Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/a7YCbx6x-ySRbJJJMV7sLXsreCY.roa
File: a7YCbx6x-ySRbJJJMV7sLXsreCY.roa (raw, json)
Hash identifier: m3587GmtAbPNPl++vAmc/xerpzeZ+a08HYDgT+3wMYU=
Subject key identifier: 6B:B6:02:6F:1E:B1:FB:24:91:6C:92:49:31:5E:EC:2D:7B:2B:78:26
Certificate issuer: /CN=95b30111b0b720a209f788c8b90f60380b465c2e
Certificate serial: 019424455AD378531F56A7D0FB82ED9A0ADF
Authority key identifier: 95:B3:01:11:B0:B7:20:A2:09:F7:88:C8:B9:0F:60:38:0B:46:5C:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/a7YCbx6x-ySRbJJJMV7sLXsreCY.roa
Signing time: Wed 01 Jan 2025 23:48:32 +0000
ROA not before: Wed 01 Jan 2025 23:48:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29119
IP address blocks: 185.223.216.0/24 maxlen: 24
185.223.217.0/24 maxlen: 24
185.223.218.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 06 Mar 2025 06:54:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:5a:d3:78:53:1f:56:a7:d0:fb:82:ed:9a:0a:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=95b30111b0b720a209f788c8b90f60380b465c2e
Validity
Not Before: Jan 1 23:48:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6bb6026f1eb1fb24916c9249315eec2d7b2b7826
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:5c:90:24:bf:27:7f:7c:ac:98:6f:e2:f1:0e:
8f:00:b1:aa:59:86:84:e5:01:f1:74:3d:98:df:46:
01:f1:4b:a9:d1:5b:24:9b:51:45:11:cb:b3:c8:ea:
ac:94:fa:e6:0c:50:e7:a6:f3:90:5a:de:e0:62:51:
22:6b:fb:17:9e:68:53:f0:8f:e8:43:57:55:a9:d0:
a4:53:3a:12:60:5e:eb:7f:68:62:67:aa:aa:43:c5:
39:45:3c:ba:f6:55:e1:3c:0a:45:f4:8e:1c:86:30:
a0:e2:ba:ca:4f:90:40:2c:2e:bd:5a:37:21:2f:87:
92:b1:88:d5:ac:8d:7a:5b:2d:07:89:9b:6c:47:bb:
da:ca:15:63:a6:75:86:88:b7:11:53:30:b1:6f:a6:
da:47:36:73:95:36:fe:19:84:e2:61:83:03:e8:a4:
0b:2d:e9:ed:b2:be:c3:fb:95:ca:98:a2:c8:4d:a0:
05:a6:93:5d:98:ce:52:7f:d6:62:e0:24:28:be:09:
61:24:9b:98:81:58:f1:2e:0f:1e:4b:72:13:38:42:
f6:44:f5:a8:58:08:ea:ad:68:93:a2:80:fc:26:e6:
b8:1e:60:43:10:9b:0a:26:f3:f8:cf:4f:ea:ce:30:
12:aa:bc:39:90:79:25:55:a6:f4:24:c3:90:64:a4:
c8:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:B6:02:6F:1E:B1:FB:24:91:6C:92:49:31:5E:EC:2D:7B:2B:78:26
X509v3 Authority Key Identifier:
keyid:95:B3:01:11:B0:B7:20:A2:09:F7:88:C8:B9:0F:60:38:0B:46:5C:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/a7YCbx6x-ySRbJJJMV7sLXsreCY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.223.216.0-185.223.218.255
Signature Algorithm: sha256WithRSAEncryption
7a:97:f0:d1:80:f0:7d:61:23:eb:52:6f:9e:a8:2d:d3:ce:18:
