Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/84f86e-4ea7-4db3-aa30-c2c9e2393a32/1/6EK0Z8aTHl3Yzc-UzUVfM5cOaqM.roa
File: 6EK0Z8aTHl3Yzc-UzUVfM5cOaqM.roa (raw, json)
Hash identifier: RJeMpVOTLXn2Al0R2ngj2hzasSQ1bQWdOfjaY8TqxuI=
Subject key identifier: E8:42:B4:67:C6:93:1E:5D:D8:CD:CF:94:CD:45:5F:33:97:0E:6A:A3
Certificate issuer: /CN=317ef55ae76d422504eae5b206724d36443311c7
Certificate serial: 018CC49350F424218BC54526D29F25DD86FD
Authority key identifier: 31:7E:F5:5A:E7:6D:42:25:04:EA:E5:B2:06:72:4D:36:44:33:11:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MX71WudtQiUE6uWyBnJNNkQzEcc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/84f86e-4ea7-4db3-aa30-c2c9e2393a32/1/6EK0Z8aTHl3Yzc-UzUVfM5cOaqM.roa
Signing time: Mon 01 Jan 2024 10:30:38 +0000
ROA not before: Mon 01 Jan 2024 10:30:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197480
IP address blocks: 178.21.136.0/21 maxlen: 21
185.3.224.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 01 Jan 2025 17:48:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:50:f4:24:21:8b:c5:45:26:d2:9f:25:dd:86:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=317ef55ae76d422504eae5b206724d36443311c7
Validity
Not Before: Jan 1 10:30:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e842b467c6931e5dd8cdcf94cd455f33970e6aa3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:65:70:3d:e3:06:30:aa:ec:07:e2:b4:e3:17:
3a:e8:ce:4d:ba:f6:45:25:05:11:87:00:c0:cc:aa:
e0:68:44:c9:83:22:70:78:c8:65:ca:c6:9e:be:07:
ea:b4:53:24:48:5a:4b:3e:14:1c:33:9d:ae:09:6f:
d8:5d:6a:43:ce:b0:91:a2:6e:58:c3:af:84:e1:97:
f4:f2:55:5d:24:3b:78:db:0a:e0:60:e6:9a:19:82:
db:2f:05:45:a6:42:a1:d0:5f:8c:fd:29:90:9d:5f:
6e:a6:f7:81:a0:87:f3:7f:fe:9d:11:95:36:ed:4c:
2e:d7:f3:22:9f:e5:e8:ec:b3:5c:bf:30:bf:f8:ef:
4f:31:16:9f:9c:f4:4f:c9:72:1a:09:cd:1e:27:d7:
3c:49:ab:ba:64:67:08:89:98:74:13:c2:fa:03:7c:
47:52:57:c2:3a:b0:d2:46:8a:7d:d0:e4:e6:03:31:
5b:00:95:5c:a2:46:2c:97:09:e3:76:9e:dc:d6:e4:
73:5b:38:f5:68:56:88:ea:55:ae:c5:66:db:1e:72:
a4:b4:11:b4:62:4d:58:3f:d0:0b:5d:16:89:6e:90:
be:05:79:04:17:b5:9b:c8:cb:37:6d:8f:c6:79:d4:
59:02:d8:71:0b:0d:7b:21:ae:9c:8e:a0:36:73:d1:
98:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:42:B4:67:C6:93:1E:5D:D8:CD:CF:94:CD:45:5F:33:97:0E:6A:A3
X509v3 Authority Key Identifier:
keyid:31:7E:F5:5A:E7:6D:42:25:04:EA:E5:B2:06:72:4D:36:44:33:11:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MX71WudtQiUE6uWyBnJNNkQzEcc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/84f86e-4ea7-4db3-aa30-c2c9e2393a32/1/6EK0Z8aTHl3Yzc-UzUVfM5cOaqM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/84f86e-4ea7-4db3-aa30-c2c9e2393a32/1/MX71WudtQiUE6uWyBnJNNkQzEcc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.21.136.0/21
