Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/0b23c5-21b5-4ab3-97a0-2f8df187f98b/1/fKh8e8rjH3J6twsFgnqU2zuTKE8.roa
File: fKh8e8rjH3J6twsFgnqU2zuTKE8.roa (raw, json)
Hash identifier: sKvNpXv3Lm9bgKiD2N2iKl7LfosJQ0UT4y+OgxFuryk=
Subject key identifier: 7C:A8:7C:7B:CA:E3:1F:72:7A:B7:0B:05:82:7A:94:DB:3B:93:28:4F
Certificate issuer: /CN=f4b762950eb7916668bbfa8d1b870560b1ca7739
Certificate serial: 0190917BA7564768107AE88B6516AA27690A
Authority key identifier: F4:B7:62:95:0E:B7:91:66:68:BB:FA:8D:1B:87:05:60:B1:CA:77:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9LdilQ63kWZou_qNG4cFYLHKdzk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/0b23c5-21b5-4ab3-97a0-2f8df187f98b/1/fKh8e8rjH3J6twsFgnqU2zuTKE8.roa
Signing time: Mon 08 Jul 2024 08:35:18 +0000
ROA not before: Mon 08 Jul 2024 08:35:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12444
IP address blocks: 84.17.67.0/24 maxlen: 24
84.17.68.0/24 maxlen: 24
84.17.70.0/24 maxlen: 24
84.17.71.0/24 maxlen: 24
84.17.76.0/24 maxlen: 24
84.17.78.0/24 maxlen: 24
84.17.79.0/24 maxlen: 24
84.17.84.0/24 maxlen: 24
84.17.86.0/24 maxlen: 24
84.17.87.0/24 maxlen: 24
84.17.89.0/24 maxlen: 24
84.17.90.0/24 maxlen: 24
84.17.91.0/24 maxlen: 24
84.17.93.0/24 maxlen: 24
185.118.176.0/24 maxlen: 24
185.118.177.0/24 maxlen: 24
185.118.178.0/24 maxlen: 24
185.118.179.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 05 Aug 2024 08:36:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:91:7b:a7:56:47:68:10:7a:e8:8b:65:16:aa:27:69:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f4b762950eb7916668bbfa8d1b870560b1ca7739
Validity
Not Before: Jul 8 08:35:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7ca87c7bcae31f727ab70b05827a94db3b93284f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:b0:c9:01:f5:5e:36:6d:12:9a:16:f7:77:4d:
c5:6b:39:f1:bc:41:c6:60:a2:fb:e1:cf:20:f7:9c:
f2:0f:88:ba:d9:96:f0:21:30:05:0f:9f:35:a9:19:
51:6e:99:f3:a4:83:63:25:79:8a:98:2b:15:81:00:
73:e1:a5:d6:b1:ea:34:76:99:2c:51:ce:de:9c:a4:
ee:87:67:56:af:79:f2:21:16:93:94:88:07:93:ab:
c8:61:56:72:48:d0:90:a9:b4:48:f5:26:62:3c:c1:
75:c2:66:29:94:b0:b9:4d:7c:65:8c:ba:0f:6c:97:
97:c2:11:52:71:3e:12:9f:a8:7c:ec:03:96:8d:7e:
32:b3:55:19:dd:80:55:b4:c4:18:11:4d:09:80:ee:
dd:07:c9:3a:6e:66:3c:75:df:3b:40:f5:c8:e0:06:
76:b0:40:1e:88:0d:14:f3:d6:6d:e0:bd:51:1c:50:
16:09:23:14:22:f6:34:28:92:24:0c:62:b6:1e:5b:
c7:5c:9f:66:3b:8c:12:92:fb:00:f5:8e:16:9f:66:
7a:83:58:4d:4c:c5:5d:99:c9:15:f2:ad:ec:69:b6:
75:f3:02:98:9d:bd:89:cf:2d:fc:b8:b2:5d:c5:d3:
78:f4:ed:a7:43:78:84:54:13:f5:ae:35:09:96:34:
30:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:A8:7C:7B:CA:E3:1F:72:7A:B7:0B:05:82:7A:94:DB:3B:93:28:4F
X509v3 Authority Key Identifier:
keyid:F4:B7:62:95:0E:B7:91:66:68:BB:FA:8D:1B:87:05:60:B1:CA:77:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9LdilQ63kWZou_qNG4cFYLHKdzk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/0b23c5-21b5-4ab3-97a0-2f8df187f98b/1/fKh8e8rjH3J6twsFgnqU2zuTKE8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/0b23c5-21b5-4ab3-97a0-2f8df187f98b/1/9LdilQ63kWZou_qNG4cFYLHKdzk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.17.67.0-84.17.68.255
