Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/7w9e_uB-q3HZddA9MNC1zvuVrwQ.roa
File: 7w9e_uB-q3HZddA9MNC1zvuVrwQ.roa (raw, json)
Hash identifier: mq23GlJUpGNCvDsKhg8psSx8tQ2TL7FpC3x3cToSba8=
Subject key identifier: EF:0F:5E:FE:E0:7E:AB:71:D9:75:D0:3D:30:D0:B5:CE:FB:95:AF:04
Certificate issuer: /CN=da00e981953061972c896bd6d27738d083aadb0e
Certificate serial: 018CC56EFBACFCBE4C67B56B6CBEE6CA472C
Authority key identifier: DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/7w9e_uB-q3HZddA9MNC1zvuVrwQ.roa
Signing time: Mon 01 Jan 2024 14:30:34 +0000
ROA not before: Mon 01 Jan 2024 14:30:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3320
IP address blocks: 193.124.20.0/23 maxlen: 24
5.35.192.0/21 maxlen: 24
84.234.16.0/20 maxlen: 24
194.88.96.0/21 maxlen: 24
89.34.124.0/23 maxlen: 24
194.135.26.0/23 maxlen: 24
85.204.160.0/22 maxlen: 24
194.88.112.0/20 maxlen: 24
86.107.108.0/23 maxlen: 24
89.39.172.0/23 maxlen: 24
91.232.136.0/22 maxlen: 24
188.211.250.0/23 maxlen: 24
Validation: Failed, certificate revoked on Thu 04 Jan 2024 22:06:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:fb:ac:fc:be:4c:67:b5:6b:6c:be:e6:ca:47:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da00e981953061972c896bd6d27738d083aadb0e
Validity
Not Before: Jan 1 14:30:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ef0f5efee07eab71d975d03d30d0b5cefb95af04
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:1a:86:39:d9:ab:9d:e4:d0:c2:40:5b:12:45:
14:d3:8f:a7:47:8f:d8:4c:ce:95:cd:76:41:ee:ad:
39:fb:47:b9:74:8c:80:31:08:80:21:f7:1c:28:1f:
a5:bb:97:e1:de:42:fb:18:20:72:f8:8c:9c:cc:12:
cd:d1:45:09:3b:72:a9:2b:53:72:10:1f:5f:1e:f2:
f1:32:4c:6a:a5:e8:2e:f9:ae:3f:a2:12:44:35:0a:
7e:cf:64:af:42:d3:88:ee:b8:51:e5:ac:6d:2c:e6:
31:3b:92:dd:ef:cf:b8:7e:4e:02:4f:51:db:59:9e:
e8:59:7e:7a:5e:77:26:8a:db:47:15:c6:be:3d:68:
06:00:fb:96:91:5e:60:75:a4:29:97:56:fc:a8:2b:
ac:88:a2:4a:00:fb:c7:52:7f:02:9f:37:23:e2:a3:
3f:92:40:59:0d:26:5b:c4:0d:96:8f:97:89:98:7e:
78:29:11:8c:84:30:93:c4:83:ee:d9:0a:bd:08:62:
ae:d7:0c:e3:e6:1a:21:25:2a:e3:4d:86:89:cf:e4:
33:1b:7f:5d:10:d6:39:9e:24:0e:b9:37:84:a9:59:
66:d5:d6:db:93:14:96:a4:20:bc:44:86:6d:6d:c1:
2e:ad:4e:e1:fe:06:c3:bf:ff:f4:61:86:7a:73:ef:
5b:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:0F:5E:FE:E0:7E:AB:71:D9:75:D0:3D:30:D0:B5:CE:FB:95:AF:04
X509v3 Authority Key Identifier:
keyid:DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/7w9e_uB-q3HZddA9MNC1zvuVrwQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/2gDpgZUwYZcsiWvW0nc40IOq2w4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.35.192.0/21
84.234.16.0/20
85.204.160.0/22
