Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/7d5480-60a7-4193-bf34-bd849b04d10a/1/7xLD-PV04YPConQRcedZigBjckc.roa
File: 7xLD-PV04YPConQRcedZigBjckc.roa (raw, json)
Hash identifier: NXeMznNoNLYXgCc/avCXgYJaStZQEf5O6Ct2aOLBbXE=
Subject key identifier: EF:12:C3:F8:F5:74:E1:83:C2:A2:74:11:71:E7:59:8A:00:63:72:47
Certificate issuer: /CN=59bff5f16ecb268b1597da1b3ad30af40fce7717
Certificate serial: 018CC6B7BA51BC4EA96078BAB721D571472D
Authority key identifier: 59:BF:F5:F1:6E:CB:26:8B:15:97:DA:1B:3A:D3:0A:F4:0F:CE:77:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Wb_18W7LJosVl9obOtMK9A_Odxc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/7d5480-60a7-4193-bf34-bd849b04d10a/1/7xLD-PV04YPConQRcedZigBjckc.roa
Signing time: Mon 01 Jan 2024 20:29:38 +0000
ROA not before: Mon 01 Jan 2024 20:29:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 54113
IP address blocks: 185.199.109.0/24 maxlen: 24
185.199.108.0/22 maxlen: 22
185.199.110.0/24 maxlen: 24
185.199.111.0/24 maxlen: 24
185.199.108.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 05:48:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b7:ba:51:bc:4e:a9:60:78:ba:b7:21:d5:71:47:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=59bff5f16ecb268b1597da1b3ad30af40fce7717
Validity
Not Before: Jan 1 20:29:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ef12c3f8f574e183c2a2741171e7598a00637247
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:43:57:14:19:6d:87:64:15:1e:26:de:df:25:
7f:f7:7c:1e:40:fd:12:e7:79:b0:44:30:cf:5b:90:
d4:db:81:cf:06:7e:86:cd:46:be:71:c6:8e:5c:91:
04:57:3a:6b:64:2b:51:00:ae:8a:2b:52:04:a5:22:
6c:ef:8b:ef:91:2b:7b:e2:6a:fd:78:7d:ea:0e:4c:
5a:bd:fe:c6:2a:9d:64:34:d5:b8:f8:b8:e9:2e:7d:
07:36:62:72:f9:16:cb:dd:a0:31:ad:23:72:6e:42:
55:9d:cb:93:bb:15:2b:1c:3b:b8:ce:54:2a:07:67:
00:56:ff:1b:88:6c:be:0c:59:90:de:95:8b:cb:79:
7f:18:e4:79:54:21:49:5e:29:34:4a:c5:8e:d7:48:
79:01:87:90:47:9a:90:86:06:b2:fd:c0:75:90:56:
c8:07:a4:2a:c7:1a:43:52:92:dd:22:d4:45:ea:50:
eb:56:6f:f1:45:4d:fd:9e:71:04:f8:d9:a0:90:fc:
68:8e:54:f4:b8:2f:5d:4b:9f:d3:69:e8:44:64:e1:
03:45:08:40:f6:4a:13:eb:19:68:9f:c4:4f:05:48:
6b:26:d1:30:74:e8:62:8b:6e:60:7f:a6:c4:69:95:
19:e5:43:f7:28:e9:6f:82:14:aa:77:be:5a:d8:20:
ce:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:12:C3:F8:F5:74:E1:83:C2:A2:74:11:71:E7:59:8A:00:63:72:47
X509v3 Authority Key Identifier:
keyid:59:BF:F5:F1:6E:CB:26:8B:15:97:DA:1B:3A:D3:0A:F4:0F:CE:77:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Wb_18W7LJosVl9obOtMK9A_Odxc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/7d5480-60a7-4193-bf34-bd849b04d10a/1/7xLD-PV04YPConQRcedZigBjckc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/7d5480-60a7-4193-bf34-bd849b04d10a/1/Wb_18W7LJosVl9obOtMK9A_Odxc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.199.108.0/22
