Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/7ea195-2fbe-4806-a82d-16b44c4935ea/1/8-A7oo0Nh7wxwWsGIq212b9Cr9I.roa
File: 8-A7oo0Nh7wxwWsGIq212b9Cr9I.roa (raw, json)
Hash identifier: ArcKRHp9hN3aBOJsNnR7dsQhDNYarQ9GvV/b+e4UJFk=
Subject key identifier: F3:E0:3B:A2:8D:0D:87:BC:31:C1:6B:06:22:AD:B5:D9:BF:42:AF:D2
Certificate issuer: /CN=2fc438cd8aaeb1ad242ed49b4ff287c9d0f43b0e
Certificate serial: 018CC3495CE30DCED01621153ECF97EE13C6
Authority key identifier: 2F:C4:38:CD:8A:AE:B1:AD:24:2E:D4:9B:4F:F2:87:C9:D0:F4:3B:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L8Q4zYqusa0kLtSbT_KHydD0Ow4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/7ea195-2fbe-4806-a82d-16b44c4935ea/1/8-A7oo0Nh7wxwWsGIq212b9Cr9I.roa
Signing time: Mon 01 Jan 2024 04:30:14 +0000
ROA not before: Mon 01 Jan 2024 04:30:14 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35665
IP address blocks: 213.108.232.0/23 maxlen: 23
213.108.238.0/23 maxlen: 23
213.108.236.0/23 maxlen: 23
213.108.234.0/23 maxlen: 23
185.177.224.0/22 maxlen: 22
46.18.96.0/24 maxlen: 24
46.18.97.0/24 maxlen: 24
46.18.98.0/24 maxlen: 24
46.18.103.0/24 maxlen: 24
46.18.99.0/24 maxlen: 24
46.18.100.0/24 maxlen: 24
46.18.101.0/24 maxlen: 24
46.18.102.0/24 maxlen: 24
195.160.188.0/24 maxlen: 24
195.160.189.0/24 maxlen: 24
2a02:2778::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 02 Jan 2025 07:49:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:5c:e3:0d:ce:d0:16:21:15:3e:cf:97:ee:13:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2fc438cd8aaeb1ad242ed49b4ff287c9d0f43b0e
Validity
Not Before: Jan 1 04:30:14 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f3e03ba28d0d87bc31c16b0622adb5d9bf42afd2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:dc:98:49:e7:81:a9:e3:bb:65:2e:47:22:70:
af:1c:68:e5:58:0d:af:c3:f4:ec:52:a6:db:85:cf:
05:b7:ac:3c:27:1a:a9:da:d3:53:a6:ac:08:10:dd:
b8:0a:8b:24:d4:32:40:38:62:31:4e:3f:47:23:c1:
58:80:45:17:ee:dc:20:7e:f1:3e:a7:0c:30:3c:7d:
ee:e1:63:ec:b6:a2:00:1a:50:25:01:98:24:78:20:
00:5a:6a:c2:6f:96:2f:59:76:e9:28:c6:de:8c:bb:
e2:da:14:bd:ed:d4:e5:48:e6:9b:be:9a:2f:b7:e7:
ea:d7:07:ce:4f:3a:b7:98:8f:e7:a8:76:a2:1b:d1:
cc:87:89:87:c7:59:7e:2c:f5:69:fa:9b:ff:27:96:
ed:69:d8:0e:bd:40:13:dd:84:b1:0c:79:32:5c:88:
f4:72:27:ee:33:cb:f6:10:ad:51:3e:6f:37:93:9b:
02:8b:a5:1b:c0:8c:e4:f3:58:47:1f:ca:cc:22:7c:
d5:28:ad:6c:5f:1a:c2:8d:2a:d1:fb:43:e2:8f:92:
b0:75:cf:78:81:25:e5:f7:17:06:f4:73:a8:54:04:
70:53:be:c7:9d:c1:fe:28:d8:8b:19:d1:19:25:f9:
0a:fd:40:8b:9d:e2:a7:0b:18:b9:4a:07:a9:0e:6b:
ee:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:E0:3B:A2:8D:0D:87:BC:31:C1:6B:06:22:AD:B5:D9:BF:42:AF:D2
X509v3 Authority Key Identifier:
