Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/c08e1e-f5bd-4a1a-8aba-ccf6454bb24c/1/3-7GmlQLr1rLalz6mpiWGnBdCAo.roa
File: 3-7GmlQLr1rLalz6mpiWGnBdCAo.roa (raw, json)
Hash identifier: eSQABfJ2n7bJ+bYF8sxBKMxEF4rDSl004n3jiWGaZ8A=
Subject key identifier: DF:EE:C6:9A:54:0B:AF:5A:CB:6A:5C:FA:9A:98:96:1A:70:5D:08:0A
Certificate issuer: /CN=380b283a0513940d520a680b8b3d14dbc367770d
Certificate serial: 018CC4939767BE592C5EB7DB48C6C0320A32
Authority key identifier: 38:0B:28:3A:05:13:94:0D:52:0A:68:0B:8B:3D:14:DB:C3:67:77:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OAsoOgUTlA1SCmgLiz0U28Nndw0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/c08e1e-f5bd-4a1a-8aba-ccf6454bb24c/1/3-7GmlQLr1rLalz6mpiWGnBdCAo.roa
Signing time: Mon 01 Jan 2024 10:30:56 +0000
ROA not before: Mon 01 Jan 2024 10:30:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208492
IP address blocks: 185.54.94.0/24 maxlen: 25
2a00:8640:b000::/36 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 09:49:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:97:67:be:59:2c:5e:b7:db:48:c6:c0:32:0a:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=380b283a0513940d520a680b8b3d14dbc367770d
Validity
Not Before: Jan 1 10:30:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dfeec69a540baf5acb6a5cfa9a98961a705d080a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:9c:83:d9:8b:84:58:81:03:83:51:07:3b:b3:
40:ba:b7:86:09:3e:0b:0c:af:70:cb:a1:a3:a2:34:
92:1d:70:9f:22:36:ee:6a:fc:48:ab:02:fd:5d:9c:
07:50:da:1c:74:8a:80:6e:0a:4b:bd:f4:c3:dd:df:
c8:9e:e0:3f:30:30:94:ad:16:d1:3c:57:01:ea:d2:
9b:cb:90:4f:54:b9:4b:09:65:a2:6f:b2:98:4a:ca:
63:8a:cb:cc:86:73:74:44:cb:cd:11:3a:c3:0d:96:
08:a7:a0:52:4e:eb:9e:12:9c:c6:c7:a8:f3:2e:0b:
1b:50:cc:08:04:30:f6:ec:a2:3e:df:cc:eb:2f:8f:
b1:7a:ad:5d:10:c4:92:70:51:ef:3b:54:3f:2a:9a:
db:be:d6:8c:2e:3c:ab:d4:f1:21:08:c3:67:97:95:
9f:b0:a2:0b:16:07:66:36:c1:c6:60:af:43:cc:8f:
ec:3c:07:6a:44:a3:45:4d:f2:42:14:fe:c8:72:2e:
44:be:ff:7a:d2:5f:d5:e1:35:74:47:9e:5d:0f:cf:
22:80:62:69:bb:99:4f:d5:29:a4:6e:d1:8d:e2:d3:
e4:fd:57:c7:95:2b:52:3a:24:7a:6b:39:ba:52:34:
53:24:a7:88:06:bf:b0:14:7d:c4:5c:2f:f3:f8:1f:
45:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:EE:C6:9A:54:0B:AF:5A:CB:6A:5C:FA:9A:98:96:1A:70:5D:08:0A
X509v3 Authority Key Identifier:
keyid:38:0B:28:3A:05:13:94:0D:52:0A:68:0B:8B:3D:14:DB:C3:67:77:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OAsoOgUTlA1SCmgLiz0U28Nndw0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/c08e1e-f5bd-4a1a-8aba-ccf6454bb24c/1/3-7GmlQLr1rLalz6mpiWGnBdCAo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/c08e1e-f5bd-4a1a-8aba-ccf6454bb24c/1/OAsoOgUTlA1SCmgLiz0U28Nndw0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.54.94.0/24
