Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/335797-9b21-4c50-b044-c86ed4862501/1/03EL0jvinXZt-z7idSTrnk6EW-k.roa
File: 03EL0jvinXZt-z7idSTrnk6EW-k.roa (raw, json)
Hash identifier: kz/pmJ3xwQ8j+65cL87UwdY3PN4MarpJvm+9qq5/SYM=
Subject key identifier: D3:71:0B:D2:3B:E2:9D:76:6D:FB:3E:E2:75:24:EB:9E:4E:84:5B:E9
Certificate issuer: /CN=f14a6318b2ed6d0c8234f98208f88de0e9d4698e
Certificate serial: 018F1354170B4690D24FC904EDCC6ED2D530
Authority key identifier: F1:4A:63:18:B2:ED:6D:0C:82:34:F9:82:08:F8:8D:E0:E9:D4:69:8E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8UpjGLLtbQyCNPmCCPiN4OnUaY4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/335797-9b21-4c50-b044-c86ed4862501/1/03EL0jvinXZt-z7idSTrnk6EW-k.roa
Signing time: Thu 25 Apr 2024 03:37:09 +0000
ROA not before: Thu 25 Apr 2024 03:37:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21217
IP address blocks: 185.34.102.0/24 maxlen: 24
185.54.7.0/24 maxlen: 24
2a0f:9180::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 25 Apr 2024 03:38:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:13:54:17:0b:46:90:d2:4f:c9:04:ed:cc:6e:d2:d5:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f14a6318b2ed6d0c8234f98208f88de0e9d4698e
Validity
Not Before: Apr 25 03:37:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d3710bd23be29d766dfb3ee27524eb9e4e845be9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:aa:d4:3f:0c:30:6b:0c:53:21:78:76:2f:0b:
18:4c:dc:7e:d2:ff:7a:e2:53:71:40:bd:3f:70:ca:
21:44:ba:77:74:ef:38:4b:a8:b4:89:8e:84:c2:36:
5f:0c:af:12:98:ab:81:05:6e:0f:3b:f5:01:7b:2a:
0d:53:b3:f0:a4:4c:1c:20:72:b5:14:3e:a9:cc:87:
63:fe:26:26:40:e2:d8:59:ad:f0:68:19:b7:22:84:
57:23:2a:fa:e4:ea:b1:9c:ec:8f:96:0e:71:46:0c:
06:cc:6b:2f:91:b0:48:5e:d2:78:b9:b0:25:9e:9c:
c2:72:7b:00:a7:c7:b3:a2:c4:44:65:b2:4e:e3:ee:
eb:4c:da:09:07:a1:78:15:de:32:c4:b6:19:34:db:
1e:a5:d4:21:15:4f:29:c5:eb:a6:15:06:51:d9:4d:
43:5e:07:43:4d:c5:0f:36:71:f6:3f:2d:a2:0b:e9:
22:24:20:3a:28:e9:b7:72:9c:68:38:4e:09:15:f4:
9e:aa:d6:b2:b4:81:44:56:f3:05:4a:74:6a:88:ab:
0e:3d:75:1c:53:e7:73:32:eb:52:33:3f:f2:82:e4:
b2:fe:9e:5d:a4:12:f2:d6:f8:92:db:11:c8:4e:fd:
0e:77:0a:bb:ad:0d:e9:ad:a1:64:3c:aa:92:b4:06:
5d:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:71:0B:D2:3B:E2:9D:76:6D:FB:3E:E2:75:24:EB:9E:4E:84:5B:E9
X509v3 Authority Key Identifier:
keyid:F1:4A:63:18:B2:ED:6D:0C:82:34:F9:82:08:F8:8D:E0:E9:D4:69:8E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8UpjGLLtbQyCNPmCCPiN4OnUaY4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/335797-9b21-4c50-b044-c86ed4862501/1/03EL0jvinXZt-z7idSTrnk6EW-k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/335797-9b21-4c50-b044-c86ed4862501/1/8UpjGLLtbQyCNPmCCPiN4OnUaY4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.34.102.0/24
