Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/112ce7-7415-4c5d-a890-ec95148fd236/1/1x4DPRf6JtXLtrVQd8GWxZcjzvc.roa
File: 1x4DPRf6JtXLtrVQd8GWxZcjzvc.roa (raw, json)
Hash identifier: 0FN2ZwrfjEeXYCBqb9TipHRjtNCNAbBpUtcXhn5Q3mw=
Subject key identifier: D7:1E:03:3D:17:FA:26:D5:CB:B6:B5:50:77:C1:96:C5:97:23:CE:F7
Certificate issuer: /CN=331706b915bab8dac2b5547fbc87adeb61e6aede
Certificate serial: 019421B21C4346A4DE842D40F639EA9103A0
Authority key identifier: 33:17:06:B9:15:BA:B8:DA:C2:B5:54:7F:BC:87:AD:EB:61:E6:AE:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MxcGuRW6uNrCtVR_vIet62Hmrt4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/112ce7-7415-4c5d-a890-ec95148fd236/1/1x4DPRf6JtXLtrVQd8GWxZcjzvc.roa
Signing time: Wed 01 Jan 2025 11:48:28 +0000
ROA not before: Wed 01 Jan 2025 11:48:28 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47297
IP address blocks: 185.7.68.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 15 Jan 2025 08:26:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:1c:43:46:a4:de:84:2d:40:f6:39:ea:91:03:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=331706b915bab8dac2b5547fbc87adeb61e6aede
Validity
Not Before: Jan 1 11:48:28 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d71e033d17fa26d5cbb6b55077c196c59723cef7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:93:22:2a:54:b6:17:c8:31:7a:bc:b2:73:20:
82:2c:23:d4:6b:d1:67:b9:e1:6a:52:a2:08:43:fa:
be:d2:ae:01:fb:77:02:76:2b:99:2f:77:d1:84:a3:
57:76:79:05:8b:02:7f:ea:92:52:2c:fe:83:78:ca:
ad:8b:b2:2d:c6:b5:6e:07:2e:40:aa:75:60:ea:8f:
20:50:6e:77:dd:ab:0d:d3:53:9c:73:63:98:8c:59:
64:11:bc:ce:f7:b5:78:13:9f:8c:4a:de:09:20:2f:
0d:6d:15:fe:8e:ef:5e:bd:e1:44:84:55:66:d1:d7:
a1:af:e8:50:5d:ee:dd:c8:13:c7:b0:b6:73:28:9f:
46:4b:a1:4c:99:b6:13:8a:a1:67:59:db:75:f0:95:
83:60:7a:ef:e8:31:42:43:f5:c5:9e:22:de:50:2a:
68:9c:01:31:9a:44:4d:69:7a:f7:5c:04:bd:76:8a:
27:c7:58:f3:1e:7f:4b:d2:20:6b:13:f4:fb:8f:bf:
62:dd:82:3d:af:ea:04:16:91:cb:19:45:78:62:eb:
f8:04:b9:41:fe:98:ef:72:15:ff:b0:5e:45:6c:6f:
f9:c1:90:b2:ee:66:96:11:95:ae:d4:f6:ce:4a:9f:
77:ac:14:76:71:42:17:8b:e4:35:e5:a9:06:ee:22:
22:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:1E:03:3D:17:FA:26:D5:CB:B6:B5:50:77:C1:96:C5:97:23:CE:F7
X509v3 Authority Key Identifier:
keyid:33:17:06:B9:15:BA:B8:DA:C2:B5:54:7F:BC:87:AD:EB:61:E6:AE:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MxcGuRW6uNrCtVR_vIet62Hmrt4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/112ce7-7415-4c5d-a890-ec95148fd236/1/1x4DPRf6JtXLtrVQd8GWxZcjzvc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/112ce7-7415-4c5d-a890-ec95148fd236/1/MxcGuRW6uNrCtVR_vIet62Hmrt4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.7.68.0/24
