Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/e73436-2251-49b4-b357-984c957a353e/1/7fMGD9Tib5NvN5MTsdlXKun_64c.roa
File: 7fMGD9Tib5NvN5MTsdlXKun_64c.roa (raw, json)
Hash identifier: NTBzPQc//ZnHm37vd6vSJmTvcGKxoLXr5jNgren8pc8=
Subject key identifier: ED:F3:06:0F:D4:E2:6F:93:6F:37:93:13:B1:D9:57:2A:E9:FF:EB:87
Certificate issuer: /CN=6f4dbbc069669f2e7e8822f6398f6b36c449345c
Certificate serial: 018CCA286DBCE240B178FEB40FD7141501FD
Authority key identifier: 6F:4D:BB:C0:69:66:9F:2E:7E:88:22:F6:39:8F:6B:36:C4:49:34:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b027wGlmny5-iCL2OY9rNsRJNFw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/e73436-2251-49b4-b357-984c957a353e/1/7fMGD9Tib5NvN5MTsdlXKun_64c.roa
Signing time: Tue 02 Jan 2024 12:31:36 +0000
ROA not before: Tue 02 Jan 2024 12:31:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48390
IP address blocks: 185.20.3.0/24 maxlen: 24
2a0c:d0c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 01 Jan 2025 17:48:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:28:6d:bc:e2:40:b1:78:fe:b4:0f:d7:14:15:01:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f4dbbc069669f2e7e8822f6398f6b36c449345c
Validity
Not Before: Jan 2 12:31:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=edf3060fd4e26f936f379313b1d9572ae9ffeb87
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:d0:f1:a2:d9:d4:30:fb:a9:3f:50:62:9b:bb:
99:62:a0:73:6a:b2:38:5f:e4:2c:53:3d:f8:77:64:
85:6b:6d:a7:e5:cf:a7:35:37:2d:8f:da:ce:4e:4e:
c0:c3:9a:f8:44:d3:be:d7:d0:26:25:eb:11:8d:fd:
33:ef:5b:2e:6a:49:24:b1:4a:92:1f:a5:b4:7f:51:
83:fe:e9:8a:c9:c7:25:72:39:26:cd:2f:43:64:91:
38:01:08:ca:fb:82:58:80:8a:42:e7:35:83:6f:6e:
48:66:02:c1:87:fa:1d:1e:59:68:ca:0b:24:7c:4f:
14:53:41:be:d6:d2:6e:4a:f4:e1:0e:aa:a3:f1:82:
76:05:be:9a:ca:94:45:c2:c3:5c:2b:fc:67:43:d9:
ec:39:0b:3e:0f:6c:62:67:54:2f:61:ef:26:48:c1:
b4:3a:6c:db:d5:83:92:c3:05:3e:41:0c:37:97:2d:
32:04:b5:a9:8c:b8:eb:12:d2:f2:30:5f:be:19:47:
82:14:75:50:05:ff:7b:d9:e1:b2:ee:f2:69:ff:e6:
8f:8b:cf:5a:6d:05:03:53:8b:80:e2:d4:74:e6:f6:
35:95:e8:62:45:78:d6:f9:f8:db:82:a9:47:7b:56:
a3:5c:2a:c9:fa:79:b5:67:80:53:2a:10:31:26:4e:
64:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:F3:06:0F:D4:E2:6F:93:6F:37:93:13:B1:D9:57:2A:E9:FF:EB:87
X509v3 Authority Key Identifier:
keyid:6F:4D:BB:C0:69:66:9F:2E:7E:88:22:F6:39:8F:6B:36:C4:49:34:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b027wGlmny5-iCL2OY9rNsRJNFw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/e73436-2251-49b4-b357-984c957a353e/1/7fMGD9Tib5NvN5MTsdlXKun_64c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/e73436-2251-49b4-b357-984c957a353e/1/b027wGlmny5-iCL2OY9rNsRJNFw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.20.3.0/24