Signature Algorithm: sha256WithRSAEncryption
5a:e8:6e:5f:7b:4c:37:8d:70:26:cd:ad:54:75:8c:b9:9b:fe:
e5:75:7f:9f:a7:37:ab:82:39:ac:70:04:18:ae:e7:3c:80:5e:
5a:cd:f1:3e:5d:09:e2:e1:0e:2c:49:38:4d:80:38:48:8b:80:
a2:25:d6:42:3b:63:9e:60:70:dc:66:32:4e:55:95:9a:1b:72:
07:54:fb:03:19:b1:cd:83:0f:f4:4b:6a:9e:54:3e:c4:a8:80:
bc:7a:8e:48:83:40:c6:71:04:be:e1:01:91:54:77:64:b5:e4:
a6:7e:ed:28:2f:cb:e9:33:04:4c:8d:67:3b:68:5c:29:e3:26:
f1:04:47:07:18:8a:2b:34:26:ef:92:b5:ad:4e:52:4e:51:76:
19:80:eb:35:26:91:b1:1d:95:19:e1:40:51:67:db:3d:d7:3b:
a3:29:68:f2:1f:da:63:a8:e6:d5:57:11:d6:33:79:50:5f:c1:
e1:17:1a:b4:ed:df:f7:cb:6f:e8:98:1c:2b:7e:31:31:36:08:
4c:5a:89:18:9f:8f:54:e4:2c:f7:f4:5d:74:b8:5a:fb:b5:23:
eb:0f:cf:c6:8f:7b:3f:62:7b:3d:b6:ac:f1:ae:fc:c7:2a:ef:
91:13:9d:f4:56:ac:7a:6b:62:d4:c6:1d:79:30:3d:1a:27:36:
70:16:b5:d5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGt7pRvE6pYHi6tyHVcUctMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU5YmZmNWYxNmVjYjI2OGIxNTk3ZGExYjNhZDMwYWY0MGZj
ZTc3MTcwHhcNMjQwMTAxMjAyOTM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZjEyYzNmOGY1NzRlMTgzYzJhMjc0MTE3MWU3NTk4YTAwNjM3MjQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwENXFBlth2QVHibe3yV/93weQP0S
53mwRDDPW5DU24HPBn6GzUa+ccaOXJEEVzprZCtRAK6KK1IEpSJs74vvkSt74mr9
eH3qDkxavf7GKp1kNNW4+LjpLn0HNmJy+RbL3aAxrSNybkJVncuTuxUrHDu4zlQq
B2cAVv8biGy+DFmQ3pWLy3l/GOR5VCFJXik0SsWO10h5AYeQR5qQhgay/cB1kFbI
B6QqxxpDUpLdItRF6lDrVm/xRU39nnEE+NmgkPxojlT0uC9dS5/TaehEZOEDRQhA
9koT6xlon8RPBUhrJtEwdOhii25gf6bEaZUZ5UP3KOlvghSqd75a2CDOTQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFO8Sw/j1dOGDwqJ0EXHnWYoAY3JHMB8GA1UdIwQY
MBaAFFm/9fFuyyaLFZfaGzrTCvQPzncXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV2JfMThXN0xKb3NWbDlvYk90TUs5QV9PZHhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS83ZDU0ODAtNjBhNy00MTkzLWJmMzQt
YmQ4NDliMDRkMTBhLzEvN3hMRC1QVjA0WVBDb25RUmNlZFppZ0JqY2tjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS83ZDU0ODAtNjBhNy00MTkzLWJmMzQtYmQ4NDliMDRkMTBh
LzEvV2JfMThXN0xKb3NWbDlvYk90TUs5QV9PZHhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCucdsMA0G
CSqGSIb3DQEBCwUAA4IBAQBa6G5fe0w3jXAmza1UdYy5m/7ldX+fpzergjmscAQY
ruc8gF5azfE+XQni4Q4sSThNgDhIi4CiJdZCO2OeYHDcZjJOVZWaG3IHVPsDGbHN
gw/0S2qeVD7EqIC8eo5Ig0DGcQS+4QGRVHdkteSmfu0oL8vpMwRMjWc7aFwp4ybx
BEcHGIorNCbvkrWtTlJOUXYZgOs1JpGxHZUZ4UBRZ9s91zujKWjyH9pjqObVVxHW
M3lQX8HhFxq07d/3y2/omBwrfjExNghMWokYn49U5Cz39F10uFr7tSPrD8/Gj3s/
Yns9tqzxrvzHKu+RE530Vqx6a2LUxh15MD0aJzZwFrXV
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:54:12 2025 by rpki-client