Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/0H7-JfBvrbhNYH6lDPOHUf_Agns.roa
File: 0H7-JfBvrbhNYH6lDPOHUf_Agns.roa (raw, json)
Hash identifier: egoUtw7K4Pi0gcSX6oSawAt3xGqo03rYVbiZs9X8LVU=
Subject key identifier: D0:7E:FE:25:F0:6F:AD:B8:4D:60:7E:A5:0C:F3:87:51:FF:C0:82:7B
Certificate issuer: /CN=3183785916cd98d7c770d685145499a8a0a15722
Certificate serial: 01941F8C372652BAD0CE6332084631256D7C
Authority key identifier: 31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/0H7-JfBvrbhNYH6lDPOHUf_Agns.roa
Signing time: Wed 01 Jan 2025 01:47:50 +0000
ROA not before: Wed 01 Jan 2025 01:47:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200019
IP address blocks: 194.102.104.0/23 maxlen: 24
217.156.64.0/24 maxlen: 24
217.156.65.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 09 Jan 2025 05:44:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:37:26:52:ba:d0:ce:63:32:08:46:31:25:6d:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3183785916cd98d7c770d685145499a8a0a15722
Validity
Not Before: Jan 1 01:47:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d07efe25f06fadb84d607ea50cf38751ffc0827b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:be:2d:33:5d:32:f1:be:72:59:0e:17:d4:e3:
48:ac:3d:f4:9f:e8:f5:8d:78:69:c1:0c:84:c7:ba:
68:ed:f4:c7:38:d2:30:fb:a2:5b:6b:73:89:91:f8:
31:37:5b:4a:c7:d2:b7:f8:cd:04:8a:be:2a:69:90:
5b:a0:f6:97:ff:f8:db:ad:8a:a0:40:db:89:a7:8e:
09:60:1c:f8:07:92:9e:0c:15:fb:8b:14:a9:52:f6:
60:89:d3:83:46:b9:40:76:1a:74:d6:be:2a:7f:97:
c8:19:9b:3a:47:4d:27:83:f2:d4:65:a1:a6:87:1a:
b0:56:84:9f:b0:f0:fc:9f:37:bf:84:e0:61:bf:3b:
af:8b:1e:1e:9d:d9:16:ab:d7:38:62:a8:0b:89:38:
f7:b0:7a:8b:b7:c7:eb:d1:77:7f:71:e7:9d:a0:5f:
07:c7:d1:4f:16:7b:21:65:61:c6:f8:cd:2b:cd:5e:
90:f0:65:4c:e3:e5:04:7d:04:91:da:3d:d3:66:9f:
74:00:4f:d4:24:b1:e7:4d:b2:1d:09:de:c7:c2:4a:
33:f9:7f:bb:91:5e:6b:75:7d:e4:79:55:bf:db:9b:
5b:47:b6:63:b4:f3:94:3d:8f:2c:8a:cc:ae:7a:e5:
5c:ad:fc:33:ad:89:34:9e:3d:60:2b:a7:c3:bf:f4:
19:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:7E:FE:25:F0:6F:AD:B8:4D:60:7E:A5:0C:F3:87:51:FF:C0:82:7B
X509v3 Authority Key Identifier:
keyid:31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/0H7-JfBvrbhNYH6lDPOHUf_Agns.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.102.104.0/23
217.156.64.0/23
Signature Algorithm: sha256WithRSAEncryption
