Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/0952d4-4a49-447d-ad3c-1903edafa8bf/1/7CrqGf76Y-38x48KbTYCJ8Khlmo.roa
File: 7CrqGf76Y-38x48KbTYCJ8Khlmo.roa (raw, json)
Hash identifier: CIrSZLZC0s56aJoMznPumUCEiRz0rKdjCHuRQsuUAT8=
Subject key identifier: EC:2A:EA:19:FE:FA:63:ED:FC:C7:8F:0A:6D:36:02:27:C2:A1:96:6A
Certificate issuer: /CN=ebf42e80602aedf58a3c7a81883c1a34f69d2fb4
Certificate serial: 019170715A9F7EDBBA3E06B9770975433C91
Authority key identifier: EB:F4:2E:80:60:2A:ED:F5:8A:3C:7A:81:88:3C:1A:34:F6:9D:2F:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6_QugGAq7fWKPHqBiDwaNPadL7Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/0952d4-4a49-447d-ad3c-1903edafa8bf/1/7CrqGf76Y-38x48KbTYCJ8Khlmo.roa
Signing time: Tue 20 Aug 2024 15:39:22 +0000
ROA not before: Tue 20 Aug 2024 15:39:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206762
IP address blocks: 188.241.29.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 11:48:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:70:71:5a:9f:7e:db:ba:3e:06:b9:77:09:75:43:3c:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ebf42e80602aedf58a3c7a81883c1a34f69d2fb4
Validity
Not Before: Aug 20 15:39:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ec2aea19fefa63edfcc78f0a6d360227c2a1966a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:a6:eb:80:be:c8:67:b1:b6:45:68:f2:2f:f1:
f6:25:92:79:18:e7:a2:17:e9:cf:59:3f:8c:2a:c9:
cb:14:0f:7f:ec:c5:9c:70:1e:2e:d5:9d:a7:46:7f:
47:c0:15:b1:13:fa:64:fe:d9:24:d9:1d:f4:a1:b3:
e4:85:8b:f6:8b:f1:1a:a5:57:34:0d:e9:b5:2b:5d:
c8:d4:50:9d:1e:f1:9c:86:e2:93:e8:e2:18:fd:01:
5b:fd:64:6e:4e:4c:e8:fa:ed:72:50:6e:4e:20:0b:
d3:65:eb:39:65:91:1c:bc:ab:d0:ca:00:57:06:d0:
78:49:8d:23:83:63:73:ad:21:68:f8:9c:bf:c4:06:
aa:d1:2c:44:fb:30:77:ca:71:1c:93:3f:f5:38:9c:
41:5b:e9:18:42:5b:11:5e:e0:c5:39:43:e8:0d:cd:
50:6c:df:8a:fc:6c:24:52:6f:d2:c4:17:f2:70:c8:
6d:40:50:b0:5e:01:04:39:51:69:cf:ab:90:bf:e7:
ec:cc:e7:1f:eb:51:90:45:41:1d:23:03:d3:27:f2:
22:90:e8:b0:7a:0d:a4:ff:c3:29:21:d1:45:2c:fa:
31:c1:67:d5:ba:41:23:b4:db:ec:70:04:9a:fe:bc:
12:ec:4f:93:f6:b7:d4:b7:9a:25:c0:a0:bb:ff:d9:
97:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:2A:EA:19:FE:FA:63:ED:FC:C7:8F:0A:6D:36:02:27:C2:A1:96:6A
X509v3 Authority Key Identifier:
keyid:EB:F4:2E:80:60:2A:ED:F5:8A:3C:7A:81:88:3C:1A:34:F6:9D:2F:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6_QugGAq7fWKPHqBiDwaNPadL7Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/0952d4-4a49-447d-ad3c-1903edafa8bf/1/7CrqGf76Y-38x48KbTYCJ8Khlmo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/0952d4-4a49-447d-ad3c-1903edafa8bf/1/6_QugGAq7fWKPHqBiDwaNPadL7Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.241.29.0/24
