Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/7QtPGK2SxFsWyZGuXLKNh1iUoFE.roa
File: 7QtPGK2SxFsWyZGuXLKNh1iUoFE.roa (raw, json)
Hash identifier: 1uT0SCHKafWbMrWiNRmk1Msnm8EpSGiW1T2rJQiQsVU=
Subject key identifier: ED:0B:4F:18:AD:92:C4:5B:16:C9:91:AE:5C:B2:8D:87:58:94:A0:51
Certificate issuer: /CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Certificate serial: 0189918CBE1400ED9CF29AA0EB10E426775F
Authority key identifier: 2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/7QtPGK2SxFsWyZGuXLKNh1iUoFE.roa
Signing time: Wed 26 Jul 2023 09:34:27 +0000
ROA not before: Wed 26 Jul 2023 09:34:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208485
IP address blocks: 78.159.131.0/24 maxlen: 24
93.152.206.0/24 maxlen: 24
93.152.217.0/24 maxlen: 24
93.152.225.0/24 maxlen: 24
93.152.221.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 29 Jul 2023 05:28:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:91:8c:be:14:00:ed:9c:f2:9a:a0:eb:10:e4:26:77:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Validity
Not Before: Jul 26 09:34:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ed0b4f18ad92c45b16c991ae5cb28d875894a051
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:8f:11:4d:de:9c:e4:76:cb:c8:bb:24:cb:c5:
03:02:18:ab:1e:a0:8c:d6:a4:c3:4c:17:fa:e0:49:
de:a2:47:d0:94:d9:96:0a:aa:8b:06:3e:28:26:0b:
a9:f6:9c:ca:d5:8a:f8:0d:96:db:b7:0b:b8:bf:84:
88:ed:5c:e0:5e:cf:73:e8:0f:80:c8:5c:9c:aa:94:
8b:e0:69:09:d2:8e:a8:fc:b9:7c:f9:0b:de:0e:44:
90:42:20:a7:07:4f:0a:fa:e6:7c:06:38:6d:ca:83:
6f:49:34:71:c9:c7:63:a7:48:2d:e3:0c:24:93:de:
23:c3:f4:fc:3e:2f:4d:7f:f8:8e:2d:71:c0:1c:6b:
7e:00:0c:64:1a:04:41:51:23:ee:32:56:1e:21:2c:
8d:64:5b:7d:b8:3d:8b:57:ca:9b:6a:22:44:30:bd:
49:e0:5d:46:56:a4:c8:1c:fc:d6:2b:98:72:e9:ff:
02:5b:f4:dc:ec:ef:9a:8d:65:36:9a:33:7b:57:fd:
dd:e7:d1:6d:03:d1:92:bf:8f:86:0a:a0:00:8f:31:
a4:7f:d0:0e:fd:83:a5:c7:f0:71:7b:a2:94:3b:c5:
a3:2d:2f:71:71:40:5c:70:f5:88:cf:7c:e3:f9:17:
10:bb:5b:3f:51:b9:2c:f4:b4:24:7f:b1:ea:fb:1c:
b0:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:0B:4F:18:AD:92:C4:5B:16:C9:91:AE:5C:B2:8D:87:58:94:A0:51
X509v3 Authority Key Identifier:
keyid:2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/7QtPGK2SxFsWyZGuXLKNh1iUoFE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/LRyqaTWPjJj3pxnyWX1drdvQAYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.159.131.0/24
93.152.206.0/24
93.152.217.0/24
93.152.221.0/24
93.152.225.0/24
