Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/335797-9b21-4c50-b044-c86ed4862501/1/f2R81Y-jnzIEA83HdQfu01AA5gI.roa
File: f2R81Y-jnzIEA83HdQfu01AA5gI.roa (raw, json)
Hash identifier: H/QwXSQzVbx91lXlPOCoIwMwoGEDCfn3knmA5C1HiNA=
Subject key identifier: 7F:64:7C:D5:8F:A3:9F:32:04:03:CD:C7:75:07:EE:D3:50:00:E6:02
Certificate issuer: /CN=f14a6318b2ed6d0c8234f98208f88de0e9d4698e
Certificate serial: 018CC56E6A317B20F1BC78B5F325AB0CB2FB
Authority key identifier: F1:4A:63:18:B2:ED:6D:0C:82:34:F9:82:08:F8:8D:E0:E9:D4:69:8E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8UpjGLLtbQyCNPmCCPiN4OnUaY4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/335797-9b21-4c50-b044-c86ed4862501/1/f2R81Y-jnzIEA83HdQfu01AA5gI.roa
Signing time: Mon 01 Jan 2024 14:29:56 +0000
ROA not before: Mon 01 Jan 2024 14:29:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21217
IP address blocks: 185.34.102.0/24 maxlen: 24
45.66.220.0/22 maxlen: 22
185.54.7.0/24 maxlen: 24
2a0f:9180::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 25 Apr 2024 03:37:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:6a:31:7b:20:f1:bc:78:b5:f3:25:ab:0c:b2:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f14a6318b2ed6d0c8234f98208f88de0e9d4698e
Validity
Not Before: Jan 1 14:29:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7f647cd58fa39f320403cdc77507eed35000e602
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:48:32:01:4c:f4:f8:2e:b4:37:7c:53:e8:b2:
b1:80:6b:fd:a4:91:a6:44:ce:68:9c:55:3f:ce:5b:
57:4d:c0:7c:a3:78:e4:51:6b:4f:90:5e:b6:ab:56:
28:3e:a5:b3:10:21:c2:b5:7d:53:34:09:56:15:89:
32:ed:52:36:13:cf:7a:19:44:06:75:80:4c:c1:90:
3a:37:d1:b9:52:f2:0d:3f:00:a9:27:50:fb:17:f6:
aa:55:81:ba:1d:b9:b1:60:73:28:2d:1f:10:9c:1f:
27:aa:48:9b:c9:5e:aa:05:92:2f:b7:51:68:3d:96:
eb:1d:67:a3:fb:59:8c:d2:50:2d:0e:81:4e:ba:db:
3e:56:f8:62:bd:4e:7f:3b:66:42:bb:07:68:0c:fd:
d6:18:6b:0e:14:54:90:96:0b:f7:52:3b:86:69:c6:
1f:55:87:c9:1c:8c:92:f8:75:8c:94:05:fa:f7:8b:
06:6d:de:f1:02:3f:65:6c:97:c0:25:91:a8:e7:22:
8d:32:5e:aa:21:f3:3a:c8:25:85:44:c1:a7:18:e5:
b1:02:cb:a4:d6:64:f1:1f:0c:73:14:34:40:e4:cb:
64:f4:ad:88:ff:31:56:54:fd:c6:01:f9:0d:ab:2a:
06:74:6e:00:52:bd:d0:bc:20:dd:5d:e3:62:28:c6:
44:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:64:7C:D5:8F:A3:9F:32:04:03:CD:C7:75:07:EE:D3:50:00:E6:02
X509v3 Authority Key Identifier:
keyid:F1:4A:63:18:B2:ED:6D:0C:82:34:F9:82:08:F8:8D:E0:E9:D4:69:8E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8UpjGLLtbQyCNPmCCPiN4OnUaY4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/335797-9b21-4c50-b044-c86ed4862501/1/f2R81Y-jnzIEA83HdQfu01AA5gI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/335797-9b21-4c50-b044-c86ed4862501/1/8UpjGLLtbQyCNPmCCPiN4OnUaY4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.66.220.0/22
