Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/bccaea-68ce-4224-97a5-2b3b4c780419/1/61-rGEbSQyHAtyvdUUVFeX8CZDc.roa
File: 61-rGEbSQyHAtyvdUUVFeX8CZDc.roa (raw, json)
Hash identifier: W+gJHwCoJVv2zr1lMHxbjUeMGc2KFHB9jjEeCuM4tRQ=
Subject key identifier: EB:5F:AB:18:46:D2:43:21:C0:B7:2B:DD:51:45:45:79:7F:02:64:37
Certificate issuer: /CN=3a41b155aab6d1229fd348eaa03d0f7903f1267a
Certificate serial: 018CC500F8E55308676F7D286FB95C7888BD
Authority key identifier: 3A:41:B1:55:AA:B6:D1:22:9F:D3:48:EA:A0:3D:0F:79:03:F1:26:7A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OkGxVaq20SKf00jqoD0PeQPxJno.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/bccaea-68ce-4224-97a5-2b3b4c780419/1/61-rGEbSQyHAtyvdUUVFeX8CZDc.roa
Signing time: Mon 01 Jan 2024 12:30:24 +0000
ROA not before: Mon 01 Jan 2024 12:30:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31027
IP address blocks: 185.197.136.0/22 maxlen: 22
2a0a:7a40::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 24 Oct 2024 10:23:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:f8:e5:53:08:67:6f:7d:28:6f:b9:5c:78:88:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a41b155aab6d1229fd348eaa03d0f7903f1267a
Validity
Not Before: Jan 1 12:30:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=eb5fab1846d24321c0b72bdd514545797f026437
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:2d:a8:f6:1a:ee:36:0b:53:3b:b5:e6:34:9e:
6f:6f:5d:2e:38:76:1c:82:dc:f1:0e:8b:3b:32:ce:
7e:66:1f:6e:e4:a4:6f:3c:5a:fe:4e:02:6c:c3:94:
18:37:cd:90:e1:ff:8e:09:28:76:f7:f2:6b:34:d2:
68:c3:65:df:9f:21:1b:82:0a:9a:3b:4d:04:f2:4b:
84:3b:3a:1f:1e:97:4b:61:54:a0:93:a7:c8:7a:f4:
a5:9a:08:a1:0a:67:24:71:bc:b6:93:3b:96:81:97:
57:bf:54:1f:7d:ad:da:b3:3b:79:cc:65:10:a6:75:
31:6f:27:1d:cd:da:75:49:8b:2f:a8:9e:ac:5d:3f:
7c:44:3e:ce:9b:f7:90:0d:85:3f:81:6a:2b:5c:54:
29:f1:86:a9:0a:a4:73:a8:11:94:97:f8:f7:68:fa:
3e:24:c7:ea:0e:23:1d:ec:09:20:80:b1:9e:87:1f:
1e:a6:da:47:41:76:b0:f1:d8:7b:99:a4:3a:29:ac:
45:d3:4c:76:09:6f:ec:28:ed:64:f3:f3:67:e7:ca:
ba:eb:64:1c:98:fa:ee:d2:26:bd:87:5c:e6:44:68:
78:49:59:b8:65:1d:44:39:23:27:14:eb:fb:36:17:
ae:c3:4c:51:fe:26:7f:e1:6c:d3:2b:9c:cc:c6:e2:
7b:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:5F:AB:18:46:D2:43:21:C0:B7:2B:DD:51:45:45:79:7F:02:64:37
X509v3 Authority Key Identifier:
keyid:3A:41:B1:55:AA:B6:D1:22:9F:D3:48:EA:A0:3D:0F:79:03:F1:26:7A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OkGxVaq20SKf00jqoD0PeQPxJno.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/bccaea-68ce-4224-97a5-2b3b4c780419/1/61-rGEbSQyHAtyvdUUVFeX8CZDc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/67/bccaea-68ce-4224-97a5-2b3b4c780419/1/OkGxVaq20SKf00jqoD0PeQPxJno.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.197.136.0/22