Signature Algorithm: sha256WithRSAEncryption
43:76:a9:66:19:a4:fb:59:ee:bf:06:32:c3:af:63:f0:e9:62:
b4:e3:af:c6:61:52:ce:3a:46:43:63:01:16:3e:c8:58:9e:8e:
af:e4:1d:0a:0a:f4:20:e3:9d:ae:fe:7c:7f:fa:43:6f:9a:c8:
69:aa:e0:d5:1a:cb:e9:d6:06:da:b2:40:ac:b6:ae:91:56:9c:
60:77:25:76:3a:f3:34:ad:9d:00:27:e2:b6:1b:b8:c8:65:98:
a2:a8:cb:c4:a9:23:cb:0c:b1:98:96:91:94:b9:13:0e:06:b8:
2b:94:07:0c:7e:0e:b9:84:86:66:9e:58:48:00:0d:b4:40:2c:
80:79:cd:ed:fd:7d:20:1f:cc:3a:25:4e:3e:1a:a8:a6:49:7a:
dc:19:31:dd:20:06:70:93:da:81:a7:62:cf:d2:57:9b:43:55:
c3:30:4c:fb:fe:00:8c:15:a8:24:07:7f:17:cd:d9:05:38:a1:
31:18:df:01:97:42:47:71:09:6d:ba:9e:f9:16:d1:29:91:b4:
4d:32:cc:4b:e6:9c:7b:57:60:96:b5:29:12:bf:b0:bc:57:f9:
2d:d8:25:ef:3c:dc:b0:0e:77:23:32:16:5c:c6:e2:f4:8d:03:
a2:63:fd:88:a4:f1:0b:6c:b4:0a:11:0d:a3:28:a8:3e:ea:2a:
cc:fb:6b:a6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhshxDRqTehC1A9jnqkQOgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzMTcwNmI5MTViYWI4ZGFjMmI1NTQ3ZmJjODdhZGViNjFl
NmFlZGUwHhcNMjUwMTAxMTE0ODI4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzFlMDMzZDE3ZmEyNmQ1Y2JiNmI1NTA3N2MxOTZjNTk3MjNjZWY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuJMiKlS2F8gxeryycyCCLCPUa9Fn
ueFqUqIIQ/q+0q4B+3cCdiuZL3fRhKNXdnkFiwJ/6pJSLP6DeMqti7ItxrVuBy5A
qnVg6o8gUG533asN01Occ2OYjFlkEbzO97V4E5+MSt4JIC8NbRX+ju9eveFEhFVm
0dehr+hQXe7dyBPHsLZzKJ9GS6FMmbYTiqFnWdt18JWDYHrv6DFCQ/XFniLeUCpo
nAExmkRNaXr3XAS9doonx1jzHn9L0iBrE/T7j79i3YI9r+oEFpHLGUV4Yuv4BLlB
/pjvchX/sF5FbG/5wZCy7maWEZWu1PbOSp93rBR2cUIXi+Q15akG7iIiZwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNceAz0X+ibVy7a1UHfBlsWXI873MB8GA1UdIwQY
MBaAFDMXBrkVurjawrVUf7yHreth5q7eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTXhjR3VSVzZ1TnJDdFZSX3ZJZXQ2MkhtcnQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC8xMTJjZTctNzQxNS00YzVkLWE4OTAt
ZWM5NTE0OGZkMjM2LzEvMXg0RFBSZjZKdFhMdHJWUWQ4R1d4WmNqenZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC8xMTJjZTctNzQxNS00YzVkLWE4OTAtZWM5NTE0OGZkMjM2
LzEvTXhjR3VSVzZ1TnJDdFZSX3ZJZXQ2MkhtcnQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuQdEMA0G
CSqGSIb3DQEBCwUAA4IBAQBDdqlmGaT7We6/BjLDr2Pw6WK046/GYVLOOkZDYwEW
PshYno6v5B0KCvQg452u/nx/+kNvmshpquDVGsvp1gbaskCstq6RVpxgdyV2OvM0
rZ0AJ+K2G7jIZZiiqMvEqSPLDLGYlpGUuRMOBrgrlAcMfg65hIZmnlhIAA20QCyA
ec3t/X0gH8w6JU4+GqimSXrcGTHdIAZwk9qBp2LP0lebQ1XDMEz7/gCMFagkB38X
zdkFOKExGN8Bl0JHcQltup75FtEpkbRNMsxL5px7V2CWtSkSv7C8V/kt2CXvPNyw
DncjMhZcxuL0jQOiY/2IpPELbLQKEQ2jKKg+6irM+2um
-----END CERTIFICATE-----
Generated at Sat Apr 19 02:34:41 2025 by rpki-client