Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/630362-290f-46bc-8446-6a7c3ba31410/1/7wrCmeS-57-lNYKppRhr6qw4nMg.roa
File: 7wrCmeS-57-lNYKppRhr6qw4nMg.roa (raw, json)
Hash identifier: +AcFfbZ2Z2xjMkDZgr7xkFysGftC964jW1GcEgcD9fA=
Subject key identifier: EF:0A:C2:99:E4:BE:E7:BF:A5:35:82:A9:A5:18:6B:EA:AC:38:9C:C8
Certificate issuer: /CN=f8a41594a92a9ae05c65a04f803d411a4f88423f
Certificate serial: 018CCA2A6777658F8151A523C0C526819520
Authority key identifier: F8:A4:15:94:A9:2A:9A:E0:5C:65:A0:4F:80:3D:41:1A:4F:88:42:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-KQVlKkqmuBcZaBPgD1BGk-IQj8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0a/630362-290f-46bc-8446-6a7c3ba31410/1/7wrCmeS-57-lNYKppRhr6qw4nMg.roa
Signing time: Tue 02 Jan 2024 12:33:45 +0000
ROA not before: Tue 02 Jan 2024 12:33:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211957
IP address blocks: 185.235.8.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 09:48:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:67:77:65:8f:81:51:a5:23:c0:c5:26:81:95:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8a41594a92a9ae05c65a04f803d411a4f88423f
Validity
Not Before: Jan 2 12:33:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ef0ac299e4bee7bfa53582a9a5186beaac389cc8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:23:5a:1e:85:85:8f:7c:99:70:af:8a:49:9f:
1e:71:d0:62:b1:5e:3e:09:e0:0c:99:5d:82:b3:38:
83:24:88:dd:c8:29:53:ea:79:ae:81:42:29:2d:c4:
72:dc:d7:0f:52:49:26:98:2b:79:de:02:5b:b3:5a:
09:8b:2a:12:37:49:3b:0e:88:ab:c9:da:d8:f9:8d:
41:3e:5e:86:5a:67:9b:54:cc:77:d4:71:a1:38:1a:
56:d1:1c:2c:c8:7c:93:b4:ed:00:1c:91:07:08:64:
fd:29:a2:41:bb:9f:82:ad:ab:b7:5c:a1:cb:e7:7c:
4a:a9:ff:ee:1e:ac:05:40:4e:56:a7:10:9a:75:5e:
40:36:ac:6b:5f:64:fe:56:e5:ac:2e:57:06:0c:b7:
55:61:f0:6d:60:0b:77:69:e3:c8:ce:19:ae:a6:c5:
de:95:cc:95:c7:60:b3:b1:1c:73:00:22:94:c2:e7:
d6:28:3c:20:bb:79:6d:11:51:bc:83:eb:f4:93:bc:
bc:6d:22:15:35:d7:00:ba:60:cf:63:3f:cc:35:d2:
25:5c:d3:66:9a:a0:84:62:ec:12:5e:3d:23:78:9d:
90:d7:62:59:64:a1:d7:eb:1b:59:da:ec:35:26:a0:
15:e1:2e:b8:54:3e:31:a6:0f:c3:a6:10:f8:bf:29:
71:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:0A:C2:99:E4:BE:E7:BF:A5:35:82:A9:A5:18:6B:EA:AC:38:9C:C8
X509v3 Authority Key Identifier:
keyid:F8:A4:15:94:A9:2A:9A:E0:5C:65:A0:4F:80:3D:41:1A:4F:88:42:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-KQVlKkqmuBcZaBPgD1BGk-IQj8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/630362-290f-46bc-8446-6a7c3ba31410/1/7wrCmeS-57-lNYKppRhr6qw4nMg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/630362-290f-46bc-8446-6a7c3ba31410/1/1-KQVlKkqmuBcZaBPgD1BGk-IQj8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.235.8.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:68:07:1e:5a:1f:3e:17:b9:59:94:6b:30:e4:2f:ee:a9:2d:
c9:d4:13:26:88:6a:b1:a3:6d:ac:01:46:9a:01:64:1d:7b:86:
77:1a:65:a0:4e:5c:c2:80:de:ed:20:a5:16:66:fb:27:40:39:
f3:c8:46:ea:ed:bd:c5:47:06:3b:ea:c0:e7:0d:36:07:24:53:
fe:b0:92:d3:1d:d8:af:f7:46:12:ca:f4:56:a6:a1:89:64:1f:
da:6c:67:ea:2a:24:04:7c:2e:ec:01:77:32:49:b4:e5:b7:7d:
b5:05:3e:4b:22:52:6b:49:ef:ad:62:2e:d7:8a:64:3c:2c:9d:
97:ec:03:46:f4:0c:73:18:6b:ed:22:ef:63:cb:1b:38:a4:1b:
90:37:62:c5:dc:13:93:8f:8c:42:35:41:d2:50:9c:7b:5f:f3:
cc:c8:23:27:88:ad:f0:51:43:02:ff:85:03:e4:d3:c6:ed:57:
3a:16:13:28:e9:b2:4a:fe:05:9c:bb:d8:41:b6:9c:7e:e0:a9:
39:0b:7f:0c:81:6e:4c:15:84:a9:b3:b0:a9:80:c8:d7:9d:7c:
a2:cd:6e:7e:10:e8:90:e6:9f:9a:ce:41:ce:6c:ca:f9:2a:97:
b6:c7:aa:f3:dd:3b:d4:cc:9f:e4:bf:2e:02:dc:2c:63:b6:d5:
5b:96:bb:50
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYzKKmd3ZY+BUaUjwMUmgZUgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4YTQxNTk0YTkyYTlhZTA1YzY1YTA0ZjgwM2Q0MTFhNGY4
ODQyM2YwHhcNMjQwMTAyMTIzMzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZjBhYzI5OWU0YmVlN2JmYTUzNTgyYTlhNTE4NmJlYWFjMzg5Y2M4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAriNaHoWFj3yZcK+KSZ8ecdBisV4+
CeAMmV2CsziDJIjdyClT6nmugUIpLcRy3NcPUkkmmCt53gJbs1oJiyoSN0k7Doir
ydrY+Y1BPl6GWmebVMx31HGhOBpW0RwsyHyTtO0AHJEHCGT9KaJBu5+Crau3XKHL
53xKqf/uHqwFQE5WpxCadV5ANqxrX2T+VuWsLlcGDLdVYfBtYAt3aePIzhmupsXe
lcyVx2CzsRxzACKUwufWKDwgu3ltEVG8g+v0k7y8bSIVNdcAumDPYz/MNdIlXNNm
mqCEYuwSXj0jeJ2Q12JZZKHX6xtZ2uw1JqAV4S64VD4xpg/DphD4vylxywIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFO8Kwpnkvue/pTWCqaUYa+qsOJzIMB8GA1UdIwQY
MBaAFPikFZSpKprgXGWgT4A9QRpPiEI/MA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1LUVZsS2txbXVCY1phQlBnRDFCR2stSVFqOC5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGEvNjMwMzYyLTI5MGYtNDZiYy04NDQ2
LTZhN2MzYmEzMTQxMC8xLzd3ckNtZVMtNTctbE5ZS3BwUmhyNnF3NG5NZy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMGEvNjMwMzYyLTI5MGYtNDZiYy04NDQ2LTZhN2MzYmEzMTQx
MC8xLzEtS1FWbEtrcW11QmNaYUJQZ0QxQkdrLUlRajguY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAC56wgw
DQYJKoZIhvcNAQELBQADggEBAIpoBx5aHz4XuVmUazDkL+6pLcnUEyaIarGjbawB
RpoBZB17hncaZaBOXMKA3u0gpRZm+ydAOfPIRurtvcVHBjvqwOcNNgckU/6wktMd
2K/3RhLK9FamoYlkH9psZ+oqJAR8LuwBdzJJtOW3fbUFPksiUmtJ761iLteKZDws
nZfsA0b0DHMYa+0i72PLGzikG5A3YsXcE5OPjEI1QdJQnHtf88zIIyeIrfBRQwL/
hQPk08btVzoWEyjpskr+BZy72EG2nH7gqTkLfwyBbkwVhKmzsKmAyNedfKLNbn4Q
6JDmn5rOQc5syvkql7bHqvPdO9TMn+S/LgLcLGO21VuWu1A=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:49:24 2025 by rpki-client