IPv6:
2a00:8640:b000::/36
Signature Algorithm: sha256WithRSAEncryption
75:c7:ec:14:88:9f:60:af:d3:12:75:da:3a:28:33:1a:5c:5a:
26:26:c7:67:f6:cf:34:a5:45:46:1f:49:78:6f:b2:3b:7c:33:
be:6c:be:6a:31:e6:33:e5:3c:9f:d6:9d:89:de:a0:7e:7d:4b:
ce:6e:3f:fe:d6:e5:96:19:31:de:5a:bd:62:f3:12:7c:d9:2c:
ef:90:ac:9d:b0:12:a4:6a:7a:63:4b:18:d7:12:64:ef:15:27:
6d:cb:7c:76:bb:a4:d5:66:d2:72:11:5f:7f:10:b0:d6:fa:a7:
11:b1:87:b8:82:4d:e0:cb:73:5c:27:7b:96:81:80:d6:b5:d8:
6d:51:f7:34:4f:10:76:15:7f:86:b3:6b:f4:a7:e5:49:cd:dc:
99:31:e2:83:07:eb:ea:70:8e:fa:cb:bc:d3:c6:d0:75:1f:c6:
97:37:4a:90:2c:4f:a7:8a:9f:39:67:fb:fd:b9:3b:ef:3c:b9:
51:7e:2e:ce:d7:ec:88:84:82:4d:83:47:37:2c:b0:31:97:c3:
ee:c2:47:63:ee:08:c9:a9:1d:f1:f6:ce:de:f8:84:6f:bf:d9:
46:44:6a:b8:f3:b0:cc:19:45:9a:fc:11:24:9d:aa:3f:38:16:
c2:61:d6:ca:0c:e7:69:a3:91:ec:60:67:c1:a5:06:30:11:b9:
6d:b0:97:91
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYzEk5dnvlksXrfbSMbAMgoyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4MGIyODNhMDUxMzk0MGQ1MjBhNjgwYjhiM2QxNGRiYzM2
Nzc3MGQwHhcNMjQwMTAxMTAzMDU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZmVlYzY5YTU0MGJhZjVhY2I2YTVjZmE5YTk4OTYxYTcwNWQwODBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgpyD2YuEWIEDg1EHO7NAureGCT4L
DK9wy6GjojSSHXCfIjbuavxIqwL9XZwHUNocdIqAbgpLvfTD3d/InuA/MDCUrRbR
PFcB6tKby5BPVLlLCWWib7KYSspjisvMhnN0RMvNETrDDZYIp6BSTuueEpzGx6jz
LgsbUMwIBDD27KI+38zrL4+xeq1dEMSScFHvO1Q/KprbvtaMLjyr1PEhCMNnl5Wf
sKILFgdmNsHGYK9DzI/sPAdqRKNFTfJCFP7Ici5Evv960l/V4TV0R55dD88igGJp
u5lP1SmkbtGN4tPk/VfHlStSOiR6azm6UjRTJKeIBr+wFH3EXC/z+B9FpQIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFN/uxppUC69ay2pc+pqYlhpwXQgKMB8GA1UdIwQY
MBaAFDgLKDoFE5QNUgpoC4s9FNvDZ3cNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0Fzb09nVVRsQTFTQ21nTGl6MFUyOE5uZHcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS9jMDhlMWUtZjViZC00YTFhLThhYmEt
Y2NmNjQ1NGJiMjRjLzEvMy03R21sUUxyMXJMYWx6Nm1waVdHbkJkQ0FvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS9jMDhlMWUtZjViZC00YTFhLThhYmEtY2NmNjQ1NGJiMjRj
LzEvT0Fzb09nVVRsQTFTQ21nTGl6MFUyOE5uZHcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQAuTZeMA4E
AgACMAgDBgQqAIZAsDANBgkqhkiG9w0BAQsFAAOCAQEAdcfsFIifYK/TEnXaOigz
GlxaJibHZ/bPNKVFRh9JeG+yO3wzvmy+ajHmM+U8n9adid6gfn1Lzm4//tbllhkx
3lq9YvMSfNks75CsnbASpGp6Y0sY1xJk7xUnbct8druk1WbSchFffxCw1vqnEbGH
uIJN4MtzXCd7loGA1rXYbVH3NE8QdhV/hrNr9KflSc3cmTHigwfr6nCO+su808bQ
dR/GlzdKkCxPp4qfOWf7/bk77zy5UX4uztfsiISCTYNHNyywMZfD7sJHY+4Iyakd
8fbO3viEb7/ZRkRquPOwzBlFmvwRJJ2qPzgWwmHWygznaaOR7GBnwaUGMBG5bbCX
kQ==
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:14:29 2025 by rpki-client