72:f3:f1:87:d6:9b:8e:bb:74:71:f2:85:a4:3e:0f:6c:ac:63:
fb:48:33:d6:58:dc:4c:2b:94:e2:0d:7d:20:1b:de:f3:65:c4:
89:ca:e1:a1:da:a3:01:bd:4e:d4:80:d0:e7:61:08:68:56:1d:
9f:19:35:3b:e3:30:4c:ff:93:30:62:b7:f3:a5:b8:99:7b:ea:
42:2e:37:ac:38:d1:38:32:f8:2b:71:81:b7:05:11:0a:1f:6c:
76:24:ab:80:e0:eb:b0:bc:74:88:95:52:82:39:ba:25:7c:55:
3b:32:a6:d4:a0:eb:91:01:ef:78:e2:73:46:a1:53:af:4f:48:
c1:5c:9e:cc:a5:4c:09:81:e6:d0:32:69:6e:99:d1:a0:93:30:
72:ab:fd:87:d8:4c:1f:a5:4c:5c:77:0e:d7:0b:8f:e3:70:1b:
a6:2f:05:f6:78:a2:56:a7:4f:86:8a:d8:af:b7:75:54:ea:fa:
10:97:83:37:be:85:b3:54:ff:f1:71:88:d0:58:9f:77:fd:58:
a3:92:49:01:02:f0:d5:a1:fe:3c:54:d9:67:16:63:be:0a:e6:
2d:8f:66:42:59:b6:4d:ff:84:e3:ed:ae:79:2e:89:a3:27:a1:
66:2e:89:3f
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZQkRVrTeFMfVqfQ+4LtmgrfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1YjMwMTExYjBiNzIwYTIwOWY3ODhjOGI5MGY2MDM4MGI0
NjVjMmUwHhcNMjUwMTAxMjM0ODMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YmI2MDI2ZjFlYjFmYjI0OTE2YzkyNDkzMTVlZWMyZDdiMmI3ODI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA71yQJL8nf3ysmG/i8Q6PALGqWYaE
5QHxdD2Y30YB8Uup0Vskm1FFEcuzyOqslPrmDFDnpvOQWt7gYlEia/sXnmhT8I/o
Q1dVqdCkUzoSYF7rf2hiZ6qqQ8U5RTy69lXhPApF9I4chjCg4rrKT5BALC69Wjch
L4eSsYjVrI16Wy0HiZtsR7vayhVjpnWGiLcRUzCxb6baRzZzlTb+GYTiYYMD6KQL
Lentsr7D+5XKmKLITaAFppNdmM5Sf9Zi4CQovglhJJuYgVjxLg8eS3ITOEL2RPWo
WAjqrWiTooD8Jua4HmBDEJsKJvP4z0/qzjASqrw5kHklVab0JMOQZKTIKQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFGu2Am8esfskkWySSTFe7C17K3gmMB8GA1UdIwQY
MBaAFJWzARGwtyCiCfeIyLkPYDgLRlwuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGJNQkViQzNJS0lKOTRqSXVROWdPQXRHWEM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS8wM2JmMjgtYzU1ZC00YzdhLTkxYmIt
OTE2NDZiZjAxNTNkLzEvYTdZQ2J4NngteVNSYkpKSk1WN3NMWHNyZUNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS8wM2JmMjgtYzU1ZC00YzdhLTkxYmItOTE2NDZiZjAxNTNk
LzEvbGJNQkViQzNJS0lKOTRqSXVROWdPQXRHWEM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAO539gD
BAC539owDQYJKoZIhvcNAQELBQADggEBAHqX8NGA8H1hI+tSb56oLdPOGHLz8YfW
m467dHHyhaQ+D2ysY/tIM9ZY3EwrlOINfSAb3vNlxInK4aHaowG9TtSA0OdhCGhW
HZ8ZNTvjMEz/kzBit/OluJl76kIuN6w40Tgy+CtxgbcFEQofbHYkq4Dg67C8dIiV
UoI5uiV8VTsyptSg65EB73jic0ahU69PSMFcnsylTAmB5tAyaW6Z0aCTMHKr/YfY
TB+lTFx3DtcLj+NwG6YvBfZ4olanT4aK2K+3dVTq+hCXgze+hbNU//FxiNBYn3f9
WKOSSQEC8NWh/jxU2WcWY74K5i2PZkJZtk3/hOPtrnkuiaMnoWYuiT8=
-----END CERTIFICATE-----
Generated at Tue Apr 22 01:06:44 2025 by rpki-client