keyid:2F:C4:38:CD:8A:AE:B1:AD:24:2E:D4:9B:4F:F2:87:C9:D0:F4:3B:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L8Q4zYqusa0kLtSbT_KHydD0Ow4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/7ea195-2fbe-4806-a82d-16b44c4935ea/1/8-A7oo0Nh7wxwWsGIq212b9Cr9I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/7ea195-2fbe-4806-a82d-16b44c4935ea/1/L8Q4zYqusa0kLtSbT_KHydD0Ow4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.18.96.0/21
185.177.224.0/22
195.160.188.0/23
213.108.232.0/21
IPv6:
2a02:2778::/32
Signature Algorithm: sha256WithRSAEncryption
8b:5b:fd:f6:d5:ef:2f:2b:d2:f7:8c:6f:67:e2:d8:46:f8:d9:
b1:fc:47:e4:ac:1a:f4:37:2d:be:aa:f9:46:64:3a:85:8b:5c:
ad:9c:83:84:29:c7:69:4e:6a:c2:54:dc:f9:eb:ea:83:cb:de:
d0:ae:5c:c5:0a:48:27:f0:c8:22:09:05:fb:7f:c9:c1:26:77:
aa:86:03:ad:3f:a4:27:d4:ba:39:7d:de:c0:da:5b:78:f5:1c:
e5:65:e1:53:73:3f:93:b9:92:c3:6a:d5:68:b4:61:19:83:d0:
a1:d0:8f:b4:98:4b:25:a2:ae:3b:79:5e:44:e2:b9:09:44:3e:
b9:80:d6:76:9e:f5:86:71:61:a0:39:79:b8:05:c2:76:59:0b:
a1:24:13:0d:52:9f:53:0b:57:f0:07:e3:9d:88:14:42:80:60:
82:39:06:4d:46:dd:55:96:f8:9b:88:9a:60:6f:37:2a:08:7b:
f5:00:9b:93:57:72:76:8c:e3:f7:be:19:54:07:e2:60:9f:92:
f4:91:ef:a1:de:f0:90:1c:ba:c9:5b:33:e7:0b:f7:9f:bb:eb:
05:b9:0a:6e:84:8e:c7:cd:e6:78:7f:72:c6:c5:82:e0:ee:27:
da:fd:c9:93:77:3a:49:f3:40:13:51:a2:33:85:07:7b:a9:4b:
7f:6a:39:44
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzDSVzjDc7QFiEVPs+X7hPGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmYzQzOGNkOGFhZWIxYWQyNDJlZDQ5YjRmZjI4N2M5ZDBm
NDNiMGUwHhcNMjQwMTAxMDQzMDE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmM2UwM2JhMjhkMGQ4N2JjMzFjMTZiMDYyMmFkYjVkOWJmNDJhZmQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1NyYSeeBqeO7ZS5HInCvHGjlWA2v
w/TsUqbbhc8Ft6w8Jxqp2tNTpqwIEN24Cosk1DJAOGIxTj9HI8FYgEUX7twgfvE+
pwwwPH3u4WPstqIAGlAlAZgkeCAAWmrCb5YvWXbpKMbejLvi2hS97dTlSOabvpov
t+fq1wfOTzq3mI/nqHaiG9HMh4mHx1l+LPVp+pv/J5btadgOvUAT3YSxDHkyXIj0
cifuM8v2EK1RPm83k5sCi6UbwIzk81hHH8rMInzVKK1sXxrCjSrR+0Pij5Kwdc94
gSXl9xcG9HOoVARwU77HncH+KNiLGdEZJfkK/UCLneKnCxi5SgepDmvuVwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFPPgO6KNDYe8McFrBiKttdm/Qq/SMB8GA1UdIwQY
MBaAFC/EOM2KrrGtJC7Um0/yh8nQ9DsOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDhRNHpZcXVzYTBrTHRTYlRfS0h5ZEQwT3c0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi83ZWExOTUtMmZiZS00ODA2LWE4MmQt
MTZiNDRjNDkzNWVhLzEvOC1BN29vME5oN3d4d1dzR0lxMjEyYjlDcjlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi83ZWExOTUtMmZiZS00ODA2LWE4MmQtMTZiNDRjNDkzNWVh
LzEvTDhRNHpZcXVzYTBrTHRTYlRfS0h5ZEQwT3c0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQDLhJgAwQC
ubHgAwQBw6C8AwQD1WzoMA0EAgACMAcDBQAqAid4MA0GCSqGSIb3DQEBCwUAA4IB
AQCLW/321e8vK9L3jG9n4thG+Nmx/EfkrBr0Ny2+qvlGZDqFi1ytnIOEKcdpTmrC
VNz56+qDy97QrlzFCkgn8MgiCQX7f8nBJneqhgOtP6Qn1Lo5fd7A2lt49RzlZeFT
cz+TuZLDatVotGEZg9Ch0I+0mEsloq47eV5E4rkJRD65gNZ2nvWGcWGgOXm4BcJ2
WQuhJBMNUp9TC1fwB+OdiBRCgGCCOQZNRt1VlvibiJpgbzcqCHv1AJuTV3J2jOP3
vhlUB+Jgn5L0ke+h3vCQHLrJWzPnC/efu+sFuQpuhI7HzeZ4f3LGxYLg7ifa/cmT
dzpJ80ATUaIzhQd7qUt/ajlE
-----END CERTIFICATE-----
Generated at Sat Apr 19 04:56:26 2025 by rpki-client