Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/a4d09f-29df-44ea-a7b1-0a0aaeaee4f1/1/A7yjoUcM5V-W47eMcN-QgPGJJsY.roa
File: A7yjoUcM5V-W47eMcN-QgPGJJsY.roa (raw, json)
Hash identifier: 66GD85/OBSt7Qxjsv0BW27BDABWBUonwarqOz3RyD+s=
Subject key identifier: 03:BC:A3:A1:47:0C:E5:5F:96:E3:B7:8C:70:DF:90:80:F1:89:26:C6
Certificate issuer: /CN=2e0a9333f93cca544fdabe2ea7a6738a54af759e
Certificate serial: 018CC5013721227186FAD87D104B0F23D8D4
Authority key identifier: 2E:0A:93:33:F9:3C:CA:54:4F:DA:BE:2E:A7:A6:73:8A:54:AF:75:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LgqTM_k8ylRP2r4up6ZzilSvdZ4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/a4d09f-29df-44ea-a7b1-0a0aaeaee4f1/1/A7yjoUcM5V-W47eMcN-QgPGJJsY.roa
Signing time: Mon 01 Jan 2024 12:30:40 +0000
ROA not before: Mon 01 Jan 2024 12:30:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216018
IP address blocks: 46.235.12.0/24 maxlen: 24
185.23.74.0/24 maxlen: 24
185.113.220.0/24 maxlen: 24
185.113.221.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 17 May 2024 11:49:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:37:21:22:71:86:fa:d8:7d:10:4b:0f:23:d8:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e0a9333f93cca544fdabe2ea7a6738a54af759e
Validity
Not Before: Jan 1 12:30:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=03bca3a1470ce55f96e3b78c70df9080f18926c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:3f:a9:70:d5:20:97:46:69:9d:e4:69:64:b8:
c8:fb:ff:d6:af:85:60:32:42:5c:d8:15:0f:1d:15:
e0:1f:1f:2b:75:69:e5:d9:ee:4b:1f:68:ed:ce:0a:
22:bc:66:4f:24:70:11:cd:0e:0b:ec:9e:01:cc:ce:
97:91:f2:ef:dd:f2:e7:1d:16:62:69:18:31:7c:db:
47:0e:52:51:c5:a2:31:87:e6:59:87:f1:f6:49:82:
91:9c:f2:c9:ef:48:06:71:c6:a8:9b:bd:52:b9:16:
10:06:49:3c:5f:6c:cc:a2:36:8a:6b:6e:4b:3f:72:
d8:78:e1:54:8f:26:cb:93:0e:c8:f9:02:52:d2:a9:
e0:59:b0:17:44:19:4c:72:b8:33:88:41:e8:b3:40:
cf:83:96:08:e3:81:48:bb:aa:aa:8f:52:ac:4b:56:
70:f2:73:9d:12:22:0f:ff:2c:a8:ad:9d:28:c2:45:
fa:27:74:2d:10:3d:1c:8b:c4:d2:04:ff:08:58:7c:
8f:95:e4:6e:88:14:b8:85:a1:80:1a:03:ef:47:72:
96:c0:4b:c9:1e:86:66:65:f7:e0:ff:c1:3b:52:61:
58:9b:8c:7f:bc:7c:62:12:73:5b:4f:e7:46:d3:ee:
a0:58:fd:cd:87:44:cc:e1:10:b4:88:fb:63:38:b5:
4a:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:BC:A3:A1:47:0C:E5:5F:96:E3:B7:8C:70:DF:90:80:F1:89:26:C6
X509v3 Authority Key Identifier:
keyid:2E:0A:93:33:F9:3C:CA:54:4F:DA:BE:2E:A7:A6:73:8A:54:AF:75:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LgqTM_k8ylRP2r4up6ZzilSvdZ4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/a4d09f-29df-44ea-a7b1-0a0aaeaee4f1/1/A7yjoUcM5V-W47eMcN-QgPGJJsY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/a4d09f-29df-44ea-a7b1-0a0aaeaee4f1/1/LgqTM_k8ylRP2r4up6ZzilSvdZ4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.235.12.0/24
