Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/x8wP9aFLF72un0CMfOv-C_sQ3q0.roa
File: x8wP9aFLF72un0CMfOv-C_sQ3q0.roa (raw, json)
Hash identifier: vsEUpnd+n36nagq3NxTjUu5muEEb3q82niuWfK+FG78=
Subject key identifier: C7:CC:0F:F5:A1:4B:17:BD:AE:9F:40:8C:7C:EB:FE:0B:FB:10:DE:AD
Certificate issuer: /CN=307f5fe2740a2b6de4c3709d2964115b3c967da1
Certificate serial: 018D44C7A7869B2E967C7ED608A81BD79CE6
Authority key identifier: 30:7F:5F:E2:74:0A:2B:6D:E4:C3:70:9D:29:64:11:5B:3C:96:7D:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MH9f4nQKK23kw3CdKWQRWzyWfaE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/x8wP9aFLF72un0CMfOv-C_sQ3q0.roa
Signing time: Fri 26 Jan 2024 07:59:11 +0000
ROA not before: Fri 26 Jan 2024 07:59:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207904
IP address blocks: 213.0.76.0/24 maxlen: 24
213.0.77.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 23:48:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:44:c7:a7:86:9b:2e:96:7c:7e:d6:08:a8:1b:d7:9c:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=307f5fe2740a2b6de4c3709d2964115b3c967da1
Validity
Not Before: Jan 26 07:59:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c7cc0ff5a14b17bdae9f408c7cebfe0bfb10dead
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:26:91:7a:13:e9:91:f7:b0:ba:c7:43:36:09:
95:f5:f3:71:44:e5:3a:ee:68:19:24:b1:e4:7d:c6:
d0:d6:f0:12:a3:ae:eb:02:4f:33:5d:1c:2d:72:c3:
ae:30:97:bc:3c:38:29:cb:68:53:12:44:92:14:7a:
d4:8d:0c:7f:50:65:e2:95:88:83:e7:87:60:97:b8:
0c:50:7c:90:9c:f6:90:c2:08:23:1e:6e:1d:61:b3:
9f:f5:69:e8:d8:ce:d7:fb:ae:50:ee:56:05:8b:a6:
f9:d4:95:c2:0e:86:3b:c8:af:24:1d:f4:ba:ef:1c:
c5:b2:2c:e7:b0:fa:1c:70:71:ac:4a:56:a5:f3:3c:
3a:1c:02:dd:0e:63:23:d9:52:73:a9:79:73:f1:87:
76:54:33:e9:13:69:1c:74:b6:1d:bb:6a:d5:aa:a4:
6c:9c:70:0e:c7:c7:a7:c4:97:c7:89:9b:1f:d1:2f:
62:d8:dc:2c:d9:a0:f8:14:79:00:0b:92:f7:5c:28:
4e:75:66:d1:06:bb:ce:1b:72:f4:d0:50:69:69:6a:
70:91:8b:39:06:ce:ec:8d:7a:f5:35:9b:58:37:c8:
95:2b:ac:e6:c5:e3:81:dd:35:b6:b3:c5:ce:e6:14:
d9:c7:ef:f6:06:d8:40:f2:94:91:9b:f0:3d:00:8e:
b9:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:CC:0F:F5:A1:4B:17:BD:AE:9F:40:8C:7C:EB:FE:0B:FB:10:DE:AD
X509v3 Authority Key Identifier:
keyid:30:7F:5F:E2:74:0A:2B:6D:E4:C3:70:9D:29:64:11:5B:3C:96:7D:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MH9f4nQKK23kw3CdKWQRWzyWfaE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/x8wP9aFLF72un0CMfOv-C_sQ3q0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/MH9f4nQKK23kw3CdKWQRWzyWfaE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.0.76.0/23