185.54.7.0/24
IPv6:
2a0f:9180::/29
Signature Algorithm: sha256WithRSAEncryption
6f:ec:aa:e7:7f:02:02:37:e8:d7:d5:88:f5:1b:17:ab:14:13:
fe:cf:5a:30:76:4c:87:01:bd:db:97:ec:26:ea:16:af:42:e6:
34:17:4f:f6:d3:bd:b7:48:ba:cd:06:30:74:32:e3:5b:5c:f2:
23:7f:4d:3a:2a:e9:70:82:c2:71:6a:5f:d5:68:5f:c5:c3:6f:
f2:9a:f3:31:c7:3e:aa:fe:20:6d:81:0f:75:7c:20:ff:37:e7:
c1:f8:ca:73:5a:72:20:35:9a:6d:a0:b9:bb:69:82:ed:ca:17:
7b:8a:65:2d:db:d3:55:04:aa:8f:4e:a6:8a:f8:d2:ea:f7:42:
d7:12:f6:e9:e0:f9:e6:ef:62:d9:6f:7d:18:59:18:d2:fb:a0:
14:e6:bd:57:74:ae:f0:84:3a:6e:a4:da:42:e0:77:9f:ec:59:
1e:6c:2e:36:95:a7:df:9b:ac:f4:00:91:ce:5f:38:3a:76:b8:
21:2e:ec:03:2c:2f:58:06:ed:12:75:90:f6:ab:33:27:ec:43:
55:44:30:41:4b:7d:d1:b5:f0:dc:a9:25:26:9a:9e:ba:61:3a:
f6:22:7f:6d:d2:13:79:90:ec:24:70:42:f6:de:a4:a5:4e:b1:
51:dc:c1:77:88:d0:d7:ab:87:d6:2c:13:56:b4:57:f6:97:aa:
35:c6:b3:56
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAY8TVBcLRpDST8kE7cxu0tUwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxNGE2MzE4YjJlZDZkMGM4MjM0Zjk4MjA4Zjg4ZGUwZTlk
NDY5OGUwHhcNMjQwNDI1MDMzNzA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzcxMGJkMjNiZTI5ZDc2NmRmYjNlZTI3NTI0ZWI5ZTRlODQ1YmU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgqrUPwwwawxTIXh2LwsYTNx+0v96
4lNxQL0/cMohRLp3dO84S6i0iY6EwjZfDK8SmKuBBW4PO/UBeyoNU7PwpEwcIHK1
FD6pzIdj/iYmQOLYWa3waBm3IoRXIyr65OqxnOyPlg5xRgwGzGsvkbBIXtJ4ubAl
npzCcnsAp8ezosREZbJO4+7rTNoJB6F4Fd4yxLYZNNsepdQhFU8pxeumFQZR2U1D
XgdDTcUPNnH2Py2iC+kiJCA6KOm3cpxoOE4JFfSeqtaytIFEVvMFSnRqiKsOPXUc
U+dzMutSMz/yguSy/p5dpBLy1viS2xHITv0Odwq7rQ3praFkPKqStAZdUwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFNNxC9I74p12bfs+4nUk655OhFvpMB8GA1UdIwQY
MBaAFPFKYxiy7W0MgjT5ggj4jeDp1GmOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFVwakdMTHRiUXlDTlBtQ0NQaU40T25VYVk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy8zMzU3OTctOWIyMS00YzUwLWIwNDQt
Yzg2ZWQ0ODYyNTAxLzEvMDNFTDBqdmluWFp0LXo3aWRTVHJuazZFVy1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy8zMzU3OTctOWIyMS00YzUwLWIwNDQtYzg2ZWQ0ODYyNTAx
LzEvOFVwakdMTHRiUXlDTlBtQ0NQaU40T25VYVk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAuSJmAwQA
uTYHMA0EAgACMAcDBQMqD5GAMA0GCSqGSIb3DQEBCwUAA4IBAQBv7KrnfwICN+jX
1Yj1GxerFBP+z1owdkyHAb3bl+wm6havQuY0F0/20723SLrNBjB0MuNbXPIjf006
KulwgsJxal/VaF/Fw2/ymvMxxz6q/iBtgQ91fCD/N+fB+MpzWnIgNZptoLm7aYLt
yhd7imUt29NVBKqPTqaK+NLq90LXEvbp4Pnm72LZb30YWRjS+6AU5r1XdK7whDpu
pNpC4Hef7FkebC42laffm6z0AJHOXzg6drghLuwDLC9YBu0SdZD2qzMn7ENVRDBB
S33RtfDcqSUmmp66YTr2In9t0hN5kOwkcEL23qSlTrFR3MF3iNDXq4fWLBNWtFf2
l6o1xrNW
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:50:28 2025 by rpki-client