Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/05e17f-d31f-431f-a8bc-7e05ab41b6e4/1/dczpRvBJishIPomx-ESOHE8Dz9U.roa
File: dczpRvBJishIPomx-ESOHE8Dz9U.roa (raw, json)
Hash identifier: H3Z1Ve66zsr2ZW2uYO8e0qCCu5wJ6e65VbTwT1YZUOg=
Subject key identifier: 75:CC:E9:46:F0:49:8A:C8:48:3E:89:B1:F8:44:8E:1C:4F:03:CF:D5
Certificate issuer: /CN=fd37cc8f16b3c6cbd3346aa3ed61771f3e83ac97
Certificate serial: 01856C813EA19F67EE769AF546BAA9C5B900
Authority key identifier: FD:37:CC:8F:16:B3:C6:CB:D3:34:6A:A3:ED:61:77:1F:3E:83:AC:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_TfMjxazxsvTNGqj7WF3Hz6DrJc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/05e17f-d31f-431f-a8bc-7e05ab41b6e4/1/dczpRvBJishIPomx-ESOHE8Dz9U.roa
Signing time: Sun 01 Jan 2023 08:44:47 +0000
ROA not before: Sun 01 Jan 2023 08:44:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213122
IP address blocks: 217.146.81.0/24 maxlen: 24
217.146.88.0/24 maxlen: 24
185.16.204.0/24 maxlen: 24
5.226.138.0/24 maxlen: 24
2a01:4020:15::/48 maxlen: 48
2a01:4020:16::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:30:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:81:3e:a1:9f:67:ee:76:9a:f5:46:ba:a9:c5:b9:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fd37cc8f16b3c6cbd3346aa3ed61771f3e83ac97
Validity
Not Before: Jan 1 08:44:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=75cce946f0498ac8483e89b1f8448e1c4f03cfd5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:a5:e8:ef:c8:61:45:85:09:6a:0a:87:7f:b3:
e1:70:0c:33:7d:33:66:57:d5:02:34:65:30:af:08:
b7:bd:72:cb:96:d1:ce:40:65:cd:1f:01:c1:0d:2e:
70:13:a5:3e:8d:7a:c2:17:c3:9a:25:fc:4a:f7:b1:
77:d6:19:2a:88:06:d6:15:7f:5a:85:af:83:28:33:
e7:46:3b:54:7a:87:b9:b6:73:c9:1b:cd:da:c0:b6:
6f:b9:0b:c2:54:0c:8f:fb:68:a5:4e:3e:51:a9:a1:
20:62:f0:4f:d4:bd:58:4e:26:95:32:d3:0a:22:1d:
f0:12:84:3c:7d:ab:92:8d:b3:19:72:b7:da:7c:22:
9b:26:39:5e:21:2b:85:34:24:91:de:2b:55:18:8c:
6a:a5:49:4b:29:33:ee:03:92:41:e3:1f:71:0a:04:
42:2d:c7:61:a4:e4:3b:4f:0a:38:a8:91:00:6c:2a:
f6:b5:a5:d2:cb:5b:3c:8c:92:e5:87:c7:43:0c:b5:
f6:20:6f:ff:58:54:a5:9d:05:31:b1:57:48:74:8e:
ee:4e:0f:bb:6f:fb:66:d5:af:86:44:94:d5:ca:70:
fe:4a:0a:d0:70:48:b7:a0:87:b0:f1:82:c9:f0:57:
95:62:eb:4f:7f:a4:f1:50:a7:2b:e2:82:be:47:8d:
b8:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:CC:E9:46:F0:49:8A:C8:48:3E:89:B1:F8:44:8E:1C:4F:03:CF:D5
X509v3 Authority Key Identifier:
keyid:FD:37:CC:8F:16:B3:C6:CB:D3:34:6A:A3:ED:61:77:1F:3E:83:AC:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_TfMjxazxsvTNGqj7WF3Hz6DrJc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/05e17f-d31f-431f-a8bc-7e05ab41b6e4/1/dczpRvBJishIPomx-ESOHE8Dz9U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/05e17f-d31f-431f-a8bc-7e05ab41b6e4/1/_TfMjxazxsvTNGqj7WF3Hz6DrJc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.226.138.0/24
