Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/9c2c90-c7d4-48b7-9baf-f1bf0c33a908/1/7RAt3GwLb3i0SoQKdDLDarcBB2k.roa
File: 7RAt3GwLb3i0SoQKdDLDarcBB2k.roa (raw, json)
Hash identifier: JxLDuZj565Sh/Gg9YEhUj+ux+u6Ab7+hjGbgnqf8HoM=
Subject key identifier: ED:10:2D:DC:6C:0B:6F:78:B4:4A:84:0A:74:32:C3:6A:B7:01:07:69
Certificate issuer: /CN=23e3d92bfe16619ca500c03267effa9aa7ca0c47
Certificate serial: 018CC56E3016869B6F84DD5723EC9BFBE028
Authority key identifier: 23:E3:D9:2B:FE:16:61:9C:A5:00:C0:32:67:EF:FA:9A:A7:CA:0C:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I-PZK_4WYZylAMAyZ-_6mqfKDEc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/9c2c90-c7d4-48b7-9baf-f1bf0c33a908/1/7RAt3GwLb3i0SoQKdDLDarcBB2k.roa
Signing time: Mon 01 Jan 2024 14:29:41 +0000
ROA not before: Mon 01 Jan 2024 14:29:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 28917
IP address blocks: 82.194.244.0/22 maxlen: 22
89.188.164.0/22 maxlen: 22
89.188.176.0/22 maxlen: 22
Validation: Failed, certificate revoked on Thu 02 Jan 2025 15:50:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:30:16:86:9b:6f:84:dd:57:23:ec:9b:fb:e0:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=23e3d92bfe16619ca500c03267effa9aa7ca0c47
Validity
Not Before: Jan 1 14:29:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ed102ddc6c0b6f78b44a840a7432c36ab7010769
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:8d:09:a8:d0:b2:15:b4:ab:54:be:08:8c:ea:
7e:4c:e4:84:ec:b9:4c:79:78:88:e0:e3:e8:bf:55:
8b:b2:6d:72:60:3f:d4:6f:24:9d:d4:c7:76:44:f1:
d6:cf:62:7f:5a:76:9f:88:1b:71:c2:78:15:d9:47:
f5:ee:94:bd:61:a4:a8:cc:9e:ab:59:68:6a:53:0c:
6a:d0:5b:25:e7:56:74:c7:31:6e:a5:9d:80:42:4c:
2e:cb:48:6e:95:38:d8:e9:00:3e:ce:36:29:47:e2:
b7:4b:cc:72:dd:a2:c5:0f:4a:d3:bd:49:88:f1:50:
40:b7:d8:fe:53:17:b0:b6:a1:dd:44:c7:cf:71:68:
df:04:77:e1:db:0a:3e:1b:22:94:52:ca:83:51:57:
bd:35:03:91:ff:9d:54:0e:6f:64:c7:8a:d4:75:f6:
db:27:b5:7c:0c:06:ed:a5:f9:90:be:11:0d:0b:0a:
60:ef:eb:ce:37:7e:55:d0:d8:76:e8:81:3f:43:f2:
5c:8a:6f:e6:5c:47:a6:c9:14:74:51:10:23:9b:78:
04:92:5b:fe:c4:01:01:6c:6c:2b:f1:50:54:7a:62:
23:9f:04:e3:79:e2:17:aa:a3:e9:9a:09:fe:11:c1:
5a:c9:5d:ac:dc:68:68:cc:1c:63:4f:29:14:02:cb:
ad:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:10:2D:DC:6C:0B:6F:78:B4:4A:84:0A:74:32:C3:6A:B7:01:07:69
X509v3 Authority Key Identifier:
keyid:23:E3:D9:2B:FE:16:61:9C:A5:00:C0:32:67:EF:FA:9A:A7:CA:0C:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I-PZK_4WYZylAMAyZ-_6mqfKDEc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/9c2c90-c7d4-48b7-9baf-f1bf0c33a908/1/7RAt3GwLb3i0SoQKdDLDarcBB2k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/9c2c90-c7d4-48b7-9baf-f1bf0c33a908/1/I-PZK_4WYZylAMAyZ-_6mqfKDEc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.194.244.0/22
