Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/d21d60-210f-40b3-9d89-25455a8ddd45/1/9yNHmeXOnpSznHa_KeLWZyR_4fI.roa
File: 9yNHmeXOnpSznHa_KeLWZyR_4fI.roa (raw, json)
Hash identifier: ejH8mQtkbSdiTHPGbH4/twRczNQUE4WFnHK6LQ78DpM=
Subject key identifier: F7:23:47:99:E5:CE:9E:94:B3:9C:76:BF:29:E2:D6:67:24:7F:E1:F2
Certificate issuer: /CN=df8877f3c55b528e1a29db3d79920656f0c66aeb
Certificate serial: 01859C2FD6415C75A9D734C40B296611D591
Authority key identifier: DF:88:77:F3:C5:5B:52:8E:1A:29:DB:3D:79:92:06:56:F0:C6:6A:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/34h388VbUo4aKds9eZIGVvDGaus.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/d21d60-210f-40b3-9d89-25455a8ddd45/1/9yNHmeXOnpSznHa_KeLWZyR_4fI.roa
Signing time: Tue 10 Jan 2023 14:57:38 +0000
ROA not before: Tue 10 Jan 2023 14:57:38 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21183
IP address blocks: 217.73.132.0/24 maxlen: 24
217.73.131.0/24 maxlen: 24
217.73.130.0/24 maxlen: 24
217.73.128.0/20 maxlen: 20
217.73.129.0/24 maxlen: 24
217.73.128.0/24 maxlen: 24
217.73.136.0/24 maxlen: 24
217.73.135.0/24 maxlen: 24
217.73.133.0/24 maxlen: 24
217.73.139.0/24 maxlen: 24
217.73.138.0/24 maxlen: 24
217.73.137.0/24 maxlen: 24
217.73.143.0/24 maxlen: 24
217.73.142.0/24 maxlen: 24
217.73.141.0/24 maxlen: 24
141.98.140.0/22 maxlen: 24
66.186.198.0/23 maxlen: 24
109.69.2.0/24 maxlen: 24
109.69.1.0/24 maxlen: 24
109.69.0.0/24 maxlen: 24
109.69.0.0/21 maxlen: 21
109.69.4.0/23 maxlen: 23
109.69.3.0/24 maxlen: 24
109.69.6.0/24 maxlen: 24
109.69.5.0/24 maxlen: 24
109.69.7.0/24 maxlen: 24
91.132.172.0/22 maxlen: 22
185.62.174.0/23 maxlen: 23
185.200.212.0/22 maxlen: 22
80.78.64.0/20 maxlen: 20
2a04:eb40::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:29:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:9c:2f:d6:41:5c:75:a9:d7:34:c4:0b:29:66:11:d5:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df8877f3c55b528e1a29db3d79920656f0c66aeb
Validity
Not Before: Jan 10 14:57:38 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f7234799e5ce9e94b39c76bf29e2d667247fe1f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:06:44:98:c2:4a:d6:55:d9:8e:6b:f6:b8:07:
96:ec:5d:cc:55:9c:80:e7:f9:00:85:cc:05:7d:a6:
41:d7:85:b2:be:a7:43:46:f9:35:13:68:32:a8:ae:
f7:ac:09:d1:ba:06:70:30:c8:1f:65:d4:7d:7a:fd:
e6:f6:de:9a:bc:62:9a:9f:6d:c5:29:16:44:1d:4c:
e3:67:a8:d8:02:ae:bf:0a:e1:bd:97:44:83:bb:fe:
26:9b:76:12:56:d7:f2:de:68:bb:3c:e2:bd:03:73:
3e:79:40:bd:9a:f0:d5:66:d4:c3:64:ed:37:ac:8c:
a4:9c:c4:17:f8:dd:64:96:0e:15:12:ea:34:47:3f:
75:89:b4:19:59:eb:f0:0f:8c:7c:4f:a0:9f:98:da:
4c:6e:a2:09:59:4b:ad:90:ba:25:2b:74:6e:f7:ec:
a8:66:e9:48:d2:ee:a7:d9:fc:1d:d8:a2:b0:c6:b2:
19:41:8a:e8:09:16:1d:30:a7:df:10:f3:f6:2b:69:
62:87:f5:36:20:f5:d2:ca:a5:86:0a:8f:51:c7:b6:
d1:96:0e:41:a4:4a:4f:61:2e:96:b5:ab:c0:91:c4:
b5:93:a7:79:8f:26:58:51:b1:0d:60:1a:19:20:06:
09:ed:cf:3d:4c:8d:ba:8b:ae:0d:1d:9c:65:cc:c4:
f3:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:23:47:99:E5:CE:9E:94:B3:9C:76:BF:29:E2:D6:67:24:7F:E1:F2
X509v3 Authority Key Identifier:
