Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/53fb34-25db-4684-984f-3b445f29f5b7/1/B5Uoe1XgLMY9BrHxiiS-y-1AvWE.roa
File: B5Uoe1XgLMY9BrHxiiS-y-1AvWE.roa (raw, json)
Hash identifier: 7oFZ44Ur5CNozNW9xXf/3NLW5i4QjOVEcc/bo7qr6jY=
Subject key identifier: 07:95:28:7B:55:E0:2C:C6:3D:06:B1:F1:8A:24:BE:CB:ED:40:BD:61
Certificate issuer: /CN=7df904ab14066c7a9fe61a521d5492a0e52965ca
Certificate serial: 018CC8016EF812B8F1FCDA53517298F592D1
Authority key identifier: 7D:F9:04:AB:14:06:6C:7A:9F:E6:1A:52:1D:54:92:A0:E5:29:65:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ffkEqxQGbHqf5hpSHVSSoOUpZco.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/53fb34-25db-4684-984f-3b445f29f5b7/1/B5Uoe1XgLMY9BrHxiiS-y-1AvWE.roa
Signing time: Tue 02 Jan 2024 02:29:46 +0000
ROA not before: Tue 02 Jan 2024 02:29:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201642
IP address blocks: 121.127.36.0/24 maxlen: 24
185.249.103.0/24 maxlen: 24
185.249.100.0/23 maxlen: 23
185.249.100.0/24 maxlen: 24
185.249.101.0/24 maxlen: 24
185.249.102.0/24 maxlen: 24
185.249.102.0/23 maxlen: 23
2a14:3200::/32 maxlen: 32
2a14:3200:2a14::/48 maxlen: 48
Validation: Failed, certificate revoked on Sun 07 Jan 2024 16:49:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:6e:f8:12:b8:f1:fc:da:53:51:72:98:f5:92:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7df904ab14066c7a9fe61a521d5492a0e52965ca
Validity
Not Before: Jan 2 02:29:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0795287b55e02cc63d06b1f18a24becbed40bd61
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:8c:c8:2e:9f:3c:3c:a2:f0:4c:90:8d:0a:68:
cd:d8:db:47:84:e6:48:b5:1f:c8:0c:46:d6:b4:83:
b8:77:5c:66:ce:59:6d:65:9b:6b:c4:ea:d9:63:80:
fc:0d:13:8b:9a:41:e7:29:49:2d:d4:c3:67:c6:71:
84:f2:40:c2:a0:47:9d:b0:ea:c8:ab:63:c7:b4:9f:
bc:5c:63:e6:d8:53:9e:89:5c:0e:01:9a:e2:cf:41:
e3:0c:a5:cb:1a:8f:6b:ee:44:34:59:12:9c:a9:4b:
48:84:35:a8:4b:0e:41:27:00:f2:d9:5c:ce:24:1e:
8f:51:d9:00:e0:4c:e3:ca:74:ba:95:ff:21:4e:b7:
40:3b:f0:4b:6e:f0:f7:a1:f6:6c:39:77:df:09:80:
2b:b8:c4:db:45:02:7b:0d:b3:ff:4e:7f:e4:61:cd:
d7:e1:aa:f3:f1:ab:0f:97:90:c0:8f:09:bf:38:05:
04:55:0e:21:f0:b5:60:dc:e3:77:4f:f9:0c:7e:c9:
a2:63:2c:b4:84:4f:31:60:f8:5f:1f:f8:36:b3:79:
e4:fa:ff:05:80:d1:bf:c1:f7:06:39:3c:cd:95:c3:
ad:d9:51:54:76:fd:69:fe:d1:8f:db:91:8e:3d:39:
20:2d:54:4d:bf:10:3b:47:fe:05:0e:31:bc:e9:fe:
0c:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:95:28:7B:55:E0:2C:C6:3D:06:B1:F1:8A:24:BE:CB:ED:40:BD:61
X509v3 Authority Key Identifier:
keyid:7D:F9:04:AB:14:06:6C:7A:9F:E6:1A:52:1D:54:92:A0:E5:29:65:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ffkEqxQGbHqf5hpSHVSSoOUpZco.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/53fb34-25db-4684-984f-3b445f29f5b7/1/B5Uoe1XgLMY9BrHxiiS-y-1AvWE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/53fb34-25db-4684-984f-3b445f29f5b7/1/ffkEqxQGbHqf5hpSHVSSoOUpZco.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