185.3.224.0/22
Signature Algorithm: sha256WithRSAEncryption
29:16:54:0e:84:45:96:e7:a5:f8:47:dc:d0:4e:26:ca:82:8d:
45:c6:6b:cb:c5:04:c8:57:b1:fa:bb:ec:8b:dc:33:82:e9:48:
71:46:a4:58:27:a1:a1:c6:f6:6d:76:e9:9b:d6:07:69:23:a6:
4d:ba:b9:9e:dd:fe:13:00:f5:59:de:ac:48:89:21:de:85:2b:
7e:3f:3a:91:fd:f3:6f:4a:01:b1:fa:c6:e1:a3:81:64:88:80:
fa:8d:f9:80:da:ae:da:c0:32:6e:05:06:07:1b:c7:02:6f:3d:
c2:cf:9f:cc:82:9f:05:85:d4:9f:d1:4d:c1:11:ce:19:96:25:
06:53:2b:71:3a:35:be:20:c8:20:a8:92:5f:d6:2e:77:3b:70:
68:7a:8f:dd:15:40:ef:fb:60:4a:f2:46:bf:2e:a7:bd:60:7e:
f8:14:53:e4:9c:5a:6d:c2:ed:f3:6c:15:e7:9c:aa:4a:c8:94:
c9:17:63:70:16:7b:84:d5:f0:0b:1b:6e:b3:88:7c:8c:8a:42:
0f:79:54:60:0b:c0:ba:16:2f:c8:46:c7:83:be:6d:07:a4:a2:
07:2b:9a:19:7f:bd:65:6d:c5:39:5e:1d:93:76:ab:32:4d:c4:
e2:26:3f:a2:ab:15:c2:d5:5c:85:8d:61:0a:cd:9f:4b:37:01:
66:3d:69:c0
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzEk1D0JCGLxUUm0p8l3Yb9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxN2VmNTVhZTc2ZDQyMjUwNGVhZTViMjA2NzI0ZDM2NDQz
MzExYzcwHhcNMjQwMTAxMTAzMDM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlODQyYjQ2N2M2OTMxZTVkZDhjZGNmOTRjZDQ1NWYzMzk3MGU2YWEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtGVwPeMGMKrsB+K04xc66M5NuvZF
JQURhwDAzKrgaETJgyJweMhlysaevgfqtFMkSFpLPhQcM52uCW/YXWpDzrCRom5Y
w6+E4Zf08lVdJDt42wrgYOaaGYLbLwVFpkKh0F+M/SmQnV9upveBoIfzf/6dEZU2
7Uwu1/Min+Xo7LNcvzC/+O9PMRafnPRPyXIaCc0eJ9c8Sau6ZGcIiZh0E8L6A3xH
UlfCOrDSRop90OTmAzFbAJVcokYslwnjdp7c1uRzWzj1aFaI6lWuxWbbHnKktBG0
Yk1YP9ALXRaJbpC+BXkEF7WbyMs3bY/GedRZAthxCw17Ia6cjqA2c9GYtQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOhCtGfGkx5d2M3PlM1FXzOXDmqjMB8GA1UdIwQY
MBaAFDF+9VrnbUIlBOrlsgZyTTZEMxHHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVg3MVd1ZHRRaVVFNnVXeUJuSk5Oa1F6RWNjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS84NGY4NmUtNGVhNy00ZGIzLWFhMzAt
YzJjOWUyMzkzYTMyLzEvNkVLMFo4YVRIbDNZemMtVXpVVmZNNWNPYXFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS84NGY4NmUtNGVhNy00ZGIzLWFhMzAtYzJjOWUyMzkzYTMy
LzEvTVg3MVd1ZHRRaVVFNnVXeUJuSk5Oa1F6RWNjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDshWIAwQC
uQPgMA0GCSqGSIb3DQEBCwUAA4IBAQApFlQOhEWW56X4R9zQTibKgo1FxmvLxQTI
V7H6u+yL3DOC6UhxRqRYJ6GhxvZtdumb1gdpI6ZNurme3f4TAPVZ3qxIiSHehSt+
PzqR/fNvSgGx+sbho4FkiID6jfmA2q7awDJuBQYHG8cCbz3Cz5/Mgp8FhdSf0U3B
Ec4ZliUGUytxOjW+IMggqJJf1i53O3Boeo/dFUDv+2BK8ka/Lqe9YH74FFPknFpt
wu3zbBXnnKpKyJTJF2NwFnuE1fALG26ziHyMikIPeVRgC8C6Fi/IRseDvm0HpKIH
K5oZf71lbcU5Xh2TdqsyTcTiJj+iqxXC1VyFjWEKzZ9LNwFmPWnA
-----END CERTIFICATE-----
Generated at Fri Mar 14 12:02:38 2025 by rpki-client