185.34.102.0/24
185.54.7.0/24
IPv6:
2a0f:9180::/29
Signature Algorithm: sha256WithRSAEncryption
10:b8:88:9a:57:7c:4e:2a:ff:80:46:65:fc:cf:74:d3:f4:c5:
0d:7c:7a:ef:d8:8e:dc:1a:06:3e:51:d1:50:6c:1a:51:e9:15:
55:62:87:c1:99:0c:91:98:43:2d:1e:52:ed:6b:2e:e2:59:f9:
ae:60:19:85:08:40:3f:02:3c:1d:69:fa:e2:89:a0:49:52:d2:
16:50:ee:c7:22:9b:61:f7:d7:e8:14:09:2f:cc:9e:87:59:3d:
e2:ca:6c:9a:0f:41:5e:af:6a:3c:71:5d:b3:0c:fa:a2:f5:40:
31:1c:84:2b:3a:09:f0:3d:98:47:fc:37:a9:82:a4:fb:7b:5c:
9b:14:d6:7f:c2:28:ca:1b:51:6a:01:bd:7f:af:d5:0c:a3:cd:
fe:a3:1b:36:09:f4:a8:a8:eb:51:8d:c3:a0:b5:36:83:1a:f4:
b5:53:d0:b0:69:45:b6:3f:cb:ee:20:8e:a6:d2:1c:78:74:60:
41:c0:26:73:d2:10:a4:d6:1c:ad:0e:6e:2c:23:38:2e:15:36:
ff:bf:91:c0:4a:07:30:9c:db:6a:94:0c:10:22:79:4f:6f:6b:
63:bd:e1:71:31:ad:a3:26:e6:7b:0b:b4:49:d0:5c:05:c1:9a:
e8:f3:8c:95:76:b7:60:69:88:f7:1e:48:49:9a:1d:6c:d7:c5:
b4:2e:57:10
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzFbmoxeyDxvHi18yWrDLL7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxNGE2MzE4YjJlZDZkMGM4MjM0Zjk4MjA4Zjg4ZGUwZTlk
NDY5OGUwHhcNMjQwMTAxMTQyOTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZjY0N2NkNThmYTM5ZjMyMDQwM2NkYzc3NTA3ZWVkMzUwMDBlNjAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwkgyAUz0+C60N3xT6LKxgGv9pJGm
RM5onFU/zltXTcB8o3jkUWtPkF62q1YoPqWzECHCtX1TNAlWFYky7VI2E896GUQG
dYBMwZA6N9G5UvINPwCpJ1D7F/aqVYG6HbmxYHMoLR8QnB8nqkibyV6qBZIvt1Fo
PZbrHWej+1mM0lAtDoFOuts+VvhivU5/O2ZCuwdoDP3WGGsOFFSQlgv3UjuGacYf
VYfJHIyS+HWMlAX694sGbd7xAj9lbJfAJZGo5yKNMl6qIfM6yCWFRMGnGOWxAsuk
1mTxHwxzFDRA5Mtk9K2I/zFWVP3GAfkNqyoGdG4AUr3QvCDdXeNiKMZE3wIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFH9kfNWPo58yBAPNx3UH7tNQAOYCMB8GA1UdIwQY
MBaAFPFKYxiy7W0MgjT5ggj4jeDp1GmOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFVwakdMTHRiUXlDTlBtQ0NQaU40T25VYVk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy8zMzU3OTctOWIyMS00YzUwLWIwNDQt
Yzg2ZWQ0ODYyNTAxLzEvZjJSODFZLWpueklFQTgzSGRRZnUwMUFBNWdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy8zMzU3OTctOWIyMS00YzUwLWIwNDQtYzg2ZWQ0ODYyNTAx
LzEvOFVwakdMTHRiUXlDTlBtQ0NQaU40T25VYVk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCLULcAwQA
uSJmAwQAuTYHMA0EAgACMAcDBQMqD5GAMA0GCSqGSIb3DQEBCwUAA4IBAQAQuIia
V3xOKv+ARmX8z3TT9MUNfHrv2I7cGgY+UdFQbBpR6RVVYofBmQyRmEMtHlLtay7i
WfmuYBmFCEA/AjwdafriiaBJUtIWUO7HIpth99foFAkvzJ6HWT3iymyaD0Fer2o8
cV2zDPqi9UAxHIQrOgnwPZhH/DepgqT7e1ybFNZ/wijKG1FqAb1/r9UMo83+oxs2
CfSoqOtRjcOgtTaDGvS1U9CwaUW2P8vuII6m0hx4dGBBwCZz0hCk1hytDm4sIzgu
FTb/v5HASgcwnNtqlAwQInlPb2tjveFxMa2jJuZ7C7RJ0FwFwZro84yVdrdgaYj3
HkhJmh1s18W0LlcQ
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:40:53 2025 by rpki-client