Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/e41ef4-dc1e-4469-bd2d-440528c1e49e/1/07p1i0oNhQgCdW8ettpqX3OxghA.roa
File: 07p1i0oNhQgCdW8ettpqX3OxghA.roa (raw, json)
Hash identifier: cEq6VeVrj5hi656g66rOvErZc6WPzoaPnDsD+tNrPQk=
Subject key identifier: D3:BA:75:8B:4A:0D:85:08:02:75:6F:1E:B6:DA:6A:5F:73:B1:82:10
Certificate issuer: /CN=d1e013ec8a5c56df241a9b2563d111f8e543bf91
Certificate serial: 01946C7137B688F4C32A9C4F515DBAADF1E6
Authority key identifier: D1:E0:13:EC:8A:5C:56:DF:24:1A:9B:25:63:D1:11:F8:E5:43:BF:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0eAT7IpcVt8kGpslY9ER-OVDv5E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/e41ef4-dc1e-4469-bd2d-440528c1e49e/1/07p1i0oNhQgCdW8ettpqX3OxghA.roa
Signing time: Thu 16 Jan 2025 00:09:06 +0000
ROA not before: Thu 16 Jan 2025 00:09:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51559
IP address blocks: 185.160.28.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 16 Jan 2025 21:41:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:6c:71:37:b6:88:f4:c3:2a:9c:4f:51:5d:ba:ad:f1:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d1e013ec8a5c56df241a9b2563d111f8e543bf91
Validity
Not Before: Jan 16 00:09:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d3ba758b4a0d850802756f1eb6da6a5f73b18210
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:17:b3:31:63:6b:f8:4e:f6:20:94:94:e2:50:
15:33:8c:be:bc:60:9d:95:13:fa:6e:3a:b1:58:1f:
02:35:46:db:95:fc:90:36:15:d1:cc:5a:52:4a:be:
a7:d4:48:fc:4a:40:0b:3a:e1:3d:06:77:ef:b2:ec:
73:1e:00:2b:45:af:46:4f:0f:aa:cf:35:69:91:41:
80:92:2b:0d:5f:de:a7:be:71:ad:01:68:d8:df:88:
2a:63:28:4d:d3:27:df:ac:e5:32:53:6c:9a:e5:d8:
61:13:4e:64:1a:01:fd:0c:68:31:11:9e:fb:0d:ce:
28:d1:8b:04:88:d5:ac:5b:a2:c0:39:92:b8:89:fc:
02:63:0b:b2:55:09:66:f7:24:c6:6a:b5:82:5e:5b:
88:91:1d:cc:07:75:d7:4a:49:4c:b4:c3:5f:3d:fc:
67:b6:e7:00:d2:57:af:64:05:a6:57:49:2d:c0:cf:
fd:93:55:07:0e:c5:df:5f:da:17:61:29:72:2f:67:
c1:7e:c2:7a:6f:14:0c:22:6f:79:d9:f0:fd:9d:78:
1b:be:d0:fa:e4:04:3a:d6:da:e6:20:95:40:e4:dc:
91:39:fc:e9:bc:b1:3f:47:66:fb:c0:a0:ec:3c:bd:
34:df:25:9c:3d:d5:e0:5d:85:ca:dc:50:f1:77:cb:
1c:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:BA:75:8B:4A:0D:85:08:02:75:6F:1E:B6:DA:6A:5F:73:B1:82:10
X509v3 Authority Key Identifier:
keyid:D1:E0:13:EC:8A:5C:56:DF:24:1A:9B:25:63:D1:11:F8:E5:43:BF:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0eAT7IpcVt8kGpslY9ER-OVDv5E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/e41ef4-dc1e-4469-bd2d-440528c1e49e/1/07p1i0oNhQgCdW8ettpqX3OxghA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/e41ef4-dc1e-4469-bd2d-440528c1e49e/1/0eAT7IpcVt8kGpslY9ER-OVDv5E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.160.28.0/24
