Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/7a8f3f-304c-4a26-aeca-18bdfe8cc0cd/1/apUQseKQi8gyaxev1hnesC50ZdE.roa
File: apUQseKQi8gyaxev1hnesC50ZdE.roa (raw, json)
Hash identifier: TNMvQYL8n5P7lFXXd7rzRPNTLsXFV+l2sdErDDILJxA=
Subject key identifier: 6A:95:10:B1:E2:90:8B:C8:32:6B:17:AF:D6:19:DE:B0:2E:74:65:D1
Certificate issuer: /CN=bc663c6e779dae9bdb046854f189fe8c5c3c32e1
Certificate serial: 018CC94CC0E102789B1970744BDF98D0FA5A
Authority key identifier: BC:66:3C:6E:77:9D:AE:9B:DB:04:68:54:F1:89:FE:8C:5C:3C:32:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vGY8bnedrpvbBGhU8Yn-jFw8MuE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/7a8f3f-304c-4a26-aeca-18bdfe8cc0cd/1/apUQseKQi8gyaxev1hnesC50ZdE.roa
Signing time: Tue 02 Jan 2024 08:31:39 +0000
ROA not before: Tue 02 Jan 2024 08:31:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51607
IP address blocks: 109.235.191.0/24 maxlen: 24
185.30.118.0/23 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 13:49:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4c:c0:e1:02:78:9b:19:70:74:4b:df:98:d0:fa:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bc663c6e779dae9bdb046854f189fe8c5c3c32e1
Validity
Not Before: Jan 2 08:31:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6a9510b1e2908bc8326b17afd619deb02e7465d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:eb:1a:09:9b:f7:3f:c9:8a:f2:27:e6:18:5c:
0d:fb:10:ba:3c:19:71:52:e6:22:73:03:5b:8c:6c:
35:be:52:97:b3:f6:03:52:0a:10:b6:9c:67:33:33:
fd:28:62:5b:ab:34:e0:bf:a2:49:71:2b:8e:97:f5:
b7:b4:47:51:2e:b7:f1:e4:60:3b:28:52:cd:0b:b5:
fb:4e:5a:cc:f1:a7:55:9b:41:5d:f9:4f:c9:45:58:
09:70:aa:1f:10:12:50:d3:2a:08:3b:bc:1c:04:6a:
61:e6:de:39:24:0b:b2:a2:8b:25:7a:9f:02:0b:7b:
2b:08:aa:f7:47:84:db:cb:4b:79:2c:bd:6d:78:17:
82:55:bf:ba:e1:f6:a3:08:fd:dc:d5:36:a6:7e:03:
61:8f:69:6b:44:92:71:c7:c0:0f:08:59:83:3b:46:
b1:97:31:7b:71:80:af:c3:38:96:1e:79:05:49:a4:
ea:45:e3:d6:78:6a:79:10:b7:ce:ea:e0:0e:73:9b:
78:1d:c8:03:be:39:93:85:46:c6:2b:39:57:a3:e7:
4f:b4:6e:7d:78:62:c3:c9:8c:19:cb:dd:a9:cf:17:
4d:4d:bc:e9:5f:ce:bf:e7:f8:60:33:21:41:dd:d3:
88:30:ea:15:5e:2c:76:7f:cd:f8:69:0c:25:83:d0:
a8:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:95:10:B1:E2:90:8B:C8:32:6B:17:AF:D6:19:DE:B0:2E:74:65:D1
X509v3 Authority Key Identifier:
keyid:BC:66:3C:6E:77:9D:AE:9B:DB:04:68:54:F1:89:FE:8C:5C:3C:32:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vGY8bnedrpvbBGhU8Yn-jFw8MuE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/7a8f3f-304c-4a26-aeca-18bdfe8cc0cd/1/apUQseKQi8gyaxev1hnesC50ZdE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/7a8f3f-304c-4a26-aeca-18bdfe8cc0cd/1/vGY8bnedrpvbBGhU8Yn-jFw8MuE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.235.191.0/24
