Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/400b4f-3688-497c-9785-234cbafac86a/1/7Z5kCjgCcaomSLnVNRwT01Iu31o.roa
File: 7Z5kCjgCcaomSLnVNRwT01Iu31o.roa (raw, json)
Hash identifier: 177flGseI8VFQylmvg7OaHD7DXedQeWfSl2kZCJcjOQ=
Subject key identifier: ED:9E:64:0A:38:02:71:AA:26:48:B9:D5:35:1C:13:D3:52:2E:DF:5A
Certificate issuer: /CN=de3d3687fe7df48c3be8398aad7bd20106545382
Certificate serial: 018CC3B6CDD765CCFCEAD354EE3E4F44A38C
Authority key identifier: DE:3D:36:87:FE:7D:F4:8C:3B:E8:39:8A:AD:7B:D2:01:06:54:53:82
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3j02h_599Iw76DmKrXvSAQZUU4I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6c/400b4f-3688-497c-9785-234cbafac86a/1/7Z5kCjgCcaomSLnVNRwT01Iu31o.roa
Signing time: Mon 01 Jan 2024 06:29:46 +0000
ROA not before: Mon 01 Jan 2024 06:29:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60662
IP address blocks: 185.27.168.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 01 Jan 2025 21:49:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:cd:d7:65:cc:fc:ea:d3:54:ee:3e:4f:44:a3:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=de3d3687fe7df48c3be8398aad7bd20106545382
Validity
Not Before: Jan 1 06:29:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ed9e640a380271aa2648b9d5351c13d3522edf5a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:4b:bc:1b:98:a1:b3:82:c9:d3:c6:72:e2:2c:
45:0e:be:21:29:da:d0:89:66:53:3c:41:db:7f:7b:
b5:92:dd:fe:6d:2b:8e:7c:da:fd:77:ce:6d:b6:32:
39:d3:5b:86:bb:e8:37:ee:a6:3c:b8:3a:c5:ec:ea:
fa:cd:b4:79:86:fe:03:62:a2:25:72:7e:18:1c:dc:
ef:db:e9:b9:9c:ae:4a:2a:6b:2c:c2:24:a4:d9:6f:
16:9c:75:99:cf:31:6c:89:7e:92:57:5a:a9:fe:66:
1b:cf:e8:33:36:e6:d7:5a:62:7d:cd:d6:6b:61:e3:
ff:c6:5b:eb:63:4c:bf:6d:4a:37:e8:90:fa:b3:19:
71:7b:b8:1a:5f:33:58:3c:71:a2:3e:3f:91:a9:6e:
01:fb:7e:8b:6e:12:31:57:bf:f7:74:55:b5:63:0e:
65:3d:a2:09:07:c0:fa:41:4e:26:6a:83:67:1b:1f:
6b:62:85:e1:14:46:08:69:fa:1c:22:42:74:4b:86:
97:2e:32:08:a0:c6:5f:9c:c9:a0:21:b3:7d:02:bd:
05:d4:a8:66:77:61:da:f6:2e:55:29:28:d1:37:4e:
07:9a:0e:04:59:43:d5:d0:05:ea:82:00:8f:d0:76:
50:b2:ad:2f:bc:79:22:1b:02:04:c7:fc:6c:2b:9c:
a5:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:9E:64:0A:38:02:71:AA:26:48:B9:D5:35:1C:13:D3:52:2E:DF:5A
X509v3 Authority Key Identifier:
keyid:DE:3D:36:87:FE:7D:F4:8C:3B:E8:39:8A:AD:7B:D2:01:06:54:53:82
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3j02h_599Iw76DmKrXvSAQZUU4I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/400b4f-3688-497c-9785-234cbafac86a/1/7Z5kCjgCcaomSLnVNRwT01Iu31o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/400b4f-3688-497c-9785-234cbafac86a/1/3j02h_599Iw76DmKrXvSAQZUU4I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.27.168.0/22
