Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/39a5fc-d26e-4d53-91e3-493d774aa1ff/1/c7-PGtjvlEiboxh4b3GZQw9vmqk.roa
File: c7-PGtjvlEiboxh4b3GZQw9vmqk.roa (raw, json)
Hash identifier: 8ZiFWrFp7cV7YPnVWvgPp7mDRsguySfqBzM417FVivU=
Subject key identifier: 73:BF:8F:1A:D8:EF:94:48:9B:A3:18:78:6F:71:99:43:0F:6F:9A:A9
Certificate issuer: /CN=3e24c7ecfa37d2487152fb9bbbab50be79de2619
Certificate serial: 018DE2D8B1DC0AFE7C37D480CCC34EC2F442
Authority key identifier: 3E:24:C7:EC:FA:37:D2:48:71:52:FB:9B:BB:AB:50:BE:79:DE:26:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PiTH7Po30khxUvubu6tQvnneJhk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/39a5fc-d26e-4d53-91e3-493d774aa1ff/1/c7-PGtjvlEiboxh4b3GZQw9vmqk.roa
Signing time: Mon 26 Feb 2024 00:37:48 +0000
ROA not before: Mon 26 Feb 2024 00:37:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 185.71.228.0/24 maxlen: 24
185.71.229.0/24 maxlen: 24
193.0.181.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 15 Aug 2024 23:26:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:e2:d8:b1:dc:0a:fe:7c:37:d4:80:cc:c3:4e:c2:f4:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e24c7ecfa37d2487152fb9bbbab50be79de2619
Validity
Not Before: Feb 26 00:37:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=73bf8f1ad8ef94489ba318786f7199430f6f9aa9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:94:39:71:00:ed:31:1d:c7:ef:c1:b8:da:18:
bb:bb:9c:2c:45:4e:f9:92:8b:57:66:0a:cc:47:e1:
92:c8:05:3c:6a:4e:fc:66:de:9a:04:43:5c:58:bf:
1d:59:39:cd:6f:6e:72:91:21:ea:8a:a1:88:f8:c1:
35:82:a1:4a:52:d2:4f:0c:3b:5c:d0:aa:c0:9c:09:
16:3f:f1:89:b0:40:ee:27:cc:33:79:e6:24:90:0d:
c4:9b:3c:e1:4d:b6:29:bb:8a:5e:e4:21:c8:dc:73:
19:27:a5:05:28:1d:61:64:c1:a2:96:73:8f:8a:c4:
96:17:1a:97:eb:db:36:2e:4b:95:06:81:5b:0f:f7:
da:5d:61:58:b2:5e:ea:35:97:01:f2:76:a5:ae:41:
d5:07:ac:98:46:1d:93:fb:80:a5:af:16:30:55:da:
00:24:bc:f8:9f:d9:c5:8b:d1:8b:00:6d:9f:86:b6:
90:0e:bb:c3:93:1c:1b:ca:a7:2f:0c:a4:18:63:aa:
d8:b7:2d:7f:c0:de:60:b2:7d:80:64:fc:b5:f3:6a:
03:77:41:59:57:da:cb:e9:c1:12:0d:12:3f:61:bf:
1d:1e:79:64:83:73:65:43:82:5a:3a:7d:a2:f8:2a:
78:cd:cc:f4:fc:25:b2:87:80:ec:0b:3b:d5:0e:c1:
d2:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:BF:8F:1A:D8:EF:94:48:9B:A3:18:78:6F:71:99:43:0F:6F:9A:A9
X509v3 Authority Key Identifier:
keyid:3E:24:C7:EC:FA:37:D2:48:71:52:FB:9B:BB:AB:50:BE:79:DE:26:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PiTH7Po30khxUvubu6tQvnneJhk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/39a5fc-d26e-4d53-91e3-493d774aa1ff/1/c7-PGtjvlEiboxh4b3GZQw9vmqk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/39a5fc-d26e-4d53-91e3-493d774aa1ff/1/PiTH7Po30khxUvubu6tQvnneJhk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.71.228.0/23
