Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/8a31f3-7acf-47b4-b97b-fa31e2dc6abb/1/7P1FAClo2nfwXp1GZRad8v3X_f4.roa
File: 7P1FAClo2nfwXp1GZRad8v3X_f4.roa (raw, json)
Hash identifier: Sh0fvIqyo1JgYv0EKjjGqGo1StH72A4Ui1cGv/OVTB4=
Subject key identifier: EC:FD:45:00:29:68:DA:77:F0:5E:9D:46:65:16:9D:F2:FD:D7:FD:FE
Certificate issuer: /CN=2ad2fe6466d07094a4256da2cc847083c5006b1a
Certificate serial: 018CC8DD1C4D13C9292ACBC574182FFF4F27
Authority key identifier: 2A:D2:FE:64:66:D0:70:94:A4:25:6D:A2:CC:84:70:83:C5:00:6B:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KtL-ZGbQcJSkJW2izIRwg8UAaxo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/8a31f3-7acf-47b4-b97b-fa31e2dc6abb/1/7P1FAClo2nfwXp1GZRad8v3X_f4.roa
Signing time: Tue 02 Jan 2024 06:29:42 +0000
ROA not before: Tue 02 Jan 2024 06:29:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49720
IP address blocks: 91.236.224.0/24 maxlen: 24
91.236.226.0/24 maxlen: 24
91.236.225.0/24 maxlen: 24
91.236.227.0/24 maxlen: 24
195.182.195.0/24 maxlen: 24
195.182.194.0/24 maxlen: 24
185.168.129.0/24 maxlen: 24
185.168.128.0/24 maxlen: 24
185.168.128.0/22 maxlen: 22
185.168.130.0/23 maxlen: 23
185.250.20.0/22 maxlen: 22
185.250.20.0/24 maxlen: 24
185.250.22.0/24 maxlen: 24
185.250.21.0/24 maxlen: 24
185.250.23.0/24 maxlen: 24
193.107.136.0/24 maxlen: 24
2a0a:701::/32 maxlen: 32
2a0a:704::/32 maxlen: 32
2a0a:700::/32 maxlen: 32
2a0a:702::/32 maxlen: 32
2a0a:705::/32 maxlen: 32
2a0a:706::/32 maxlen: 32
2a0a:703::/32 maxlen: 32
2a0a:707::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 24 Apr 2024 13:17:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:dd:1c:4d:13:c9:29:2a:cb:c5:74:18:2f:ff:4f:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ad2fe6466d07094a4256da2cc847083c5006b1a
Validity
Not Before: Jan 2 06:29:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ecfd45002968da77f05e9d4665169df2fdd7fdfe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:66:1d:17:53:36:8f:33:e4:b7:ff:13:95:f7:
75:a3:0f:7c:0c:5a:64:63:22:b9:a5:5d:0e:e9:4d:
2a:a2:f9:e5:8f:5d:f4:b9:bb:cc:20:ce:e1:5d:8e:
84:e1:6b:2c:d6:7f:95:ad:f6:cb:aa:b8:55:33:9e:
2f:69:f9:75:60:a3:3f:ac:4d:f5:70:8d:3f:49:3d:
8f:4d:88:f7:75:4f:7d:25:85:30:4c:c3:63:0f:fb:
40:14:ff:32:cb:96:44:c4:2d:d7:0c:68:4d:f8:30:
89:fd:af:eb:9b:ef:de:e1:70:2b:bb:0e:9f:c0:43:
21:be:b4:f9:da:97:6d:c1:b4:bb:e5:a7:30:25:3d:
88:96:1d:b8:76:28:95:e5:40:87:6b:99:40:83:54:
3c:e5:10:c6:e3:47:37:98:ee:b3:a3:50:f6:01:4e:
b1:53:81:13:aa:4d:8b:cb:3d:5e:f1:8f:3c:d6:ec:
e5:13:d8:d9:3f:d7:4f:6b:4a:ba:48:8e:cd:b5:c8:
7c:85:17:e2:29:1e:b5:1e:48:03:d3:dd:02:a6:e8:
d4:c7:c3:23:ca:31:64:01:19:07:a6:84:a2:69:46:
f3:f6:37:70:a5:fa:8c:a5:52:c5:57:90:b1:41:00:
30:e6:8d:fa:9f:ac:49:f6:95:db:57:2b:11:21:e8:
a6:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:FD:45:00:29:68:DA:77:F0:5E:9D:46:65:16:9D:F2:FD:D7:FD:FE
X509v3 Authority Key Identifier:
keyid:2A:D2:FE:64:66:D0:70:94:A4:25:6D:A2:CC:84:70:83:C5:00:6B:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KtL-ZGbQcJSkJW2izIRwg8UAaxo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/8a31f3-7acf-47b4-b97b-fa31e2dc6abb/1/7P1FAClo2nfwXp1GZRad8v3X_f4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/8a31f3-7acf-47b4-b97b-fa31e2dc6abb/1/KtL-ZGbQcJSkJW2izIRwg8UAaxo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.236.224.0/22
185.168.128.0/22
185.250.20.0/22
193.107.136.0/24
195.182.194.0/23
IPv6:
2a0a:700::/29
Signature Algorithm: sha256WithRSAEncryption
8b:78:66:01:9c:43:9d:19:8e:8b:9f:33:75:c3:9e:a9:fc:56:
d6:ce:37:b0:14:f6:9e:75:2f:ef:ee:3c:b6:6b:0f:44:3b:e2:
fc:db:8d:77:18:6f:96:90:7e:dc:47:f9:a4:8f:61:69:6b:21:
a5:88:d7:9e:02:1e:81:c6:93:04:60:65:61:80:2e:90:b6:f0:
ed:26:ea:f8:3a:0c:1a:c6:33:ec:ff:23:f0:58:04:4a:7f:84:
80:68:4f:dc:ef:da:10:65:25:31:93:7c:c4:61:df:c1:55:f4:
6d:6e:e0:48:a7:75:83:d4:05:97:29:81:43:39:c5:04:fe:6d:
94:e1:1b:46:43:3f:42:d1:b3:fe:18:56:2c:e7:71:fd:9f:f6:
7b:c0:36:1c:f5:b4:55:43:27:ad:8d:c4:e6:ae:06:6d:51:c6:
b9:3c:88:22:78:41:b6:46:12:bb:c9:4f:67:c4:fc:bf:46:e5:
6a:1c:80:e0:7d:76:e0:fd:c0:47:33:ca:40:d4:9b:ff:bb:b8:
8a:d5:82:43:55:18:ff:00:b0:7b:f5:7e:2b:6d:b0:50:7c:7e:
f7:8e:41:70:43:98:01:da:27:00:1f:7a:79:16:04:2e:c4:33:
ca:0c:1c:91:e7:e0:ad:e6:f9:1b:c8:06:5e:4b:04:e8:14:81:
22:ba:49:fc
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYzI3RxNE8kpKsvFdBgv/08nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhZDJmZTY0NjZkMDcwOTRhNDI1NmRhMmNjODQ3MDgzYzUw
MDZiMWEwHhcNMjQwMTAyMDYyOTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlY2ZkNDUwMDI5NjhkYTc3ZjA1ZTlkNDY2NTE2OWRmMmZkZDdmZGZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi2YdF1M2jzPkt/8Tlfd1ow98DFpk
YyK5pV0O6U0qovnlj130ubvMIM7hXY6E4Wss1n+VrfbLqrhVM54vafl1YKM/rE31
cI0/ST2PTYj3dU99JYUwTMNjD/tAFP8yy5ZExC3XDGhN+DCJ/a/rm+/e4XAruw6f
wEMhvrT52pdtwbS75acwJT2Ilh24diiV5UCHa5lAg1Q85RDG40c3mO6zo1D2AU6x
U4ETqk2Lyz1e8Y881uzlE9jZP9dPa0q6SI7Ntch8hRfiKR61HkgD090CpujUx8Mj
yjFkARkHpoSiaUbz9jdwpfqMpVLFV5CxQQAw5o36n6xJ9pXbVysRIeim4QIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFOz9RQApaNp38F6dRmUWnfL91/3+MB8GA1UdIwQY
MBaAFCrS/mRm0HCUpCVtosyEcIPFAGsaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3RMLVpHYlFjSlNrSlcyaXpJUndnOFVBYXhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC84YTMxZjMtN2FjZi00N2I0LWI5N2It
ZmEzMWUyZGM2YWJiLzEvN1AxRkFDbG8ybmZ3WHAxR1pSYWQ4djNYX2Y0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC84YTMxZjMtN2FjZi00N2I0LWI5N2ItZmEzMWUyZGM2YWJi
LzEvS3RMLVpHYlFjSlNrSlcyaXpJUndnOFVBYXhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQCW+zgAwQC
uaiAAwQCufoUAwQAwWuIAwQBw7bCMA0EAgACMAcDBQMqCgcAMA0GCSqGSIb3DQEB
CwUAA4IBAQCLeGYBnEOdGY6LnzN1w56p/FbWzjewFPaedS/v7jy2aw9EO+L82413
GG+WkH7cR/mkj2FpayGliNeeAh6BxpMEYGVhgC6QtvDtJur4OgwaxjPs/yPwWARK
f4SAaE/c79oQZSUxk3zEYd/BVfRtbuBIp3WD1AWXKYFDOcUE/m2U4RtGQz9C0bP+
GFYs53H9n/Z7wDYc9bRVQyetjcTmrgZtUca5PIgieEG2RhK7yU9nxPy/RuVqHIDg
fXbg/cBHM8pA1Jv/u7iK1YJDVRj/ALB79X4rbbBQfH73jkFwQ5gB2icAH3p5FgQu
xDPKDByR5+Ct5vkbyAZeSwToFIEiukn8
-----END CERTIFICATE-----
Generated at Sat Apr 12 18:46:55 2025 by rpki-client