Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/7e7b8b-79e0-4f51-b866-67ad60d386dd/1/1-jd46VTJ30OsMhy8CLIrrZxNKIw.roa
File: 1-jd46VTJ30OsMhy8CLIrrZxNKIw.roa (raw, json)
Hash identifier: WACbcsRVEXPBAMR68Qtr+QBf3c+GhBpLNETEmzO9SLk=
Subject key identifier: FA:37:78:E9:54:C9:DF:43:AC:32:1C:BC:08:B2:2B:AD:9C:4D:28:8C
Certificate issuer: /CN=6d85061361b19f212efe90c2d8cf3eee617f20e5
Certificate serial: 0190351B2ACC193A8C786FBBA457E7BBC25A
Authority key identifier: 6D:85:06:13:61:B1:9F:21:2E:FE:90:C2:D8:CF:3E:EE:61:7F:20:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bYUGE2GxnyEu_pDC2M8-7mF_IOU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/7e7b8b-79e0-4f51-b866-67ad60d386dd/1/1-jd46VTJ30OsMhy8CLIrrZxNKIw.roa
Signing time: Thu 20 Jun 2024 10:04:51 +0000
ROA not before: Thu 20 Jun 2024 10:04:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202513
IP address blocks: 43.230.184.0/22 maxlen: 24
185.98.16.0/22 maxlen: 24
185.249.148.0/22 maxlen: 24
2a0c:97c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Fri 02 Aug 2024 09:24:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:35:1b:2a:cc:19:3a:8c:78:6f:bb:a4:57:e7:bb:c2:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d85061361b19f212efe90c2d8cf3eee617f20e5
Validity
Not Before: Jun 20 10:04:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fa3778e954c9df43ac321cbc08b22bad9c4d288c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:6a:e2:b8:63:eb:df:53:57:c7:10:29:87:b3:
b8:83:b3:8d:1a:f8:83:3b:cc:27:5b:2d:e0:b2:42:
b5:4c:58:83:31:f2:d1:dc:38:25:2e:50:91:ae:10:
ad:76:42:b7:01:a1:02:c8:81:08:4a:f5:b9:a8:bc:
fd:95:36:1c:cd:29:25:d8:99:de:d9:f9:e9:63:cb:
2c:24:65:16:48:93:b7:4a:7c:d0:dc:75:d5:1b:49:
59:79:8f:3a:02:21:20:ac:d2:b6:a6:38:cb:dd:77:
37:7d:46:00:14:f1:7c:82:8a:7b:fd:59:ac:0d:e2:
b6:a7:e7:93:72:1f:c3:0c:47:bf:40:03:32:fe:99:
1f:0e:70:fd:84:78:8f:99:ca:86:59:92:21:9f:73:
7a:b6:44:eb:19:27:ea:94:e2:cb:ab:75:d6:e0:03:
11:2f:da:86:6c:cb:b3:8c:f6:56:67:28:65:1d:b1:
ae:af:46:7a:04:c9:c3:bd:ae:0d:50:34:4a:04:e4:
e4:20:a4:3b:bc:e2:f5:d5:33:35:97:31:90:b7:0b:
9a:84:1c:99:27:54:8e:de:75:28:12:c9:05:d6:c9:
d7:2d:5c:4e:bb:a1:3d:c3:43:82:72:bd:72:17:43:
d8:52:70:ee:49:5a:95:fe:04:49:63:8e:06:e4:39:
ad:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:37:78:E9:54:C9:DF:43:AC:32:1C:BC:08:B2:2B:AD:9C:4D:28:8C
X509v3 Authority Key Identifier:
keyid:6D:85:06:13:61:B1:9F:21:2E:FE:90:C2:D8:CF:3E:EE:61:7F:20:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bYUGE2GxnyEu_pDC2M8-7mF_IOU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/7e7b8b-79e0-4f51-b866-67ad60d386dd/1/1-jd46VTJ30OsMhy8CLIrrZxNKIw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/7e7b8b-79e0-4f51-b866-67ad60d386dd/1/bYUGE2GxnyEu_pDC2M8-7mF_IOU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
