Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/00e33e-fd74-4583-984e-c6b84cc58610/1/fj7Ivk3oYztIzO4QzPFqo0Tp46k.roa
File: fj7Ivk3oYztIzO4QzPFqo0Tp46k.roa (raw, json)
Hash identifier: SRwRepRiTkoV38gDUuhtoMVY91jk/mTT+RopAAUDew0=
Subject key identifier: 7E:3E:C8:BE:4D:E8:63:3B:48:CC:EE:10:CC:F1:6A:A3:44:E9:E3:A9
Certificate issuer: /CN=04a5ec5f52668be50b4518b687cf8bd95930ae39
Certificate serial: 018CC4938B8B31C99CD2F412BA5C13B399BA
Authority key identifier: 04:A5:EC:5F:52:66:8B:E5:0B:45:18:B6:87:CF:8B:D9:59:30:AE:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BKXsX1Jmi-ULRRi2h8-L2Vkwrjk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c2/00e33e-fd74-4583-984e-c6b84cc58610/1/fj7Ivk3oYztIzO4QzPFqo0Tp46k.roa
Signing time: Mon 01 Jan 2024 10:30:52 +0000
ROA not before: Mon 01 Jan 2024 10:30:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 13101
IP address blocks: 185.60.21.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 05:47:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:8b:8b:31:c9:9c:d2:f4:12:ba:5c:13:b3:99:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=04a5ec5f52668be50b4518b687cf8bd95930ae39
Validity
Not Before: Jan 1 10:30:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7e3ec8be4de8633b48ccee10ccf16aa344e9e3a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:8c:2e:97:db:3b:1b:3d:56:5c:a9:2f:82:e1:
dd:81:a0:ed:42:65:ca:89:ad:59:48:99:95:cc:71:
32:d4:4a:0f:23:0c:82:f6:43:ba:37:87:ea:93:15:
30:b0:44:84:58:20:73:ff:16:2a:04:d5:ef:c2:5e:
35:49:13:ea:6c:4e:94:fc:e5:e1:c1:58:61:70:77:
b6:9f:c7:9e:1c:3f:16:59:a6:e9:73:82:3f:c0:3a:
17:7c:e2:87:f9:a9:a8:25:0f:c4:34:cc:c6:15:2f:
57:c9:fd:be:99:2d:e3:30:3e:d9:76:cf:c6:a6:58:
eb:ea:b4:90:d1:00:67:1d:c5:10:3b:6e:e7:eb:c3:
3f:be:b2:7e:78:dd:9e:46:0a:51:4e:f3:2f:81:25:
0e:f3:18:65:ff:c5:bb:d0:78:09:d9:cc:26:2d:54:
87:6f:17:24:0e:54:c9:1b:58:d0:11:4d:24:af:ee:
8b:84:9a:71:47:c7:75:e8:25:66:5a:55:54:4e:b3:
ce:a5:1e:58:f8:05:64:da:3e:47:f7:e3:bb:1e:6d:
9f:4e:94:06:3f:2e:7d:ac:e3:05:aa:df:01:18:54:
1f:a9:60:f8:47:9f:b0:86:9a:0f:e6:04:ec:86:47:
57:bc:b0:a7:b4:44:a3:ef:d6:a7:f6:fc:6c:f3:db:
6c:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:3E:C8:BE:4D:E8:63:3B:48:CC:EE:10:CC:F1:6A:A3:44:E9:E3:A9
X509v3 Authority Key Identifier:
keyid:04:A5:EC:5F:52:66:8B:E5:0B:45:18:B6:87:CF:8B:D9:59:30:AE:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BKXsX1Jmi-ULRRi2h8-L2Vkwrjk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/00e33e-fd74-4583-984e-c6b84cc58610/1/fj7Ivk3oYztIzO4QzPFqo0Tp46k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/00e33e-fd74-4583-984e-c6b84cc58610/1/BKXsX1Jmi-ULRRi2h8-L2Vkwrjk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.60.21.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:10:dd:f3:87:ba:d4:66:06:b6:70:dc:3a:a2:ec:8f:39:e5:
5c:47:6a:72:04:ec:42:6c:b3:8a:8b:88:6a:6a:fd:1d:88:56:
20:3d:26:2a:8e:76:b0:a6:bc:80:2d:f3:ee:5c:24:02:66:29:
6e:b1:09:1a:8b:1e:c6:ef:20:c3:87:1f:c1:8d:73:ce:b1:99:
d3:e5:02:59:d9:00:75:e6:57:6f:c3:61:04:7d:0f:9f:82:4d:
03:04:fe:a0:03:2e:63:f2:7c:bb:8b:f4:d4:c0:b5:b0:58:eb:
fc:56:0e:58:96:09:34:7a:0a:f4:a2:a3:4c:0a:88:b7:be:4d:
33:9e:c4:c4:3c:33:ba:dc:d2:b7:23:23:21:1e:19:c4:eb:88:
ee:3f:1a:d7:5b:07:9c:75:7d:19:8e:e2:58:1e:16:b1:f3:99:
2e:2f:53:ed:bc:f2:0d:b6:ef:c9:d3:d8:ae:33:48:23:c1:f9:
b6:54:3f:4f:81:ef:d3:a3:71:42:11:dd:de:23:b4:a4:ee:fc:
29:f8:db:7b:46:2e:e0:2d:0d:28:39:d6:b3:96:06:bc:8e:7b:
d6:f6:01:86:d6:55:f8:dc:08:3a:39:17:a7:71:05:cc:43:c7:
8c:34:2b:75:c4:98:16:39:40:95:3b:10:31:b7:da:bb:b2:0d:
e1:d7:32:f2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzEk4uLMcmc0vQSulwTs5m6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0YTVlYzVmNTI2NjhiZTUwYjQ1MThiNjg3Y2Y4YmQ5NTkz
MGFlMzkwHhcNMjQwMTAxMTAzMDUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTNlYzhiZTRkZTg2MzNiNDhjY2VlMTBjY2YxNmFhMzQ0ZTllM2E5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkYwul9s7Gz1WXKkvguHdgaDtQmXK
ia1ZSJmVzHEy1EoPIwyC9kO6N4fqkxUwsESEWCBz/xYqBNXvwl41SRPqbE6U/OXh
wVhhcHe2n8eeHD8WWabpc4I/wDoXfOKH+amoJQ/ENMzGFS9Xyf2+mS3jMD7Zds/G
pljr6rSQ0QBnHcUQO27n68M/vrJ+eN2eRgpRTvMvgSUO8xhl/8W70HgJ2cwmLVSH
bxckDlTJG1jQEU0kr+6LhJpxR8d16CVmWlVUTrPOpR5Y+AVk2j5H9+O7Hm2fTpQG
Py59rOMFqt8BGFQfqWD4R5+whpoP5gTshkdXvLCntESj79an9vxs89tsZwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFH4+yL5N6GM7SMzuEMzxaqNE6eOpMB8GA1UdIwQY
MBaAFASl7F9SZovlC0UYtofPi9lZMK45MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQktYc1gxSm1pLVVMUlJpMmg4LUwyVmt3cmprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi8wMGUzM2UtZmQ3NC00NTgzLTk4NGUt
YzZiODRjYzU4NjEwLzEvZmo3SXZrM29ZenRJek80UXpQRnFvMFRwNDZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi8wMGUzM2UtZmQ3NC00NTgzLTk4NGUtYzZiODRjYzU4NjEw
LzEvQktYc1gxSm1pLVVMUlJpMmg4LUwyVmt3cmprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuTwVMA0G
CSqGSIb3DQEBCwUAA4IBAQB9EN3zh7rUZga2cNw6ouyPOeVcR2pyBOxCbLOKi4hq
av0diFYgPSYqjnawpryALfPuXCQCZilusQkaix7G7yDDhx/BjXPOsZnT5QJZ2QB1
5ldvw2EEfQ+fgk0DBP6gAy5j8ny7i/TUwLWwWOv8Vg5Ylgk0egr0oqNMCoi3vk0z
nsTEPDO63NK3IyMhHhnE64juPxrXWwecdX0ZjuJYHhax85kuL1PtvPINtu/J09iu
M0gjwfm2VD9Pge/To3FCEd3eI7Sk7vwp+Nt7Ri7gLQ0oOdazlga8jnvW9gGG1lX4
3Ag6ORencQXMQ8eMNCt1xJgWOUCVOxAxt9q7sg3h1zLy
-----END CERTIFICATE-----
Generated at Sun Feb 16 21:55:28 2025 by rpki-client