Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/f2ab0f-be43-4665-bbaa-1cd3cb07ef5d/1/oqoGRf1t_y3E2yXqT4dhUur6SZQ.roa
File: oqoGRf1t_y3E2yXqT4dhUur6SZQ.roa (raw, json)
Hash identifier: fyH/at4z3R3AMw6OLx3h49gsXzsmHsdLXYS/9Sebrww=
Subject key identifier: A2:AA:06:45:FD:6D:FF:2D:C4:DB:25:EA:4F:87:61:52:EA:FA:49:94
Certificate issuer: /CN=e43bac4a1bbba56cc434861a4c769ff9ce2d15ec
Certificate serial: 01856BDC62656DF9686F37E72E268867CB4E
Authority key identifier: E4:3B:AC:4A:1B:BB:A5:6C:C4:34:86:1A:4C:76:9F:F9:CE:2D:15:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5DusShu7pWzENIYaTHaf-c4tFew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/f2ab0f-be43-4665-bbaa-1cd3cb07ef5d/1/oqoGRf1t_y3E2yXqT4dhUur6SZQ.roa
Signing time: Sun 01 Jan 2023 05:44:43 +0000
ROA not before: Sun 01 Jan 2023 05:44:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197099
IP address blocks: 178.217.136.0/21 maxlen: 21
195.43.84.0/23 maxlen: 23
217.30.4.0/22 maxlen: 22
185.81.107.0/24 maxlen: 24
91.216.149.0/24 maxlen: 24
185.81.106.0/24 maxlen: 24
2a03:63e0::/29 maxlen: 29
2a03:63e0::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 18 May 2023 18:42:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:dc:62:65:6d:f9:68:6f:37:e7:2e:26:88:67:cb:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e43bac4a1bbba56cc434861a4c769ff9ce2d15ec
Validity
Not Before: Jan 1 05:44:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a2aa0645fd6dff2dc4db25ea4f876152eafa4994
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:a9:c8:34:87:ed:55:18:59:2d:a7:8a:ae:68:
7c:c5:16:d4:a1:54:3a:de:05:a9:34:74:43:2e:88:
49:be:5d:32:83:a4:70:7f:28:a5:79:1d:bb:35:22:
09:b7:bb:12:9b:e9:f2:9f:d2:64:d6:d7:90:ec:dc:
40:b1:2c:a1:a7:85:85:24:d5:34:39:a0:79:d8:f6:
1d:63:10:8b:42:91:74:b0:f1:3d:44:09:81:12:59:
30:3c:b9:87:6a:dc:3b:16:25:8f:d8:a0:61:c2:24:
03:81:c7:dd:fd:87:f6:13:28:c6:b7:00:88:2a:4b:
49:cc:a2:d9:b3:b9:09:25:5a:b3:d4:0c:d4:ef:08:
51:14:78:5b:c3:32:7d:29:65:7a:ab:a8:f2:8a:07:
d3:af:c2:be:92:e5:64:5d:c3:22:d1:7a:07:ae:80:
e9:09:50:ff:bd:b5:54:da:bb:95:35:04:f7:3e:7e:
0b:84:f6:b1:c9:d0:d9:a1:3e:75:d6:ce:23:3a:33:
5b:6c:24:7d:aa:26:4b:9d:83:ba:e7:c8:7b:d1:a3:
99:68:72:31:62:25:e1:84:4e:e4:c6:f5:09:1c:f2:
99:a1:c7:6a:f9:79:b5:19:d9:9c:1b:98:ac:d8:d6:
c3:03:7f:ff:51:f3:09:3d:13:48:cb:ff:99:9c:5f:
31:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:AA:06:45:FD:6D:FF:2D:C4:DB:25:EA:4F:87:61:52:EA:FA:49:94
X509v3 Authority Key Identifier:
keyid:E4:3B:AC:4A:1B:BB:A5:6C:C4:34:86:1A:4C:76:9F:F9:CE:2D:15:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5DusShu7pWzENIYaTHaf-c4tFew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/f2ab0f-be43-4665-bbaa-1cd3cb07ef5d/1/oqoGRf1t_y3E2yXqT4dhUur6SZQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/f2ab0f-be43-4665-bbaa-1cd3cb07ef5d/1/5DusShu7pWzENIYaTHaf-c4tFew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.216.149.0/24
