Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/79c0a9-e5e4-47c3-823f-0b8b075e86db/1/e-3uQ7rUHldII4f4DJGlEgRBhCM.roa
File: e-3uQ7rUHldII4f4DJGlEgRBhCM.roa (raw, json)
Hash identifier: LDgDsC2f/B2tJ4mo+bdyR2RNjhvCJie6rraIkdvkC48=
Subject key identifier: 7B:ED:EE:43:BA:D4:1E:57:48:23:87:F8:0C:91:A5:12:04:41:84:23
Certificate issuer: /CN=02ab010cf5c11c1b30693d11417b60cf45fb1209
Certificate serial: 018CC348D672FBF505FD144DB3DC55B923A0
Authority key identifier: 02:AB:01:0C:F5:C1:1C:1B:30:69:3D:11:41:7B:60:CF:45:FB:12:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AqsBDPXBHBswaT0RQXtgz0X7Egk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/79c0a9-e5e4-47c3-823f-0b8b075e86db/1/e-3uQ7rUHldII4f4DJGlEgRBhCM.roa
Signing time: Mon 01 Jan 2024 04:29:39 +0000
ROA not before: Mon 01 Jan 2024 04:29:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57852
IP address blocks: 185.217.185.0/24 maxlen: 24
185.217.186.0/24 maxlen: 24
185.217.184.0/24 maxlen: 24
185.217.187.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 01:47:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:d6:72:fb:f5:05:fd:14:4d:b3:dc:55:b9:23:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=02ab010cf5c11c1b30693d11417b60cf45fb1209
Validity
Not Before: Jan 1 04:29:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7bedee43bad41e57482387f80c91a51204418423
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:c9:6a:d1:4d:db:48:09:72:ec:39:86:f4:74:
34:53:d6:15:5e:6f:6a:59:9c:2d:19:2d:09:98:a2:
9a:56:58:a3:1e:5b:c2:64:cc:61:54:d6:bd:5a:90:
ee:fd:33:8e:be:dd:a5:69:17:a5:18:41:e6:fb:de:
c7:70:e9:ce:ce:d5:64:0f:c5:14:f3:1a:8b:b3:f8:
70:8b:a2:ac:86:b7:6e:0a:26:52:45:da:5b:11:40:
a3:58:6a:13:8e:a0:dd:6f:3b:08:75:d8:99:4f:67:
c8:9a:f6:b6:c0:8b:61:ff:77:a5:56:fb:a4:73:c2:
5b:0f:74:c6:4e:f8:eb:09:69:a3:1c:69:de:e0:e5:
b9:56:53:cd:9e:28:e5:5c:24:a7:d2:85:fe:1b:a3:
45:4d:bc:36:ba:c5:24:c1:91:78:f8:c3:1b:e4:ae:
c5:66:c3:1b:a8:c1:ba:f8:06:27:1b:99:26:43:00:
22:4a:80:9f:6b:f4:d0:84:0d:63:da:4f:b7:7a:c4:
55:b5:31:54:65:94:71:fe:1e:32:d6:ee:77:5c:62:
8f:f5:ee:f4:bf:37:e2:54:da:61:48:37:32:de:40:
10:3c:8e:d1:43:95:b9:10:b3:58:f5:b1:78:bb:11:
6b:64:65:52:53:02:28:f0:0d:be:95:06:93:3a:04:
83:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:ED:EE:43:BA:D4:1E:57:48:23:87:F8:0C:91:A5:12:04:41:84:23
X509v3 Authority Key Identifier:
keyid:02:AB:01:0C:F5:C1:1C:1B:30:69:3D:11:41:7B:60:CF:45:FB:12:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AqsBDPXBHBswaT0RQXtgz0X7Egk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/79c0a9-e5e4-47c3-823f-0b8b075e86db/1/e-3uQ7rUHldII4f4DJGlEgRBhCM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/79c0a9-e5e4-47c3-823f-0b8b075e86db/1/AqsBDPXBHBswaT0RQXtgz0X7Egk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.217.184.0/22
