Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/7e28ee-c65d-4529-a47b-48633d718590/1/7KQ9vIEb7Bqfc73wNSYl8_XfhN4.roa
File: 7KQ9vIEb7Bqfc73wNSYl8_XfhN4.roa (raw, json)
Hash identifier: Mv3XaiGYtC1BfBsqH2YzGUQxAt/BO/ftUbQU0c7BLlg=
Subject key identifier: EC:A4:3D:BC:81:1B:EC:1A:9F:73:BD:F0:35:26:25:F3:F5:DF:84:DE
Certificate issuer: /CN=bf107e07952c069358cd3f82aaeceb4c69483ca9
Certificate serial: 018E2C60443B7C6ED663514F3C24158E3C1E
Authority key identifier: BF:10:7E:07:95:2C:06:93:58:CD:3F:82:AA:EC:EB:4C:69:48:3C:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vxB-B5UsBpNYzT-CquzrTGlIPKk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/7e28ee-c65d-4529-a47b-48633d718590/1/7KQ9vIEb7Bqfc73wNSYl8_XfhN4.roa
Signing time: Mon 11 Mar 2024 07:18:10 +0000
ROA not before: Mon 11 Mar 2024 07:18:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208257
IP address blocks: 185.251.70.0/24 maxlen: 24
2a0f:6a00::/29 maxlen: 29
2a0f:f200::/29 maxlen: 29
2a10:aec0::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 02 May 2024 06:19:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:2c:60:44:3b:7c:6e:d6:63:51:4f:3c:24:15:8e:3c:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bf107e07952c069358cd3f82aaeceb4c69483ca9
Validity
Not Before: Mar 11 07:18:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=eca43dbc811bec1a9f73bdf0352625f3f5df84de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:51:ad:3d:68:ec:8d:c8:b0:bf:5d:aa:c8:c1:
53:cf:d6:1b:a9:44:95:ba:7a:d6:15:05:88:33:a4:
d1:7d:e9:64:9a:a9:b3:7c:e5:e8:c1:b9:e3:2c:b0:
3d:8f:9f:45:72:5f:3f:5a:8c:42:8c:8e:9c:c3:91:
a9:38:06:5b:b5:f2:5f:51:2b:d0:14:97:11:9e:8a:
5e:04:a6:a3:f2:7f:d4:12:de:4a:95:26:cd:6b:08:
bc:ff:9b:fe:6e:85:aa:1c:d0:c3:f4:89:bf:92:9f:
62:ab:c2:6e:66:f5:9b:24:d2:ec:91:99:85:05:3b:
9c:f3:98:ef:96:81:2f:54:cf:43:d4:d6:a1:9c:b7:
54:5d:ca:52:02:25:c1:5a:03:a1:3c:64:71:21:d6:
ce:b0:76:2d:c8:61:66:77:05:07:92:a4:41:b0:64:
c0:5c:90:71:5f:c9:c3:5a:9d:d3:a4:ca:67:58:96:
92:53:50:b5:36:13:2f:39:97:ef:28:16:94:b1:d2:
40:57:2c:ed:54:f9:88:ac:87:11:3e:06:7b:c5:58:
41:8e:36:c4:c7:98:51:52:04:77:76:db:7f:b7:b3:
72:94:22:00:65:b4:24:06:38:16:29:17:dc:cc:6c:
1e:66:0a:b6:78:c7:3d:40:64:7c:50:38:40:9f:f3:
80:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:A4:3D:BC:81:1B:EC:1A:9F:73:BD:F0:35:26:25:F3:F5:DF:84:DE
X509v3 Authority Key Identifier:
keyid:BF:10:7E:07:95:2C:06:93:58:CD:3F:82:AA:EC:EB:4C:69:48:3C:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vxB-B5UsBpNYzT-CquzrTGlIPKk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/7e28ee-c65d-4529-a47b-48633d718590/1/7KQ9vIEb7Bqfc73wNSYl8_XfhN4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/7e28ee-c65d-4529-a47b-48633d718590/1/vxB-B5UsBpNYzT-CquzrTGlIPKk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.251.70.0/24
