Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/3347f7-5259-4238-adb6-835de0f5892e/1/61GY1R8wYDxa_lyBZ9hmT1qgG2k.roa
File: 61GY1R8wYDxa_lyBZ9hmT1qgG2k.roa (raw, json)
Hash identifier: aG+XDaW77/Td5w26SqmAR9HeWY1Ds0VsYkAE7IRG8D0=
Subject key identifier: EB:51:98:D5:1F:30:60:3C:5A:FE:5C:81:67:D8:66:4F:5A:A0:1B:69
Certificate issuer: /CN=c76e03ff7d0bfde32839c28fec81c6275c04d33f
Certificate serial: 018CC8DF294E1D256FEE15348D85E42D1A71
Authority key identifier: C7:6E:03:FF:7D:0B:FD:E3:28:39:C2:8F:EC:81:C6:27:5C:04:D3:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x24D_30L_eMoOcKP7IHGJ1wE0z8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/3347f7-5259-4238-adb6-835de0f5892e/1/61GY1R8wYDxa_lyBZ9hmT1qgG2k.roa
Signing time: Tue 02 Jan 2024 06:31:57 +0000
ROA not before: Tue 02 Jan 2024 06:31:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48972
IP address blocks: 185.107.120.0/22 maxlen: 22
2a00:cb40::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 02 Jan 2025 09:47:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:29:4e:1d:25:6f:ee:15:34:8d:85:e4:2d:1a:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c76e03ff7d0bfde32839c28fec81c6275c04d33f
Validity
Not Before: Jan 2 06:31:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=eb5198d51f30603c5afe5c8167d8664f5aa01b69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:18:c7:b4:6f:32:dc:87:ad:08:8d:d2:07:46:
a8:83:2c:61:a8:4e:65:55:56:5f:6e:c4:3c:5e:7c:
60:da:a1:58:15:97:81:52:5f:e9:e9:07:8f:67:3d:
9a:22:6b:f8:93:a6:44:d3:08:15:2d:e3:97:b1:d2:
0b:33:cc:8e:f0:41:11:fd:d9:0c:80:e0:5a:13:a4:
a8:34:e8:3e:66:3a:eb:93:2c:f3:f2:df:95:ae:07:
14:3e:c0:d7:dd:42:53:ff:26:a1:28:c7:3e:30:99:
0d:86:6e:e6:f6:49:e6:43:09:fe:a2:76:c0:4f:f6:
f5:2b:fb:a8:18:9c:cd:44:9b:8d:ce:68:08:6b:86:
31:b3:c7:83:2f:0a:0f:aa:63:5b:99:21:60:b2:06:
93:b5:54:7c:e7:08:10:80:79:3c:23:f8:12:9b:a3:
6f:5f:84:b9:79:39:cb:df:cf:36:e7:ce:59:da:ae:
49:2f:06:3a:aa:74:13:cc:50:c3:7f:94:63:ae:63:
31:45:5f:32:f0:6e:0f:75:72:74:34:11:69:81:83:
86:c9:4d:ec:3f:05:1d:27:3a:84:f9:d0:ba:85:f3:
87:9c:b1:75:63:29:17:3b:cd:63:35:60:05:98:c7:
ba:21:c1:be:81:1a:dc:1e:78:fe:6f:83:f6:cb:a6:
ad:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:51:98:D5:1F:30:60:3C:5A:FE:5C:81:67:D8:66:4F:5A:A0:1B:69
X509v3 Authority Key Identifier:
keyid:C7:6E:03:FF:7D:0B:FD:E3:28:39:C2:8F:EC:81:C6:27:5C:04:D3:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x24D_30L_eMoOcKP7IHGJ1wE0z8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/3347f7-5259-4238-adb6-835de0f5892e/1/61GY1R8wYDxa_lyBZ9hmT1qgG2k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/3347f7-5259-4238-adb6-835de0f5892e/1/x24D_30L_eMoOcKP7IHGJ1wE0z8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.107.120.0/22
