Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/ea471a-da64-4596-8370-612a762007ec/1/7GXQ7OQUO38CyxwXwhgK00odtfM.roa
File: 7GXQ7OQUO38CyxwXwhgK00odtfM.roa (raw, json)
Hash identifier: YIDNpfMt/E5WDv6ML5/OQGh5zvuc+N3vmA2bJw7IAt4=
Subject key identifier: EC:65:D0:EC:E4:14:3B:7F:02:CB:1C:17:C2:18:0A:D3:4A:1D:B5:F3
Certificate issuer: /CN=6ea3b5028ce364f5102c1aec27736b7c33bc0493
Certificate serial: 018CC26D0942C39D12603BFC45D14003326C
Authority key identifier: 6E:A3:B5:02:8C:E3:64:F5:10:2C:1A:EC:27:73:6B:7C:33:BC:04:93
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bqO1AozjZPUQLBrsJ3NrfDO8BJM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/ea471a-da64-4596-8370-612a762007ec/1/7GXQ7OQUO38CyxwXwhgK00odtfM.roa
Signing time: Mon 01 Jan 2024 00:29:34 +0000
ROA not before: Mon 01 Jan 2024 00:29:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205151
IP address blocks: 217.150.64.0/21 maxlen: 21
2a01:8c81::/32 maxlen: 32
2a01:8c82::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 01 Jan 2025 07:48:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:09:42:c3:9d:12:60:3b:fc:45:d1:40:03:32:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ea3b5028ce364f5102c1aec27736b7c33bc0493
Validity
Not Before: Jan 1 00:29:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ec65d0ece4143b7f02cb1c17c2180ad34a1db5f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:90:c4:4b:a0:cb:65:0b:8d:a5:14:d2:a4:d6:
41:0b:8f:4b:f8:43:a6:6e:a4:ca:40:48:73:06:dd:
e3:57:91:ec:50:16:47:24:d4:51:7d:99:88:bf:7f:
4b:0b:66:35:ab:ed:8e:3f:5e:1b:26:5b:d9:ec:79:
d6:57:ef:86:5f:1d:74:26:4e:86:9f:b6:d6:d7:b1:
12:e1:f8:ad:ff:a7:b1:c8:0f:bd:ad:92:a7:a3:77:
3f:da:ed:15:cb:9d:d3:2d:85:55:22:f9:27:f2:95:
ba:8b:7f:bc:89:e3:b6:ec:da:c6:7d:a5:d9:b7:d7:
3b:65:71:bc:ec:e9:b4:ad:d1:16:bf:b8:16:f6:87:
df:5c:8c:37:60:62:b5:5c:a5:15:c0:2c:ae:c3:54:
ba:18:b5:48:0e:07:19:7c:ca:0f:66:63:f4:32:aa:
2c:4f:bb:0e:c4:d2:ec:dd:ec:e8:ca:5a:c2:15:d6:
a5:eb:31:18:6c:eb:62:7c:69:12:f7:89:ee:eb:32:
04:cc:d8:94:24:c5:30:26:57:da:da:6b:54:7a:bb:
fe:35:42:f6:86:7a:f4:d7:d0:c2:a1:56:ed:eb:60:
d2:c5:3f:5b:ab:98:1c:61:a2:f0:b9:19:fb:50:02:
3e:95:4e:9e:1c:c1:84:fc:88:b8:55:84:d7:29:46:
72:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:65:D0:EC:E4:14:3B:7F:02:CB:1C:17:C2:18:0A:D3:4A:1D:B5:F3
X509v3 Authority Key Identifier:
keyid:6E:A3:B5:02:8C:E3:64:F5:10:2C:1A:EC:27:73:6B:7C:33:BC:04:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bqO1AozjZPUQLBrsJ3NrfDO8BJM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/ea471a-da64-4596-8370-612a762007ec/1/7GXQ7OQUO38CyxwXwhgK00odtfM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/ea471a-da64-4596-8370-612a762007ec/1/bqO1AozjZPUQLBrsJ3NrfDO8BJM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.150.64.0/21
