Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/df1cb5-5f48-46a0-a76e-d3e2800bd640/1/7sYkrfaQNrYzmPTiLP5rlYBe2LA.roa
File: 7sYkrfaQNrYzmPTiLP5rlYBe2LA.roa (raw, json)
Hash identifier: jAYaaD1VfI67DRtdYm/wolQjoP1TUOnen6ArhrEZ9d0=
Subject key identifier: EE:C6:24:AD:F6:90:36:B6:33:98:F4:E2:2C:FE:6B:95:80:5E:D8:B0
Certificate issuer: /CN=e9b1320fbc24d6f4366cb64fcf5ed2d7b1b6bdf7
Certificate serial: 01857295AEE029136E5E553F135CF97DA23C
Authority key identifier: E9:B1:32:0F:BC:24:D6:F4:36:6C:B6:4F:CF:5E:D2:D7:B1:B6:BD:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6bEyD7wk1vQ2bLZPz17S17G2vfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/df1cb5-5f48-46a0-a76e-d3e2800bd640/1/7sYkrfaQNrYzmPTiLP5rlYBe2LA.roa
Signing time: Mon 02 Jan 2023 13:04:50 +0000
ROA not before: Mon 02 Jan 2023 13:04:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41937
IP address blocks: 87.250.32.0/19 maxlen: 24
185.112.20.0/22 maxlen: 24
62.240.24.0/21 maxlen: 24
109.198.0.0/19 maxlen: 24
109.122.64.0/18 maxlen: 24
185.179.136.0/22 maxlen: 24
178.79.0.0/18 maxlen: 24
178.250.136.0/21 maxlen: 24
46.235.96.0/21 maxlen: 24
5.134.104.0/21 maxlen: 24
185.26.172.0/22 maxlen: 24
109.72.48.0/20 maxlen: 24
92.244.128.0/19 maxlen: 24
178.237.208.0/20 maxlen: 24
91.185.96.0/19 maxlen: 24
185.34.92.0/22 maxlen: 24
185.103.136.0/22 maxlen: 24
91.204.52.0/22 maxlen: 24
185.10.140.0/22 maxlen: 24
109.94.232.0/21 maxlen: 24
109.94.228.0/22 maxlen: 24
2a06:63c0::/29 maxlen: 48
2a02:61a0::/32 maxlen: 48
2a00:cf00::/32 maxlen: 48
2a00:8720::/32 maxlen: 48
2a03:fc40::/32 maxlen: 48
2a06:5b00::/29 maxlen: 48
2a04:1dc0::/29 maxlen: 48
2a01:b800::/32 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:29:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:95:ae:e0:29:13:6e:5e:55:3f:13:5c:f9:7d:a2:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e9b1320fbc24d6f4366cb64fcf5ed2d7b1b6bdf7
Validity
Not Before: Jan 2 13:04:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=eec624adf69036b63398f4e22cfe6b95805ed8b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:4e:49:2c:4d:b1:30:91:73:cf:e8:f7:72:ee:
b5:05:b5:69:3b:85:73:25:60:f4:a9:7f:7c:3c:d2:
6e:82:8c:b7:73:41:77:7b:57:8e:d1:06:77:20:e7:
8b:3e:b9:1c:97:37:e2:4a:95:39:0e:3a:66:f3:a6:
7e:7c:a7:76:16:46:a7:66:2a:e2:9a:69:80:91:ec:
ce:46:f2:84:21:aa:e5:c1:82:0e:57:4e:6e:48:53:
99:49:84:3f:5e:01:ee:52:e2:ed:f6:9b:a5:61:e0:
23:fc:ed:8a:65:05:b5:91:a3:9a:1a:33:c0:ec:8c:
92:21:07:77:75:fc:43:cc:b7:14:6b:08:16:e3:0a:
26:42:64:b8:68:a2:f2:35:53:50:f3:b8:05:61:a7:
85:1b:30:ea:b4:93:39:f8:fb:d6:1f:e7:05:e8:af:
16:1e:b2:51:df:87:1f:e5:35:3e:93:3f:eb:24:86:
a0:4e:26:5d:34:47:d3:7c:ea:76:91:18:a0:50:86:
59:24:26:a4:8e:ad:b1:a4:4b:99:2f:48:14:2e:36:
89:15:21:75:20:58:11:98:ff:8b:ba:f3:4f:d3:c8:
00:9b:83:10:d4:20:73:a8:a8:94:6b:65:92:2d:9c:
e1:50:2f:a9:f4:27:e6:59:9f:a9:93:20:2f:74:c2:
d7:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:C6:24:AD:F6:90:36:B6:33:98:F4:E2:2C:FE:6B:95:80:5E:D8:B0
X509v3 Authority Key Identifier:
keyid:E9:B1:32:0F:BC:24:D6:F4:36:6C:B6:4F:CF:5E:D2:D7:B1:B6:BD:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6bEyD7wk1vQ2bLZPz17S17G2vfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/df1cb5-5f48-46a0-a76e-d3e2800bd640/1/7sYkrfaQNrYzmPTiLP5rlYBe2LA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/df1cb5-5f48-46a0-a76e-d3e2800bd640/1/6bEyD7wk1vQ2bLZPz17S17G2vfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.134.104.0/21
