Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/0365de-8008-4713-ab99-619fa80b8d74/1/k7GcqXDcQjFazZREhROts0K22sc.roa
File: k7GcqXDcQjFazZREhROts0K22sc.roa (raw, json)
Hash identifier: bROZ8FmNPNV3Yq/P0u6E0rG9JqJwgfEu4paFKf1Kd/E=
Subject key identifier: 93:B1:9C:A9:70:DC:42:31:5A:CD:94:44:85:13:AD:B3:42:B6:DA:C7
Certificate issuer: /CN=393d2f0a96199a060856cf67e2105fda2cb93d37
Certificate serial: 018DA8982D4A71C26922B7D81D9A2772FFD4
Authority key identifier: 39:3D:2F:0A:96:19:9A:06:08:56:CF:67:E2:10:5F:DA:2C:B9:3D:37
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OT0vCpYZmgYIVs9n4hBf2iy5PTc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/0365de-8008-4713-ab99-619fa80b8d74/1/k7GcqXDcQjFazZREhROts0K22sc.roa
Signing time: Wed 14 Feb 2024 17:09:21 +0000
ROA not before: Wed 14 Feb 2024 17:09:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 185.133.138.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 17:48:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:a8:98:2d:4a:71:c2:69:22:b7:d8:1d:9a:27:72:ff:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=393d2f0a96199a060856cf67e2105fda2cb93d37
Validity
Not Before: Feb 14 17:09:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=93b19ca970dc42315acd94448513adb342b6dac7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:5e:95:f8:00:15:91:1b:07:48:ab:99:53:a6:
09:ac:7a:9a:1c:2b:e2:e6:c4:a7:9a:62:4a:63:35:
a8:62:66:70:d1:9c:fc:d1:21:ab:e1:53:27:9a:27:
79:d5:3b:af:d0:84:f2:19:ed:2e:47:fb:ac:95:a0:
51:b6:9e:f3:f5:61:25:d7:ee:6c:b9:51:9b:f5:9f:
ec:7c:4b:3a:b3:bc:89:3a:c0:78:72:75:00:99:7a:
d1:59:66:77:7b:e1:3a:fe:34:c3:13:4b:40:95:4e:
ab:30:5d:5b:94:07:45:25:c3:d2:7a:51:68:62:a4:
7e:2b:15:25:90:83:70:9d:ff:35:12:45:35:94:5f:
35:7a:23:04:33:c0:6a:2f:49:9a:59:d3:bd:89:ea:
89:ed:d8:39:0c:68:c6:91:b7:34:25:e0:44:5c:1f:
f3:58:80:aa:74:83:3d:41:c1:e6:33:50:d5:57:70:
37:38:96:aa:70:b6:e5:a1:19:d4:b1:4e:c9:f1:49:
ac:91:93:65:a5:9a:72:98:4b:c0:ef:0d:a2:3a:80:
90:be:0d:5a:ff:55:e2:95:54:f7:d3:78:10:e3:c6:
22:da:6c:a2:bb:5d:d0:83:0b:0d:ba:7c:da:af:a3:
78:ad:7e:a9:d3:6d:fc:02:51:44:99:3a:cf:1a:9b:
3b:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:B1:9C:A9:70:DC:42:31:5A:CD:94:44:85:13:AD:B3:42:B6:DA:C7
X509v3 Authority Key Identifier:
keyid:39:3D:2F:0A:96:19:9A:06:08:56:CF:67:E2:10:5F:DA:2C:B9:3D:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OT0vCpYZmgYIVs9n4hBf2iy5PTc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/0365de-8008-4713-ab99-619fa80b8d74/1/k7GcqXDcQjFazZREhROts0K22sc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/0365de-8008-4713-ab99-619fa80b8d74/1/OT0vCpYZmgYIVs9n4hBf2iy5PTc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.133.138.0/24