84.17.70.0/23
84.17.76.0/24
84.17.78.0/23
84.17.84.0/24
84.17.86.0/23
84.17.89.0-84.17.91.255
84.17.93.0/24
185.118.176.0/22
Signature Algorithm: sha256WithRSAEncryption
6a:18:eb:98:4b:81:16:ab:1a:d4:0b:84:7f:ff:db:e5:1d:06:
d9:06:d2:bc:9a:3d:35:04:be:21:aa:13:f5:87:46:c4:46:01:
47:d5:5d:5c:f0:88:0b:e8:a4:a9:6e:3f:d3:34:f1:07:10:dc:
96:b3:34:78:bf:98:23:b9:13:fa:00:3a:35:c8:36:f8:36:ee:
58:6c:6d:b5:b3:fb:a0:05:99:6d:f4:df:3c:34:e3:3f:b5:f2:
06:9f:6c:45:08:7b:00:10:d9:83:be:36:6a:8c:e7:da:a4:b7:
9c:2a:42:ee:61:18:49:43:de:9b:3f:10:ee:7b:bc:7b:45:70:
f0:eb:24:94:38:f3:0d:06:a8:34:48:01:b0:4e:f2:b8:58:c8:
4d:bc:af:70:90:a1:15:bc:35:fc:ad:3b:56:2d:c2:88:f1:20:
7c:e9:71:48:d0:19:e2:8f:7b:7b:2a:4e:57:70:98:2e:32:0f:
3a:f7:76:09:ff:9c:54:33:98:2f:28:85:4a:fd:7e:e5:9e:84:
14:33:06:04:c2:4b:d9:71:f2:43:79:ac:8f:32:31:03:40:89:
f0:19:95:57:8b:d2:3f:fd:37:03:a4:3d:91:41:2d:9a:68:46:
59:c2:65:68:0d:2d:bb:da:fd:48:8f:5e:1a:95:03:8b:a6:06:
0a:6c:00:f2
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAZCRe6dWR2gQeuiLZRaqJ2kKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0Yjc2Mjk1MGViNzkxNjY2OGJiZmE4ZDFiODcwNTYwYjFj
YTc3MzkwHhcNMjQwNzA4MDgzNTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Y2E4N2M3YmNhZTMxZjcyN2FiNzBiMDU4MjdhOTRkYjNiOTMyODRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiLDJAfVeNm0Smhb3d03FaznxvEHG
YKL74c8g95zyD4i62ZbwITAFD581qRlRbpnzpINjJXmKmCsVgQBz4aXWseo0dpks
Uc7enKTuh2dWr3nyIRaTlIgHk6vIYVZySNCQqbRI9SZiPMF1wmYplLC5TXxljLoP
bJeXwhFScT4Sn6h87AOWjX4ys1UZ3YBVtMQYEU0JgO7dB8k6bmY8dd87QPXI4AZ2
sEAeiA0U89Zt4L1RHFAWCSMUIvY0KJIkDGK2HlvHXJ9mO4wSkvsA9Y4Wn2Z6g1hN
TMVdmckV8q3sabZ18wKYnb2Jzy38uLJdxdN49O2nQ3iEVBP1rjUJljQwgQIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFHyofHvK4x9yercLBYJ6lNs7kyhPMB8GA1UdIwQY
MBaAFPS3YpUOt5FmaLv6jRuHBWCxync5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOUxkaWxRNjNrV1pvdV9xTkc0Y0ZZTEhLZHprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi8wYjIzYzUtMjFiNS00YWIzLTk3YTAt
MmY4ZGYxODdmOThiLzEvZktoOGU4cmpIM0o2dHdzRmducVUyenVUS0U4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi8wYjIzYzUtMjFiNS00YWIzLTk3YTAtMmY4ZGYxODdmOThi
LzEvOUxkaWxRNjNrV1pvdV9xTkc0Y0ZZTEhLZHprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjBMBAIAATBGMAwDBABUEUMD
BABUEUQDBAFUEUYDBABUEUwDBAFUEU4DBABUEVQDBAFUEVYwDAMEAFQRWQMEAlQR
WAMEAFQRXQMEArl2sDANBgkqhkiG9w0BAQsFAAOCAQEAahjrmEuBFqsa1AuEf//b
5R0G2QbSvJo9NQS+IaoT9YdGxEYBR9VdXPCIC+ikqW4/0zTxBxDclrM0eL+YI7kT
+gA6Ncg2+DbuWGxttbP7oAWZbfTfPDTjP7XyBp9sRQh7ABDZg742aozn2qS3nCpC
7mEYSUPemz8Q7nu8e0Vw8OsklDjzDQaoNEgBsE7yuFjITbyvcJChFbw1/K07Vi3C
iPEgfOlxSNAZ4o97eypOV3CYLjIPOvd2Cf+cVDOYLyiFSv1+5Z6EFDMGBMJL2XHy
Q3msjzIxA0CJ8BmVV4vSP/03A6Q9kUEtmmhGWcJlaA0tu9r9SI9eGpUDi6YGCmwA
8g==
-----END CERTIFICATE-----
Generated at Mon Aug 5 11:00:26 2024 by rpki-client on console-fra.rpki-client.org