Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/a1b15f-7d3d-4af6-b656-65bb1a89f259/1/7-0r53qRsXXLmHmr-EggrJcfYAo.roa
File: 7-0r53qRsXXLmHmr-EggrJcfYAo.roa (raw, json)
Hash identifier: fPOMXyDpQQQFpEbY/KPFVK1ELfZ7goPByUwup+veFrI=
Subject key identifier: EF:ED:2B:E7:7A:91:B1:75:CB:98:79:AB:F8:48:20:AC:97:1F:60:0A
Certificate issuer: /CN=acd35e0da439bea65c48329ce9e8b1093f72300a
Certificate serial: 018CC9BCBB73E4F83FDFB6130F3E7EFD8494
Authority key identifier: AC:D3:5E:0D:A4:39:BE:A6:5C:48:32:9C:E9:E8:B1:09:3F:72:30:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rNNeDaQ5vqZcSDKc6eixCT9yMAo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/a1b15f-7d3d-4af6-b656-65bb1a89f259/1/7-0r53qRsXXLmHmr-EggrJcfYAo.roa
Signing time: Tue 02 Jan 2024 10:33:58 +0000
ROA not before: Tue 02 Jan 2024 10:33:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200906
IP address blocks: 185.72.4.0/24 maxlen: 24
185.72.6.0/24 maxlen: 24
185.72.7.0/24 maxlen: 24
185.72.5.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 13:50:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:bb:73:e4:f8:3f:df:b6:13:0f:3e:7e:fd:84:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=acd35e0da439bea65c48329ce9e8b1093f72300a
Validity
Not Before: Jan 2 10:33:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=efed2be77a91b175cb9879abf84820ac971f600a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:bc:d1:db:1b:42:a5:af:1a:22:0d:79:a8:9a:
94:71:32:e8:18:34:0d:4d:38:d4:ed:dc:07:24:d9:
67:3b:87:d3:54:88:b4:60:1b:99:8c:6a:5c:68:69:
6a:ad:3e:08:23:b1:5f:30:ed:60:4a:12:17:94:3c:
de:f1:1c:5b:65:a5:61:dc:88:6d:06:c2:99:e6:80:
49:79:75:c1:4b:6f:cf:58:af:03:ab:30:2a:86:31:
70:ee:20:37:96:44:b2:a7:3e:c1:c5:ec:91:7b:08:
c8:7b:ea:fe:0c:c4:ba:ce:9b:b9:c2:b9:67:e9:5b:
9d:e7:15:b2:63:ee:0a:4a:e6:55:0a:25:c0:a2:cc:
84:4c:f8:c6:96:01:23:82:12:bb:a8:83:d7:48:a9:
28:70:57:f4:b3:cc:1d:8b:64:c1:3c:f0:b0:3c:fe:
47:7a:2f:25:40:f8:d5:29:3a:bc:9c:17:2f:90:43:
42:77:c9:90:bd:ba:9b:14:21:8d:e4:9e:29:7b:19:
9c:17:94:5d:d0:00:b0:9f:ce:d3:c8:9e:0d:d4:e9:
3a:bd:05:7a:0f:12:06:56:e7:44:53:78:a0:5a:e6:
37:1a:c2:9b:e7:8f:db:01:d1:31:9a:16:c8:64:e9:
91:68:26:a1:22:57:bc:b5:33:9c:5b:3c:d4:36:d8:
86:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:ED:2B:E7:7A:91:B1:75:CB:98:79:AB:F8:48:20:AC:97:1F:60:0A
X509v3 Authority Key Identifier:
keyid:AC:D3:5E:0D:A4:39:BE:A6:5C:48:32:9C:E9:E8:B1:09:3F:72:30:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rNNeDaQ5vqZcSDKc6eixCT9yMAo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/a1b15f-7d3d-4af6-b656-65bb1a89f259/1/7-0r53qRsXXLmHmr-EggrJcfYAo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/a1b15f-7d3d-4af6-b656-65bb1a89f259/1/rNNeDaQ5vqZcSDKc6eixCT9yMAo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.72.4.0/22
