Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/53fb34-25db-4684-984f-3b445f29f5b7/1/1-vZ-zHVTg-81rpC4_r8Sb1CgNaQ.roa
File: 1-vZ-zHVTg-81rpC4_r8Sb1CgNaQ.roa (raw, json)
Hash identifier: KmBHyDaEtT0WVLKVRNVVKgfAn2zA3KLKnLK9oEiVFzY=
Subject key identifier: FA:F6:7E:CC:75:53:83:EF:35:AE:90:B8:FE:BF:12:6F:50:A0:35:A4
Certificate issuer: /CN=7df904ab14066c7a9fe61a521d5492a0e52965ca
Certificate serial: 018CE4D49C7A839610E5260B9D0925D1797A
Authority key identifier: 7D:F9:04:AB:14:06:6C:7A:9F:E6:1A:52:1D:54:92:A0:E5:29:65:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ffkEqxQGbHqf5hpSHVSSoOUpZco.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/53fb34-25db-4684-984f-3b445f29f5b7/1/1-vZ-zHVTg-81rpC4_r8Sb1CgNaQ.roa
Signing time: Sun 07 Jan 2024 16:49:48 +0000
ROA not before: Sun 07 Jan 2024 16:49:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201642
IP address blocks: 194.164.0.0/23 maxlen: 23
121.127.36.0/24 maxlen: 24
185.249.103.0/24 maxlen: 24
185.249.100.0/23 maxlen: 23
185.249.100.0/24 maxlen: 24
185.249.101.0/24 maxlen: 24
185.249.102.0/24 maxlen: 24
185.249.102.0/23 maxlen: 23
2a14:3200::/32 maxlen: 32
2a14:3200:2a14::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 09 Jan 2024 08:19:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:e4:d4:9c:7a:83:96:10:e5:26:0b:9d:09:25:d1:79:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7df904ab14066c7a9fe61a521d5492a0e52965ca
Validity
Not Before: Jan 7 16:49:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=faf67ecc755383ef35ae90b8febf126f50a035a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:50:1d:f8:08:a9:ef:32:0e:da:17:d2:5a:fa:
d2:f7:02:c2:7d:91:d4:77:0b:e5:29:23:b1:d0:c8:
a8:c9:8a:43:10:8e:4f:d0:67:80:03:b5:94:cf:5c:
86:c8:f5:63:4e:71:73:f4:ef:60:fb:ed:5d:5c:c4:
8a:b0:fe:92:f7:7a:c5:e4:2a:7a:a2:a7:bd:bf:ae:
4a:82:d8:ed:a5:0e:a6:f1:53:9b:9e:99:5a:0d:1b:
70:0d:9b:e9:19:23:61:6d:ad:b1:c4:a7:62:2b:8a:
72:36:ef:1e:82:06:50:b8:bd:38:fb:26:db:9c:32:
61:40:80:b4:1a:57:7d:1f:f6:ff:91:fe:b0:ea:11:
aa:e8:31:0c:0c:2f:c2:2e:ae:20:53:5f:17:75:d1:
c3:85:73:16:ee:f5:3a:4d:32:f7:db:1a:15:81:2e:
ae:7c:b5:76:c6:b8:9b:50:89:e9:cb:88:f9:6f:31:
2e:0f:93:95:f3:e9:fc:69:f6:5b:71:d4:19:a6:57:
c3:48:d3:7d:69:ea:a7:71:43:ce:0c:b1:6d:79:10:
d4:df:07:dd:ed:53:9d:46:c8:74:c1:82:a1:c6:9b:
17:cf:e6:85:f9:0f:b4:c7:68:80:f0:3b:5f:72:97:
dd:fb:23:57:46:06:c8:80:73:ab:46:7c:08:e9:87:
15:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:F6:7E:CC:75:53:83:EF:35:AE:90:B8:FE:BF:12:6F:50:A0:35:A4
X509v3 Authority Key Identifier:
keyid:7D:F9:04:AB:14:06:6C:7A:9F:E6:1A:52:1D:54:92:A0:E5:29:65:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ffkEqxQGbHqf5hpSHVSSoOUpZco.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/53fb34-25db-4684-984f-3b445f29f5b7/1/1-vZ-zHVTg-81rpC4_r8Sb1CgNaQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/53fb34-25db-4684-984f-3b445f29f5b7/1/ffkEqxQGbHqf5hpSHVSSoOUpZco.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
