Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/d4a89c-54b2-445b-bb7c-609a48b2b14d/1/zHTa_OmUAxMl1cdCGrQ7BQ7wik4.roa
File: zHTa_OmUAxMl1cdCGrQ7BQ7wik4.roa (raw, json)
Hash identifier: MBaMMT8kCtQUH+3nj/4QWschufOQdDcXAmwUqbsICrc=
Subject key identifier: CC:74:DA:FC:E9:94:03:13:25:D5:C7:42:1A:B4:3B:05:0E:F0:8A:4E
Certificate issuer: /CN=387d6df7eb7542e0333aeedd14adff8f51f8cbd8
Certificate serial: 0193300629D6FB2B02E0E6E3DE44D97AB8B0
Authority key identifier: 38:7D:6D:F7:EB:75:42:E0:33:3A:EE:DD:14:AD:FF:8F:51:F8:CB:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OH1t9-t1QuAzOu7dFK3_j1H4y9g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/d4a89c-54b2-445b-bb7c-609a48b2b14d/1/zHTa_OmUAxMl1cdCGrQ7BQ7wik4.roa
Signing time: Fri 15 Nov 2024 13:32:10 +0000
ROA not before: Fri 15 Nov 2024 13:32:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211454
IP address blocks: 185.215.7.0/24 maxlen: 24
2a0a:d6c0:2157::/48 maxlen: 48
2a0a:d6c0:eff4::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 07:49:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:30:06:29:d6:fb:2b:02:e0:e6:e3:de:44:d9:7a:b8:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=387d6df7eb7542e0333aeedd14adff8f51f8cbd8
Validity
Not Before: Nov 15 13:32:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cc74dafce994031325d5c7421ab43b050ef08a4e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:98:19:dc:f3:b3:c8:2d:d3:1f:5c:9a:56:81:
6e:0c:0b:8c:b5:a6:d4:d5:86:d1:eb:5a:d6:37:f6:
c5:0c:5a:f0:ce:90:36:d0:5b:79:9f:61:de:2f:5f:
25:d3:37:b3:dd:51:ff:9d:a9:73:26:c3:f6:ce:43:
d8:11:9e:f2:f8:36:f1:23:da:3a:f3:eb:c0:d2:18:
d9:81:06:a3:1a:be:3e:49:36:ea:8d:1e:73:c3:40:
6f:ec:95:ec:7e:a8:3f:fb:20:0f:f5:e1:a0:6a:d9:
a2:96:fc:31:44:05:94:98:3a:47:07:c2:03:84:0f:
e1:fb:90:ff:c8:80:f1:eb:9a:98:9b:5b:08:ca:db:
1e:1f:f4:8b:ee:ee:b1:a8:2c:12:63:e0:00:9e:64:
be:09:dc:d2:93:aa:3e:a6:e9:8a:77:cb:5d:69:e7:
d1:0b:f3:4f:c0:77:a5:aa:12:5c:9d:9f:4b:94:84:
8b:dc:a8:8c:b1:51:0e:3b:74:91:0d:7c:d3:b1:36:
a3:ca:ae:bb:ad:3f:5d:e4:30:d8:ce:66:a6:d1:49:
25:f0:e0:8a:1d:2a:50:32:a0:0b:9c:a3:ec:57:55:
a7:25:86:ce:59:29:d8:df:29:1e:6c:47:76:3b:49:
31:dc:02:1d:33:c4:8a:69:47:f0:6f:f0:8d:2b:8c:
30:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:74:DA:FC:E9:94:03:13:25:D5:C7:42:1A:B4:3B:05:0E:F0:8A:4E
X509v3 Authority Key Identifier:
keyid:38:7D:6D:F7:EB:75:42:E0:33:3A:EE:DD:14:AD:FF:8F:51:F8:CB:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OH1t9-t1QuAzOu7dFK3_j1H4y9g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/d4a89c-54b2-445b-bb7c-609a48b2b14d/1/zHTa_OmUAxMl1cdCGrQ7BQ7wik4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/d4a89c-54b2-445b-bb7c-609a48b2b14d/1/OH1t9-t1QuAzOu7dFK3_j1H4y9g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.215.7.0/24