43.230.184.0/22
185.98.16.0/22
185.249.148.0/22
IPv6:
2a0c:97c0::/29
Signature Algorithm: sha256WithRSAEncryption
18:df:26:cd:a9:32:24:9c:2d:a4:7f:9a:19:34:7d:99:4b:9b:
07:35:b3:77:a4:79:15:e9:f3:72:9d:b3:b5:16:89:f0:cf:cf:
1f:d9:11:a7:5f:e1:57:f4:a8:62:dd:e1:16:28:23:17:62:c9:
64:4b:b5:30:79:5e:d4:4e:38:ee:bc:be:64:93:c6:48:5a:e8:
d6:0c:59:16:ed:d8:89:0f:26:35:53:ec:f4:79:9e:9b:43:2c:
c4:8b:db:3a:1c:ae:1e:2e:b7:bb:fd:20:a5:4b:7e:6c:84:ec:
cb:5b:ff:ca:70:ea:d0:a5:dc:67:6a:49:23:77:70:5e:75:ba:
ed:db:83:3b:d3:b4:be:96:17:87:1a:0b:8c:63:f4:4c:1f:f5:
78:cb:7f:c5:79:99:f1:b1:2a:17:1b:fa:e1:64:b4:c2:25:81:
e1:e1:1a:1d:81:b2:86:f9:7b:e2:8c:95:49:89:af:56:41:5a:
1f:a6:d0:67:59:a3:54:4a:3d:6d:6c:cf:5d:93:ad:13:46:b6:
0d:8e:b2:bf:e3:72:ff:3a:6f:2e:fe:a0:28:93:84:25:69:02:
36:de:20:e7:00:b4:53:32:12:7f:67:38:e7:ad:80:1f:fe:ab:
f9:f6:21:32:f1:a5:df:17:20:fc:89:fa:62:56:a2:ef:d0:37:
d5:42:24:32
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZA1GyrMGTqMeG+7pFfnu8JaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkODUwNjEzNjFiMTlmMjEyZWZlOTBjMmQ4Y2YzZWVlNjE3
ZjIwZTUwHhcNMjQwNjIwMTAwNDUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTM3NzhlOTU0YzlkZjQzYWMzMjFjYmMwOGIyMmJhZDljNGQyODhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvGriuGPr31NXxxAph7O4g7ONGviD
O8wnWy3gskK1TFiDMfLR3DglLlCRrhCtdkK3AaECyIEISvW5qLz9lTYczSkl2Jne
2fnpY8ssJGUWSJO3SnzQ3HXVG0lZeY86AiEgrNK2pjjL3Xc3fUYAFPF8gop7/Vms
DeK2p+eTch/DDEe/QAMy/pkfDnD9hHiPmcqGWZIhn3N6tkTrGSfqlOLLq3XW4AMR
L9qGbMuzjPZWZyhlHbGur0Z6BMnDva4NUDRKBOTkIKQ7vOL11TM1lzGQtwuahByZ
J1SO3nUoEskF1snXLVxOu6E9w0OCcr1yF0PYUnDuSVqV/gRJY44G5DmtKQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFPo3eOlUyd9DrDIcvAiyK62cTSiMMB8GA1UdIwQY
MBaAFG2FBhNhsZ8hLv6QwtjPPu5hfyDlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYllVR0UyR3hueUV1X3BEQzJNOC03bUZfSU9VLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC83ZTdiOGItNzllMC00ZjUxLWI4NjYt
NjdhZDYwZDM4NmRkLzEvMS1qZDQ2VlRKMzBPc01oeThDTElyclp4TktJdy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMzQvN2U3YjhiLTc5ZTAtNGY1MS1iODY2LTY3YWQ2MGQzODZk
ZC8xL2JZVUdFMkd4bnlFdV9wREMyTTgtN21GX0lPVS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA6BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEAivmuAME
ArliEAMEArn5lDANBAIAAjAHAwUDKgyXwDANBgkqhkiG9w0BAQsFAAOCAQEAGN8m
zakyJJwtpH+aGTR9mUubBzWzd6R5Fenzcp2ztRaJ8M/PH9kRp1/hV/SoYt3hFigj
F2LJZEu1MHle1E447ry+ZJPGSFro1gxZFu3YiQ8mNVPs9Hmem0MsxIvbOhyuHi63
u/0gpUt+bITsy1v/ynDq0KXcZ2pJI3dwXnW67duDO9O0vpYXhxoLjGP0TB/1eMt/
xXmZ8bEqFxv64WS0wiWB4eEaHYGyhvl74oyVSYmvVkFaH6bQZ1mjVEo9bWzPXZOt
E0a2DY6yv+Ny/zpvLv6gKJOEJWkCNt4g5wC0UzISf2c4562AH/6r+fYhMvGl3xcg
/In6Ylai79A31UIkMg==
-----END CERTIFICATE-----
Generated at Tue Apr 22 22:05:21 2025 by rpki-client