Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/w7uXSfRIG8NamLWtVCn3wCOBhpY.roa
File: w7uXSfRIG8NamLWtVCn3wCOBhpY.roa (raw, json)
Hash identifier: CW+lAbDwWI2MXS2iwk712YEQmse5VI9whzIfLOYnu+M=
Subject key identifier: C3:BB:97:49:F4:48:1B:C3:5A:98:B5:AD:54:29:F7:C0:23:81:86:96
Certificate issuer: /CN=2fa16ab06020067740a4c1fb47a912622f1d0722
Certificate serial: 018B331240CFF33C6DB1F76693E405429241
Authority key identifier: 2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/w7uXSfRIG8NamLWtVCn3wCOBhpY.roa
Signing time: Sun 15 Oct 2023 11:21:56 +0000
ROA not before: Sun 15 Oct 2023 11:21:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 213.145.72.0/24 maxlen: 24
85.115.208.0/23 maxlen: 24
213.145.91.0/24 maxlen: 24
213.145.88.0/21 maxlen: 24
213.145.88.0/24 maxlen: 24
213.145.89.0/24 maxlen: 24
213.145.90.0/24 maxlen: 24
213.145.92.0/24 maxlen: 24
213.145.93.0/24 maxlen: 24
213.145.94.0/24 maxlen: 24
213.145.95.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 15 Oct 2023 13:15:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:33:12:40:cf:f3:3c:6d:b1:f7:66:93:e4:05:42:92:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2fa16ab06020067740a4c1fb47a912622f1d0722
Validity
Not Before: Oct 15 11:21:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c3bb9749f4481bc35a98b5ad5429f7c023818696
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:d6:0d:b2:2a:79:e9:56:e5:1d:36:1a:42:b0:
7a:8b:93:cb:f5:1e:8d:1c:c6:81:95:25:f7:64:2f:
53:5d:36:d5:e3:dc:5b:57:e0:28:a0:7d:3a:26:c2:
3e:58:32:8e:03:a9:2b:92:98:83:73:42:11:3b:d9:
45:52:e6:3c:e5:9c:0a:8e:8f:62:d1:a6:f3:05:56:
3b:9f:91:92:41:b7:ff:42:10:3f:a0:65:ab:b9:ee:
13:7b:32:68:28:5b:7f:a0:1b:af:8b:6e:3b:f8:19:
6a:2d:59:75:d1:b4:af:6a:e7:0e:f2:72:7a:0f:9a:
d0:6c:88:19:c7:ee:9b:72:ec:42:b4:a1:d0:26:a3:
c2:6f:fc:46:45:13:b6:a4:d5:de:1b:8a:0d:bc:b1:
ac:ef:26:e2:d1:45:36:6e:43:d9:56:a4:93:61:63:
e2:ca:f5:30:c0:40:0e:f7:8e:97:95:ed:02:0b:9b:
f5:b5:43:a2:59:78:68:98:47:cb:65:ff:99:8c:4e:
85:bd:0d:12:df:b7:54:03:e1:23:6f:2e:79:d3:76:
93:1c:fc:8d:17:ca:50:b8:d0:4a:4b:15:28:35:67:
4d:7d:6b:ae:f7:68:7d:02:2e:48:2a:38:e8:f7:5b:
6e:57:e6:ad:6c:06:01:3a:5f:be:99:50:e1:92:b6:
b3:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:BB:97:49:F4:48:1B:C3:5A:98:B5:AD:54:29:F7:C0:23:81:86:96
X509v3 Authority Key Identifier:
keyid:2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/w7uXSfRIG8NamLWtVCn3wCOBhpY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/L6FqsGAgBndApMH7R6kSYi8dByI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.115.208.0/23