89.188.164.0/22
89.188.176.0/22
Signature Algorithm: sha256WithRSAEncryption
6f:0f:2b:3d:30:0d:ae:37:9c:45:29:cc:4c:c6:56:54:36:3a:
7e:2f:c0:56:60:e0:98:0e:37:a8:49:79:62:37:91:f3:01:bf:
d7:d8:a7:5e:4c:ed:de:e3:ce:b5:49:e0:0b:8c:41:d1:23:62:
4c:5d:ef:95:12:58:0e:16:51:69:bf:be:b0:e0:6e:09:27:c6:
ba:b4:39:b7:bd:3e:ca:b2:84:46:4d:41:f2:b1:e1:ee:98:4c:
ab:e3:7a:84:0b:6a:e2:90:12:ca:33:4f:6d:7f:09:d4:00:0b:
34:21:1a:e5:37:10:ed:69:b4:87:4e:2a:a6:c0:3b:56:e2:3f:
9a:ef:a0:5c:49:45:79:75:1e:89:69:b0:0e:fa:66:43:b0:c7:
09:0b:59:64:f6:80:1e:18:e6:64:3e:b0:cd:3a:8a:7f:63:cf:
91:c8:c8:a4:27:f7:fb:8a:d5:0e:3c:83:2d:83:e0:ce:e3:eb:
cb:af:0e:db:57:1d:ce:6f:03:d5:49:45:8f:cf:c7:7b:75:cb:
b3:e0:29:33:df:2b:d3:1e:25:0f:0d:23:65:87:f0:c6:7b:19:
3e:7a:2b:d8:d8:da:aa:b4:67:61:a1:48:40:06:81:9e:2d:80:
4a:7c:73:d5:46:6f:7c:6f:f3:b7:52:6d:67:46:fc:f3:4d:5f:
7f:f9:0e:f3
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzFbjAWhptvhN1XI+yb++AoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzZTNkOTJiZmUxNjYxOWNhNTAwYzAzMjY3ZWZmYTlhYTdj
YTBjNDcwHhcNMjQwMTAxMTQyOTQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZDEwMmRkYzZjMGI2Zjc4YjQ0YTg0MGE3NDMyYzM2YWI3MDEwNzY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl40JqNCyFbSrVL4IjOp+TOSE7LlM
eXiI4OPov1WLsm1yYD/UbySd1Md2RPHWz2J/WnafiBtxwngV2Uf17pS9YaSozJ6r
WWhqUwxq0Fsl51Z0xzFupZ2AQkwuy0hulTjY6QA+zjYpR+K3S8xy3aLFD0rTvUmI
8VBAt9j+UxewtqHdRMfPcWjfBHfh2wo+GyKUUsqDUVe9NQOR/51UDm9kx4rUdfbb
J7V8DAbtpfmQvhENCwpg7+vON35V0Nh26IE/Q/Jcim/mXEemyRR0URAjm3gEklv+
xAEBbGwr8VBUemIjnwTjeeIXqqPpmgn+EcFayV2s3GhozBxjTykUAsutPwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFO0QLdxsC294tEqECnQyw2q3AQdpMB8GA1UdIwQY
MBaAFCPj2Sv+FmGcpQDAMmfv+pqnygxHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSS1QWktfNFdZWnlsQU1BeVotXzZtcWZLREVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC85YzJjOTAtYzdkNC00OGI3LTliYWYt
ZjFiZjBjMzNhOTA4LzEvN1JBdDNHd0xiM2kwU29RS2RETERhcmNCQjJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC85YzJjOTAtYzdkNC00OGI3LTliYWYtZjFiZjBjMzNhOTA4
LzEvSS1QWktfNFdZWnlsQU1BeVotXzZtcWZLREVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCUsL0AwQC
WbykAwQCWbywMA0GCSqGSIb3DQEBCwUAA4IBAQBvDys9MA2uN5xFKcxMxlZUNjp+
L8BWYOCYDjeoSXliN5HzAb/X2KdeTO3e4861SeALjEHRI2JMXe+VElgOFlFpv76w
4G4JJ8a6tDm3vT7KsoRGTUHyseHumEyr43qEC2rikBLKM09tfwnUAAs0IRrlNxDt
abSHTiqmwDtW4j+a76BcSUV5dR6JabAO+mZDsMcJC1lk9oAeGOZkPrDNOop/Y8+R
yMikJ/f7itUOPIMtg+DO4+vLrw7bVx3ObwPVSUWPz8d7dcuz4Ckz3yvTHiUPDSNl
h/DGexk+eivY2NqqtGdhoUhABoGeLYBKfHPVRm98b/O3Um1nRvzzTV9/+Q7z
-----END CERTIFICATE-----
Generated at Sun Apr 20 04:23:38 2025 by rpki-client