Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/9efd94-0516-4e66-98d5-251b019d51a8/1/0G40xTC4mhtCVZZLm0DunNhAoOc.roa
File: 0G40xTC4mhtCVZZLm0DunNhAoOc.roa (raw, json)
Hash identifier: e7x1W6umCmNqc/gNp5FRYgAfHMNXCGkxcKsCudgc66A=
Subject key identifier: D0:6E:34:C5:30:B8:9A:1B:42:55:96:4B:9B:40:EE:9C:D8:40:A0:E7
Certificate issuer: /CN=8f7b496ea7cf763d058308371e1bf67e53bc7ba3
Certificate serial: 0190F7912BC593C9129F552D0F68783E390D
Authority key identifier: 8F:7B:49:6E:A7:CF:76:3D:05:83:08:37:1E:1B:F6:7E:53:BC:7B:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/j3tJbqfPdj0Fgwg3Hhv2flO8e6M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/9efd94-0516-4e66-98d5-251b019d51a8/1/0G40xTC4mhtCVZZLm0DunNhAoOc.roa
Signing time: Sun 28 Jul 2024 04:20:04 +0000
ROA not before: Sun 28 Jul 2024 04:20:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205961
IP address blocks: 185.200.20.0/22 maxlen: 22
185.200.20.0/24 maxlen: 24
185.200.21.0/24 maxlen: 24
185.200.22.0/24 maxlen: 24
185.200.23.0/24 maxlen: 24
2a0b:24c1::/33 maxlen: 33
Validation: Failed, certificate revoked on Wed 07 Aug 2024 21:39:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:f7:91:2b:c5:93:c9:12:9f:55:2d:0f:68:78:3e:39:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8f7b496ea7cf763d058308371e1bf67e53bc7ba3
Validity
Not Before: Jul 28 04:20:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d06e34c530b89a1b4255964b9b40ee9cd840a0e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:88:42:fc:87:06:a7:ab:ea:31:c4:37:32:aa:
7b:6a:34:1c:04:65:4a:ea:df:92:f6:5f:7f:8c:0b:
17:18:51:ca:f2:1b:e5:0b:f6:8e:0f:ff:c3:c9:d8:
b5:b4:13:1a:0c:ba:7a:55:4b:e3:93:47:8e:a3:82:
51:e9:31:b0:2b:8c:fe:1a:37:c4:67:d3:e5:af:33:
f9:04:c3:b3:52:01:8e:90:d4:40:a1:7f:7c:e5:b7:
de:0f:fa:e9:8d:a1:f5:21:f6:c5:f9:4c:04:38:a9:
05:ee:5f:8b:e3:05:21:92:51:12:bd:ee:69:b1:3c:
b9:45:f9:3a:a7:17:46:c0:9b:a0:db:78:3d:4c:2e:
f4:21:d3:29:30:c4:59:ce:d9:9d:9d:e0:47:e9:a4:
86:dc:33:98:eb:3b:36:b2:b7:97:67:48:68:60:fe:
c4:07:4b:bb:b7:7a:2a:e7:10:09:7a:c4:68:ea:8e:
a6:24:fc:d8:a7:92:ba:82:05:5a:d3:79:fc:c8:07:
8e:bc:66:7f:52:f8:7a:70:ba:7f:5a:a3:b3:2e:86:
96:a2:51:fd:de:3e:17:8a:67:b0:2a:4c:83:18:f9:
b2:fe:d9:e0:13:10:2e:c3:b7:fa:8a:d5:c2:50:13:
75:06:2f:8a:d5:ca:d6:ca:c2:6d:33:4a:22:07:4c:
b4:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:6E:34:C5:30:B8:9A:1B:42:55:96:4B:9B:40:EE:9C:D8:40:A0:E7
X509v3 Authority Key Identifier:
keyid:8F:7B:49:6E:A7:CF:76:3D:05:83:08:37:1E:1B:F6:7E:53:BC:7B:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/j3tJbqfPdj0Fgwg3Hhv2flO8e6M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/9efd94-0516-4e66-98d5-251b019d51a8/1/0G40xTC4mhtCVZZLm0DunNhAoOc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/9efd94-0516-4e66-98d5-251b019d51a8/1/j3tJbqfPdj0Fgwg3Hhv2flO8e6M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.200.20.0/22