Signature Algorithm: sha256WithRSAEncryption
87:49:bf:21:64:75:5e:af:8d:81:60:22:9c:4f:07:96:5b:28:
7c:d7:46:22:51:fb:d1:70:cf:c8:ea:21:13:fd:4a:d5:2b:5b:
b0:03:67:b1:3e:80:aa:c7:de:71:53:44:5e:cc:fd:06:11:66:
51:fb:6f:d2:c4:85:aa:a8:78:9a:99:0d:5a:1b:3e:46:40:ba:
87:81:a3:c0:82:f9:fb:56:72:cd:7f:d5:f2:63:85:fe:04:1e:
22:5f:cd:67:d5:ce:d6:7c:dc:66:09:b3:54:fc:fd:bc:20:c2:
40:53:fd:7b:9d:de:9b:72:67:0b:e8:7b:1b:ec:aa:08:7b:43:
70:b1:25:26:1c:e7:64:d8:8c:83:56:04:87:c3:31:94:fb:6d:
ef:83:68:54:e2:ac:63:ee:c8:04:c0:03:f0:15:46:de:8f:ba:
e4:bf:a9:1d:93:e7:d0:55:43:ad:e8:be:77:e2:31:86:24:f5:
f8:9e:d2:27:20:35:4e:34:bb:22:67:41:59:7c:91:25:ff:36:
3b:d4:83:e4:c2:b6:6f:e3:49:74:00:01:42:a5:0b:01:d7:44:
0f:c9:7e:a3:4b:c0:6e:7a:c7:5e:d5:9f:33:da:fa:47:bc:62:
e9:3a:e5:3f:8a:93:a0:be:89:b0:cb:51:74:45:69:4f:83:8f:
35:e5:66:35
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY2omC1KccJpIrfYHZoncv/UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5M2QyZjBhOTYxOTlhMDYwODU2Y2Y2N2UyMTA1ZmRhMmNi
OTNkMzcwHhcNMjQwMjE0MTcwOTIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5M2IxOWNhOTcwZGM0MjMxNWFjZDk0NDQ4NTEzYWRiMzQyYjZkYWM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkl6V+AAVkRsHSKuZU6YJrHqaHCvi
5sSnmmJKYzWoYmZw0Zz80SGr4VMnmid51Tuv0ITyGe0uR/uslaBRtp7z9WEl1+5s
uVGb9Z/sfEs6s7yJOsB4cnUAmXrRWWZ3e+E6/jTDE0tAlU6rMF1blAdFJcPSelFo
YqR+KxUlkINwnf81EkU1lF81eiMEM8BqL0maWdO9ieqJ7dg5DGjGkbc0JeBEXB/z
WICqdIM9QcHmM1DVV3A3OJaqcLbloRnUsU7J8UmskZNlpZpymEvA7w2iOoCQvg1a
/1XilVT303gQ48Yi2myiu13QgwsNunzar6N4rX6p0238AlFEmTrPGps7VQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJOxnKlw3EIxWs2URIUTrbNCttrHMB8GA1UdIwQY
MBaAFDk9LwqWGZoGCFbPZ+IQX9osuT03MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1QwdkNwWVptZ1lJVnM5bjRoQmYyaXk1UFRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi8wMzY1ZGUtODAwOC00NzEzLWFiOTkt
NjE5ZmE4MGI4ZDc0LzEvazdHY3FYRGNRakZhelpSRWhST3RzMEsyMnNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi8wMzY1ZGUtODAwOC00NzEzLWFiOTktNjE5ZmE4MGI4ZDc0
LzEvT1QwdkNwWVptZ1lJVnM5bjRoQmYyaXk1UFRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuYWKMA0G
CSqGSIb3DQEBCwUAA4IBAQCHSb8hZHVer42BYCKcTweWWyh810YiUfvRcM/I6iET
/UrVK1uwA2exPoCqx95xU0RezP0GEWZR+2/SxIWqqHiamQ1aGz5GQLqHgaPAgvn7
VnLNf9XyY4X+BB4iX81n1c7WfNxmCbNU/P28IMJAU/17nd6bcmcL6Hsb7KoIe0Nw
sSUmHOdk2IyDVgSHwzGU+23vg2hU4qxj7sgEwAPwFUbej7rkv6kdk+fQVUOt6L53
4jGGJPX4ntInIDVONLsiZ0FZfJEl/zY71IPkwrZv40l0AAFCpQsB10QPyX6jS8Bu
esde1Z8z2vpHvGLpOuU/ipOgvomwy1F0RWlPg4815WY1
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:35:40 2025 by rpki-client