Signature Algorithm: sha256WithRSAEncryption
13:d1:5a:43:05:8c:1c:42:05:d1:c9:26:e8:d7:35:35:e2:6f:
cd:53:3e:a6:57:68:0a:31:7e:d7:25:c7:a2:d4:5c:aa:aa:00:
7b:90:e3:0c:b8:43:5c:38:2c:60:68:15:c0:f4:dd:ad:9c:7f:
89:8c:e4:25:f3:7b:67:10:32:04:bf:c0:4b:2b:5e:86:b6:9f:
09:35:c3:a1:90:b0:f8:6a:26:ac:e1:af:0e:7d:62:85:ca:37:
a9:78:78:92:08:ab:ed:79:5d:82:d2:94:08:24:0f:a0:33:c4:
ac:d5:55:fa:e3:52:ff:d2:d7:b1:d1:01:8d:5a:53:b1:43:eb:
f5:6e:b5:7b:93:0a:58:d4:9b:99:90:79:52:21:92:76:5b:43:
85:b7:9b:30:ec:15:45:cd:1b:1a:87:86:9c:ec:7e:f4:af:a3:
8d:b4:be:73:c7:f6:ca:7b:f2:a7:65:26:f8:d4:42:e0:30:a4:
ec:9e:65:23:73:85:05:75:63:9b:16:10:02:20:b7:a6:11:7e:
ac:12:4c:9b:20:dd:f5:9b:7b:8d:41:0b:47:c4:0c:a0:71:36:
ed:d4:b4:2b:d0:e3:c1:ed:9d:fd:d7:35:7f:79:4b:61:24:9e:
19:5a:03:2a:df:ae:2a:73:48:f6:a2:13:b0:04:7c:12:94:be:
77:94:de:a4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDts3XZcz86tNU7j5PRKOMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlM2QzNjg3ZmU3ZGY0OGMzYmU4Mzk4YWFkN2JkMjAxMDY1
NDUzODIwHhcNMjQwMTAxMDYyOTQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZDllNjQwYTM4MDI3MWFhMjY0OGI5ZDUzNTFjMTNkMzUyMmVkZjVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjku8G5ihs4LJ08Zy4ixFDr4hKdrQ
iWZTPEHbf3u1kt3+bSuOfNr9d85ttjI501uGu+g37qY8uDrF7Or6zbR5hv4DYqIl
cn4YHNzv2+m5nK5KKmsswiSk2W8WnHWZzzFsiX6SV1qp/mYbz+gzNubXWmJ9zdZr
YeP/xlvrY0y/bUo36JD6sxlxe7gaXzNYPHGiPj+RqW4B+36LbhIxV7/3dFW1Yw5l
PaIJB8D6QU4maoNnGx9rYoXhFEYIafocIkJ0S4aXLjIIoMZfnMmgIbN9Ar0F1Khm
d2Ha9i5VKSjRN04Hmg4EWUPV0AXqggCP0HZQsq0vvHkiGwIEx/xsK5ylLQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFO2eZAo4AnGqJki51TUcE9NSLt9aMB8GA1UdIwQY
MBaAFN49Nof+ffSMO+g5iq170gEGVFOCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2owMmhfNTk5SXc3NkRtS3JYdlNBUVpVVTRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy80MDBiNGYtMzY4OC00OTdjLTk3ODUt
MjM0Y2JhZmFjODZhLzEvN1o1a0NqZ0NjYW9tU0xuVk5Sd1QwMUl1MzFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy80MDBiNGYtMzY4OC00OTdjLTk3ODUtMjM0Y2JhZmFjODZh
LzEvM2owMmhfNTk5SXc3NkRtS3JYdlNBUVpVVTRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuRuoMA0G
CSqGSIb3DQEBCwUAA4IBAQAT0VpDBYwcQgXRySbo1zU14m/NUz6mV2gKMX7XJcei
1FyqqgB7kOMMuENcOCxgaBXA9N2tnH+JjOQl83tnEDIEv8BLK16Gtp8JNcOhkLD4
aias4a8OfWKFyjepeHiSCKvteV2C0pQIJA+gM8Ss1VX641L/0tex0QGNWlOxQ+v1
brV7kwpY1JuZkHlSIZJ2W0OFt5sw7BVFzRsah4ac7H70r6ONtL5zx/bKe/KnZSb4
1ELgMKTsnmUjc4UFdWObFhACILemEX6sEkybIN31m3uNQQtHxAygcTbt1LQr0OPB
7Z391zV/eUthJJ4ZWgMq364qc0j2ohOwBHwSlL53lN6k
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:41:38 2025 by rpki-client