IPv6:
2a0b:24c1::/33
Signature Algorithm: sha256WithRSAEncryption
0c:ab:c4:d2:f8:63:bc:cb:12:da:b4:44:43:3c:a2:27:07:e7:
4c:6e:09:95:90:2e:e7:65:d0:00:51:94:83:38:b0:7d:bb:0f:
fc:75:17:3d:48:ca:c4:3b:78:de:42:d8:b0:67:bd:0c:17:97:
04:15:29:a0:ba:4f:10:e0:43:e9:71:be:64:c1:ea:9b:09:79:
03:64:09:cf:e8:15:77:26:43:e6:fe:25:d4:e1:ad:97:20:13:
7b:b1:9b:99:d7:70:2b:e5:a7:4c:ea:85:f0:d3:79:6c:65:e0:
b3:7a:e8:08:e3:5b:5d:c8:6c:68:af:f0:4c:51:10:2c:52:d5:
83:c7:21:f7:fc:b1:12:42:c7:64:ed:a1:20:85:d2:74:1a:4e:
1e:c8:99:43:ea:65:c1:d8:db:74:83:6b:d8:f2:dd:ac:81:8e:
f8:7b:a0:78:e1:a5:5c:d5:23:74:ff:78:1f:c5:41:12:a9:a8:
8f:ad:8a:dc:29:13:74:cb:f5:e1:85:f8:d6:3c:7c:d6:ba:af:
6d:e7:98:a4:ec:22:66:de:3a:96:1c:29:50:66:f8:9c:0f:bb:
31:fd:90:f3:f2:bb:75:75:1a:56:51:d3:93:89:a5:aa:8d:05:
45:4d:f9:04:57:7f:a2:1a:fa:15:8f:c9:a3:e7:0d:26:1d:4d:
31:d0:cc:d1
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAZD3kSvFk8kSn1UtD2h4PjkNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmN2I0OTZlYTdjZjc2M2QwNTgzMDgzNzFlMWJmNjdlNTNi
YzdiYTMwHhcNMjQwNzI4MDQyMDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDZlMzRjNTMwYjg5YTFiNDI1NTk2NGI5YjQwZWU5Y2Q4NDBhMGU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnYhC/IcGp6vqMcQ3Mqp7ajQcBGVK
6t+S9l9/jAsXGFHK8hvlC/aOD//Dydi1tBMaDLp6VUvjk0eOo4JR6TGwK4z+GjfE
Z9PlrzP5BMOzUgGOkNRAoX985bfeD/rpjaH1IfbF+UwEOKkF7l+L4wUhklESve5p
sTy5Rfk6pxdGwJug23g9TC70IdMpMMRZztmdneBH6aSG3DOY6zs2sreXZ0hoYP7E
B0u7t3oq5xAJesRo6o6mJPzYp5K6ggVa03n8yAeOvGZ/Uvh6cLp/WqOzLoaWolH9
3j4XimewKkyDGPmy/tngExAuw7f6itXCUBN1Bi+K1crWysJtM0oiB0y0mQIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFNBuNMUwuJobQlWWS5tA7pzYQKDnMB8GA1UdIwQY
MBaAFI97SW6nz3Y9BYMINx4b9n5TvHujMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvajN0SmJxZlBkajBGZ3dnM0hodjJmbE84ZTZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS85ZWZkOTQtMDUxNi00ZTY2LTk4ZDUt
MjUxYjAxOWQ1MWE4LzEvMEc0MHhUQzRtaHRDVlpaTG0wRHVuTmhBb09jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS85ZWZkOTQtMDUxNi00ZTY2LTk4ZDUtMjUxYjAxOWQ1MWE4
LzEvajN0SmJxZlBkajBGZ3dnM0hodjJmbE84ZTZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQCucgUMA4E
AgACMAgDBgcqCyTBADANBgkqhkiG9w0BAQsFAAOCAQEADKvE0vhjvMsS2rREQzyi
JwfnTG4JlZAu52XQAFGUgziwfbsP/HUXPUjKxDt43kLYsGe9DBeXBBUpoLpPEOBD
6XG+ZMHqmwl5A2QJz+gVdyZD5v4l1OGtlyATe7GbmddwK+WnTOqF8NN5bGXgs3ro
CONbXchsaK/wTFEQLFLVg8ch9/yxEkLHZO2hIIXSdBpOHsiZQ+plwdjbdINr2PLd
rIGO+HugeOGlXNUjdP94H8VBEqmoj62K3CkTdMv14YX41jx81rqvbeeYpOwiZt46
lhwpUGb4nA+7Mf2Q8/K7dXUaVlHTk4mlqo0FRU35BFd/ohr6FY/Jo+cNJh1NMdDM
0Q==
-----END CERTIFICATE-----
Generated at Sun Apr 13 02:58:12 2025 by rpki-client