Signature Algorithm: sha256WithRSAEncryption
75:a8:93:96:f9:ab:e8:0c:5b:16:a1:93:fc:d8:00:34:3b:22:
c1:c4:a7:c2:c5:81:41:b5:eb:b0:a9:d9:62:94:9b:ea:f7:ad:
b8:07:97:14:ac:96:69:96:6a:09:93:42:68:22:0b:00:1e:7d:
b3:9b:e3:d4:93:07:b9:1c:74:6f:6f:69:12:3b:95:38:be:7e:
d6:a5:53:34:ec:db:a2:cb:64:ef:3b:a3:f6:ab:a0:fb:e1:09:
50:26:35:87:ed:37:2c:95:85:87:fb:89:a5:7f:27:ec:36:65:
f9:90:8a:fb:64:57:39:2c:66:c8:23:3d:d5:7b:c1:32:1c:74:
d2:05:b0:1d:d7:b4:1b:08:98:cb:f0:3b:3b:3a:5f:87:0f:ed:
e3:9b:9a:cb:e7:2c:c1:47:bd:a7:53:70:6b:83:2e:41:f8:7b:
04:42:49:75:a6:fb:86:0b:38:8b:95:63:c1:de:43:89:12:03:
a6:57:47:2b:d0:17:c3:a8:f4:35:f2:b0:21:8b:5e:7c:67:c8:
d6:19:b4:38:41:77:4e:e2:5f:b9:50:50:b6:57:08:d0:e8:0f:
4b:5b:46:c2:a4:d0:eb:d4:b1:03:c3:06:70:1e:bf:6f:e2:72:
66:7b:78:4c:d8:d2:fa:90:e6:80:61:0b:e5:8b:a3:9e:2d:34:
85:57:72:d2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZRscTe2iPTDKpxPUV26rfHmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxZTAxM2VjOGE1YzU2ZGYyNDFhOWIyNTYzZDExMWY4ZTU0
M2JmOTEwHhcNMjUwMTE2MDAwOTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkM2JhNzU4YjRhMGQ4NTA4MDI3NTZmMWViNmRhNmE1ZjczYjE4MjEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuRezMWNr+E72IJSU4lAVM4y+vGCd
lRP6bjqxWB8CNUbblfyQNhXRzFpSSr6n1Ej8SkALOuE9BnfvsuxzHgArRa9GTw+q
zzVpkUGAkisNX96nvnGtAWjY34gqYyhN0yffrOUyU2ya5dhhE05kGgH9DGgxEZ77
Dc4o0YsEiNWsW6LAOZK4ifwCYwuyVQlm9yTGarWCXluIkR3MB3XXSklMtMNfPfxn
tucA0levZAWmV0ktwM/9k1UHDsXfX9oXYSlyL2fBfsJ6bxQMIm952fD9nXgbvtD6
5AQ61trmIJVA5NyROfzpvLE/R2b7wKDsPL003yWcPdXgXYXK3FDxd8sc8wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNO6dYtKDYUIAnVvHrbaal9zsYIQMB8GA1UdIwQY
MBaAFNHgE+yKXFbfJBqbJWPREfjlQ7+RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGVBVDdJcGNWdDhrR3BzbFk5RVItT1ZEdjVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS9lNDFlZjQtZGMxZS00NDY5LWJkMmQt
NDQwNTI4YzFlNDllLzEvMDdwMWkwb05oUWdDZFc4ZXR0cHFYM094Z2hBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS9lNDFlZjQtZGMxZS00NDY5LWJkMmQtNDQwNTI4YzFlNDll
LzEvMGVBVDdJcGNWdDhrR3BzbFk5RVItT1ZEdjVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuaAcMA0G
CSqGSIb3DQEBCwUAA4IBAQB1qJOW+avoDFsWoZP82AA0OyLBxKfCxYFBteuwqdli
lJvq9624B5cUrJZplmoJk0JoIgsAHn2zm+PUkwe5HHRvb2kSO5U4vn7WpVM07Nui
y2TvO6P2q6D74QlQJjWH7TcslYWH+4mlfyfsNmX5kIr7ZFc5LGbIIz3Ve8EyHHTS
BbAd17QbCJjL8Ds7Ol+HD+3jm5rL5yzBR72nU3Brgy5B+HsEQkl1pvuGCziLlWPB
3kOJEgOmV0cr0BfDqPQ18rAhi158Z8jWGbQ4QXdO4l+5UFC2VwjQ6A9LW0bCpNDr
1LEDwwZwHr9v4nJme3hM2NL6kOaAYQvli6OeLTSFV3LS
-----END CERTIFICATE-----
Generated at Sun Apr 20 19:54:52 2025 by rpki-client