Signature Algorithm: sha256WithRSAEncryption
1d:34:d9:5f:c3:0d:1f:71:65:fb:af:0c:5f:cd:3f:6f:7d:a7:
12:c2:1e:77:be:ca:43:c8:a1:34:01:47:2b:03:90:ee:11:04:
88:b7:06:f2:20:a9:eb:b5:f0:72:63:b1:cd:0a:df:b8:25:fe:
c4:83:24:85:34:50:c1:f4:ca:58:e3:04:8a:03:b3:13:f9:6e:
b6:d2:06:87:65:9d:87:87:77:c7:c9:80:03:3c:98:17:a2:3f:
ef:7f:c9:b9:a3:78:8f:49:60:21:af:71:d5:56:15:68:59:74:
b0:1e:b7:46:9a:f5:dc:c4:f0:c4:05:3e:d2:3b:36:83:47:49:
c6:b9:25:bf:0f:7e:63:a3:10:d1:96:24:ca:4a:4b:5c:f6:3b:
b5:f5:e9:ef:5d:92:7b:4a:2d:88:56:5f:3b:ef:1b:52:95:96:
76:36:e7:a3:f6:4c:98:02:25:cf:47:e1:0d:3e:86:45:83:61:
90:4c:fd:d7:62:ba:07:bb:05:03:c9:f9:37:d0:63:0a:69:2b:
29:52:e4:90:68:b5:8e:9f:50:3e:a0:32:d6:27:d1:b0:e0:ab:
28:1c:89:8f:0f:80:d9:7e:ce:b1:d5:90:c7:26:13:a0:43:9f:
eb:c9:2e:a0:60:17:73:1a:d4:67:c7:3f:15:eb:ee:dc:fd:a0:
e7:c0:3b:28
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY1Ex6eGmy6WfH7WCKgb15zmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwN2Y1ZmUyNzQwYTJiNmRlNGMzNzA5ZDI5NjQxMTViM2M5
NjdkYTEwHhcNMjQwMTI2MDc1OTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjN2NjMGZmNWExNGIxN2JkYWU5ZjQwOGM3Y2ViZmUwYmZiMTBkZWFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgyaRehPpkfewusdDNgmV9fNxROU6
7mgZJLHkfcbQ1vASo67rAk8zXRwtcsOuMJe8PDgpy2hTEkSSFHrUjQx/UGXilYiD
54dgl7gMUHyQnPaQwggjHm4dYbOf9Wno2M7X+65Q7lYFi6b51JXCDoY7yK8kHfS6
7xzFsiznsPoccHGsSlal8zw6HALdDmMj2VJzqXlz8Yd2VDPpE2kcdLYdu2rVqqRs
nHAOx8enxJfHiZsf0S9i2Nws2aD4FHkAC5L3XChOdWbRBrvOG3L00FBpaWpwkYs5
Bs7sjXr1NZtYN8iVK6zmxeOB3TW2s8XO5hTZx+/2BthA8pSRm/A9AI65CwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMfMD/WhSxe9rp9AjHzr/gv7EN6tMB8GA1UdIwQY
MBaAFDB/X+J0Citt5MNwnSlkEVs8ln2hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUg5ZjRuUUtLMjNrdzNDZEtXUVJXenlXZmFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9kY2ZkNDgtYzU0YS00Yzc4LWE0ZWQt
NGJhMmY4ZjFmODNiLzEveDh3UDlhRkxGNzJ1bjBDTWZPdi1DX3NRM3EwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9kY2ZkNDgtYzU0YS00Yzc4LWE0ZWQtNGJhMmY4ZjFmODNi
LzEvTUg5ZjRuUUtLMjNrdzNDZEtXUVJXenlXZmFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB1QBMMA0G
CSqGSIb3DQEBCwUAA4IBAQAdNNlfww0fcWX7rwxfzT9vfacSwh53vspDyKE0AUcr
A5DuEQSItwbyIKnrtfByY7HNCt+4Jf7EgySFNFDB9MpY4wSKA7MT+W620gaHZZ2H
h3fHyYADPJgXoj/vf8m5o3iPSWAhr3HVVhVoWXSwHrdGmvXcxPDEBT7SOzaDR0nG
uSW/D35joxDRliTKSktc9ju19envXZJ7Si2IVl877xtSlZZ2Nuej9kyYAiXPR+EN
PoZFg2GQTP3XYroHuwUDyfk30GMKaSspUuSQaLWOn1A+oDLWJ9Gw4KsoHImPD4DZ
fs6x1ZDHJhOgQ5/ryS6gYBdzGtRnxz8V6+7c/aDnwDso
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:30:50 2025 by rpki-client