Signature Algorithm: sha256WithRSAEncryption
0c:4e:df:9d:18:99:c6:a1:50:d2:14:c5:4f:2b:4b:a0:32:bf:
fc:6d:cf:35:6d:46:e2:d8:6a:e3:14:a5:17:ec:b5:71:78:25:
9f:b3:99:57:ef:bc:3f:b8:e5:78:40:6f:09:df:85:8e:5e:52:
69:44:cf:2c:a0:a7:9e:32:92:30:95:d0:11:c5:69:41:ad:de:
d1:be:c7:3b:7f:fc:5e:b7:7b:08:81:f0:ec:f3:ba:9b:fa:21:
81:b9:d8:26:d5:41:2a:c8:14:d6:e1:b0:59:01:e2:9e:63:75:
ff:d0:64:5c:09:bc:65:48:7d:0b:b9:66:34:0a:af:58:ec:07:
23:06:ee:14:da:70:cf:58:2b:48:42:02:dc:e2:6c:33:7b:ad:
00:5e:ed:67:f9:21:e8:d8:bb:38:e7:ec:6d:f9:e9:42:25:c3:
03:2e:02:d1:0d:6f:1e:33:a8:88:53:6e:1b:d0:72:65:f0:cb:
ba:d0:63:d1:94:69:5d:01:c8:5e:43:64:2e:c9:2f:c1:4e:c4:
ac:0c:4d:47:51:d1:85:88:06:ad:19:e4:df:1e:6a:fc:fc:0f:
b5:4a:6b:7e:d2:6c:a6:7f:e7:37:54:04:d7:ed:04:26:c7:b2:
a2:ab:43:9d:04:3a:dc:f7:c4:2f:f6:05:33:c3:8e:7b:ed:a6:
52:2c:e1:f9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDSNZy+/UF/RRNs9xVuSOgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyYWIwMTBjZjVjMTFjMWIzMDY5M2QxMTQxN2I2MGNmNDVm
YjEyMDkwHhcNMjQwMTAxMDQyOTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YmVkZWU0M2JhZDQxZTU3NDgyMzg3ZjgwYzkxYTUxMjA0NDE4NDIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoMlq0U3bSAly7DmG9HQ0U9YVXm9q
WZwtGS0JmKKaVlijHlvCZMxhVNa9WpDu/TOOvt2laRelGEHm+97HcOnOztVkD8UU
8xqLs/hwi6KshrduCiZSRdpbEUCjWGoTjqDdbzsIddiZT2fImva2wIth/3elVvuk
c8JbD3TGTvjrCWmjHGne4OW5VlPNnijlXCSn0oX+G6NFTbw2usUkwZF4+MMb5K7F
ZsMbqMG6+AYnG5kmQwAiSoCfa/TQhA1j2k+3esRVtTFUZZRx/h4y1u53XGKP9e70
vzfiVNphSDcy3kAQPI7RQ5W5ELNY9bF4uxFrZGVSUwIo8A2+lQaTOgSD8wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHvt7kO61B5XSCOH+AyRpRIEQYQjMB8GA1UdIwQY
MBaAFAKrAQz1wRwbMGk9EUF7YM9F+xIJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQXFzQkRQWEJIQnN3YVQwUlFYdGd6MFg3RWdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS83OWMwYTktZTVlNC00N2MzLTgyM2Yt
MGI4YjA3NWU4NmRiLzEvZS0zdVE3clVIbGRJSTRmNERKR2xFZ1JCaENNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS83OWMwYTktZTVlNC00N2MzLTgyM2YtMGI4YjA3NWU4NmRi
LzEvQXFzQkRQWEJIQnN3YVQwUlFYdGd6MFg3RWdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCudm4MA0G
CSqGSIb3DQEBCwUAA4IBAQAMTt+dGJnGoVDSFMVPK0ugMr/8bc81bUbi2GrjFKUX
7LVxeCWfs5lX77w/uOV4QG8J34WOXlJpRM8soKeeMpIwldARxWlBrd7Rvsc7f/xe
t3sIgfDs87qb+iGBudgm1UEqyBTW4bBZAeKeY3X/0GRcCbxlSH0LuWY0Cq9Y7Acj
Bu4U2nDPWCtIQgLc4mwze60AXu1n+SHo2Ls45+xt+elCJcMDLgLRDW8eM6iIU24b
0HJl8Mu60GPRlGldAcheQ2QuyS/BTsSsDE1HUdGFiAatGeTfHmr8/A+1Smt+0mym
f+c3VATX7QQmx7Kiq0OdBDrc98Qv9gUzw4577aZSLOH5
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:30:22 2025 by rpki-client