Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/bb47c2-f10b-4a77-8b03-edc336652ed7/1/7AOLw9uXkMmkq7bQ7w_7EhcWi-c.roa
File: 7AOLw9uXkMmkq7bQ7w_7EhcWi-c.roa (raw, json)
Hash identifier: YsLRGHU7USkWwQdrELCbN4JmLDgWgTsAXakc6Y1ZHdQ=
Subject key identifier: EC:03:8B:C3:DB:97:90:C9:A4:AB:B6:D0:EF:0F:FB:12:17:16:8B:E7
Certificate issuer: /CN=9f3640da7f1bc23ed4599f84a0853c8399f35d72
Certificate serial: 018CC6B78A7D6408DB3C37E4F59604956826
Authority key identifier: 9F:36:40:DA:7F:1B:C2:3E:D4:59:9F:84:A0:85:3C:83:99:F3:5D:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nzZA2n8bwj7UWZ-EoIU8g5nzXXI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/bb47c2-f10b-4a77-8b03-edc336652ed7/1/7AOLw9uXkMmkq7bQ7w_7EhcWi-c.roa
Signing time: Mon 01 Jan 2024 20:29:26 +0000
ROA not before: Mon 01 Jan 2024 20:29:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200713
IP address blocks: 185.66.108.0/22 maxlen: 22
185.117.168.0/22 maxlen: 22
2a0e:f0c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 02 Jan 2025 03:49:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b7:8a:7d:64:08:db:3c:37:e4:f5:96:04:95:68:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9f3640da7f1bc23ed4599f84a0853c8399f35d72
Validity
Not Before: Jan 1 20:29:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ec038bc3db9790c9a4abb6d0ef0ffb1217168be7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:2b:ce:8b:68:bf:ee:57:6b:c8:04:7f:ff:1f:
29:39:ec:3e:a8:a5:dc:b5:5e:91:4e:4c:f8:88:47:
03:8e:1a:84:06:00:6c:1a:24:e6:00:09:4c:c1:94:
7a:94:8c:60:1c:8f:fe:85:40:5e:48:74:3f:48:d7:
ce:ee:eb:79:e6:9f:a7:33:d6:bd:ff:f7:7a:f8:6f:
f5:13:29:ce:29:8a:ae:ee:f6:32:5d:f5:de:af:20:
01:a1:11:7c:71:ae:09:9b:7a:7f:87:24:90:6d:90:
85:dd:94:8d:b1:3d:14:3a:de:e2:e4:2e:3d:02:64:
af:b5:95:b9:85:42:1e:29:ae:6c:4f:2e:a7:5f:86:
84:13:27:fa:10:12:45:ec:a6:2c:5d:5d:fe:87:7e:
63:0a:3b:10:b4:66:ba:05:41:27:4a:f3:73:82:e0:
1f:e4:55:e0:d6:5a:a1:4c:23:77:e1:e5:ad:56:0d:
50:64:84:cc:10:44:18:8a:53:07:3c:52:fe:aa:91:
31:a9:75:bf:ff:00:70:c8:e9:91:33:bc:44:0f:28:
a2:2f:02:bf:2a:e8:af:87:52:e9:6f:57:6d:1b:a7:
9b:ac:72:bf:ca:9b:5a:89:50:38:de:2d:22:ae:d1:
60:28:86:4f:dd:d1:fb:0e:a2:d6:e9:90:98:89:89:
b1:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:03:8B:C3:DB:97:90:C9:A4:AB:B6:D0:EF:0F:FB:12:17:16:8B:E7
X509v3 Authority Key Identifier:
keyid:9F:36:40:DA:7F:1B:C2:3E:D4:59:9F:84:A0:85:3C:83:99:F3:5D:72
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nzZA2n8bwj7UWZ-EoIU8g5nzXXI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/bb47c2-f10b-4a77-8b03-edc336652ed7/1/7AOLw9uXkMmkq7bQ7w_7EhcWi-c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/bb47c2-f10b-4a77-8b03-edc336652ed7/1/nzZA2n8bwj7UWZ-EoIU8g5nzXXI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.66.108.0/22
