Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/46dec5-c38d-4c1d-9cec-9ead81da2e44/1/t8bijzh6HgWcf8k8r-c1kgDw0AQ.roa
File: t8bijzh6HgWcf8k8r-c1kgDw0AQ.roa (raw, json)
Hash identifier: 5eAnW+TGpjf31DOqjLAPvfjb01zDNqBlrD5Sl7G6Lu0=
Subject key identifier: B7:C6:E2:8F:38:7A:1E:05:9C:7F:C9:3C:AF:E7:35:92:00:F0:D0:04
Certificate issuer: /CN=ab7aaabb23cd245bfa828fb02521d644c6d5b566
Certificate serial: 018CC6B7927CBD19FDDB1AB67FAAE04DCEB1
Authority key identifier: AB:7A:AA:BB:23:CD:24:5B:FA:82:8F:B0:25:21:D6:44:C6:D5:B5:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q3qquyPNJFv6go-wJSHWRMbVtWY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/46dec5-c38d-4c1d-9cec-9ead81da2e44/1/t8bijzh6HgWcf8k8r-c1kgDw0AQ.roa
Signing time: Mon 01 Jan 2024 20:29:28 +0000
ROA not before: Mon 01 Jan 2024 20:29:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200476
IP address blocks: 185.217.37.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 08 Oct 2024 08:21:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b7:92:7c:bd:19:fd:db:1a:b6:7f:aa:e0:4d:ce:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab7aaabb23cd245bfa828fb02521d644c6d5b566
Validity
Not Before: Jan 1 20:29:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b7c6e28f387a1e059c7fc93cafe7359200f0d004
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:e4:ce:04:14:1f:90:9a:e4:74:fd:db:17:ba:
f4:9e:8f:4d:7f:1f:e8:cb:3a:f4:0f:3b:e7:13:17:
b5:41:5e:b8:30:93:83:e0:42:a6:65:9d:9c:4f:85:
98:10:5f:ca:75:ac:b7:18:a8:b4:5e:e2:fa:04:a0:
57:74:89:2b:4a:4f:b2:c5:b9:39:e6:24:14:f8:f4:
66:11:52:61:ae:b8:e0:fa:03:b2:bf:e8:04:ae:95:
31:ba:59:aa:e5:87:92:ad:9a:80:b8:f8:32:cc:67:
18:85:00:07:fe:8a:8e:eb:03:d4:2c:cd:d7:d6:f6:
be:4d:5e:b6:ff:e1:de:dd:61:59:0a:e0:f1:32:9b:
0a:32:90:7b:3e:01:c6:d7:f2:dd:0a:fb:95:cb:15:
fa:41:0a:d1:2d:0c:0f:11:7f:c4:12:65:11:b4:86:
7d:66:a6:73:29:78:b1:41:91:ef:43:93:f6:35:42:
f0:61:ff:4b:3d:3f:9d:ce:d1:70:8e:f5:db:5f:5d:
27:90:a5:72:69:3e:e3:80:f7:38:e4:6a:08:ca:54:
c1:6f:b0:24:c2:a6:c8:dd:66:f2:99:8a:73:ce:60:
ae:80:c9:d9:fb:a2:02:9c:ad:3d:da:0e:7d:70:82:
9f:5e:29:36:0b:7a:a4:fd:35:42:35:16:e2:a4:30:
b7:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:C6:E2:8F:38:7A:1E:05:9C:7F:C9:3C:AF:E7:35:92:00:F0:D0:04
X509v3 Authority Key Identifier:
keyid:AB:7A:AA:BB:23:CD:24:5B:FA:82:8F:B0:25:21:D6:44:C6:D5:B5:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q3qquyPNJFv6go-wJSHWRMbVtWY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/46dec5-c38d-4c1d-9cec-9ead81da2e44/1/t8bijzh6HgWcf8k8r-c1kgDw0AQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/46dec5-c38d-4c1d-9cec-9ead81da2e44/1/q3qquyPNJFv6go-wJSHWRMbVtWY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.217.37.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:37:bb:97:5b:b8:7f:9e:7b:ef:fc:b5:75:48:15:ec:0b:cc:
3e:af:ed:b8:0f:0a:a4:49:56:8f:d5:8c:83:91:dd:26:2e:6d:
2e:1e:e0:52:6d:37:d9:d8:db:04:4f:80:c8:93:4b:14:b8:76:
6a:99:cf:e6:74:13:34:46:ea:76:88:14:11:43:68:f3:dd:a6:
7f:0f:d7:90:af:96:21:d4:c8:9e:fc:46:da:c3:32:14:85:b7:
85:ca:fb:64:81:1f:75:63:05:9c:c2:9c:18:2f:53:bf:58:20:
41:6e:f9:a7:80:b5:91:ec:48:77:d6:44:a0:a6:6c:44:31:c8:
28:6b:2e:c5:03:f9:11:29:05:01:12:84:e6:cd:25:37:17:07:
b6:b2:b5:eb:69:40:12:d3:f1:8c:22:05:72:db:43:b2:de:1b:
f4:cf:90:6e:0a:bb:35:a8:23:77:24:95:31:ec:d1:6d:0d:5a:
1c:70:cb:2b:cd:77:46:0a:e8:f2:d7:ef:ee:24:51:b1:66:2a:
04:32:65:2c:7d:bb:84:30:6c:2c:76:2a:b8:b1:52:14:5d:dd:
87:04:5d:a9:8e:d5:60:84:2e:9d:79:80:46:33:b4:e6:3d:2b:
53:a1:e2:83:96:44:c7:3d:41:59:e8:91:f9:72:d4:1d:14:18:
97:e0:52:64
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGt5J8vRn92xq2f6rgTc6xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiN2FhYWJiMjNjZDI0NWJmYTgyOGZiMDI1MjFkNjQ0YzZk
NWI1NjYwHhcNMjQwMTAxMjAyOTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiN2M2ZTI4ZjM4N2ExZTA1OWM3ZmM5M2NhZmU3MzU5MjAwZjBkMDA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlOTOBBQfkJrkdP3bF7r0no9Nfx/o
yzr0DzvnExe1QV64MJOD4EKmZZ2cT4WYEF/Kday3GKi0XuL6BKBXdIkrSk+yxbk5
5iQU+PRmEVJhrrjg+gOyv+gErpUxulmq5YeSrZqAuPgyzGcYhQAH/oqO6wPULM3X
1va+TV62/+He3WFZCuDxMpsKMpB7PgHG1/LdCvuVyxX6QQrRLQwPEX/EEmURtIZ9
ZqZzKXixQZHvQ5P2NULwYf9LPT+dztFwjvXbX10nkKVyaT7jgPc45GoIylTBb7Ak
wqbI3WbymYpzzmCugMnZ+6ICnK092g59cIKfXik2C3qk/TVCNRbipDC3nwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLfG4o84eh4FnH/JPK/nNZIA8NAEMB8GA1UdIwQY
MBaAFKt6qrsjzSRb+oKPsCUh1kTG1bVmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTNxcXV5UE5KRnY2Z28td0pTSFdSTWJWdFdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS80NmRlYzUtYzM4ZC00YzFkLTljZWMt
OWVhZDgxZGEyZTQ0LzEvdDhiaWp6aDZIZ1djZjhrOHItYzFrZ0R3MEFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS80NmRlYzUtYzM4ZC00YzFkLTljZWMtOWVhZDgxZGEyZTQ0
LzEvcTNxcXV5UE5KRnY2Z28td0pTSFdSTWJWdFdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAudklMA0G
CSqGSIb3DQEBCwUAA4IBAQCMN7uXW7h/nnvv/LV1SBXsC8w+r+24DwqkSVaP1YyD
kd0mLm0uHuBSbTfZ2NsET4DIk0sUuHZqmc/mdBM0Rup2iBQRQ2jz3aZ/D9eQr5Yh
1Mie/EbawzIUhbeFyvtkgR91YwWcwpwYL1O/WCBBbvmngLWR7Eh31kSgpmxEMcgo
ay7FA/kRKQUBEoTmzSU3Fwe2srXraUAS0/GMIgVy20Oy3hv0z5BuCrs1qCN3JJUx
7NFtDVoccMsrzXdGCujy1+/uJFGxZioEMmUsfbuEMGwsdiq4sVIUXd2HBF2pjtVg
hC6deYBGM7TmPStToeKDlkTHPUFZ6JH5ctQdFBiX4FJk
-----END CERTIFICATE-----
Generated at Fri Apr 18 00:37:42 2025 by rpki-client