193.0.181.0/24
Signature Algorithm: sha256WithRSAEncryption
b7:bd:49:06:e8:c4:6d:2c:5d:4c:e1:30:fa:76:51:18:9c:e4:
be:27:ed:ef:78:8e:7e:f1:b1:ae:9d:da:2f:9a:a9:8c:a0:22:
0f:c4:a0:d3:f1:46:f2:42:fa:3e:ed:a7:d4:82:c3:5f:ba:cb:
24:97:65:1b:77:5f:bb:0d:c9:8a:e5:c1:5d:33:18:af:61:dd:
3a:4a:95:af:0a:e6:1b:2e:d8:25:b5:01:e8:81:dd:94:27:56:
e0:90:0a:5e:83:c2:00:86:e6:0b:15:42:cc:59:25:39:c9:37:
14:db:3e:75:ce:b1:36:6b:47:ee:3c:b3:13:23:52:cc:53:25:
84:ef:2b:94:62:2d:1e:7e:9a:34:71:cd:f2:20:4b:6d:50:fb:
20:31:3b:1e:a5:46:fc:74:ec:ae:54:25:70:ac:80:ad:b2:17:
8f:6b:a5:a0:ef:32:b3:73:2f:7a:f4:1a:18:f0:de:50:82:60:
97:02:bc:06:1d:79:a2:21:05:21:67:4f:2c:3d:ac:18:8f:a8:
69:90:e5:06:4a:d7:3a:0d:2b:bf:ba:92:22:ad:c3:e2:fc:9d:
6f:79:c6:cc:1a:f8:41:f5:1f:d4:d7:63:71:40:97:b5:a7:e6:
b9:b0:86:2f:64:ed:07:2a:66:21:6a:7e:5d:fd:7b:a5:41:35:
8c:8c:88:eb
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY3i2LHcCv58N9SAzMNOwvRCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlMjRjN2VjZmEzN2QyNDg3MTUyZmI5YmJiYWI1MGJlNzlk
ZTI2MTkwHhcNMjQwMjI2MDAzNzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3M2JmOGYxYWQ4ZWY5NDQ4OWJhMzE4Nzg2ZjcxOTk0MzBmNmY5YWE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg5Q5cQDtMR3H78G42hi7u5wsRU75
kotXZgrMR+GSyAU8ak78Zt6aBENcWL8dWTnNb25ykSHqiqGI+ME1gqFKUtJPDDtc
0KrAnAkWP/GJsEDuJ8wzeeYkkA3EmzzhTbYpu4pe5CHI3HMZJ6UFKB1hZMGilnOP
isSWFxqX69s2LkuVBoFbD/faXWFYsl7qNZcB8nalrkHVB6yYRh2T+4ClrxYwVdoA
JLz4n9nFi9GLAG2fhraQDrvDkxwbyqcvDKQYY6rYty1/wN5gsn2AZPy182oDd0FZ
V9rL6cESDRI/Yb8dHnlkg3NlQ4JaOn2i+Cp4zcz0/CWyh4DsCzvVDsHSIQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHO/jxrY75RIm6MYeG9xmUMPb5qpMB8GA1UdIwQY
MBaAFD4kx+z6N9JIcVL7m7urUL553iYZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGlUSDdQbzMwa2h4VXZ1YnU2dFF2bm5lSmhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS8zOWE1ZmMtZDI2ZS00ZDUzLTkxZTMt
NDkzZDc3NGFhMWZmLzEvYzctUEd0anZsRWlib3hoNGIzR1pRdzl2bXFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS8zOWE1ZmMtZDI2ZS00ZDUzLTkxZTMtNDkzZDc3NGFhMWZm
LzEvUGlUSDdQbzMwa2h4VXZ1YnU2dFF2bm5lSmhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBuUfkAwQA
wQC1MA0GCSqGSIb3DQEBCwUAA4IBAQC3vUkG6MRtLF1M4TD6dlEYnOS+J+3veI5+
8bGundovmqmMoCIPxKDT8UbyQvo+7afUgsNfusskl2Ubd1+7DcmK5cFdMxivYd06
SpWvCuYbLtgltQHogd2UJ1bgkApeg8IAhuYLFULMWSU5yTcU2z51zrE2a0fuPLMT
I1LMUyWE7yuUYi0efpo0cc3yIEttUPsgMTsepUb8dOyuVCVwrICtshePa6Wg7zKz
cy969BoY8N5QgmCXArwGHXmiIQUhZ08sPawYj6hpkOUGStc6DSu/upIircPi/J1v
ecbMGvhB9R/U12NxQJe1p+a5sIYvZO0HKmYhan5d/XulQTWMjIjr
-----END CERTIFICATE-----
Generated at Fri Aug 16 00:38:03 2024 by rpki-client on console-fra.rpki-client.org