121.127.36.0/24
185.249.100.0/22
194.164.0.0/23
IPv6:
2a14:3200::/32
Signature Algorithm: sha256WithRSAEncryption
8d:df:ad:5e:f6:9e:f2:74:1e:a0:6b:0e:f9:95:b2:65:5a:69:
a4:e6:51:ef:44:bc:c1:af:58:f1:c7:8e:c5:ac:0c:5a:46:5b:
74:e6:6f:5d:75:a5:34:5d:e9:3f:14:dd:28:ec:64:14:fe:fc:
8c:6b:64:71:3e:65:15:2c:be:b2:fc:ac:3c:45:aa:6a:d8:17:
e2:ba:96:8f:35:6d:07:68:a5:5d:7c:ce:be:f0:10:f5:49:3a:
1c:4d:a2:19:b7:07:58:3f:fb:6a:5c:8d:09:f2:02:e6:49:7f:
2b:17:29:c8:84:50:1a:40:81:41:4f:f7:5c:6d:e7:cd:13:70:
a9:c2:ee:b0:50:3c:f5:df:e2:94:7c:a2:b8:fd:20:a1:eb:d5:
67:25:f8:ca:31:c3:90:12:86:f9:a5:7b:4c:6b:d6:4c:0c:e2:
86:3e:37:71:dd:bb:c9:17:dc:59:c6:a2:4b:8e:8f:56:1a:5c:
79:01:8d:23:54:dc:07:9b:f6:e7:63:4e:a0:6f:47:a9:b5:0c:
4d:eb:34:44:2e:29:22:5c:97:a7:ba:05:c4:1d:da:bd:a4:a4:
20:1a:76:1f:1f:3d:77:98:99:77:17:1e:bd:75:a2:5d:da:d0:
16:9c:99:32:c7:c7:4c:a1:54:67:e0:9e:61:07:ce:40:77:45:
b7:7d:50:ce
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYzk1Jx6g5YQ5SYLnQkl0Xl6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkZjkwNGFiMTQwNjZjN2E5ZmU2MWE1MjFkNTQ5MmEwZTUy
OTY1Y2EwHhcNMjQwMTA3MTY0OTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYWY2N2VjYzc1NTM4M2VmMzVhZTkwYjhmZWJmMTI2ZjUwYTAzNWE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj1Ad+Aip7zIO2hfSWvrS9wLCfZHU
dwvlKSOx0MioyYpDEI5P0GeAA7WUz1yGyPVjTnFz9O9g++1dXMSKsP6S93rF5Cp6
oqe9v65KgtjtpQ6m8VObnplaDRtwDZvpGSNhba2xxKdiK4pyNu8eggZQuL04+ybb
nDJhQIC0Gld9H/b/kf6w6hGq6DEMDC/CLq4gU18XddHDhXMW7vU6TTL32xoVgS6u
fLV2xribUInpy4j5bzEuD5OV8+n8afZbcdQZplfDSNN9aeqncUPODLFteRDU3wfd
7VOdRsh0wYKhxpsXz+aF+Q+0x2iA8Dtfcpfd+yNXRgbIgHOrRnwI6YcVXQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFPr2fsx1U4PvNa6QuP6/Em9QoDWkMB8GA1UdIwQY
MBaAFH35BKsUBmx6n+YaUh1UkqDlKWXKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmZrRXF4UUdiSHFmNWhwU0hWU1NvT1VwWmNvLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS81M2ZiMzQtMjVkYi00Njg0LTk4NGYt
M2I0NDVmMjlmNWI3LzEvMS12Wi16SFZUZy04MXJwQzRfcjhTYjFDZ05hUS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMGUvNTNmYjM0LTI1ZGItNDY4NC05ODRmLTNiNDQ1ZjI5ZjVi
Ny8xL2Zma0VxeFFHYkhxZjVocFNIVlNTb09VcFpjby5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA6BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEAHl/JAME
Arn5ZAMEAcKkADANBAIAAjAHAwUAKhQyADANBgkqhkiG9w0BAQsFAAOCAQEAjd+t
Xvae8nQeoGsO+ZWyZVpppOZR70S8wa9Y8ceOxawMWkZbdOZvXXWlNF3pPxTdKOxk
FP78jGtkcT5lFSy+svysPEWqatgX4rqWjzVtB2ilXXzOvvAQ9Uk6HE2iGbcHWD/7
alyNCfIC5kl/KxcpyIRQGkCBQU/3XG3nzRNwqcLusFA89d/ilHyiuP0goevVZyX4
yjHDkBKG+aV7TGvWTAzihj43cd27yRfcWcaiS46PVhpceQGNI1TcB5v252NOoG9H
qbUMTes0RC4pIlyXp7oFxB3avaSkIBp2Hx89d5iZdxcevXWiXdrQFpyZMsfHTKFU
Z+CeYQfOQHdFt31Qzg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:26:09 2025 by rpki-client