Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/d21d60-210f-40b3-9d89-25455a8ddd45/1/fDI--3LKmsucsiP2XeEfYwog-cw.roa
File: fDI--3LKmsucsiP2XeEfYwog-cw.roa (raw, json)
Hash identifier: tflfs6SEyyuf0DhAlwJ1mOzmIOnMK0r9TkFYToYFYDg=
Subject key identifier: 7C:32:3E:FB:72:CA:9A:CB:9C:B2:23:F6:5D:E1:1F:63:0A:20:F9:CC
Certificate issuer: /CN=df8877f3c55b528e1a29db3d79920656f0c66aeb
Certificate serial: 018AB7FD2CE5E2A5232539DAE6D2038C71B1
Authority key identifier: DF:88:77:F3:C5:5B:52:8E:1A:29:DB:3D:79:92:06:56:F0:C6:6A:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/34h388VbUo4aKds9eZIGVvDGaus.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/d21d60-210f-40b3-9d89-25455a8ddd45/1/fDI--3LKmsucsiP2XeEfYwog-cw.roa
Signing time: Thu 21 Sep 2023 13:45:37 +0000
ROA not before: Thu 21 Sep 2023 13:45:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50973
IP address blocks: 79.171.50.0/24 maxlen: 24
79.171.49.0/24 maxlen: 24
79.171.48.0/21 maxlen: 21
79.171.48.0/24 maxlen: 24
79.171.52.0/24 maxlen: 24
79.171.55.0/24 maxlen: 24
188.172.111.0/24 maxlen: 24
188.172.110.0/24 maxlen: 24
188.172.109.0/24 maxlen: 24
188.172.108.0/24 maxlen: 24
188.172.97.0/24 maxlen: 24
188.172.96.0/24 maxlen: 24
188.172.98.0/24 maxlen: 24
188.172.103.0/24 maxlen: 24
188.172.104.0/22 maxlen: 22
188.172.102.0/24 maxlen: 24
188.172.101.0/24 maxlen: 24
188.172.100.0/24 maxlen: 24
188.172.99.0/24 maxlen: 24
2a0a:a0c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:29:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:b7:fd:2c:e5:e2:a5:23:25:39:da:e6:d2:03:8c:71:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df8877f3c55b528e1a29db3d79920656f0c66aeb
Validity
Not Before: Sep 21 13:45:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7c323efb72ca9acb9cb223f65de11f630a20f9cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:6b:13:59:c8:09:fb:6e:30:96:6b:bf:00:dc:
09:85:17:79:ab:8a:7a:da:93:a8:9b:30:17:d9:9a:
c5:fc:06:2f:4a:c5:eb:a5:65:92:4f:d9:b7:df:36:
72:95:28:93:f0:d0:b7:66:bb:d2:df:39:dd:b6:a9:
a0:de:b4:94:5c:c6:5b:16:2f:0f:67:4e:33:cb:dd:
74:38:36:60:28:de:fd:bc:08:42:49:ed:b7:cf:4f:
48:1b:02:19:dd:94:48:fa:a4:b1:6f:49:fc:7f:49:
91:11:63:ae:b8:e8:3b:cd:9b:84:64:23:56:2c:bd:
52:fb:3f:1b:e0:d0:3e:4e:6d:e1:f2:77:da:c6:fc:
ca:6c:8c:73:16:ff:47:ab:d3:27:92:1e:e5:c0:9f:
5b:15:6a:39:b0:f5:b6:2d:5d:a7:85:c4:61:2a:5d:
38:78:1e:4b:65:e1:5f:dc:a0:7a:e0:10:f6:54:c3:
34:2f:f1:f8:74:cb:72:be:18:21:93:67:23:ed:d8:
05:33:1e:5c:59:2b:b3:a7:a9:a8:08:0b:f2:bb:d6:
14:21:84:30:14:ac:ca:e4:af:c3:1b:23:1f:15:66:
9d:0b:da:e7:f1:07:de:9e:95:fc:15:64:02:f2:6b:
d5:bc:80:f6:68:ef:81:d6:f2:3e:c9:34:94:ff:6b:
6b:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:32:3E:FB:72:CA:9A:CB:9C:B2:23:F6:5D:E1:1F:63:0A:20:F9:CC
X509v3 Authority Key Identifier:
keyid:DF:88:77:F3:C5:5B:52:8E:1A:29:DB:3D:79:92:06:56:F0:C6:6A:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/34h388VbUo4aKds9eZIGVvDGaus.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/d21d60-210f-40b3-9d89-25455a8ddd45/1/fDI--3LKmsucsiP2XeEfYwog-cw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/d21d60-210f-40b3-9d89-25455a8ddd45/1/34h388VbUo4aKds9eZIGVvDGaus.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.171.48.0/21
188.172.96.0/20
IPv6:
2a0a:a0c0::/29
Signature Algorithm: sha256WithRSAEncryption
07:e7:47:3e:51:3d:a7:f6:27:85:03:7d:36:fc:55:69:c4:fd:
82:62:8a:fc:8a:a3:e9:5e:f1:93:48:ba:8f:c2:33:ec:fb:d2:
c0:9f:76:f0:0b:aa:92:46:3b:c2:76:49:5d:ab:74:ad:46:56:
99:ec:66:ef:0d:e9:cd:13:b3:ea:56:9d:73:87:97:83:fb:99:
6b:74:5d:0f:97:92:d8:88:09:64:da:8c:6d:80:7a:85:8a:64:
ca:79:eb:01:7a:85:db:f3:81:37:6d:20:1b:08:06:ac:9f:eb:
1d:2a:69:b1:a7:e9:df:1a:28:2b:e7:4d:ee:3d:cf:27:9d:73:
a8:65:5a:b2:4d:9d:47:1f:34:09:29:19:5b:23:7c:83:dc:e9:
71:e0:e2:34:c4:c1:09:3e:9f:3c:08:cb:21:58:44:78:e4:e3:
06:ce:44:8e:18:23:53:c5:7f:cb:93:0a:ce:41:5c:64:c0:d4:
fb:bd:cf:42:bd:cb:a2:6c:26:27:ea:61:1b:3c:f2:29:fc:d7:
fe:4f:ab:9e:01:d7:e6:29:a5:50:1d:39:57:df:3d:98:66:43:
68:73:83:60:40:a3:1e:01:4f:83:0c:70:b1:83:83:60:4f:4e:
98:06:6d:91:b8:36:20:4e:81:55:21:d0:9c:6e:0c:ef:d8:c1:
a8:7b:0e:8d
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYq3/Szl4qUjJTna5tIDjHGxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmODg3N2YzYzU1YjUyOGUxYTI5ZGIzZDc5OTIwNjU2ZjBj
NjZhZWIwHhcNMjMwOTIxMTM0NTM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YzMyM2VmYjcyY2E5YWNiOWNiMjIzZjY1ZGUxMWY2MzBhMjBmOWNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjGsTWcgJ+24wlmu/ANwJhRd5q4p6
2pOomzAX2ZrF/AYvSsXrpWWST9m33zZylSiT8NC3ZrvS3zndtqmg3rSUXMZbFi8P
Z04zy910ODZgKN79vAhCSe23z09IGwIZ3ZRI+qSxb0n8f0mREWOuuOg7zZuEZCNW
LL1S+z8b4NA+Tm3h8nfaxvzKbIxzFv9Hq9Mnkh7lwJ9bFWo5sPW2LV2nhcRhKl04
eB5LZeFf3KB64BD2VMM0L/H4dMtyvhghk2cj7dgFMx5cWSuzp6moCAvyu9YUIYQw
FKzK5K/DGyMfFWadC9rn8QfenpX8FWQC8mvVvID2aO+B1vI+yTSU/2tr+wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFHwyPvtyyprLnLIj9l3hH2MKIPnMMB8GA1UdIwQY
MBaAFN+Id/PFW1KOGinbPXmSBlbwxmrrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMzRoMzg4VmJVbzRhS2RzOWVaSUdWdkRHYXVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS9kMjFkNjAtMjEwZi00MGIzLTlkODkt
MjU0NTVhOGRkZDQ1LzEvZkRJLS0zTEttc3Vjc2lQMlhlRWZZd29nLWN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS9kMjFkNjAtMjEwZi00MGIzLTlkODktMjU0NTVhOGRkZDQ1
LzEvMzRoMzg4VmJVbzRhS2RzOWVaSUdWdkRHYXVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDT6swAwQE
vKxgMA0EAgACMAcDBQMqCqDAMA0GCSqGSIb3DQEBCwUAA4IBAQAH50c+UT2n9ieF
A302/FVpxP2CYor8iqPpXvGTSLqPwjPs+9LAn3bwC6qSRjvCdkldq3StRlaZ7Gbv
DenNE7PqVp1zh5eD+5lrdF0Pl5LYiAlk2oxtgHqFimTKeesBeoXb84E3bSAbCAas
n+sdKmmxp+nfGigr503uPc8nnXOoZVqyTZ1HHzQJKRlbI3yD3Olx4OI0xMEJPp88
CMshWER45OMGzkSOGCNTxX/LkwrOQVxkwNT7vc9CvcuibCYn6mEbPPIp/Nf+T6ue
AdfmKaVQHTlX3z2YZkNoc4NgQKMeAU+DDHCxg4NgT06YBm2RuDYgToFVIdCcbgzv
2MGoew6N
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:51 2024 by rpki-client on console-ams.rpki-client.org