keyid:DF:88:77:F3:C5:5B:52:8E:1A:29:DB:3D:79:92:06:56:F0:C6:6A:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/34h388VbUo4aKds9eZIGVvDGaus.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/d21d60-210f-40b3-9d89-25455a8ddd45/1/9yNHmeXOnpSznHa_KeLWZyR_4fI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/d21d60-210f-40b3-9d89-25455a8ddd45/1/34h388VbUo4aKds9eZIGVvDGaus.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
66.186.198.0/23
80.78.64.0/20
91.132.172.0/22
109.69.0.0/21
141.98.140.0/22
185.62.174.0/23
185.200.212.0/22
217.73.128.0/20
IPv6:
2a04:eb40::/29
Signature Algorithm: sha256WithRSAEncryption
7b:9d:68:88:24:ff:4a:9f:00:ce:8a:bd:dd:bc:80:15:72:14:
8e:20:9b:f0:5d:46:9f:09:df:7c:30:2b:20:e5:1e:40:42:e4:
47:7e:ce:2d:96:0f:c9:58:db:8d:a7:0e:7f:81:73:82:9d:33:
c3:83:ca:e1:0f:b0:5f:f7:21:5f:d9:3a:58:ef:97:92:49:2d:
df:0f:83:1a:f0:e9:30:17:57:e4:a6:8e:1b:e8:e6:eb:33:6a:
9f:e3:be:10:27:53:1c:bf:56:a5:c1:40:17:3f:a1:97:b5:37:
26:51:25:4b:bc:f9:c9:c6:ec:47:e2:c4:72:d8:5c:cd:69:10:
63:da:14:6a:14:27:29:27:94:a9:54:24:70:cc:2a:aa:0d:97:
ce:86:35:8d:b9:c0:64:a8:1f:c3:45:3a:d7:8c:05:98:dc:fc:
c3:88:ab:47:5c:48:58:b0:29:18:18:76:14:cc:26:b7:c2:ae:
cb:39:44:c1:d2:30:7f:7b:62:e2:fc:f8:7d:04:32:1b:9c:b8:
8e:4f:47:82:19:19:8f:58:fb:85:1a:45:c8:bc:4c:d3:f1:b0:
fc:b0:0b:e2:ec:c8:c2:f5:40:70:00:ee:87:e5:92:fd:49:61:
51:c5:69:8d:b1:90:bd:81:a4:d5:fb:57:c0:13:fc:5c:b5:9f:
e2:e5:93:29
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAYWcL9ZBXHWp1zTECylmEdWRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmODg3N2YzYzU1YjUyOGUxYTI5ZGIzZDc5OTIwNjU2ZjBj
NjZhZWIwHhcNMjMwMTEwMTQ1NzM4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNzIzNDc5OWU1Y2U5ZTk0YjM5Yzc2YmYyOWUyZDY2NzI0N2ZlMWYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtwZEmMJK1lXZjmv2uAeW7F3MVZyA
5/kAhcwFfaZB14WyvqdDRvk1E2gyqK73rAnRugZwMMgfZdR9ev3m9t6avGKan23F
KRZEHUzjZ6jYAq6/CuG9l0SDu/4mm3YSVtfy3mi7POK9A3M+eUC9mvDVZtTDZO03
rIyknMQX+N1klg4VEuo0Rz91ibQZWevwD4x8T6CfmNpMbqIJWUutkLolK3Ru9+yo
ZulI0u6n2fwd2KKwxrIZQYroCRYdMKffEPP2K2lih/U2IPXSyqWGCo9Rx7bRlg5B
pEpPYS6WtavAkcS1k6d5jyZYUbENYBoZIAYJ7c89TI26i64NHZxlzMTzXwIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFPcjR5nlzp6Us5x2vyni1mckf+HyMB8GA1UdIwQY
MBaAFN+Id/PFW1KOGinbPXmSBlbwxmrrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMzRoMzg4VmJVbzRhS2RzOWVaSUdWdkRHYXVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS9kMjFkNjAtMjEwZi00MGIzLTlkODkt
MjU0NTVhOGRkZDQ1LzEvOXlOSG1lWE9ucFN6bkhhX0tlTFdaeVJfNGZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS9kMjFkNjAtMjEwZi00MGIzLTlkODktMjU0NTVhOGRkZDQ1
LzEvMzRoMzg4VmJVbzRhS2RzOWVaSUdWdkRHYXVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQBQrrGAwQE
UE5AAwQCW4SsAwQDbUUAAwQCjWKMAwQBuT6uAwQCucjUAwQE2UmAMA0EAgACMAcD
BQMqBOtAMA0GCSqGSIb3DQEBCwUAA4IBAQB7nWiIJP9KnwDOir3dvIAVchSOIJvw
XUafCd98MCsg5R5AQuRHfs4tlg/JWNuNpw5/gXOCnTPDg8rhD7Bf9yFf2TpY75eS
SS3fD4Ma8OkwF1fkpo4b6ObrM2qf474QJ1Mcv1alwUAXP6GXtTcmUSVLvPnJxuxH
4sRy2FzNaRBj2hRqFCcpJ5SpVCRwzCqqDZfOhjWNucBkqB/DRTrXjAWY3PzDiKtH
XEhYsCkYGHYUzCa3wq7LOUTB0jB/e2Li/Ph9BDIbnLiOT0eCGRmPWPuFGkXIvEzT
8bD8sAvi7MjC9UBwAO6H5ZL9SWFRxWmNsZC9gaTV+1fAE/xctZ/i5ZMp
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:50 2024 by rpki-client on console-fra.rpki-client.org