86.107.108.0/23
89.34.124.0/23
89.39.172.0/23
91.232.136.0/22
188.211.250.0/23
193.124.20.0/23
194.88.96.0/21
194.88.112.0/20
194.135.26.0/23
Signature Algorithm: sha256WithRSAEncryption
9b:84:0b:be:90:a7:5d:5d:0b:1b:c9:01:2f:3e:25:8c:b3:09:
86:fa:ce:16:42:2d:60:b8:ef:a9:fb:59:e7:40:fa:f5:f5:f0:
94:69:fc:6c:92:38:f5:16:96:5a:4d:52:70:be:ed:d9:4f:89:
ee:05:db:ca:b3:46:64:35:f9:c4:10:c0:d8:de:35:45:de:e2:
50:8f:3f:4d:10:c3:f5:59:55:ad:1a:22:28:f2:b6:05:02:a1:
20:21:09:de:d4:32:de:7e:bc:69:30:22:50:ef:e6:00:a1:a4:
07:c2:ac:01:fa:ca:40:cd:30:d5:4e:82:88:d0:7c:65:66:09:
b8:4c:c9:19:eb:32:da:d7:98:e7:a8:d1:a3:d6:82:8c:90:f4:
ef:1a:d1:ba:b1:4b:23:dd:6e:7a:ba:a1:ea:bc:a9:3a:00:ea:
b1:86:b6:66:03:2c:fb:93:d8:36:3b:c9:0b:f1:f6:f4:d8:fe:
e6:21:5a:c8:29:25:c9:cf:db:af:fe:4c:16:6b:13:2e:67:31:
e1:71:5f:54:7b:36:7d:16:ed:51:6a:11:5f:f7:a1:78:12:f7:
a9:f2:65:62:fd:56:8b:3a:e1:0b:3a:b0:3d:1d:33:e7:00:f0:
23:15:c8:40:ac:30:71:9b:00:f1:ec:25:aa:55:c5:8b:00:d8:
61:c1:54:a7
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAYzFbvus/L5MZ7VrbL7mykcsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMDBlOTgxOTUzMDYxOTcyYzg5NmJkNmQyNzczOGQwODNh
YWRiMGUwHhcNMjQwMTAxMTQzMDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZjBmNWVmZWUwN2VhYjcxZDk3NWQwM2QzMGQwYjVjZWZiOTVhZjA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAghqGOdmrneTQwkBbEkUU04+nR4/Y
TM6VzXZB7q05+0e5dIyAMQiAIfccKB+lu5fh3kL7GCBy+IyczBLN0UUJO3KpK1Ny
EB9fHvLxMkxqpegu+a4/ohJENQp+z2SvQtOI7rhR5axtLOYxO5Ld78+4fk4CT1Hb
WZ7oWX56XncmittHFca+PWgGAPuWkV5gdaQpl1b8qCusiKJKAPvHUn8Cnzcj4qM/
kkBZDSZbxA2Wj5eJmH54KRGMhDCTxIPu2Qq9CGKu1wzj5hohJSrjTYaJz+QzG39d
ENY5niQOuTeEqVlm1dbbkxSWpCC8RIZtbcEurU7h/gbDv//0YYZ6c+9bdwIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFO8PXv7gfqtx2XXQPTDQtc77la8EMB8GA1UdIwQY
MBaAFNoA6YGVMGGXLIlr1tJ3ONCDqtsOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAt
OWE0OGVjZjllMTVlLzEvN3c5ZV91Qi1xM0haZGRBOU1OQzF6dnVWcndRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAtOWE0OGVjZjllMTVl
LzEvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQDBSPAAwQE
VOoQAwQCVcygAwQBVmtsAwQBWSJ8AwQBWSesAwQCW+iIAwQBvNP6AwQBwXwUAwQD
wlhgAwQEwlhwAwQBwocaMA0GCSqGSIb3DQEBCwUAA4IBAQCbhAu+kKddXQsbyQEv
PiWMswmG+s4WQi1guO+p+1nnQPr19fCUafxskjj1FpZaTVJwvu3ZT4nuBdvKs0Zk
NfnEEMDY3jVF3uJQjz9NEMP1WVWtGiIo8rYFAqEgIQne1DLefrxpMCJQ7+YAoaQH
wqwB+spAzTDVToKI0HxlZgm4TMkZ6zLa15jnqNGj1oKMkPTvGtG6sUsj3W56uqHq
vKk6AOqxhrZmAyz7k9g2O8kL8fb02P7mIVrIKSXJz9uv/kwWaxMuZzHhcV9UezZ9
Fu1RahFf96F4Evep8mVi/VaLOuELOrA9HTPnAPAjFchArDBxmwDx7CWqVcWLANhh
wVSn
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:54:48 2024 by rpki-client on console-ams.rpki-client.org