Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/547a7f-4baf-4b7e-afb8-466013435079/1/7J3QaTxdVgk2ptOxCJSHjzDGJYk.roa
File: 7J3QaTxdVgk2ptOxCJSHjzDGJYk.roa (raw, json)
Hash identifier: SImkJwwmADUYuFjB79ChJwKYuNbW4TEw0rEra6WThng=
Subject key identifier: EC:9D:D0:69:3C:5D:56:09:36:A6:D3:B1:08:94:87:8F:30:C6:25:89
Certificate issuer: /CN=6bb95cfc2d187f40530ef083bbd10c88c4956c1d
Certificate serial: 018EC9E0F4809B815AB75137C978E39EF90A
Authority key identifier: 6B:B9:5C:FC:2D:18:7F:40:53:0E:F0:83:BB:D1:0C:88:C4:95:6C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a7lc_C0Yf0BTDvCDu9EMiMSVbB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/547a7f-4baf-4b7e-afb8-466013435079/1/7J3QaTxdVgk2ptOxCJSHjzDGJYk.roa
Signing time: Wed 10 Apr 2024 21:19:06 +0000
ROA not before: Wed 10 Apr 2024 21:19:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 188.172.137.0/24 maxlen: 24
188.172.138.0/24 maxlen: 24
2a03:7d40::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 10 Apr 2024 21:39:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:c9:e0:f4:80:9b:81:5a:b7:51:37:c9:78:e3:9e:f9:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6bb95cfc2d187f40530ef083bbd10c88c4956c1d
Validity
Not Before: Apr 10 21:19:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ec9dd0693c5d560936a6d3b10894878f30c62589
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:06:4f:74:1c:8a:7c:d2:3d:cc:e8:bb:71:6e:
5f:2e:a9:b7:ff:d0:a6:75:1d:e9:9b:a4:9c:a1:87:
da:8b:af:7b:28:d1:ff:ec:3a:d6:c3:d3:04:65:13:
97:6b:da:6e:73:4d:d9:8f:7e:98:86:d0:10:1a:68:
a7:69:5a:18:58:cf:6d:02:4d:3b:24:29:32:ae:31:
d7:d2:49:6e:a1:e3:60:b9:b8:21:fc:22:14:c7:bd:
9a:b9:25:64:43:fe:8f:32:17:a2:b3:18:a3:ed:5e:
3b:17:cf:04:66:5e:67:1c:27:0f:77:73:d5:b6:c9:
f9:b1:91:84:12:44:e3:ef:a7:85:7b:24:68:b3:fb:
e3:96:c7:98:5e:2c:a5:b5:ec:08:2a:86:f6:77:11:
85:57:28:9b:bb:bf:40:df:e5:24:68:be:42:6d:14:
74:9e:c6:86:f3:0c:c4:e6:84:26:2d:a9:29:75:79:
85:d9:42:c7:9f:f1:8e:d0:b5:a9:31:0a:b8:c2:5c:
81:5a:9e:81:c6:12:cf:5b:f4:f2:ce:d6:a2:8e:92:
b9:00:15:95:db:20:60:7f:98:46:21:73:da:74:4a:
e6:9e:82:f6:18:87:9b:42:45:cb:57:2a:1a:03:34:
41:8a:34:a3:49:0e:ea:45:61:06:16:22:c7:fe:37:
b9:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:9D:D0:69:3C:5D:56:09:36:A6:D3:B1:08:94:87:8F:30:C6:25:89
X509v3 Authority Key Identifier:
keyid:6B:B9:5C:FC:2D:18:7F:40:53:0E:F0:83:BB:D1:0C:88:C4:95:6C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7lc_C0Yf0BTDvCDu9EMiMSVbB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/547a7f-4baf-4b7e-afb8-466013435079/1/7J3QaTxdVgk2ptOxCJSHjzDGJYk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/547a7f-4baf-4b7e-afb8-466013435079/1/a7lc_C0Yf0BTDvCDu9EMiMSVbB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.172.137.0-188.172.138.255