IPv6:
2a00:cb40::/32
Signature Algorithm: sha256WithRSAEncryption
54:6f:16:3b:73:e2:32:e8:37:4b:05:56:54:84:a3:d2:58:b2:
01:d1:43:07:f6:39:ae:f7:9d:c6:db:59:3e:d6:b5:de:b7:16:
2b:ac:b9:da:37:a4:6b:7a:7d:89:5c:b7:98:7b:b7:15:d9:c1:
dd:62:ce:ce:53:cb:f0:8a:e5:93:e5:61:34:ad:eb:e9:cd:7f:
c2:ef:ed:1d:d8:8e:15:c4:57:5f:13:94:ac:27:99:c1:8f:b4:
db:35:9f:b0:72:d7:e3:63:05:84:d8:cb:96:9a:57:a8:00:59:
f9:86:47:d0:11:3e:a0:9f:6d:36:5e:b9:d0:b3:dc:3e:09:9e:
aa:0f:24:c8:26:ee:9f:3c:e2:82:7f:b5:5a:01:a3:82:ee:6d:
f1:46:1d:40:f3:81:db:af:c5:f2:02:25:0c:e2:1d:72:9b:c3:
77:36:6b:58:f8:61:d8:da:29:09:84:30:dd:71:0b:8a:c4:75:
b8:0c:bd:c6:d7:03:0a:93:9c:ab:32:f5:13:e5:ff:d7:62:9c:
68:6b:9b:0f:d4:4f:f2:a7:24:4b:52:6f:5c:9a:34:a6:73:e2:
fe:5e:90:32:31:47:85:ef:f6:dc:05:59:2e:fc:80:83:7c:d1:
6c:14:71:1a:5f:ce:36:e0:db:46:01:94:2d:3a:84:87:26:d4:
fc:56:a2:fe
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzI3ylOHSVv7hU0jYXkLRpxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3NmUwM2ZmN2QwYmZkZTMyODM5YzI4ZmVjODFjNjI3NWMw
NGQzM2YwHhcNMjQwMTAyMDYzMTU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYjUxOThkNTFmMzA2MDNjNWFmZTVjODE2N2Q4NjY0ZjVhYTAxYjY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiBjHtG8y3IetCI3SB0aogyxhqE5l
VVZfbsQ8Xnxg2qFYFZeBUl/p6QePZz2aImv4k6ZE0wgVLeOXsdILM8yO8EER/dkM
gOBaE6SoNOg+Zjrrkyzz8t+VrgcUPsDX3UJT/yahKMc+MJkNhm7m9knmQwn+onbA
T/b1K/uoGJzNRJuNzmgIa4Yxs8eDLwoPqmNbmSFgsgaTtVR85wgQgHk8I/gSm6Nv
X4S5eTnL3882585Z2q5JLwY6qnQTzFDDf5RjrmMxRV8y8G4PdXJ0NBFpgYOGyU3s
PwUdJzqE+dC6hfOHnLF1YykXO81jNWAFmMe6IcG+gRrcHnj+b4P2y6atnwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOtRmNUfMGA8Wv5cgWfYZk9aoBtpMB8GA1UdIwQY
MBaAFMduA/99C/3jKDnCj+yBxidcBNM/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveDI0RF8zMExfZU1vT2NLUDdJSEdKMXdFMHo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8zMzQ3ZjctNTI1OS00MjM4LWFkYjYt
ODM1ZGUwZjU4OTJlLzEvNjFHWTFSOHdZRHhhX2x5Qlo5aG1UMXFnRzJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8zMzQ3ZjctNTI1OS00MjM4LWFkYjYtODM1ZGUwZjU4OTJl
LzEveDI0RF8zMExfZU1vT2NLUDdJSEdKMXdFMHo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuWt4MA0E
AgACMAcDBQAqAMtAMA0GCSqGSIb3DQEBCwUAA4IBAQBUbxY7c+Iy6DdLBVZUhKPS
WLIB0UMH9jmu953G21k+1rXetxYrrLnaN6Rren2JXLeYe7cV2cHdYs7OU8vwiuWT
5WE0revpzX/C7+0d2I4VxFdfE5SsJ5nBj7TbNZ+wctfjYwWE2MuWmleoAFn5hkfQ
ET6gn202XrnQs9w+CZ6qDyTIJu6fPOKCf7VaAaOC7m3xRh1A84Hbr8XyAiUM4h1y
m8N3NmtY+GHY2ikJhDDdcQuKxHW4DL3G1wMKk5yrMvUT5f/XYpxoa5sP1E/ypyRL
Um9cmjSmc+L+XpAyMUeF7/bcBVku/ICDfNFsFHEaX8424NtGAZQtOoSHJtT8VqL+
-----END CERTIFICATE-----
Generated at Mon Apr 7 19:36:25 2025 by rpki-client