IPv6:
2a0f:6a00::/29
2a0f:f200::/29
2a10:aec0::/29
Signature Algorithm: sha256WithRSAEncryption
6c:de:89:e8:aa:5d:1d:82:a9:bd:dd:22:aa:d0:2c:8c:f8:61:
bf:02:e3:ef:db:0a:83:e7:f2:f0:2c:13:65:60:b8:10:2f:82:
4c:1e:c3:d3:f5:ce:70:7b:fc:b1:fe:d4:4e:9a:12:75:bc:6a:
6b:da:95:f4:84:5c:02:10:21:01:d8:54:03:76:6b:77:1b:2b:
cf:13:12:2e:2a:61:4a:02:a0:f8:df:28:ac:7b:37:d0:24:97:
de:0e:65:eb:b3:5d:86:c5:16:55:e2:98:12:ae:1c:c7:8c:4e:
c3:a5:3a:fa:82:14:9e:26:c9:f3:f3:5a:ce:7d:3a:4a:d2:ce:
e7:96:32:95:7b:4b:7b:6f:25:50:ad:fe:33:ef:5b:d9:42:6c:
c7:dc:e9:f5:2c:81:61:49:c3:ac:bb:20:37:cc:b8:59:6e:77:
07:a1:84:63:bd:04:ff:7c:95:ee:58:a1:ca:52:36:1e:d9:97:
60:b3:b9:c0:c5:bc:4f:4c:7e:2a:3d:c1:2f:e7:fa:5d:29:27:
0c:1d:d5:23:99:5c:a3:08:c7:a0:e4:09:58:e6:64:0f:f7:1a:
cf:ae:d9:4a:0e:59:cb:17:fe:2d:fd:5a:41:ed:87:35:37:23:
28:e4:1e:40:1b:d6:f7:70:09:b0:d2:57:bb:33:d6:b1:69:95:
1c:f6:84:62
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAY4sYEQ7fG7WY1FPPCQVjjweMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmMTA3ZTA3OTUyYzA2OTM1OGNkM2Y4MmFhZWNlYjRjNjk0
ODNjYTkwHhcNMjQwMzExMDcxODEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlY2E0M2RiYzgxMWJlYzFhOWY3M2JkZjAzNTI2MjVmM2Y1ZGY4NGRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkFGtPWjsjciwv12qyMFTz9YbqUSV
unrWFQWIM6TRfelkmqmzfOXowbnjLLA9j59Fcl8/WoxCjI6cw5GpOAZbtfJfUSvQ
FJcRnopeBKaj8n/UEt5KlSbNawi8/5v+boWqHNDD9Im/kp9iq8JuZvWbJNLskZmF
BTuc85jvloEvVM9D1NahnLdUXcpSAiXBWgOhPGRxIdbOsHYtyGFmdwUHkqRBsGTA
XJBxX8nDWp3TpMpnWJaSU1C1NhMvOZfvKBaUsdJAVyztVPmIrIcRPgZ7xVhBjjbE
x5hRUgR3dtt/t7NylCIAZbQkBjgWKRfczGweZgq2eMc9QGR8UDhAn/OAfQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFOykPbyBG+wan3O98DUmJfP134TeMB8GA1UdIwQY
MBaAFL8QfgeVLAaTWM0/gqrs60xpSDypMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdnhCLUI1VXNCcE5ZelQtQ3F1enJUR2xJUEtrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi83ZTI4ZWUtYzY1ZC00NTI5LWE0N2It
NDg2MzNkNzE4NTkwLzEvN0tROXZJRWI3QnFmYzczd05TWWw4X1hmaE40LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi83ZTI4ZWUtYzY1ZC00NTI5LWE0N2ItNDg2MzNkNzE4NTkw
LzEvdnhCLUI1VXNCcE5ZelQtQ3F1enJUR2xJUEtrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAMBAIAATAGAwQAuftGMBsE
AgACMBUDBQMqD2oAAwUDKg/yAAMFAyoQrsAwDQYJKoZIhvcNAQELBQADggEBAGze
ieiqXR2Cqb3dIqrQLIz4Yb8C4+/bCoPn8vAsE2VguBAvgkwew9P1znB7/LH+1E6a
EnW8amvalfSEXAIQIQHYVAN2a3cbK88TEi4qYUoCoPjfKKx7N9Akl94OZeuzXYbF
FlXimBKuHMeMTsOlOvqCFJ4myfPzWs59OkrSzueWMpV7S3tvJVCt/jPvW9lCbMfc
6fUsgWFJw6y7IDfMuFludwehhGO9BP98le5YocpSNh7Zl2CzucDFvE9Mfio9wS/n
+l0pJwwd1SOZXKMIx6DkCVjmZA/3Gs+u2UoOWcsX/i39WkHthzU3IyjkHkAb1vdw
CbDSV7sz1rFplRz2hGI=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:11:53 2025 by rpki-client