185.23.74.0/24
185.113.220.0/23
Signature Algorithm: sha256WithRSAEncryption
ce:f0:88:00:3f:bf:ba:21:e0:ec:61:84:47:ac:e4:c1:a5:61:
e5:af:13:c3:63:1e:95:c3:70:d2:c8:25:90:b7:31:4d:63:23:
58:eb:b4:11:be:1f:cf:d8:12:ea:7f:bb:c2:3d:f0:1a:83:9d:
1c:b0:80:4b:9e:08:31:a0:22:00:b9:88:5f:e6:66:ff:b9:25:
51:cc:3e:05:4d:a8:dd:8a:08:54:01:73:98:bf:42:b7:c1:fb:
ec:1b:3f:7d:ee:1a:b5:70:d7:16:db:15:30:04:f6:5e:ad:dd:
e3:b4:fd:75:78:83:d0:9a:15:98:d3:b5:fe:9d:15:56:00:e8:
1b:e1:0e:97:94:0b:26:5a:c4:9d:4d:e1:12:c1:d6:f1:e7:48:
e6:05:95:bd:2b:3d:15:a2:8f:36:41:89:53:3d:36:86:43:7a:
b6:d6:16:0d:d1:4f:2b:75:6d:44:1d:e7:d5:14:8b:87:3b:48:
c1:5d:3a:c0:3f:14:86:da:40:40:9f:12:f9:ba:a0:0e:5f:b7:
0b:cc:4e:e4:0f:8b:ed:65:32:a6:69:02:5e:d6:d3:8d:52:2a:
63:18:ee:7b:b9:51:45:e3:d3:9e:68:d1:10:e5:e5:1d:fd:cb:
26:98:c5:e9:4f:d2:d2:31:e0:ee:33:7a:99:60:27:dd:5e:04:
d5:21:a2:3b
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzFATchInGG+th9EEsPI9jUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlMGE5MzMzZjkzY2NhNTQ0ZmRhYmUyZWE3YTY3MzhhNTRh
Zjc1OWUwHhcNMjQwMTAxMTIzMDQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwM2JjYTNhMTQ3MGNlNTVmOTZlM2I3OGM3MGRmOTA4MGYxODkyNmM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuj+pcNUgl0ZpneRpZLjI+//Wr4Vg
MkJc2BUPHRXgHx8rdWnl2e5LH2jtzgoivGZPJHARzQ4L7J4BzM6XkfLv3fLnHRZi
aRgxfNtHDlJRxaIxh+ZZh/H2SYKRnPLJ70gGccaom71SuRYQBkk8X2zMojaKa25L
P3LYeOFUjybLkw7I+QJS0qngWbAXRBlMcrgziEHos0DPg5YI44FIu6qqj1KsS1Zw
8nOdEiIP/yyorZ0owkX6J3QtED0ci8TSBP8IWHyPleRuiBS4haGAGgPvR3KWwEvJ
HoZmZffg/8E7UmFYm4x/vHxiEnNbT+dG0+6gWP3Nh0TM4RC0iPtjOLVK8wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFAO8o6FHDOVfluO3jHDfkIDxiSbGMB8GA1UdIwQY
MBaAFC4KkzP5PMpUT9q+Lqemc4pUr3WeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTGdxVE1fazh5bFJQMnI0dXA2WnppbFN2ZFo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9hNGQwOWYtMjlkZi00NGVhLWE3YjEt
MGEwYWFlYWVlNGYxLzEvQTd5am9VY001Vi1XNDdlTWNOLVFnUEdKSnNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9hNGQwOWYtMjlkZi00NGVhLWE3YjEtMGEwYWFlYWVlNGYx
LzEvTGdxVE1fazh5bFJQMnI0dXA2WnppbFN2ZFo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALusMAwQA
uRdKAwQBuXHcMA0GCSqGSIb3DQEBCwUAA4IBAQDO8IgAP7+6IeDsYYRHrOTBpWHl
rxPDYx6Vw3DSyCWQtzFNYyNY67QRvh/P2BLqf7vCPfAag50csIBLnggxoCIAuYhf
5mb/uSVRzD4FTajdighUAXOYv0K3wfvsGz997hq1cNcW2xUwBPZerd3jtP11eIPQ
mhWY07X+nRVWAOgb4Q6XlAsmWsSdTeESwdbx50jmBZW9Kz0Voo82QYlTPTaGQ3q2
1hYN0U8rdW1EHefVFIuHO0jBXTrAPxSG2kBAnxL5uqAOX7cLzE7kD4vtZTKmaQJe
1tONUipjGO57uVFF49OeaNEQ5eUd/csmmMXpT9LSMeDuM3qZYCfdXgTVIaI7
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:57:36 2025 by rpki-client