Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/698e4e-0a39-416b-affe-61819c480cbe/1/b7sRkY42GjtciR3Bb_CpgtAQ2QM.roa
File: b7sRkY42GjtciR3Bb_CpgtAQ2QM.roa (raw, json)
Hash identifier: 21PsytsgusfCprFDi0Out1n+BLJtI+3a1zcw5eaisE4=
Subject key identifier: 6F:BB:11:91:8E:36:1A:3B:5C:89:1D:C1:6F:F0:A9:82:D0:10:D9:03
Certificate issuer: /CN=808c3a6c5cbff0739e438d05744405b16197b15b
Certificate serial: 018632480DCDD6A306E6CD8C5B95A1AD32D6
Authority key identifier: 80:8C:3A:6C:5C:BF:F0:73:9E:43:8D:05:74:44:05:B1:61:97:B1:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gIw6bFy_8HOeQ40FdEQFsWGXsVs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/698e4e-0a39-416b-affe-61819c480cbe/1/b7sRkY42GjtciR3Bb_CpgtAQ2QM.roa
Signing time: Wed 08 Feb 2023 18:27:08 +0000
ROA not before: Wed 08 Feb 2023 18:27:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41435
IP address blocks: 213.109.80.0/20 maxlen: 20
91.193.32.0/22 maxlen: 22
194.9.36.0/23 maxlen: 23
176.104.0.0/18 maxlen: 18
79.110.128.0/20 maxlen: 20
79.110.128.0/22 maxlen: 22
79.110.132.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:32:48:0d:cd:d6:a3:06:e6:cd:8c:5b:95:a1:ad:32:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=808c3a6c5cbff0739e438d05744405b16197b15b
Validity
Not Before: Feb 8 18:27:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6fbb11918e361a3b5c891dc16ff0a982d010d903
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:22:66:b3:37:3f:1d:35:31:6e:33:24:d6:4c:
36:7b:f9:05:2b:58:87:90:7f:2f:e0:f8:22:69:1f:
be:e1:24:49:f7:b0:2b:1d:dc:d2:e2:cd:29:61:87:
dd:13:95:84:e3:8b:2e:84:55:04:19:03:e8:9a:3a:
2d:fb:5e:2c:52:c2:dd:82:a1:1d:e7:e7:7e:ed:aa:
c8:a8:2c:32:79:6f:8e:f3:07:cc:8e:c2:ce:f0:2e:
7a:8c:27:ee:dd:d8:4f:96:e0:d9:cb:49:53:b2:cf:
38:ac:54:c4:11:2c:c7:f0:2a:4d:61:0c:9c:8a:ba:
e3:50:ca:dc:a5:60:a7:fb:e2:8b:1c:e1:0a:64:d8:
a9:c2:a2:4d:e3:76:f6:5d:92:45:f1:11:c8:9d:47:
8a:b3:d0:35:14:3e:7f:79:de:54:31:a2:9a:93:12:
c5:3e:fa:cb:73:f8:58:c0:45:cc:9c:75:64:7b:ac:
3f:68:81:a5:05:ff:92:b1:01:22:9c:ce:e6:74:05:
86:81:44:cd:72:f3:f6:c7:d1:5f:c1:53:68:29:a6:
10:c3:2d:71:ea:58:31:da:af:91:be:47:34:8c:ed:
f8:a3:98:3c:3a:3e:82:1b:a5:d7:5d:c8:cb:3f:1d:
e8:96:7b:c4:5b:d6:9f:fe:ed:1e:ca:da:6e:ae:32:
a6:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:BB:11:91:8E:36:1A:3B:5C:89:1D:C1:6F:F0:A9:82:D0:10:D9:03
X509v3 Authority Key Identifier:
keyid:80:8C:3A:6C:5C:BF:F0:73:9E:43:8D:05:74:44:05:B1:61:97:B1:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gIw6bFy_8HOeQ40FdEQFsWGXsVs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/698e4e-0a39-416b-affe-61819c480cbe/1/b7sRkY42GjtciR3Bb_CpgtAQ2QM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/698e4e-0a39-416b-affe-61819c480cbe/1/gIw6bFy_8HOeQ40FdEQFsWGXsVs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.110.128.0/20
