Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/f761bd-5c3a-4d2f-8cd9-3e59ce445b1c/1/7OSn8RVSbqqbD_dpomAkM7xW_H0.roa
File: 7OSn8RVSbqqbD_dpomAkM7xW_H0.roa (raw, json)
Hash identifier: zpbSFXistai26HG5aMd6e4M/QQhXQOhm5QhSPHJkqDQ=
Subject key identifier: EC:E4:A7:F1:15:52:6E:AA:9B:0F:F7:69:A2:60:24:33:BC:56:FC:7D
Certificate issuer: /CN=a4e7205f5d41257a6bb95f900eec0a1123e75164
Certificate serial: 01857070588FFFC38330BC6C4DF04DF188E6
Authority key identifier: A4:E7:20:5F:5D:41:25:7A:6B:B9:5F:90:0E:EC:0A:11:23:E7:51:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pOcgX11BJXpruV-QDuwKESPnUWQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/f761bd-5c3a-4d2f-8cd9-3e59ce445b1c/1/7OSn8RVSbqqbD_dpomAkM7xW_H0.roa
Signing time: Mon 02 Jan 2023 03:04:48 +0000
ROA not before: Mon 02 Jan 2023 03:04:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48854
IP address blocks: 185.134.28.0/22 maxlen: 22
195.178.14.0/23 maxlen: 23
80.70.0.0/23 maxlen: 23
185.21.40.0/22 maxlen: 22
212.97.132.0/22 maxlen: 22
212.97.140.0/22 maxlen: 22
94.143.8.0/21 maxlen: 21
93.191.152.0/21 maxlen: 21
93.191.152.0/22 maxlen: 22
217.61.236.0/22 maxlen: 22
93.191.156.0/24 maxlen: 24
93.191.158.0/24 maxlen: 24
93.191.157.0/24 maxlen: 24
89.188.72.0/21 maxlen: 21
185.25.141.0/24 maxlen: 24
185.25.143.0/24 maxlen: 24
94.231.96.0/20 maxlen: 20
94.231.103.0/24 maxlen: 24
185.223.24.0/22 maxlen: 22
185.221.36.0/22 maxlen: 22
212.237.248.0/23 maxlen: 23
194.150.112.0/22 maxlen: 22
185.20.204.0/22 maxlen: 22
185.20.205.0/24 maxlen: 24
185.20.206.0/23 maxlen: 23
2a06:eac0::/29 maxlen: 48
2a02:2338::/32 maxlen: 48
2a02:2339:4000::/34 maxlen: 48
Validation: Failed, certificate revoked on Mon 23 Jan 2023 14:46:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:70:58:8f:ff:c3:83:30:bc:6c:4d:f0:4d:f1:88:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a4e7205f5d41257a6bb95f900eec0a1123e75164
Validity
Not Before: Jan 2 03:04:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ece4a7f115526eaa9b0ff769a2602433bc56fc7d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:67:18:4d:f9:27:4a:6d:ea:00:89:dd:33:26:
5f:13:b1:8b:85:0a:ed:d4:dd:f6:c0:fd:7e:e3:ed:
f7:b1:f3:34:3a:f2:55:da:0e:11:e9:ac:be:c3:4e:
4b:21:b3:16:ab:35:ff:e4:17:f0:50:2e:0e:16:d1:
c6:73:5d:b4:ad:75:d4:2b:5d:fd:7b:d4:d6:19:2d:
24:cf:21:51:e9:73:2e:5d:10:01:d2:54:c9:2c:88:
18:e6:2a:8e:28:ee:8e:ef:1a:a4:6f:75:6b:8b:be:
8a:77:c7:cf:bf:a0:57:a7:7a:03:d6:4a:71:27:1f:
cb:2c:27:6e:86:a6:4a:8c:ff:32:b6:be:ad:70:6b:
e9:ab:96:94:b8:83:67:ae:37:f2:20:26:9e:06:81:
c8:6d:0d:2f:87:49:cb:d0:01:98:49:86:7f:70:b6:
f4:7d:8d:88:a2:60:2e:7e:f8:1c:9a:87:40:90:5b:
16:4e:f1:77:85:23:44:9c:45:db:f7:2f:50:56:d0:
ab:e1:c8:b1:c1:c4:4f:10:60:74:26:c8:35:8c:9c:
dd:f7:bd:cb:b5:00:5d:13:27:8c:a0:76:6a:c6:46:
ba:63:cc:2f:d2:0b:b9:a3:a9:8d:70:cf:67:99:2c:
1b:d5:af:67:99:4b:d3:2b:e5:f2:7b:31:71:ae:23:
a5:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:E4:A7:F1:15:52:6E:AA:9B:0F:F7:69:A2:60:24:33:BC:56:FC:7D
X509v3 Authority Key Identifier:
keyid:A4:E7:20:5F:5D:41:25:7A:6B:B9:5F:90:0E:EC:0A:11:23:E7:51:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pOcgX11BJXpruV-QDuwKESPnUWQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/f761bd-5c3a-4d2f-8cd9-3e59ce445b1c/1/7OSn8RVSbqqbD_dpomAkM7xW_H0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/f761bd-5c3a-4d2f-8cd9-3e59ce445b1c/1/pOcgX11BJXpruV-QDuwKESPnUWQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.70.0.0/23