185.30.118.0/23
Signature Algorithm: sha256WithRSAEncryption
02:37:01:c7:2f:74:09:a1:8a:a6:43:a0:61:83:4f:6f:04:f4:
8e:78:88:7c:89:be:16:f6:3c:f8:ca:ee:75:eb:c4:2b:02:71:
d9:ab:af:93:68:54:a2:27:26:4f:65:64:fd:af:68:25:40:3b:
45:db:a8:77:35:27:f6:27:39:b5:af:aa:72:7b:48:3e:bf:63:
d0:33:39:38:ad:2e:fb:1b:13:5c:e3:d9:8c:2c:5a:46:19:44:
c5:62:25:66:47:45:d9:84:cb:3c:06:3e:43:c8:88:4d:57:60:
1e:a2:4f:6e:ad:94:4a:e2:c8:a2:0f:63:52:c0:dd:69:c2:67:
38:55:e2:7d:24:48:11:92:e2:92:fe:6a:1b:8c:fc:0e:41:72:
78:e0:e2:25:0b:f8:b8:0e:7e:c2:a5:46:a4:27:2d:14:9c:76:
12:9f:ca:3d:e7:f0:44:3e:48:59:1c:50:e9:2b:76:b0:3c:3e:
f7:e6:ac:b0:7f:01:9d:69:76:90:36:79:5d:2d:38:3a:46:64:
5b:93:d2:bd:16:70:cd:59:f1:a8:32:85:c7:52:53:b8:9e:f4:
75:9d:11:a3:27:3f:19:5b:be:0f:dd:e1:c6:b4:6f:7c:d5:be:
b3:55:d1:ac:40:97:f1:c1:f1:74:bb:cd:ed:36:4d:17:cc:a6:
55:10:2d:7d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzJTMDhAnibGXB0S9+Y0PpaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjNjYzYzZlNzc5ZGFlOWJkYjA0Njg1NGYxODlmZThjNWMz
YzMyZTEwHhcNMjQwMTAyMDgzMTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTk1MTBiMWUyOTA4YmM4MzI2YjE3YWZkNjE5ZGViMDJlNzQ2NWQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj+saCZv3P8mK8ifmGFwN+xC6PBlx
UuYicwNbjGw1vlKXs/YDUgoQtpxnMzP9KGJbqzTgv6JJcSuOl/W3tEdRLrfx5GA7
KFLNC7X7TlrM8adVm0Fd+U/JRVgJcKofEBJQ0yoIO7wcBGph5t45JAuyooslep8C
C3srCKr3R4Tby0t5LL1teBeCVb+64fajCP3c1TamfgNhj2lrRJJxx8APCFmDO0ax
lzF7cYCvwziWHnkFSaTqRePWeGp5ELfO6uAOc5t4HcgDvjmThUbGKzlXo+dPtG59
eGLDyYwZy92pzxdNTbzpX86/5/hgMyFB3dOIMOoVXix2f834aQwlg9CoEQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGqVELHikIvIMmsXr9YZ3rAudGXRMB8GA1UdIwQY
MBaAFLxmPG53na6b2wRoVPGJ/oxcPDLhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdkdZOGJuZWRycHZiQkdoVThZbi1qRnc4TXVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy83YThmM2YtMzA0Yy00YTI2LWFlY2Et
MThiZGZlOGNjMGNkLzEvYXBVUXNlS1FpOGd5YXhldjFobmVzQzUwWmRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy83YThmM2YtMzA0Yy00YTI2LWFlY2EtMThiZGZlOGNjMGNk
LzEvdkdZOGJuZWRycHZiQkdoVThZbi1qRnc4TXVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAbeu/AwQB
uR52MA0GCSqGSIb3DQEBCwUAA4IBAQACNwHHL3QJoYqmQ6Bhg09vBPSOeIh8ib4W
9jz4yu5168QrAnHZq6+TaFSiJyZPZWT9r2glQDtF26h3NSf2Jzm1r6pye0g+v2PQ
Mzk4rS77GxNc49mMLFpGGUTFYiVmR0XZhMs8Bj5DyIhNV2Aeok9urZRK4siiD2NS
wN1pwmc4VeJ9JEgRkuKS/mobjPwOQXJ44OIlC/i4Dn7CpUakJy0UnHYSn8o95/BE
PkhZHFDpK3awPD735qywfwGdaXaQNnldLTg6RmRbk9K9FnDNWfGoMoXHUlO4nvR1
nRGjJz8ZW74P3eHGtG981b6zVdGsQJfxwfF0u83tNk0XzKZVEC19
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:37:21 2025 by rpki-client