91.193.32.0/22
176.104.0.0/18
194.9.36.0/23
213.109.80.0/20
Signature Algorithm: sha256WithRSAEncryption
84:4f:50:ce:81:61:9c:68:42:bb:7b:09:97:f3:27:84:08:9a:
40:3b:48:8c:5a:d2:d3:58:0b:92:f1:69:e3:79:83:b4:45:1d:
09:fc:c9:36:f3:29:d3:18:00:75:4b:5a:ac:b8:be:d2:b9:ab:
91:f2:3d:a5:fc:f9:d8:c6:51:84:56:6d:f1:f7:2a:b6:1b:04:
90:15:7f:ac:07:bb:ec:1e:b5:a7:23:3e:86:f2:93:c5:b6:27:
d4:5c:fd:fc:7f:82:55:85:35:b7:bc:b9:34:e6:8c:fa:40:ef:
97:94:3f:46:bf:f9:1a:6f:3b:94:9c:af:53:14:16:89:0d:04:
89:01:3c:fe:72:86:73:77:42:8d:2d:cb:5d:00:64:fd:19:1c:
97:91:b6:ea:70:3f:ce:60:92:b1:f5:f8:16:8a:ce:be:bd:5e:
c9:7a:0f:e7:b6:04:eb:59:05:b9:9a:56:f9:53:49:39:b9:b1:
81:6d:6f:9d:9a:e7:50:f7:73:87:a8:e5:9b:1a:b4:bf:b5:e6:
9d:4d:bb:ef:35:0f:cf:9d:af:9f:7f:c8:79:8b:26:91:03:51:
7c:ad:f1:e7:78:c0:b8:9f:6a:e0:da:65:d1:86:0d:74:6a:fc:
4f:fc:c0:e9:5e:3c:7c:6c:d1:98:91:92:58:c3:14:48:b0:6d:
23:ee:42:43
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYYySA3N1qMG5s2MW5WhrTLWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgwOGMzYTZjNWNiZmYwNzM5ZTQzOGQwNTc0NDQwNWIxNjE5
N2IxNWIwHhcNMjMwMjA4MTgyNzA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZmJiMTE5MThlMzYxYTNiNWM4OTFkYzE2ZmYwYTk4MmQwMTBkOTAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmSJmszc/HTUxbjMk1kw2e/kFK1iH
kH8v4PgiaR++4SRJ97ArHdzS4s0pYYfdE5WE44suhFUEGQPomjot+14sUsLdgqEd
5+d+7arIqCwyeW+O8wfMjsLO8C56jCfu3dhPluDZy0lTss84rFTEESzH8CpNYQyc
irrjUMrcpWCn++KLHOEKZNipwqJN43b2XZJF8RHInUeKs9A1FD5/ed5UMaKakxLF
PvrLc/hYwEXMnHVke6w/aIGlBf+SsQEinM7mdAWGgUTNcvP2x9FfwVNoKaYQwy1x
6lgx2q+Rvkc0jO34o5g8Oj6CG6XXXcjLPx3olnvEW9af/u0eytpurjKmGQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFG+7EZGONho7XIkdwW/wqYLQENkDMB8GA1UdIwQY
MBaAFICMOmxcv/BznkONBXREBbFhl7FbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ0l3NmJGeV84SE9lUTQwRmRFUUZzV0dYc1ZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC82OThlNGUtMGEzOS00MTZiLWFmZmUt
NjE4MTljNDgwY2JlLzEvYjdzUmtZNDJHanRjaVIzQmJfQ3BndEFRMlFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC82OThlNGUtMGEzOS00MTZiLWFmZmUtNjE4MTljNDgwY2Jl
LzEvZ0l3NmJGeV84SE9lUTQwRmRFUUZzV0dYc1ZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQET26AAwQC
W8EgAwQGsGgAAwQBwgkkAwQE1W1QMA0GCSqGSIb3DQEBCwUAA4IBAQCET1DOgWGc
aEK7ewmX8yeECJpAO0iMWtLTWAuS8WnjeYO0RR0J/Mk28ynTGAB1S1qsuL7SuauR
8j2l/PnYxlGEVm3x9yq2GwSQFX+sB7vsHrWnIz6G8pPFtifUXP38f4JVhTW3vLk0
5oz6QO+XlD9Gv/kabzuUnK9TFBaJDQSJATz+coZzd0KNLctdAGT9GRyXkbbqcD/O
YJKx9fgWis6+vV7Jeg/ntgTrWQW5mlb5U0k5ubGBbW+dmudQ93OHqOWbGrS/tead
TbvvNQ/Pna+ff8h5iyaRA1F8rfHneMC4n2rg2mXRhg10avxP/MDpXjx8bNGYkZJY
wxRIsG0j7kJD
-----END CERTIFICATE-----
Generated at Mon Jan 1 08:10:21 2024 by rpki-client on console-fra.rpki-client.org