185.16.204.0/24
217.146.81.0/24
217.146.88.0/24
IPv6:
2a01:4020:15::-2a01:4020:16:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
09:e5:27:fd:0d:17:dd:a2:73:ee:2b:93:fa:32:a1:3e:d8:7b:
23:b5:8b:0a:0f:17:cb:a8:cb:ef:4e:34:c4:a8:5b:ed:3a:37:
a9:94:f2:4f:e7:d7:a6:fa:6c:3d:e7:ea:b3:f4:05:e5:3d:8c:
ca:91:e2:7a:5c:2f:c1:6c:4f:6c:53:22:06:c6:37:ee:91:9d:
17:39:f0:7c:0a:26:03:e0:8c:68:e5:c6:82:dd:98:d4:41:da:
b2:64:83:48:06:89:d9:4f:fc:91:77:5a:5e:96:bb:36:fe:38:
6a:59:db:87:ab:94:a6:5f:d8:58:6f:fa:f2:81:ab:06:c4:54:
1b:87:67:fe:5c:d2:8d:b7:16:8c:7f:af:35:49:53:06:5e:ae:
3d:10:20:e6:65:62:26:94:da:ea:b8:73:a1:c3:eb:ed:9f:8c:
db:2b:dd:4f:1a:d0:94:9b:61:51:af:4d:03:ed:58:5a:cf:30:
00:60:8d:60:45:99:d5:ef:df:75:99:32:dd:5e:fd:a0:dc:c9:
dc:2c:4a:6b:26:5f:be:54:a9:c3:d6:8f:98:18:a8:3c:22:2c:
d2:b4:31:85:cb:0e:26:15:52:d5:ff:25:6c:bd:8f:69:d2:2a:
08:75:8c:06:fa:45:c2:e4:aa:ab:0a:38:69:1d:de:6b:ec:9d:
b5:22:65:37
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAYVsgT6hn2fudpr1RrqpxbkAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkMzdjYzhmMTZiM2M2Y2JkMzM0NmFhM2VkNjE3NzFmM2U4
M2FjOTcwHhcNMjMwMTAxMDg0NDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NWNjZTk0NmYwNDk4YWM4NDgzZTg5YjFmODQ0OGUxYzRmMDNjZmQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq6Xo78hhRYUJagqHf7PhcAwzfTNm
V9UCNGUwrwi3vXLLltHOQGXNHwHBDS5wE6U+jXrCF8OaJfxK97F31hkqiAbWFX9a
ha+DKDPnRjtUeoe5tnPJG83awLZvuQvCVAyP+2ilTj5RqaEgYvBP1L1YTiaVMtMK
Ih3wEoQ8fauSjbMZcrfafCKbJjleISuFNCSR3itVGIxqpUlLKTPuA5JB4x9xCgRC
LcdhpOQ7Two4qJEAbCr2taXSy1s8jJLlh8dDDLX2IG//WFSlnQUxsVdIdI7uTg+7
b/tm1a+GRJTVynD+SgrQcEi3oIew8YLJ8FeVYutPf6TxUKcr4oK+R4243QIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFHXM6UbwSYrISD6JsfhEjhxPA8/VMB8GA1UdIwQY
MBaAFP03zI8Ws8bL0zRqo+1hdx8+g6yXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX1RmTWp4YXp4c3ZUTkdxajdXRjNIejZEckpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8wNWUxN2YtZDMxZi00MzFmLWE4YmMt
N2UwNWFiNDFiNmU0LzEvZGN6cFJ2Qkppc2hJUG9teC1FU09IRThEejlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8wNWUxN2YtZDMxZi00MzFmLWE4YmMtN2UwNWFiNDFiNmU0
LzEvX1RmTWp4YXp4c3ZUTkdxajdXRjNIejZEckpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDAeBAIAATAYAwQABeKKAwQA
uRDMAwQA2ZJRAwQA2ZJYMBoEAgACMBQwEgMHACoBQCAAFQMHACoBQCAAFjANBgkq
hkiG9w0BAQsFAAOCAQEACeUn/Q0X3aJz7iuT+jKhPth7I7WLCg8Xy6jL7040xKhb
7To3qZTyT+fXpvpsPefqs/QF5T2MypHielwvwWxPbFMiBsY37pGdFznwfAomA+CM
aOXGgt2Y1EHasmSDSAaJ2U/8kXdaXpa7Nv44alnbh6uUpl/YWG/68oGrBsRUG4dn
/lzSjbcWjH+vNUlTBl6uPRAg5mViJpTa6rhzocPr7Z+M2yvdTxrQlJthUa9NA+1Y
Ws8wAGCNYEWZ1e/fdZky3V79oNzJ3CxKayZfvlSpw9aPmBioPCIs0rQxhcsOJhVS
1f8lbL2PadIqCHWMBvpFwuSqqwo4aR3ea+ydtSJlNw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:01:00 2024 by rpki-client on console-fra.rpki-client.org