Signature Algorithm: sha256WithRSAEncryption
7c:c2:7d:eb:92:c4:49:26:fc:9f:9f:b5:06:7f:72:62:c7:a0:
cc:16:fa:6a:de:87:5f:e7:c5:43:f8:fa:66:42:cb:1f:22:4c:
36:cc:e0:56:d4:bc:41:36:91:90:ac:89:d5:eb:24:75:dc:c2:
bf:58:5a:e3:49:c3:42:56:ca:56:ea:18:ab:c1:1c:96:ca:e9:
bf:35:5a:5a:c1:81:e5:c8:72:3d:84:6a:b7:52:f8:32:e4:fd:
e4:a5:31:fe:5d:c3:de:d6:02:70:ce:ac:90:93:a1:76:d6:05:
c9:f9:f8:98:6f:d0:84:b4:9a:d0:a1:d4:7b:2b:b0:00:e2:70:
ac:6d:9b:ac:9f:22:31:e2:f1:47:e7:ce:31:8c:16:55:b9:0a:
1a:f8:94:fa:9f:4f:0b:ad:0e:ad:5d:7c:9d:44:c2:16:b8:e0:
47:ef:d2:f9:a0:45:e4:9a:ea:5f:2d:d3:ce:e6:4d:71:0e:5e:
b8:d7:79:7c:6a:ea:bf:00:81:b9:16:2e:6b:1b:cd:17:5f:d4:
30:95:d7:e2:ba:74:33:70:3b:e1:82:f2:9c:6c:6e:27:d0:0b:
01:ea:2b:8b:d9:5b:9e:a9:c1:8e:f9:a9:f9:12:5a:3c:06:0c:
2a:61:b4:b6:2c:ac:7f:59:cb:45:5d:ec:e2:ea:27:f2:4a:74:
84:cf:30:20
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYmRjL4UAO2c8pqg6xDkJndfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkMWNhYTY5MzU4ZjhjOThmN2E3MTlmMjU5N2Q1ZGFkZGJk
MDAxOGMwHhcNMjMwNzI2MDkzNDI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZDBiNGYxOGFkOTJjNDViMTZjOTkxYWU1Y2IyOGQ4NzU4OTRhMDUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqI8RTd6c5HbLyLsky8UDAhirHqCM
1qTDTBf64EneokfQlNmWCqqLBj4oJgup9pzK1Yr4DZbbtwu4v4SI7VzgXs9z6A+A
yFycqpSL4GkJ0o6o/Ll8+QveDkSQQiCnB08K+uZ8BjhtyoNvSTRxycdjp0gt4wwk
k94jw/T8Pi9Nf/iOLXHAHGt+AAxkGgRBUSPuMlYeISyNZFt9uD2LV8qbaiJEML1J
4F1GVqTIHPzWK5hy6f8CW/Tc7O+ajWU2mjN7V/3d59FtA9GSv4+GCqAAjzGkf9AO
/YOlx/Bxe6KUO8WjLS9xcUBccPWIz3zj+RcQu1s/Ubks9LQkf7Hq+xywZwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFO0LTxitksRbFsmRrlyyjYdYlKBRMB8GA1UdIwQY
MBaAFC0cqmk1j4yY96cZ8ll9Xa3b0AGMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2Yjct
MjliMDg1ZGQyM2FkLzEvN1F0UEdLMlN4RnNXeVpHdVhMS05oMWlVb0ZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2YjctMjliMDg1ZGQyM2Fk
LzEvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQATp+DAwQA
XZjOAwQAXZjZAwQAXZjdAwQAXZjhMA0GCSqGSIb3DQEBCwUAA4IBAQB8wn3rksRJ
Jvyfn7UGf3Jix6DMFvpq3odf58VD+PpmQssfIkw2zOBW1LxBNpGQrInV6yR13MK/
WFrjScNCVspW6hirwRyWyum/NVpawYHlyHI9hGq3Uvgy5P3kpTH+XcPe1gJwzqyQ
k6F21gXJ+fiYb9CEtJrQodR7K7AA4nCsbZusnyIx4vFH584xjBZVuQoa+JT6n08L
rQ6tXXydRMIWuOBH79L5oEXkmupfLdPO5k1xDl6413l8auq/AIG5Fi5rG80XX9Qw
ldfiunQzcDvhgvKcbG4n0AsB6iuL2VueqcGO+an5Elo8BgwqYbS2LKx/WctFXezi
6ifySnSEzzAg
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:42 2024 by rpki-client on console-fra.rpki-client.org