Signature Algorithm: sha256WithRSAEncryption
43:e9:13:37:9b:b8:d4:df:cf:ea:cb:e7:81:07:25:56:9b:57:
3e:ff:04:f0:cd:e5:cf:43:44:90:09:43:f0:ff:81:c1:d2:23:
d9:2b:1f:77:07:70:f1:6b:b0:90:b3:0e:d1:1d:90:a3:1d:94:
84:85:5c:86:d1:b8:a6:c9:c4:b5:27:8e:62:8a:89:ec:aa:64:
19:ff:82:9d:d7:20:74:d5:e1:93:53:d4:c0:34:7a:79:84:9b:
92:6b:51:e4:1c:b5:fe:c7:bc:bc:23:a6:0c:b7:67:98:00:70:
35:d9:9a:ba:f7:62:c2:83:36:fd:a7:4a:3b:f7:ea:d8:1b:1f:
11:46:a9:4b:2c:6e:66:ff:9a:8e:03:32:e3:2c:f2:1e:fb:74:
d6:a8:81:da:9f:60:e1:86:93:84:f3:55:7a:02:9a:4f:d7:18:
bc:c1:71:25:78:1f:a5:86:a4:c1:d8:f6:d5:67:ac:4c:ec:58:
15:10:9e:49:00:cd:86:53:ef:ab:74:d1:7a:23:7f:52:41:4b:
86:b4:9e:0c:3e:af:b0:dd:66:99:ae:6e:05:ae:b8:18:06:a1:
09:d6:18:d5:04:ef:19:90:7a:33:da:99:9b:3b:cf:20:99:d2:
2e:0b:8c:73:52:3a:50:8d:e3:17:95:32:3f:51:1e:43:93:34:
9c:af:6f:62
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZFwcVqfftu6Pga5dwl1QzyRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGViZjQyZTgwNjAyYWVkZjU4YTNjN2E4MTg4M2MxYTM0ZjY5
ZDJmYjQwHhcNMjQwODIwMTUzOTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYzJhZWExOWZlZmE2M2VkZmNjNzhmMGE2ZDM2MDIyN2MyYTE5NjZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1abrgL7IZ7G2RWjyL/H2JZJ5GOei
F+nPWT+MKsnLFA9/7MWccB4u1Z2nRn9HwBWxE/pk/tkk2R30obPkhYv2i/EapVc0
Dem1K13I1FCdHvGchuKT6OIY/QFb/WRuTkzo+u1yUG5OIAvTZes5ZZEcvKvQygBX
BtB4SY0jg2NzrSFo+Jy/xAaq0SxE+zB3ynEckz/1OJxBW+kYQlsRXuDFOUPoDc1Q
bN+K/GwkUm/SxBfycMhtQFCwXgEEOVFpz6uQv+fszOcf61GQRUEdIwPTJ/IikOiw
eg2k/8MpIdFFLPoxwWfVukEjtNvscASa/rwS7E+T9rfUt5olwKC7/9mXJwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOwq6hn++mPt/MePCm02AifCoZZqMB8GA1UdIwQY
MBaAFOv0LoBgKu31ijx6gYg8GjT2nS+0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNl9RdWdHQXE3ZldLUEhxQmlEd2FOUGFkTDdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS8wOTUyZDQtNGE0OS00NDdkLWFkM2Mt
MTkwM2VkYWZhOGJmLzEvN0NycUdmNzZZLTM4eDQ4S2JUWUNKOEtobG1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS8wOTUyZDQtNGE0OS00NDdkLWFkM2MtMTkwM2VkYWZhOGJm
LzEvNl9RdWdHQXE3ZldLUEhxQmlEd2FOUGFkTDdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvPEdMA0G
CSqGSIb3DQEBCwUAA4IBAQBD6RM3m7jU38/qy+eBByVWm1c+/wTwzeXPQ0SQCUPw
/4HB0iPZKx93B3Dxa7CQsw7RHZCjHZSEhVyG0bimycS1J45iionsqmQZ/4Kd1yB0
1eGTU9TANHp5hJuSa1HkHLX+x7y8I6YMt2eYAHA12Zq692LCgzb9p0o79+rYGx8R
RqlLLG5m/5qOAzLjLPIe+3TWqIHan2DhhpOE81V6AppP1xi8wXEleB+lhqTB2PbV
Z6xM7FgVEJ5JAM2GU++rdNF6I39SQUuGtJ4MPq+w3WaZrm4FrrgYBqEJ1hjVBO8Z
kHoz2pmbO88gmdIuC4xzUjpQjeMXlTI/UR5DkzScr29i
-----END CERTIFICATE-----
Generated at Tue Apr 22 15:48:48 2025 by rpki-client