:6e:2f:98:7d:22:e0:05:88:cb:
a5:6b:cd:bc:ba:7e:0d:1e:3b:e7:9a:d9:5c:c0:e4:06:ee:86:
45:6c:ac:c2:22:69:72:7b:31:9e:7c:f1:72:c9:f7:72:03:22:
94:d1:f4:bd
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYVu7+7pKGs7w9vzAaxN4c8QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhZjYxMzMxMWE3ODY5YzMzNWNhNjZjYjQyM2NjNmU4YjJm
YTkwMmMwHhcNMjMwMTAxMjAwNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OWYzNDFlY2RkNWNmOWQxNzQ5NWU4NTZjNzY3NDI2YjY5OTM2NDkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkxHVsaKfpkei/eDiF1qmTISkjPqe
jCkm8/ZsLti0xB9sir3bxn6YL42pnbUuoyZT3PV2VXAe103Y9tsxyqIOs7dissXq
miEgRE1VPN964ug0q0IlnJeYCHVWwFFVk21PQ/FAdmE+fxMKMwgUYpVemFR01UpS
DQ+v4JVp7b0Y5C9J0zwKZ/F/79pAuKYSFTACmKkZ9eSURd9YnlMRct9CnB7HhAAy
EzqUtF17LTkAOErR0zD+WUXDHDikSgphm4XgWaQV5Egq5PB0E0I0VS1BRspKktGh
bceph1haoFDVwa7AeF9cOWYew131Vll6yv/fe9r3BpCW5HBuUdkeSmjCYQIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFHnzQezdXPnRdJXoVsdnQmtpk2SRMB8GA1UdIwQY
MBaAFMr2EzEaeGnDNcpmy0I8xuiy+pAsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXZZVE1ScDRhY00xeW1iTFFqekc2TEw2a0N3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC85NGVhNGItM2ZmMC00ZjdiLTlkODMt
YzMxMGVjYTNjMDdiLzEvZWZOQjdOMWMtZEYwbGVoV3gyZENhMm1UWkpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC85NGVhNGItM2ZmMC00ZjdiLTlkODMtYzMxMGVjYTNjMDdi
LzEveXZZVE1ScDRhY00xeW1iTFFqekc2TEw2a0N3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAgBAIAATAaAwQCuZzgMAwD
BAbApsADBAHApsgDBATZSsAwDQQCAAIwBwMFAyoHokAwDQYJKoZIhvcNAQELBQAD
ggEBACKtmOeHL3B5DRb60iDRxVkTWZ5yxWPxiS0/kneAFpJJrr+0llv+WGwtU12b
3ZGIdcK3pU3Y9SRkXT33UeiMJCOiJ6df3eUvkwxaDvvZOa6fXJeHihx+M71CnO8e
QfU+KKPzedqZIWQtFARyD4IVNWuvNEYpwS4pw0pIqwWTXLqiILqAPCLzlcDrLxdU
BUWIu4z7XFmEzmcEbeSSPUvNWvTmbZxrKN2MoX/TqzeJpjgMKuoZvIGM+aG0JjSl
yV2b9/QuRHo4wZpQ797H1MDMFW4vmH0i4AWIy6Vrzby6fg0eO+ea2VzA5AbuhkVs
rMIiaXJ7MZ588XLJ93IDIpTR9L0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:36 2024 by rpki-client on console-ams.rpki-client.org