IPv6:
2a0c:d0c0::/29
Signature Algorithm: sha256WithRSAEncryption
9e:df:fd:7f:fa:f2:bc:a7:f7:24:2b:0b:34:a6:8a:05:23:46:
90:ed:86:93:9a:97:0f:3b:ac:5d:24:3e:37:16:d4:52:dc:f2:
ad:3e:84:cd:39:06:0b:71:94:40:52:7e:88:ee:6e:32:2e:2e:
a8:19:14:cc:5c:22:28:b9:5d:4a:71:41:06:8b:39:68:69:b8:
1b:64:d2:4e:0f:f9:56:fd:cb:3d:48:bc:3c:78:a8:81:f6:4f:
9a:a9:0a:00:ff:c4:e5:27:c5:33:1b:a8:92:7a:a6:b1:e3:8a:
5f:1d:ec:3b:2c:3c:e4:d7:a3:ab:97:00:75:e1:51:45:a7:cd:
06:ae:97:89:d1:f8:63:40:9a:6d:f9:7a:9c:77:ee:5f:1b:77:
b3:19:2e:0c:c2:ae:99:e7:71:f8:e8:74:33:6f:33:27:61:91:
c3:1b:9b:75:aa:67:7e:76:8e:1d:ab:a7:cf:46:f5:42:6b:60:
88:0d:15:d4:27:d2:ed:3c:5c:38:44:38:97:d7:82:78:a5:55:
26:b6:e9:e2:02:32:1d:6b:f1:c7:cd:ab:ec:ef:2c:cd:e7:e5:
86:f0:23:6f:31:93:c1:c7:7a:b2:41:2f:af:fb:3b:41:91:e3:
ec:f2:b5:50:a5:97:d8:48:2c:2f:18:6d:51:cc:a9:37:08:90:
cf:ed:5f:05
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzKKG284kCxeP60D9cUFQH9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmNGRiYmMwNjk2NjlmMmU3ZTg4MjJmNjM5OGY2YjM2YzQ0
OTM0NWMwHhcNMjQwMTAyMTIzMTM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZGYzMDYwZmQ0ZTI2ZjkzNmYzNzkzMTNiMWQ5NTcyYWU5ZmZlYjg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoNDxotnUMPupP1Bim7uZYqBzarI4
X+QsUz34d2SFa22n5c+nNTctj9rOTk7Aw5r4RNO+19AmJesRjf0z71suakkksUqS
H6W0f1GD/umKycclcjkmzS9DZJE4AQjK+4JYgIpC5zWDb25IZgLBh/odHlloygsk
fE8UU0G+1tJuSvThDqqj8YJ2Bb6aypRFwsNcK/xnQ9nsOQs+D2xiZ1QvYe8mSMG0
Omzb1YOSwwU+QQw3ly0yBLWpjLjrEtLyMF++GUeCFHVQBf972eGy7vJp/+aPi89a
bQUDU4uA4tR05vY1lehiRXjW+fjbgqlHe1ajXCrJ+nm1Z4BTKhAxJk5kywIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFO3zBg/U4m+TbzeTE7HZVyrp/+uHMB8GA1UdIwQY
MBaAFG9Nu8BpZp8ufogi9jmPazbESTRcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjAyN3dHbG1ueTUtaUNMMk9ZOXJOc1JKTkZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC9lNzM0MzYtMjI1MS00OWI0LWIzNTct
OTg0Yzk1N2EzNTNlLzEvN2ZNR0Q5VGliNU52TjVNVHNkbFhLdW5fNjRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC9lNzM0MzYtMjI1MS00OWI0LWIzNTctOTg0Yzk1N2EzNTNl
LzEvYjAyN3dHbG1ueTUtaUNMMk9ZOXJOc1JKTkZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuRQDMA0E
AgACMAcDBQMqDNDAMA0GCSqGSIb3DQEBCwUAA4IBAQCe3/1/+vK8p/ckKws0pooF
I0aQ7YaTmpcPO6xdJD43FtRS3PKtPoTNOQYLcZRAUn6I7m4yLi6oGRTMXCIouV1K
cUEGizloabgbZNJOD/lW/cs9SLw8eKiB9k+aqQoA/8TlJ8UzG6iSeqax44pfHew7
LDzk16OrlwB14VFFp80GrpeJ0fhjQJpt+Xqcd+5fG3ezGS4Mwq6Z53H46HQzbzMn
YZHDG5t1qmd+do4dq6fPRvVCa2CIDRXUJ9LtPFw4RDiX14J4pVUmtuniAjIda/HH
zavs7yzN5+WG8CNvMZPBx3qyQS+v+ztBkePs8rVQpZfYSCwvGG1RzKk3CJDP7V8F
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:40:42 2025 by rpki-client