IPv6:
2a03:7d40::/32
Signature Algorithm: sha256WithRSAEncryption
4f:52:f8:84:58:ac:4f:27:22:11:74:a4:83:e9:bc:74:8f:88:
ee:e1:45:d3:d3:0e:6a:aa:d2:a2:a0:ba:5a:31:03:6e:cf:fc:
08:2f:68:8d:10:08:40:e3:ad:fa:43:72:cd:ba:7c:e1:97:49:
d4:8c:ab:c8:10:aa:d5:1a:c4:a6:16:b7:4e:25:b7:4c:60:b0:
14:17:26:10:2f:8b:7e:27:c1:8a:6b:f4:0c:58:c9:17:33:47:
a6:84:7e:9b:01:8b:f5:1d:1d:2a:01:db:2d:42:71:b1:a5:7b:
65:a5:6d:e5:be:de:4c:90:87:52:4b:f2:61:d7:7f:e2:b2:ed:
f7:b9:5d:d6:b6:4d:68:67:d7:90:a2:80:88:7b:95:b7:ed:7a:
e9:29:50:bf:60:6f:6b:90:6f:72:2d:7a:b8:46:85:4b:fb:05:
cf:97:0c:3e:e6:0e:a4:b5:d9:01:82:5a:e5:36:51:4e:fa:51:
67:76:ef:b7:8c:b0:38:2c:0c:13:c7:b1:3a:c5:4d:ec:d6:a8:
84:ec:2f:1f:10:7f:c7:92:49:fd:f8:e3:d6:84:db:f6:3e:f9:
00:4a:bd:49:c7:88:8c:e3:c3:db:fa:7e:24:70:d7:44:07:4e:
83:7c:e7:d2:b1:b5:c3:ec:af:38:80:03:ee:ce:02:6f:d4:b4:
47:6b:bf:f5
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAY7J4PSAm4Fat1E3yXjjnvkKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiYjk1Y2ZjMmQxODdmNDA1MzBlZjA4M2JiZDEwYzg4YzQ5
NTZjMWQwHhcNMjQwNDEwMjExOTA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYzlkZDA2OTNjNWQ1NjA5MzZhNmQzYjEwODk0ODc4ZjMwYzYyNTg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1wZPdByKfNI9zOi7cW5fLqm3/9Cm
dR3pm6ScoYfai697KNH/7DrWw9MEZROXa9puc03Zj36YhtAQGminaVoYWM9tAk07
JCkyrjHX0kluoeNgubgh/CIUx72auSVkQ/6PMheisxij7V47F88EZl5nHCcPd3PV
tsn5sZGEEkTj76eFeyRos/vjlseYXiyltewIKob2dxGFVyibu79A3+UkaL5CbRR0
nsaG8wzE5oQmLakpdXmF2ULHn/GO0LWpMQq4wlyBWp6BxhLPW/TyztaijpK5ABWV
2yBgf5hGIXPadErmnoL2GIebQkXLVyoaAzRBijSjSQ7qRWEGFiLH/je5pwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFOyd0Gk8XVYJNqbTsQiUh48wxiWJMB8GA1UdIwQY
MBaAFGu5XPwtGH9AUw7wg7vRDIjElWwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTdsY19DMFlmMEJURHZDRHU5RU1pTVNWYkIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS81NDdhN2YtNGJhZi00YjdlLWFmYjgt
NDY2MDEzNDM1MDc5LzEvN0ozUWFUeGRWZ2sycHRPeENKU0hqekRHSllrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS81NDdhN2YtNGJhZi00YjdlLWFmYjgtNDY2MDEzNDM1MDc5
LzEvYTdsY19DMFlmMEJURHZDRHU5RU1pTVNWYkIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAUBAIAATAOMAwDBAC8rIkD
BAC8rIowDQQCAAIwBwMFACoDfUAwDQYJKoZIhvcNAQELBQADggEBAE9S+IRYrE8n
IhF0pIPpvHSPiO7hRdPTDmqq0qKguloxA27P/AgvaI0QCEDjrfpDcs26fOGXSdSM
q8gQqtUaxKYWt04lt0xgsBQXJhAvi34nwYpr9AxYyRczR6aEfpsBi/UdHSoB2y1C
cbGle2WlbeW+3kyQh1JL8mHXf+Ky7fe5Xda2TWhn15CigIh7lbfteukpUL9gb2uQ
b3IterhGhUv7Bc+XDD7mDqS12QGCWuU2UU76UWd277eMsDgsDBPHsTrFTezWqITs
Lx8Qf8eSSf3449aE2/Y++QBKvUnHiIzjw9v6fiRw10QHToN859KxtcPsrziAA+7O
Am/UtEdrv/U=
-----END CERTIFICATE-----
Generated at Sun Jun 8 22:06:46 2025 by rpki-client