15:3d:f5:f7:40:65:6f:38:e5:2d:c3:73:71:f1:9c:42:c9:1d:
6d:de:b5:a1:e8:c9:ec:3b:6e:30:ce:97:e6:49:13:e2:14:45:
92:4c:bb:f8:87:e5:5e:cc:ca:89:44:9c:62:f6:43:d3:62:54:
d4:98:9e:05:da:f1:de:a3:37:cf:93:ae:64:d3:1d:48:32:02:
99:53:bc:0b:7e:4c:5f:df:7b:da:5c:a5:65:4b:8f:bd:64:22:
0b:48:fa:a1:66:24:b9:24:66:58:22:ca:ef:d6:f5:93:d5:04:
5a:61:8d:31:be:44:4c:c2:2b:7c:da:f1:f4:ab:c0:0c:3d:65:
c7:5f:6b:4a:a0:26:2f:9d:ae:c5:d8:39:b1:bc:44:b1:d6:d7:
95:84:48:e9:e9:24:9e:4e:b6:bf:52:ae:65:f7:39:11:da:62:
7a:72:fe:17:70:52:27:f1:c1:a3:1f:1c:67:ae:52:c3:0b:2c:
eb:e3:41:69:3a:e7:06:43:18:ba:ad:09:35:2e:fa:29:1c:c1:
44:c8:4b:b6:7e:58:65:14:c4:5e:7b:17:76:f1:1d:a0:fc:6b:
62:3e:9d:8a:76:93:2c:74:27:62:2e:4b:47:c3:ba:d8:b0:dc:
3b:67:0f:eb:40:60:08:54:b9:49:b9:24:d9:48:63:80:f0:06:
19:a9:a3:b7
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQfjDcmUrrQzmMyCEYxJW18MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxODM3ODU5MTZjZDk4ZDdjNzcwZDY4NTE0NTQ5OWE4YTBh
MTU3MjIwHhcNMjUwMTAxMDE0NzUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDdlZmUyNWYwNmZhZGI4NGQ2MDdlYTUwY2YzODc1MWZmYzA4MjdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA574tM10y8b5yWQ4X1ONIrD30n+j1
jXhpwQyEx7po7fTHONIw+6Jba3OJkfgxN1tKx9K3+M0Eir4qaZBboPaX//jbrYqg
QNuJp44JYBz4B5KeDBX7ixSpUvZgidODRrlAdhp01r4qf5fIGZs6R00ng/LUZaGm
hxqwVoSfsPD8nze/hOBhvzuvix4endkWq9c4YqgLiTj3sHqLt8fr0Xd/ceedoF8H
x9FPFnshZWHG+M0rzV6Q8GVM4+UEfQSR2j3TZp90AE/UJLHnTbIdCd7Hwkoz+X+7
kV5rdX3keVW/25tbR7ZjtPOUPY8sisyueuVcrfwzrYk0nj1gK6fDv/QZKwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNB+/iXwb624TWB+pQzzh1H/wIJ7MB8GA1UdIwQY
MBaAFDGDeFkWzZjXx3DWhRRUmaigoVciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEt
ZjUyYzQ3YzIyNWRiLzEvMEg3LUpmQnZyYmhOWUg2bERQT0hVZl9BZ25zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEtZjUyYzQ3YzIyNWRi
LzEvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBwmZoAwQB
2ZxAMA0GCSqGSIb3DQEBCwUAA4IBAQAVPfX3QGVvOOUtw3Nx8ZxCyR1t3rWh6Mns
O24wzpfmSRPiFEWSTLv4h+VezMqJRJxi9kPTYlTUmJ4F2vHeozfPk65k0x1IMgKZ
U7wLfkxf33vaXKVlS4+9ZCILSPqhZiS5JGZYIsrv1vWT1QRaYY0xvkRMwit82vH0
q8AMPWXHX2tKoCYvna7F2DmxvESx1teVhEjp6SSeTra/Uq5l9zkR2mJ6cv4XcFIn
8cGjHxxnrlLDCyzr40FpOucGQxi6rQk1LvopHMFEyEu2flhlFMReexd28R2g/Gti
Pp2KdpMsdCdiLktHw7rYsNw7Zw/rQGAIVLlJuSTZSGOA8AYZqaO3
-----END CERTIFICATE-----
Generated at Sat Apr 5 22:26:49 2025 by rpki-client