Signature Algorithm: sha256WithRSAEncryption
7a:8d:7a:ae:8d:74:bc:dd:1b:5b:57:95:24:e7:eb:b9:87:d8:
33:d9:7e:41:7a:2c:7a:fb:24:18:48:fa:3c:9f:90:74:20:08:
52:f7:a5:7c:2e:6a:39:0a:4b:0c:a3:65:52:79:e6:45:80:91:
5b:25:fa:bc:94:e4:bc:58:20:0a:51:0d:65:a3:3d:82:98:64:
42:f7:7b:6e:b0:3d:cc:79:ad:e4:2b:d7:ef:3b:f9:62:79:da:
71:58:d3:0c:91:d1:ab:ab:2d:d0:93:56:e3:6a:1f:92:b3:5c:
b6:3e:f7:db:82:78:0c:64:b0:16:08:62:de:ea:c5:7f:50:7a:
de:3c:06:1d:c8:c5:38:0b:8d:66:7f:1d:9f:11:14:f5:0e:f5:
0e:02:e7:bd:15:f3:92:c8:e1:c4:f8:f6:cc:f5:fd:c1:f4:ab:
ed:a5:e9:f3:8b:6d:e2:e8:79:c1:97:9d:6c:e0:89:a3:f8:dc:
a1:b2:3b:95:14:1c:eb:6b:cc:74:84:85:81:a1:0e:cd:5c:dc:
ab:ec:38:c9:10:40:2c:ea:69:f2:4a:bb:e5:b6:7f:74:1f:ce:
38:54:49:61:c0:b2:0b:3b:b3:39:79:1e:eb:45:11:70:8c:53:
4e:e8:1f:3a:e8:2a:43:c1:42:d7:bc:4e:5b:12:78:34:19:61:
ad:50:f9:39
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJvLtz5Pg/37YTDz5+/YSUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjZDM1ZTBkYTQzOWJlYTY1YzQ4MzI5Y2U5ZThiMTA5M2Y3
MjMwMGEwHhcNMjQwMTAyMTAzMzU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZmVkMmJlNzdhOTFiMTc1Y2I5ODc5YWJmODQ4MjBhYzk3MWY2MDBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2LzR2xtCpa8aIg15qJqUcTLoGDQN
TTjU7dwHJNlnO4fTVIi0YBuZjGpcaGlqrT4II7FfMO1gShIXlDze8RxbZaVh3Iht
BsKZ5oBJeXXBS2/PWK8DqzAqhjFw7iA3lkSypz7BxeyRewjIe+r+DMS6zpu5wrln
6Vud5xWyY+4KSuZVCiXAosyETPjGlgEjghK7qIPXSKkocFf0s8wdi2TBPPCwPP5H
ei8lQPjVKTq8nBcvkENCd8mQvbqbFCGN5J4pexmcF5Rd0ACwn87TyJ4N1Ok6vQV6
DxIGVudEU3igWuY3GsKb54/bAdExmhbIZOmRaCahIle8tTOcWzzUNtiGlwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFO/tK+d6kbF1y5h5q/hIIKyXH2AKMB8GA1UdIwQY
MBaAFKzTXg2kOb6mXEgynOnosQk/cjAKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvck5OZURhUTV2cVpjU0RLYzZlaXhDVDl5TUFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS9hMWIxNWYtN2QzZC00YWY2LWI2NTYt
NjViYjFhODlmMjU5LzEvNy0wcjUzcVJzWFhMbUhtci1FZ2dySmNmWUFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS9hMWIxNWYtN2QzZC00YWY2LWI2NTYtNjViYjFhODlmMjU5
LzEvck5OZURhUTV2cVpjU0RLYzZlaXhDVDl5TUFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuUgEMA0G
CSqGSIb3DQEBCwUAA4IBAQB6jXqujXS83RtbV5Uk5+u5h9gz2X5Beix6+yQYSPo8
n5B0IAhS96V8Lmo5CksMo2VSeeZFgJFbJfq8lOS8WCAKUQ1loz2CmGRC93tusD3M
ea3kK9fvO/liedpxWNMMkdGrqy3Qk1bjah+Ss1y2PvfbgngMZLAWCGLe6sV/UHre
PAYdyMU4C41mfx2fERT1DvUOAue9FfOSyOHE+PbM9f3B9Kvtpenzi23i6HnBl51s
4Imj+NyhsjuVFBzra8x0hIWBoQ7NXNyr7DjJEEAs6mnySrvltn90H844VElhwLIL
O7M5eR7rRRFwjFNO6B866CpDwULXvE5bEng0GWGtUPk5
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:45:36 2025 by rpki-client