Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/da8cb1-1bfc-43fd-a0d2-d624496ddcc8/1/H3ehdwD7r4RIqQD0xbQnLou9tpo.roa
File: H3ehdwD7r4RIqQD0xbQnLou9tpo.roa (raw, json)
Hash identifier: rid05XhdZL6pT1bkh39vRdmXRTwJNJqvPkqHk63/xrI=
Subject key identifier: 1F:77:A1:77:00:FB:AF:84:48:A9:00:F4:C5:B4:27:2E:8B:BD:B6:9A
Certificate issuer: /CN=a647893fb5b348e68a66d55a28f278cbf3931df4
Certificate serial: 01941CFBBB52BEB9657B7E0BFBE512BC5D99
Authority key identifier: A6:47:89:3F:B5:B3:48:E6:8A:66:D5:5A:28:F2:78:CB:F3:93:1D:F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pkeJP7WzSOaKZtVaKPJ4y_OTHfQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/63/da8cb1-1bfc-43fd-a0d2-d624496ddcc8/1/H3ehdwD7r4RIqQD0xbQnLou9tpo.roa
Signing time: Tue 31 Dec 2024 13:50:46 +0000
ROA not before: Tue 31 Dec 2024 13:50:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31727
IP address blocks: 185.207.134.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 13:48:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1c:fb:bb:52:be:b9:65:7b:7e:0b:fb:e5:12:bc:5d:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a647893fb5b348e68a66d55a28f278cbf3931df4
Validity
Not Before: Dec 31 13:50:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1f77a17700fbaf8448a900f4c5b4272e8bbdb69a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:d5:5e:5b:22:e0:3c:64:c8:a5:ee:86:0b:53:
5d:0a:60:b3:03:32:87:8c:f3:f4:02:f9:6b:8b:b4:
b6:c0:6f:00:13:0b:b6:95:30:af:4c:f2:9f:8c:c7:
3a:de:e1:d7:3b:da:68:b9:ff:b4:51:4e:a8:4b:c2:
1f:b3:cc:e2:78:df:e3:ad:77:17:c0:a0:56:02:d9:
61:3d:9a:9f:3e:9c:bf:ae:e8:1d:56:b0:65:5e:f4:
a2:a6:49:b5:a2:7d:29:3a:c4:68:80:f8:48:8a:3a:
5d:6a:03:8f:9c:9b:55:4f:fa:96:ba:55:ed:28:d5:
e1:b1:0c:ee:51:28:43:93:fd:18:e6:a8:73:81:a5:
08:ec:1c:74:6e:bd:19:9b:6a:b1:88:11:52:99:98:
02:f0:5c:70:04:74:f0:64:9a:ca:4e:85:c2:1a:c0:
22:26:e4:31:cd:2c:2a:66:6b:f1:cf:96:d2:dc:dd:
89:3d:1c:22:80:be:9f:ef:48:ba:47:4c:52:88:8f:
5a:56:d3:6e:f6:49:f3:64:c4:94:07:0b:67:b3:c0:
57:9b:bf:b5:46:1a:25:c5:06:ff:4f:c4:41:6a:51:
aa:57:01:48:e4:68:37:4f:df:ea:1d:2e:55:0d:7c:
65:63:17:df:a2:a7:47:97:8d:eb:e2:33:70:1a:a8:
34:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:77:A1:77:00:FB:AF:84:48:A9:00:F4:C5:B4:27:2E:8B:BD:B6:9A
X509v3 Authority Key Identifier:
keyid:A6:47:89:3F:B5:B3:48:E6:8A:66:D5:5A:28:F2:78:CB:F3:93:1D:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pkeJP7WzSOaKZtVaKPJ4y_OTHfQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/da8cb1-1bfc-43fd-a0d2-d624496ddcc8/1/H3ehdwD7r4RIqQD0xbQnLou9tpo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/63/da8cb1-1bfc-43fd-a0d2-d624496ddcc8/1/pkeJP7WzSOaKZtVaKPJ4y_OTHfQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.207.134.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:26:91:9d:35:20:65:6f:c7:6e:8a:74:ea:28:a1:4d:60:b7:
e8:b1:c4:84:44:b3:19:d9:22:f8:bd:bd:97:c0:55:74:2d:9c:
42:16:d5:07:b5:aa:11:88:c2:20:8e:98:ef:e3:17:f3:e8:00:
63:98:31:ff:87:e7:fb:ba:d1:26:51:26:a0:82:1d:7a:5e:4a:
c7:49:8c:80:d6:94:8b:41:7e:1f:b4:0b:45:8b:55:07:68:99:
8c:ed:c7:83:40:68:e3:21:df:a7:78:85:e6:75:5c:e1:32:a5:
ba:dc:f6:8d:2e:5c:33:32:d7:7c:ea:c6:89:b2:5e:33:a9:c4:
21:97:09:aa:f9:d5:5f:ac:3c:28:9c:b3:c4:bb:44:aa:02:5a:
c4:ce:62:d4:88:ba:f0:99:c6:2b:b3:28:e6:d7:90:d5:98:93:
87:0b:0b:29:72:12:d0:86:c0:7e:bd:c4:3f:96:67:72:04:f5:
7d:e2:9c:fb:18:69:44:fc:a9:39:62:36:40:06:51:ba:14:d4:
69:d8:a9:00:b9:4b:67:f6:0a:e9:6c:4d:93:ff:92:42:63:7f:
3a:b9:63:42:43:df:9b:5a:21:9b:24:bb:c2:77:c8:df:3e:40:
dc:07:2b:13:b1:7e:b0:0c:7e:fa:00:4c:42:0a:b1:9a:f2:3e:
72:b7:c4:46
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQc+7tSvrlle34L++USvF2ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2NDc4OTNmYjViMzQ4ZTY4YTY2ZDU1YTI4ZjI3OGNiZjM5
MzFkZjQwHhcNMjQxMjMxMTM1MDQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjc3YTE3NzAwZmJhZjg0NDhhOTAwZjRjNWI0MjcyZThiYmRiNjlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlNVeWyLgPGTIpe6GC1NdCmCzAzKH
jPP0Avlri7S2wG8AEwu2lTCvTPKfjMc63uHXO9pouf+0UU6oS8Ifs8zieN/jrXcX
wKBWAtlhPZqfPpy/rugdVrBlXvSipkm1on0pOsRogPhIijpdagOPnJtVT/qWulXt
KNXhsQzuUShDk/0Y5qhzgaUI7Bx0br0Zm2qxiBFSmZgC8FxwBHTwZJrKToXCGsAi
JuQxzSwqZmvxz5bS3N2JPRwigL6f70i6R0xSiI9aVtNu9knzZMSUBwtns8BXm7+1
RholxQb/T8RBalGqVwFI5Gg3T9/qHS5VDXxlYxffoqdHl43r4jNwGqg0GwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB93oXcA+6+ESKkA9MW0Jy6LvbaaMB8GA1UdIwQY
MBaAFKZHiT+1s0jmimbVWijyeMvzkx30MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGtlSlA3V3pTT2FLWnRWYUtQSjR5X09USGZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My9kYThjYjEtMWJmYy00M2ZkLWEwZDIt
ZDYyNDQ5NmRkY2M4LzEvSDNlaGR3RDdyNFJJcVFEMHhiUW5Mb3U5dHBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My9kYThjYjEtMWJmYy00M2ZkLWEwZDItZDYyNDQ5NmRkY2M4
LzEvcGtlSlA3V3pTT2FLWnRWYUtQSjR5X09USGZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuc+GMA0G
CSqGSIb3DQEBCwUAA4IBAQAaJpGdNSBlb8duinTqKKFNYLfoscSERLMZ2SL4vb2X
wFV0LZxCFtUHtaoRiMIgjpjv4xfz6ABjmDH/h+f7utEmUSaggh16XkrHSYyA1pSL
QX4ftAtFi1UHaJmM7ceDQGjjId+neIXmdVzhMqW63PaNLlwzMtd86saJsl4zqcQh
lwmq+dVfrDwonLPEu0SqAlrEzmLUiLrwmcYrsyjm15DVmJOHCwspchLQhsB+vcQ/
lmdyBPV94pz7GGlE/Kk5YjZABlG6FNRp2KkAuUtn9grpbE2T/5JCY386uWNCQ9+b
WiGbJLvCd8jfPkDcBysTsX6wDH76AExCCrGa8j5yt8RG
-----END CERTIFICATE-----
Generated at Sun Apr 20 03:36:25 2025 by rpki-client