IPv6:
2a0a:7a40::/29
Signature Algorithm: sha256WithRSAEncryption
08:c5:9f:98:e0:8a:ee:0a:97:17:e2:42:b9:9a:77:dd:10:e1:
de:d1:65:89:48:1b:dc:76:c4:c1:ae:c8:07:ee:01:d3:27:2d:
55:13:c4:52:40:a8:c7:e6:da:3d:f5:e3:8b:ee:15:af:86:6a:
e6:7a:1d:92:7d:2c:b1:06:cd:db:5c:44:e9:14:be:4e:0a:03:
1a:5d:eb:b9:97:c9:88:39:8d:91:56:6f:1a:6e:80:c7:05:91:
42:57:7e:b3:26:18:c5:e8:58:db:92:b8:4a:7a:89:59:9b:4a:
8e:f6:cb:f9:83:de:85:52:28:fb:c3:05:b7:72:35:f7:88:d5:
a7:f9:84:cc:c3:66:39:0d:de:7c:9e:74:f7:70:bb:ec:56:0c:
56:00:13:79:6d:6f:b6:69:20:12:ac:3c:0f:ce:4b:41:82:d5:
d5:d5:9a:37:27:cf:71:84:b0:f7:74:91:98:a2:7e:86:49:52:
1e:ed:ad:c1:45:a9:55:d5:1a:32:af:95:6d:05:1c:23:bb:26:
7f:b9:6c:bd:56:08:a0:95:a3:07:8f:8c:39:41:7c:d4:f7:80:
1b:5b:75:fb:3b:05:7e:bd:ed:f8:b2:8f:0f:ef:7e:ed:12:2c:
25:d2:43:5a:99:b0:ca:f4:2a:68:9e:e9:25:d6:63:15:01:b4:
a1:6c:e8:79
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzFAPjlUwhnb30ob7lceIi9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhNDFiMTU1YWFiNmQxMjI5ZmQzNDhlYWEwM2QwZjc5MDNm
MTI2N2EwHhcNMjQwMTAxMTIzMDI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYjVmYWIxODQ2ZDI0MzIxYzBiNzJiZGQ1MTQ1NDU3OTdmMDI2NDM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAry2o9hruNgtTO7XmNJ5vb10uOHYc
gtzxDos7Ms5+Zh9u5KRvPFr+TgJsw5QYN82Q4f+OCSh29/JrNNJow2XfnyEbggqa
O00E8kuEOzofHpdLYVSgk6fIevSlmgihCmckcby2kzuWgZdXv1Qffa3aszt5zGUQ
pnUxbycdzdp1SYsvqJ6sXT98RD7Om/eQDYU/gWorXFQp8YapCqRzqBGUl/j3aPo+
JMfqDiMd7AkggLGehx8eptpHQXaw8dh7maQ6KaxF00x2CW/sKO1k8/Nn58q662Qc
mPru0ia9h1zmRGh4SVm4ZR1EOSMnFOv7Nheuw0xR/iZ/4WzTK5zMxuJ76wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOtfqxhG0kMhwLcr3VFFRXl/AmQ3MB8GA1UdIwQY
MBaAFDpBsVWqttEin9NI6qA9D3kD8SZ6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2tHeFZhcTIwU0tmMDBqcW9EMFBlUVB4Sm5vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny9iY2NhZWEtNjhjZS00MjI0LTk3YTUt
MmIzYjRjNzgwNDE5LzEvNjEtckdFYlNReUhBdHl2ZFVVVkZlWDhDWkRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny9iY2NhZWEtNjhjZS00MjI0LTk3YTUtMmIzYjRjNzgwNDE5
LzEvT2tHeFZhcTIwU0tmMDBqcW9EMFBlUVB4Sm5vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCucWIMA0E
AgACMAcDBQMqCnpAMA0GCSqGSIb3DQEBCwUAA4IBAQAIxZ+Y4IruCpcX4kK5mnfd
EOHe0WWJSBvcdsTBrsgH7gHTJy1VE8RSQKjH5to99eOL7hWvhmrmeh2SfSyxBs3b
XETpFL5OCgMaXeu5l8mIOY2RVm8aboDHBZFCV36zJhjF6FjbkrhKeolZm0qO9sv5
g96FUij7wwW3cjX3iNWn+YTMw2Y5Dd58nnT3cLvsVgxWABN5bW+2aSASrDwPzktB
gtXV1Zo3J89xhLD3dJGYon6GSVIe7a3BRalV1Royr5VtBRwjuyZ/uWy9VgiglaMH
j4w5QXzU94AbW3X7OwV+ve34so8P737tEiwl0kNambDK9Cponukl1mMVAbShbOh5
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:52:33 2025 by rpki-client