213.145.72.0/24
213.145.88.0/21
Signature Algorithm: sha256WithRSAEncryption
b4:6f:e5:3e:da:30:c3:10:2c:68:cf:9c:bb:b7:6b:58:39:59:
07:f9:64:11:ca:6e:79:53:4f:5f:14:ea:f6:ab:b0:2c:e7:07:
e6:5c:b3:44:f9:6a:6d:52:e0:54:a0:88:09:b6:75:56:31:86:
1d:32:76:88:f5:ed:90:6a:41:b5:c0:e2:aa:4f:02:8b:dd:00:
b5:7d:08:a7:17:97:58:db:1d:f2:ad:4d:ef:05:2c:95:47:e4:
4a:64:04:4a:6d:2f:87:88:88:6c:f6:e3:79:c8:85:3f:93:5f:
97:38:64:cb:56:61:33:6a:3d:7a:34:3e:23:8a:a7:84:5d:cb:
fd:5c:e3:c8:aa:c8:03:85:0c:28:e4:b8:33:62:59:ed:7c:b3:
eb:8b:19:39:9f:8e:ed:41:56:69:53:79:b5:38:37:c6:3d:cd:
3e:60:7e:68:c9:00:e7:44:c2:e4:fe:90:98:6e:eb:82:de:e9:
2d:df:31:9a:09:07:09:b9:1c:58:5b:0e:59:5c:03:d6:a1:04:
f4:81:d9:17:3e:6c:67:c5:7e:09:e9:19:5e:08:0d:a9:cd:bf:
b4:e0:a4:f7:38:46:29:ed:04:10:84:f7:d2:a5:86:7d:b5:9b:
85:71:19:37:ed:4d:52:e1:ab:03:bc:cd:9e:34:03:9c:f4:7c:
a4:bc:e8:c7
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYszEkDP8zxtsfdmk+QFQpJBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmYTE2YWIwNjAyMDA2Nzc0MGE0YzFmYjQ3YTkxMjYyMmYx
ZDA3MjIwHhcNMjMxMDE1MTEyMTU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjM2JiOTc0OWY0NDgxYmMzNWE5OGI1YWQ1NDI5ZjdjMDIzODE4Njk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArdYNsip56VblHTYaQrB6i5PL9R6N
HMaBlSX3ZC9TXTbV49xbV+AooH06JsI+WDKOA6krkpiDc0IRO9lFUuY85ZwKjo9i
0abzBVY7n5GSQbf/QhA/oGWrue4TezJoKFt/oBuvi247+BlqLVl10bSvaucO8nJ6
D5rQbIgZx+6bcuxCtKHQJqPCb/xGRRO2pNXeG4oNvLGs7ybi0UU2bkPZVqSTYWPi
yvUwwEAO946Xle0CC5v1tUOiWXhomEfLZf+ZjE6FvQ0S37dUA+Ejby5503aTHPyN
F8pQuNBKSxUoNWdNfWuu92h9Ai5IKjjo91tuV+atbAYBOl++mVDhkrazIQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMO7l0n0SBvDWpi1rVQp98AjgYaWMB8GA1UdIwQY
MBaAFC+harBgIAZ3QKTB+0epEmIvHQciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUt
ZDI0MmI2ZjNhOGExLzEvdzd1WFNmUklHOE5hbUxXdFZDbjN3Q09CaHBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUtZDI0MmI2ZjNhOGEx
LzEvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBVXPQAwQA
1ZFIAwQD1ZFYMA0GCSqGSIb3DQEBCwUAA4IBAQC0b+U+2jDDECxoz5y7t2tYOVkH
+WQRym55U09fFOr2q7As5wfmXLNE+WptUuBUoIgJtnVWMYYdMnaI9e2QakG1wOKq
TwKL3QC1fQinF5dY2x3yrU3vBSyVR+RKZARKbS+HiIhs9uN5yIU/k1+XOGTLVmEz
aj16ND4jiqeEXcv9XOPIqsgDhQwo5LgzYlntfLPrixk5n47tQVZpU3m1ODfGPc0+
YH5oyQDnRMLk/pCYbuuC3ukt3zGaCQcJuRxYWw5ZXAPWoQT0gdkXPmxnxX4J6Rle
CA2pzb+04KT3OEYp7QQQhPfSpYZ9tZuFcRk37U1S4asDvM2eNAOc9HykvOjH
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:53:12 2024 by rpki-client on console-ams.rpki-client.org