89.188.72.0/21
93.191.152.0/21
94.143.8.0/21
94.231.96.0/20
185.20.204.0/22
185.21.40.0/22
185.25.141.0/24
185.25.143.0/24
185.134.28.0/22
185.221.36.0/22
185.223.24.0/22
194.150.112.0/22
195.178.14.0/23
212.97.132.0/22
212.97.140.0/22
212.237.248.0/23
217.61.236.0/22
IPv6:
2a02:2338::/32
2a02:2339:4000::/34
2a06:eac0::/29
Signature Algorithm: sha256WithRSAEncryption
82:8a:d5:a3:b2:98:07:e2:be:ed:75:18:3d:6b:7b:dc:5b:69:
85:d8:df:b9:b7:2e:31:99:53:e9:53:af:2c:4d:25:89:6c:a7:
50:c0:f8:01:88:be:3a:87:94:e8:b6:bd:2d:e0:7c:9c:48:61:
c4:15:70:8f:6a:9e:f1:7d:84:db:bc:e2:2c:2d:94:d3:1b:80:
27:fa:4a:9f:fe:c5:3b:92:0a:6b:2d:0e:d1:66:2a:8f:31:2b:
ed:f3:9a:a1:df:50:a4:ff:1e:4c:a2:b6:a0:bb:74:1d:5b:fb:
1c:57:26:ca:13:5a:36:24:8d:f2:93:07:a5:bd:6a:b0:0f:43:
1e:db:e7:91:d1:00:9b:5a:90:5f:1a:50:79:78:0e:5d:85:be:
5c:9a:e3:d7:b7:54:f6:9a:1c:c8:f9:65:c8:14:b3:0e:0a:df:
8b:59:7c:ca:cb:39:a6:2c:a5:03:88:7a:9a:e3:a7:dc:f6:aa:
c8:32:0e:24:98:6a:c1:9b:9d:3b:9a:7b:30:78:29:0c:f5:ba:
7e:81:b9:41:ca:a3:cb:3a:46:82:07:ba:fa:ff:77:0e:cc:53:
c3:ad:fa:08:6d:42:64:07:42:d3:87:b8:89:68:70:fc:2d:6f:
3e:9e:aa:31:5f:21:ce:79:37:aa:73:e0:08:6f:95:d9:7b:39:
2a:cc:f5:99
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgISAYVwcFiP/8ODMLxsTfBN8YjmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0ZTcyMDVmNWQ0MTI1N2E2YmI5NWY5MDBlZWMwYTExMjNl
NzUxNjQwHhcNMjMwMTAyMDMwNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlY2U0YTdmMTE1NTI2ZWFhOWIwZmY3NjlhMjYwMjQzM2JjNTZmYzdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoGcYTfknSm3qAIndMyZfE7GLhQrt
1N32wP1+4+33sfM0OvJV2g4R6ay+w05LIbMWqzX/5BfwUC4OFtHGc120rXXUK139
e9TWGS0kzyFR6XMuXRAB0lTJLIgY5iqOKO6O7xqkb3Vri76Kd8fPv6BXp3oD1kpx
Jx/LLCduhqZKjP8ytr6tcGvpq5aUuINnrjfyICaeBoHIbQ0vh0nL0AGYSYZ/cLb0
fY2IomAufvgcmodAkFsWTvF3hSNEnEXb9y9QVtCr4cixwcRPEGB0Jsg1jJzd973L
tQBdEyeMoHZqxka6Y8wv0gu5o6mNcM9nmSwb1a9nmUvTK+XyezFxriOlnQIDAQAB
o4ICkDCCAowwHQYDVR0OBBYEFOzkp/EVUm6qmw/3aaJgJDO8Vvx9MB8GA1UdIwQY
MBaAFKTnIF9dQSV6a7lfkA7sChEj51FkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcE9jZ1gxMUJKWHBydVYtUUR1d0tFU1BuVVdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy9mNzYxYmQtNWMzYS00ZDJmLThjZDkt
M2U1OWNlNDQ1YjFjLzEvN09TbjhSVlNicXFiRF9kcG9tQWtNN3hXX0gwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy9mNzYxYmQtNWMzYS00ZDJmLThjZDktM2U1OWNlNDQ1YjFj
LzEvcE9jZ1gxMUJKWHBydVYtUUR1d0tFU1BuVVdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGlBggrBgEFBQcBBwEB/wSBlTCBkjByBAIAATBsAwQBUEYA
AwQDWbxIAwQDXb+YAwQDXo8IAwQEXudgAwQCuRTMAwQCuRUoAwQAuRmNAwQAuRmP
AwQCuYYcAwQCud0kAwQCud8YAwQCwpZwAwQBw7IOAwQC1GGEAwQC1GGMAwQB1O34
AwQC2T3sMBwEAgACMBYDBQAqAiM4AwYGKgIjOUADBQMqBurAMA0GCSqGSIb3DQEB
CwUAA4IBAQCCitWjspgH4r7tdRg9a3vcW2mF2N+5ty4xmVPpU68sTSWJbKdQwPgB
iL46h5Totr0t4HycSGHEFXCPap7xfYTbvOIsLZTTG4An+kqf/sU7kgprLQ7RZiqP
MSvt85qh31Ck/x5Moragu3QdW/scVybKE1o2JI3ykwelvWqwD0Me2+eR0QCbWpBf
GlB5eA5dhb5cmuPXt1T2mhzI+WXIFLMOCt+LWXzKyzmmLKUDiHqa46fc9qrIMg4k
mGrBm507mnsweCkM9bp+gblByqPLOkaCB7r6/3cOzFPDrfoIbUJkB0LTh7iJaHD8
LW8+nqoxXyHOeTeqc+AIb5XZezkqzPWZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:23 2024 by rpki-client on console-fra.rpki-client.org