IPv6:
2a0a:d6c0:2157::/48
2a0a:d6c0:eff4::/48
Signature Algorithm: sha256WithRSAEncryption
03:a4:38:45:2d:b2:48:d5:b5:9a:4b:95:bf:f1:6b:6c:f1:92:
e5:43:21:9e:83:9f:c1:12:81:dd:76:8d:9e:5c:a0:90:75:9d:
9b:ca:e1:17:28:32:2d:0e:95:40:8f:03:72:67:ec:0a:c0:f8:
f4:75:ab:a5:91:89:3c:a6:fb:d3:08:d2:5a:33:24:41:44:82:
c5:a5:89:9c:86:ac:6a:80:3d:cf:53:d3:c6:f4:4e:a5:c6:4e:
27:ea:f2:29:0b:9d:98:57:8d:c3:e7:cf:26:52:85:3d:dd:60:
dd:e4:08:d4:39:e4:9a:6b:6f:8e:7e:8c:91:e7:ec:11:b6:bc:
5a:53:80:57:67:af:05:1a:35:01:52:ef:04:2f:e2:6e:03:43:
a7:f8:53:b3:fb:df:47:da:d2:9b:f8:d0:b3:9b:8c:ba:ae:3f:
c6:46:a8:dd:b8:fa:e0:77:a5:30:d6:ca:65:f7:5e:33:67:b4:
eb:87:38:49:9e:15:ff:08:61:31:58:a4:48:7c:7c:63:39:88:
cc:1c:84:e7:de:f3:28:f8:72:6c:f2:0d:82:50:10:6f:4e:93:
66:64:e0:20:8d:b4:5a:c6:1e:b3:5a:ef:0e:3c:16:41:a9:78:
28:b9:51:0b:ad:f7:21:66:ca:3c:4d:96:0e:31:22:db:f2:70:
d3:ba:2e:8c
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZMwBinW+ysC4Obj3kTZeriwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4N2Q2ZGY3ZWI3NTQyZTAzMzNhZWVkZDE0YWRmZjhmNTFm
OGNiZDgwHhcNMjQxMTE1MTMzMjEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYzc0ZGFmY2U5OTQwMzEzMjVkNWM3NDIxYWI0M2IwNTBlZjA4YTRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwpgZ3POzyC3TH1yaVoFuDAuMtabU
1YbR61rWN/bFDFrwzpA20Ft5n2HeL18l0zez3VH/nalzJsP2zkPYEZ7y+DbxI9o6
8+vA0hjZgQajGr4+STbqjR5zw0Bv7JXsfqg/+yAP9eGgatmilvwxRAWUmDpHB8ID
hA/h+5D/yIDx65qYm1sIytseH/SL7u6xqCwSY+AAnmS+CdzSk6o+pumKd8tdaefR
C/NPwHelqhJcnZ9LlISL3KiMsVEOO3SRDXzTsTajyq67rT9d5DDYzmam0Ukl8OCK
HSpQMqALnKPsV1WnJYbOWSnY3ykebEd2O0kx3AIdM8SKaUfwb/CNK4wwcQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFMx02vzplAMTJdXHQhq0OwUO8IpOMB8GA1UdIwQY
MBaAFDh9bffrdULgMzru3RSt/49R+MvYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0gxdDktdDFRdUF6T3U3ZEZLM19qMUg0eTlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9kNGE4OWMtNTRiMi00NDViLWJiN2Mt
NjA5YTQ4YjJiMTRkLzEvekhUYV9PbVVBeE1sMWNkQ0dyUTdCUTd3aWs0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9kNGE4OWMtNTRiMi00NDViLWJiN2MtNjA5YTQ4YjJiMTRk
LzEvT0gxdDktdDFRdUF6T3U3ZEZLM19qMUg0eTlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAMBAIAATAGAwQAudcHMBgE
AgACMBIDBwAqCtbAIVcDBwAqCtbA7/QwDQYJKoZIhvcNAQELBQADggEBAAOkOEUt
skjVtZpLlb/xa2zxkuVDIZ6Dn8ESgd12jZ5coJB1nZvK4RcoMi0OlUCPA3Jn7ArA
+PR1q6WRiTym+9MI0lozJEFEgsWliZyGrGqAPc9T08b0TqXGTifq8ikLnZhXjcPn
zyZShT3dYN3kCNQ55Jprb45+jJHn7BG2vFpTgFdnrwUaNQFS7wQv4m4DQ6f4U7P7
30fa0pv40LObjLquP8ZGqN24+uB3pTDWymX3XjNntOuHOEmeFf8IYTFYpEh8fGM5
iMwchOfe8yj4cmzyDYJQEG9Ok2Zk4CCNtFrGHrNa7w48FkGpeCi5UQut9yFmyjxN
lg4xItvycNO6Low=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:09:09 2025 by rpki-client