185.117.168.0/22
IPv6:
2a0e:f0c0::/29
Signature Algorithm: sha256WithRSAEncryption
96:d6:9d:a3:fa:67:bc:1d:ee:fc:a0:27:be:0c:56:42:a4:2f:
9e:4f:10:f8:f0:a5:60:5e:a8:38:d1:ff:a8:d5:66:5e:f9:cf:
eb:52:00:f4:25:07:c1:02:9b:ea:7b:f1:96:43:cc:a2:b3:01:
62:0a:53:e9:4a:8f:1b:01:11:df:70:f0:c1:8b:9a:5a:51:2c:
cb:cc:79:67:5d:5e:fa:76:50:c6:67:72:02:68:f0:63:3e:b3:
ba:b9:05:47:fa:32:ec:ce:21:ab:8b:54:de:9a:3e:3b:b1:eb:
97:c1:21:06:65:72:5b:25:aa:7e:97:60:ba:e1:5a:e0:93:d4:
9e:7c:54:d0:31:9f:cf:63:a8:64:3a:46:c5:58:ea:5d:33:54:
85:8a:9a:87:22:b7:0d:10:11:e8:88:f0:81:8b:3e:cb:7c:03:
3a:ad:a4:ab:dc:dd:92:03:c2:42:73:ae:f0:7c:27:91:f7:b0:
c5:c1:ac:27:6a:a5:4f:4c:60:5e:8e:26:a1:ae:ac:13:84:55:
42:93:f4:f3:39:30:17:7d:15:31:44:93:ef:f3:15:25:6f:a8:
b3:eb:d8:48:a3:f2:43:cc:46:3d:2c:b6:96:cc:1d:17:44:75:
dc:10:9a:a3:de:b9:6e:d8:30:c2:20:97:d9:b9:74:2d:1a:f3:
9d:66:57:d9
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzGt4p9ZAjbPDfk9ZYElWgmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmMzY0MGRhN2YxYmMyM2VkNDU5OWY4NGEwODUzYzgzOTlm
MzVkNzIwHhcNMjQwMTAxMjAyOTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYzAzOGJjM2RiOTc5MGM5YTRhYmI2ZDBlZjBmZmIxMjE3MTY4YmU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgCvOi2i/7ldryAR//x8pOew+qKXc
tV6RTkz4iEcDjhqEBgBsGiTmAAlMwZR6lIxgHI/+hUBeSHQ/SNfO7ut55p+nM9a9
//d6+G/1EynOKYqu7vYyXfXeryABoRF8ca4Jm3p/hySQbZCF3ZSNsT0UOt7i5C49
AmSvtZW5hUIeKa5sTy6nX4aEEyf6EBJF7KYsXV3+h35jCjsQtGa6BUEnSvNzguAf
5FXg1lqhTCN34eWtVg1QZITMEEQYilMHPFL+qpExqXW//wBwyOmRM7xEDyiiLwK/
Kuivh1Lpb1dtG6ebrHK/yptaiVA43i0irtFgKIZP3dH7DqLW6ZCYiYmxYwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFOwDi8Pbl5DJpKu20O8P+xIXFovnMB8GA1UdIwQY
MBaAFJ82QNp/G8I+1FmfhKCFPIOZ811yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnpaQTJuOGJ3ajdVV1otRW9JVThnNW56WFhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC9iYjQ3YzItZjEwYi00YTc3LThiMDMt
ZWRjMzM2NjUyZWQ3LzEvN0FPTHc5dVhrTW1rcTdiUTd3XzdFaGNXaS1jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC9iYjQ3YzItZjEwYi00YTc3LThiMDMtZWRjMzM2NjUyZWQ3
LzEvbnpaQTJuOGJ3ajdVV1otRW9JVThnNW56WFhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuUJsAwQC
uXWoMA0EAgACMAcDBQMqDvDAMA0GCSqGSIb3DQEBCwUAA4IBAQCW1p2j+me8He78
oCe+DFZCpC+eTxD48KVgXqg40f+o1WZe+c/rUgD0JQfBApvqe/GWQ8yiswFiClPp
So8bARHfcPDBi5paUSzLzHlnXV76dlDGZ3ICaPBjPrO6uQVH+jLsziGri1Temj47
seuXwSEGZXJbJap+l2C64Vrgk9SefFTQMZ/PY6hkOkbFWOpdM1SFipqHIrcNEBHo
iPCBiz7LfAM6raSr3N2SA8JCc67wfCeR97DFwawnaqVPTGBejiahrqwThFVCk/Tz
OTAXfRUxRJPv8xUlb6iz69hIo/JDzEY9LLaWzB0XRHXcEJqj3rlu2DDCIJfZuXQt
GvOdZlfZ
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:43:17 2025 by rpki-client