178.217.136.0/21
185.81.106.0/23
195.43.84.0/23
217.30.4.0/22
IPv6:
2a03:63e0::/29
Signature Algorithm: sha256WithRSAEncryption
a2:6d:fa:a8:de:a5:2a:ef:bf:b1:28:79:ad:a3:11:c5:9b:e5:
37:c3:6c:80:7a:ef:d0:73:3d:46:cd:24:84:4d:a0:84:f2:27:
ac:e7:50:b6:aa:50:72:9e:e8:4d:cb:54:83:be:1f:8a:00:a0:
f7:d5:cc:e6:38:3b:df:00:cc:f3:e1:ba:28:32:40:7b:5d:6f:
56:1c:80:a9:4e:4d:ba:ba:6e:7c:ad:d3:fc:fb:94:27:f6:33:
e7:38:e3:e3:de:86:d9:09:e4:dd:be:f1:1e:ab:2a:2f:b2:ad:
75:b7:9e:78:74:2c:a3:43:cd:6c:4d:fd:06:3a:e6:86:e2:8e:
f3:c4:95:87:0b:02:08:9e:dc:6f:9d:e1:26:9e:84:1c:75:ca:
95:53:7e:82:60:23:51:f1:20:2a:4b:29:b7:89:77:26:ee:2c:
42:eb:d2:ef:64:9d:e4:1d:e6:8e:5e:b9:af:63:1e:bb:b0:f2:
e6:a8:41:e0:f3:c7:37:f2:52:4c:12:72:ec:f2:c1:9d:ab:fc:
59:82:90:53:16:2f:5b:cd:2b:99:93:b5:c6:e9:03:ac:be:ca:
5b:04:54:d1:7c:4d:98:5d:1d:59:47:22:25:6d:07:1f:04:b7:
3b:88:b3:6f:c4:b1:50:9a:56:c2:18:0b:8e:bb:3e:d1:98:d1:
8f:a3:60:93
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYVr3GJlbflobzfnLiaIZ8tOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0M2JhYzRhMWJiYmE1NmNjNDM0ODYxYTRjNzY5ZmY5Y2Uy
ZDE1ZWMwHhcNMjMwMTAxMDU0NDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMmFhMDY0NWZkNmRmZjJkYzRkYjI1ZWE0Zjg3NjE1MmVhZmE0OTk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt6nINIftVRhZLaeKrmh8xRbUoVQ6
3gWpNHRDLohJvl0yg6RwfyileR27NSIJt7sSm+nyn9Jk1teQ7NxAsSyhp4WFJNU0
OaB52PYdYxCLQpF0sPE9RAmBElkwPLmHatw7FiWP2KBhwiQDgcfd/Yf2EyjGtwCI
KktJzKLZs7kJJVqz1AzU7whRFHhbwzJ9KWV6q6jyigfTr8K+kuVkXcMi0XoHroDp
CVD/vbVU2ruVNQT3Pn4LhPaxydDZoT511s4jOjNbbCR9qiZLnYO658h70aOZaHIx
YiXhhE7kxvUJHPKZocdq+Xm1GdmcG5is2NbDA3//UfMJPRNIy/+ZnF8xTwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFKKqBkX9bf8txNsl6k+HYVLq+kmUMB8GA1UdIwQY
MBaAFOQ7rEobu6VsxDSGGkx2n/nOLRXsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUR1c1NodTdwV3pFTklZYVRIYWYtYzR0RmV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy9mMmFiMGYtYmU0My00NjY1LWJiYWEt
MWNkM2NiMDdlZjVkLzEvb3FvR1JmMXRfeTNFMnlYcVQ0ZGhVdXI2U1pRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy9mMmFiMGYtYmU0My00NjY1LWJiYWEtMWNkM2NiMDdlZjVk
LzEvNUR1c1NodTdwV3pFTklZYVRIYWYtYzR0RmV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQAW9iVAwQD
stmIAwQBuVFqAwQBwytUAwQC2R4EMA0EAgACMAcDBQMqA2PgMA0GCSqGSIb3DQEB
CwUAA4IBAQCibfqo3qUq77+xKHmtoxHFm+U3w2yAeu/Qcz1GzSSETaCE8ies51C2
qlBynuhNy1SDvh+KAKD31czmODvfAMzz4booMkB7XW9WHICpTk26um58rdP8+5Qn
9jPnOOPj3obZCeTdvvEeqyovsq11t554dCyjQ81sTf0GOuaG4o7zxJWHCwIIntxv
neEmnoQcdcqVU36CYCNR8SAqSym3iXcm7ixC69LvZJ3kHeaOXrmvYx67sPLmqEHg
88c38lJMEnLs8sGdq/xZgpBTFi9bzSuZk7XG6QOsvspbBFTRfE2YXR1ZRyIlbQcf
BLc7iLNvxLFQmlbCGAuOuz7RmNGPo2CT
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:10 2024 by rpki-client on console-fra.rpki-client.org