46.235.96.0/21
62.240.24.0/21
87.250.32.0/19
91.185.96.0/19
91.204.52.0/22
92.244.128.0/19
109.72.48.0/20
109.94.228.0-109.94.239.255
109.122.64.0/18
109.198.0.0/19
178.79.0.0/18
178.237.208.0/20
178.250.136.0/21
185.10.140.0/22
185.26.172.0/22
185.34.92.0/22
185.103.136.0/22
185.112.20.0/22
185.179.136.0/22
IPv6:
2a00:8720::/32
2a00:cf00::/32
2a01:b800::/32
2a02:61a0::/32
2a03:fc40::/32
2a04:1dc0::/29
2a06:5b00::/29
2a06:63c0::/29
Signature Algorithm: sha256WithRSAEncryption
3b:72:f3:85:e7:4c:87:58:2d:c6:be:60:0f:67:3d:11:c5:35:
48:c1:fc:8b:84:ba:79:9f:aa:2a:93:40:47:84:5f:50:bc:54:
49:8e:30:41:3b:1d:08:9b:dd:e1:ee:84:1a:53:03:c2:7e:ed:
d3:fb:44:ce:c6:72:32:a0:4f:0f:a8:1b:66:80:19:69:b5:ba:
48:69:4b:8d:81:59:16:c3:ba:16:55:1c:70:e4:c4:61:d1:ee:
56:a6:fd:0a:4f:84:1e:7d:e6:d6:de:a4:f6:a9:0c:be:21:14:
c1:a9:34:f3:0e:02:52:62:27:16:f3:c7:60:ed:46:60:61:23:
c9:25:5a:83:6b:f1:64:cb:dc:9a:64:a7:56:38:19:51:1e:da:
fb:e4:60:56:47:06:b6:73:8e:17:b9:3a:b4:90:61:f2:35:1b:
15:02:f5:9d:8b:41:ec:45:56:17:ae:c4:5c:ed:42:01:2a:5e:
e4:8a:66:cd:9f:97:d6:d0:ce:ab:51:05:85:48:a1:7f:58:bc:
54:5f:5d:0a:b6:4d:c4:52:fc:a3:b9:bf:8d:83:4d:8e:8f:47:
52:dd:da:28:62:e0:3b:1d:b2:c2:a7:c4:9e:92:51:95:e1:38:
32:1b:71:3b:22:09:40:a0:f9:87:93:45:55:ba:9e:11:de:4a:
33:b9:23:95
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgISAYVyla7gKRNuXlU/E1z5faI8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5YjEzMjBmYmMyNGQ2ZjQzNjZjYjY0ZmNmNWVkMmQ3YjFi
NmJkZjcwHhcNMjMwMTAyMTMwNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZWM2MjRhZGY2OTAzNmI2MzM5OGY0ZTIyY2ZlNmI5NTgwNWVkOGIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj05JLE2xMJFzz+j3cu61BbVpO4Vz
JWD0qX98PNJugoy3c0F3e1eO0QZ3IOeLPrkclzfiSpU5Djpm86Z+fKd2FkanZiri
mmmAkezORvKEIarlwYIOV05uSFOZSYQ/XgHuUuLt9pulYeAj/O2KZQW1kaOaGjPA
7IySIQd3dfxDzLcUawgW4womQmS4aKLyNVNQ87gFYaeFGzDqtJM5+PvWH+cF6K8W
HrJR34cf5TU+kz/rJIagTiZdNEfTfOp2kRigUIZZJCakjq2xpEuZL0gULjaJFSF1
IFgRmP+LuvNP08gAm4MQ1CBzqKiUa2WSLZzhUC+p9CfmWZ+pkyAvdMLXTwIDAQAB
o4ICyDCCAsQwHQYDVR0OBBYEFO7GJK32kDa2M5j04iz+a5WAXtiwMB8GA1UdIwQY
MBaAFOmxMg+8JNb0Nmy2T89e0textr33MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNmJFeUQ3d2sxdlEyYkxaUHoxN1MxN0cydmZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC9kZjFjYjUtNWY0OC00NmEwLWE3NmUt
ZDNlMjgwMGJkNjQwLzEvN3NZa3JmYVFOcll6bVBUaUxQNXJsWUJlMkxBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC9kZjFjYjUtNWY0OC00NmEwLWE3NmUtZDNlMjgwMGJkNjQw
LzEvNmJFeUQ3d2sxdlEyYkxaUHoxN1MxN0cydmZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHdBggrBgEFBQcBBwEB/wSBzTCByjCBhwQCAAEwgYADBAMF
hmgDBAMu62ADBAM+8BgDBAVX+iADBAVbuWADBAJbzDQDBAVc9IADBARtSDAwDAME
Am1e5AMEBG1e4AMEBm16QAMEBW3GAAMEBrJPAAMEBLLt0AMEA7L6iAMEArkKjAME
ArkarAMEArkiXAMEArlniAMEArlwFAMEArmziDA+BAIAAjA4AwUAKgCHIAMFACoA
zwADBQAqAbgAAwUAKgJhoAMFACoD/EADBQMqBB3AAwUDKgZbAAMFAyoGY8AwDQYJ
KoZIhvcNAQELBQADggEBADty84XnTIdYLca+YA9nPRHFNUjB/IuEunmfqiqTQEeE
X1C8VEmOMEE7HQib3eHuhBpTA8J+7dP7RM7GcjKgTw+oG2aAGWm1ukhpS42BWRbD
uhZVHHDkxGHR7lam/QpPhB595tbepPapDL4hFMGpNPMOAlJiJxbzx2DtRmBhI8kl
WoNr8WTL3Jpkp1Y4GVEe2vvkYFZHBrZzjhe5OrSQYfI1GxUC9Z2LQexFVheuxFzt
QgEqXuSKZs2fl9bQzqtRBYVIoX9YvFRfXQq2TcRS/KO5v42DTY6PR1Ld2ihi4Dsd
ssKnxJ6SUZXhODIbcTsiCUCg+YeTRVW6nhHeSjO5I5U=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:32 2024 by rpki-client on console-fra.rpki-client.org