IPv6:
2a01:8c81::-2a01:8c82:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
a7:60:57:9e:7f:04:2c:78:1c:c2:15:2f:9b:42:45:92:17:88:
af:35:a4:c4:13:60:dd:18:43:e1:13:ec:30:f9:05:92:f0:52:
77:5c:48:51:49:d7:66:be:fc:5c:64:51:16:b3:69:7b:b6:17:
c4:45:87:6c:61:89:0a:cc:2a:08:05:e6:df:48:92:21:64:25:
c3:41:d5:5b:c0:3e:1a:1e:fd:c4:31:39:4a:21:6c:9c:bf:ff:
31:fb:0d:a6:e5:f6:34:b8:a1:61:1b:aa:2f:4c:93:c5:8e:a1:
64:e7:a1:be:2c:5f:e4:78:24:0f:7b:07:06:92:08:cb:50:e9:
f7:ef:01:9e:d3:bc:68:51:9d:5c:8a:d0:98:2c:8b:88:f1:87:
61:f5:df:da:e2:fd:c9:5b:b9:c4:11:81:6f:c3:80:9b:4d:29:
4a:36:18:e7:93:52:54:35:ff:19:d7:30:aa:2f:26:b5:b1:ba:
4b:8d:90:a9:69:ab:d1:75:4e:ae:e9:df:aa:54:00:9e:e4:fd:
ba:57:fd:aa:a0:29:b3:9f:e2:11:cb:de:d0:6e:5c:f1:0e:49:
3f:65:03:4c:ca:a1:32:76:a4:94:88:ab:12:9a:86:19:3e:89:
dc:74:39:b8:3e:88:04:45:20:f6:94:a4:60:e2:01:21:84:41:
1c:f8:db:3d
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzCbQlCw50SYDv8RdFAAzJsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlYTNiNTAyOGNlMzY0ZjUxMDJjMWFlYzI3NzM2YjdjMzNi
YzA0OTMwHhcNMjQwMTAxMDAyOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYzY1ZDBlY2U0MTQzYjdmMDJjYjFjMTdjMjE4MGFkMzRhMWRiNWYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm5DES6DLZQuNpRTSpNZBC49L+EOm
bqTKQEhzBt3jV5HsUBZHJNRRfZmIv39LC2Y1q+2OP14bJlvZ7HnWV++GXx10Jk6G
n7bW17ES4fit/6exyA+9rZKno3c/2u0Vy53TLYVVIvkn8pW6i3+8ieO27NrGfaXZ
t9c7ZXG87Om0rdEWv7gW9offXIw3YGK1XKUVwCyuw1S6GLVIDgcZfMoPZmP0Mqos
T7sOxNLs3ezoylrCFdal6zEYbOtifGkS94nu6zIEzNiUJMUwJlfa2mtUerv+NUL2
hnr019DCoVbt62DSxT9bq5gcYaLwuRn7UAI+lU6eHMGE/Ii4VYTXKUZyGwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFOxl0OzkFDt/AsscF8IYCtNKHbXzMB8GA1UdIwQY
MBaAFG6jtQKM42T1ECwa7Cdza3wzvASTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYnFPMUFvempaUFVRTEJyc0ozTnJmRE84QkpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC9lYTQ3MWEtZGE2NC00NTk2LTgzNzAt
NjEyYTc2MjAwN2VjLzEvN0dYUTdPUVVPMzhDeXh3WHdoZ0swMG9kdGZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC9lYTQ3MWEtZGE2NC00NTk2LTgzNzAtNjEyYTc2MjAwN2Vj
LzEvYnFPMUFvempaUFVRTEJyc0ozTnJmRE84QkpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAMBAIAATAGAwQD2ZZAMBYE
AgACMBAwDgMFACoBjIEDBQAqAYyCMA0GCSqGSIb3DQEBCwUAA4IBAQCnYFeefwQs
eBzCFS+bQkWSF4ivNaTEE2DdGEPhE+ww+QWS8FJ3XEhRSddmvvxcZFEWs2l7thfE
RYdsYYkKzCoIBebfSJIhZCXDQdVbwD4aHv3EMTlKIWycv/8x+w2m5fY0uKFhG6ov
TJPFjqFk56G+LF/keCQPewcGkgjLUOn37wGe07xoUZ1citCYLIuI8Ydh9d/a4v3J
W7nEEYFvw4CbTSlKNhjnk1JUNf8Z1zCqLya1sbpLjZCpaavRdU6u6d+qVACe5P26
V/2qoCmzn+IRy97QblzxDkk/ZQNMyqEydqSUiKsSmoYZPoncdDm4PogERSD2lKRg
4gEhhEEc+Ns9
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:17:36 2025 by rpki-client