121.127.36.0/24
185.249.100.0/22
IPv6:
2a14:3200::/32
Signature Algorithm: sha256WithRSAEncryption
a7:fd:ce:df:61:d2:d3:cf:6e:28:51:07:9b:29:25:5a:c3:49:
0c:cd:87:13:dc:54:70:cd:d8:81:f9:1f:b7:33:14:63:21:e3:
74:d7:2c:c5:c1:e0:de:e2:29:60:dd:88:5d:c1:a4:9b:0f:90:
50:07:a8:e5:26:2e:91:27:68:58:76:50:2c:35:24:6d:a0:ee:
84:ed:30:70:ab:b4:37:88:71:b5:38:eb:ab:20:66:48:2c:d0:
9d:c4:62:cd:6f:8e:08:f0:9d:f1:67:10:a5:c5:dd:c4:63:41:
e5:94:77:c7:cb:0c:2a:03:be:57:8e:02:ea:4b:27:eb:26:38:
60:9b:1e:79:25:fe:7f:05:aa:d1:1d:c7:a0:c3:7b:ca:d0:29:
81:c0:6c:16:24:d8:d0:06:11:10:9f:fa:3b:1f:43:5c:73:af:
6d:0b:e7:f4:b5:e3:79:4b:84:49:1e:b8:b0:80:06:4b:53:84:
b5:4b:8e:63:d2:b8:82:4e:6d:91:b9:ee:95:66:0e:f6:53:71:
b5:00:f8:74:01:55:94:98:1c:a6:58:c7:78:bb:1a:f0:39:fb:
a6:5d:cc:7f:f7:4f:6d:fc:3f:2a:a8:3d:f6:12:a3:d6:70:57:
a8:c9:37:4a:5f:eb:ae:fd:f5:97:ba:98:50:a4:05:86:a8:e3:
01:6a:bc:29
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzIAW74Erjx/NpTUXKY9ZLRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkZjkwNGFiMTQwNjZjN2E5ZmU2MWE1MjFkNTQ5MmEwZTUy
OTY1Y2EwHhcNMjQwMTAyMDIyOTQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNzk1Mjg3YjU1ZTAyY2M2M2QwNmIxZjE4YTI0YmVjYmVkNDBiZDYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnIzILp88PKLwTJCNCmjN2NtHhOZI
tR/IDEbWtIO4d1xmzlltZZtrxOrZY4D8DROLmkHnKUkt1MNnxnGE8kDCoEedsOrI
q2PHtJ+8XGPm2FOeiVwOAZriz0HjDKXLGo9r7kQ0WRKcqUtIhDWoSw5BJwDy2VzO
JB6PUdkA4EzjynS6lf8hTrdAO/BLbvD3ofZsOXffCYAruMTbRQJ7DbP/Tn/kYc3X
4arz8asPl5DAjwm/OAUEVQ4h8LVg3ON3T/kMfsmiYyy0hE8xYPhfH/g2s3nk+v8F
gNG/wfcGOTzNlcOt2VFUdv1p/tGP25GOPTkgLVRNvxA7R/4FDjG86f4MWQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFAeVKHtV4CzGPQax8YokvsvtQL1hMB8GA1UdIwQY
MBaAFH35BKsUBmx6n+YaUh1UkqDlKWXKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmZrRXF4UUdiSHFmNWhwU0hWU1NvT1VwWmNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS81M2ZiMzQtMjVkYi00Njg0LTk4NGYt
M2I0NDVmMjlmNWI3LzEvQjVVb2UxWGdMTVk5QnJIeGlpUy15LTFBdldFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS81M2ZiMzQtMjVkYi00Njg0LTk4NGYtM2I0NDVmMjlmNWI3
LzEvZmZrRXF4UUdiSHFmNWhwU0hWU1NvT1VwWmNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAeX8kAwQC
uflkMA0EAgACMAcDBQAqFDIAMA0GCSqGSIb3DQEBCwUAA4IBAQCn/c7fYdLTz24o
UQebKSVaw0kMzYcT3FRwzdiB+R+3MxRjIeN01yzFweDe4ilg3YhdwaSbD5BQB6jl
Ji6RJ2hYdlAsNSRtoO6E7TBwq7Q3iHG1OOurIGZILNCdxGLNb44I8J3xZxClxd3E
Y0HllHfHywwqA75XjgLqSyfrJjhgmx55Jf5/BarRHcegw3vK0CmBwGwWJNjQBhEQ
n/o7H0Ncc69tC+f0teN5S4RJHriwgAZLU4S1S45j0riCTm2Rue6VZg72U3G1APh0
AVWUmBymWMd4uxrwOfumXcx/909t/D8qqD32EqPWcFeoyTdKX+uu/fWXuphQpAWG
qOMBarwp
-----END CERTIFICATE-----
Generated at Sun Jan 7 20:48:03 2024 by rpki-client on console-fra.rpki-client.org