Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/57bf89-fe3b-4c21-8ffb-e8754d005ebe/1/7e6jHwjy6Gr7AK1T3k0KXc0ChVU.roa
File: 7e6jHwjy6Gr7AK1T3k0KXc0ChVU.roa (raw, json)
Hash identifier: HpAabH+FDVp9LqzpKpVINdrZzYwYTTeGsxumK+yjR5M=
Subject key identifier: ED:EE:A3:1F:08:F2:E8:6A:FB:00:AD:53:DE:4D:0A:5D:CD:02:85:55
Certificate issuer: /CN=cb645bc0fdb8626bce2c0425c4087b54e150d386
Certificate serial: 01942747ED69322BCB4021EB1B5D5D5E6609
Authority key identifier: CB:64:5B:C0:FD:B8:62:6B:CE:2C:04:25:C4:08:7B:54:E1:50:D3:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/y2RbwP24YmvOLAQlxAh7VOFQ04Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/57bf89-fe3b-4c21-8ffb-e8754d005ebe/1/7e6jHwjy6Gr7AK1T3k0KXc0ChVU.roa
Signing time: Thu 02 Jan 2025 13:50:12 +0000
ROA not before: Thu 02 Jan 2025 13:50:12 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42689
IP address blocks: 185.210.157.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 14 Jan 2025 06:13:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:ed:69:32:2b:cb:40:21:eb:1b:5d:5d:5e:66:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cb645bc0fdb8626bce2c0425c4087b54e150d386
Validity
Not Before: Jan 2 13:50:12 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=edeea31f08f2e86afb00ad53de4d0a5dcd028555
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:ac:bd:c9:0a:af:12:3d:e0:07:e6:b5:0b:2e:
1d:3c:97:cb:68:34:88:37:e8:4b:3e:c8:34:f4:08:
c3:b1:82:f7:65:36:6f:59:c9:45:a1:c7:78:44:e2:
0b:72:2f:c7:ad:82:95:8a:a4:34:3d:f3:70:b5:60:
b0:5f:02:05:4f:6c:da:f3:06:72:97:11:13:67:f5:
6f:44:68:41:ed:94:d3:c7:0e:67:88:f9:d5:f6:0e:
ec:6a:bf:3f:2a:23:a9:9b:ac:f8:d6:53:b8:a2:23:
c9:9e:93:c1:50:cb:4d:1f:bc:73:b1:17:2b:94:25:
81:d7:5e:9e:52:c9:24:f4:ac:ea:23:3f:7e:a9:2b:
08:9b:22:d6:3a:11:d3:ea:67:b6:eb:4d:4f:ea:eb:
06:96:aa:0e:7f:db:2a:9e:a5:64:18:89:3a:65:76:
fb:a8:49:91:93:c2:86:f9:01:2f:00:72:cc:4b:99:
a7:45:13:fe:96:fb:3b:53:98:fc:c3:c2:17:ef:64:
39:d3:c9:38:af:43:bd:52:5f:d9:5b:df:19:a6:41:
a0:3a:8f:c4:d9:b7:08:b3:08:3c:ef:58:ff:7f:3d:
c1:61:46:f7:1a:5e:b2:1b:bf:33:ab:84:6d:9a:31:
65:a1:00:3d:08:6a:ca:84:ee:1b:3d:bb:0a:5d:8d:
09:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:EE:A3:1F:08:F2:E8:6A:FB:00:AD:53:DE:4D:0A:5D:CD:02:85:55
X509v3 Authority Key Identifier:
keyid:CB:64:5B:C0:FD:B8:62:6B:CE:2C:04:25:C4:08:7B:54:E1:50:D3:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y2RbwP24YmvOLAQlxAh7VOFQ04Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/57bf89-fe3b-4c21-8ffb-e8754d005ebe/1/7e6jHwjy6Gr7AK1T3k0KXc0ChVU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/57bf89-fe3b-4c21-8ffb-e8754d005ebe/1/y2RbwP24YmvOLAQlxAh7VOFQ04Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.210.157.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:23:9a:25:82:b2:f3:1f:90:75:71:84:2b:bd:91:cf:e3:c9:
74:a9:99:bc:55:d9:4d:ac:fa:32:27:0a:6a:87:e7:19:9f:e1:
f4:a4:70:97:2d:97:79:b8:b0:08:2e:25:bb:cc:48:e3:62:ec:
29:30:c8:f5:15:04:a6:14:b3:b4:c4:57:42:a6:04:8f:90:fd:
b9:a6:74:b0:9a:19:fb:6b:29:33:83:17:60:c9:09:4c:e5:2c:
45:e2:66:db:71:eb:ef:8e:2b:88:02:53:bd:25:81:39:2b:de:
02:bb:32:80:a0:40:72:55:56:a2:2c:33:d9:16:a3:c0:2d:9c:
3e:9b:bd:5d:18:f0:f0:ba:2a:01:c6:7c:e8:b8:2f:0b:e8:2b:
2b:d5:07:0c:30:d6:9d:b3:20:5e:f2:33:c1:18:53:30:2e:45:
bf:c8:ec:f8:dd:1f:9b:b9:42:a1:8a:66:55:f5:4a:50:65:15:
d3:ab:76:aa:f9:6d:ec:d4:6c:3f:ab:75:6a:28:9e:1e:04:83:
fb:10:1c:20:c0:c2:98:45:90:a4:a5:c2:b9:83:c3:31:27:0b:
50:d1:2f:54:58:23:70:cc:89:ea:3c:98:ab:13:22:ad:e9:00:
15:cb:b1:27:63:88:e3:e6:f8:ce:a2:17:da:02:66:44:f5:fd:
9d:ec:5b:c5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQnR+1pMivLQCHrG11dXmYJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiNjQ1YmMwZmRiODYyNmJjZTJjMDQyNWM0MDg3YjU0ZTE1
MGQzODYwHhcNMjUwMTAyMTM1MDEyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZGVlYTMxZjA4ZjJlODZhZmIwMGFkNTNkZTRkMGE1ZGNkMDI4NTU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3qy9yQqvEj3gB+a1Cy4dPJfLaDSI
N+hLPsg09AjDsYL3ZTZvWclFocd4ROILci/HrYKViqQ0PfNwtWCwXwIFT2za8wZy
lxETZ/VvRGhB7ZTTxw5niPnV9g7sar8/KiOpm6z41lO4oiPJnpPBUMtNH7xzsRcr
lCWB116eUskk9KzqIz9+qSsImyLWOhHT6me2601P6usGlqoOf9sqnqVkGIk6ZXb7
qEmRk8KG+QEvAHLMS5mnRRP+lvs7U5j8w8IX72Q508k4r0O9Ul/ZW98ZpkGgOo/E
2bcIswg871j/fz3BYUb3Gl6yG78zq4RtmjFloQA9CGrKhO4bPbsKXY0JsQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFO3uox8I8uhq+wCtU95NCl3NAoVVMB8GA1UdIwQY
MBaAFMtkW8D9uGJrziwEJcQIe1ThUNOGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveTJSYndQMjRZbXZPTEFRbHhBaDdWT0ZRMDRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC81N2JmODktZmUzYi00YzIxLThmZmIt
ZTg3NTRkMDA1ZWJlLzEvN2U2akh3ank2R3I3QUsxVDNrMEtYYzBDaFZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC81N2JmODktZmUzYi00YzIxLThmZmItZTg3NTRkMDA1ZWJl
LzEveTJSYndQMjRZbXZPTEFRbHhBaDdWT0ZRMDRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAudKdMA0G
CSqGSIb3DQEBCwUAA4IBAQAeI5olgrLzH5B1cYQrvZHP48l0qZm8VdlNrPoyJwpq
h+cZn+H0pHCXLZd5uLAILiW7zEjjYuwpMMj1FQSmFLO0xFdCpgSPkP25pnSwmhn7
aykzgxdgyQlM5SxF4mbbcevvjiuIAlO9JYE5K94CuzKAoEByVVaiLDPZFqPALZw+
m71dGPDwuioBxnzouC8L6Csr1QcMMNadsyBe8jPBGFMwLkW/yOz43R+buUKhimZV
9UpQZRXTq3aq+W3s1Gw/q3VqKJ4eBIP7EBwgwMKYRZCkpcK5g8MxJwtQ0S9UWCNw
zInqPJirEyKt6QAVy7EnY4jj5vjOohfaAmZE9f2d7FvF
-----END CERTIFICATE-----
Generated at Tue Apr 8 11:37:33 2025 by rpki-client