Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/d6513d-2d53-4022-8360-3117989601ad/1/7vZorBXYue8axz5ys_CWRqrc-Oo.roa
File: 7vZorBXYue8axz5ys_CWRqrc-Oo.roa (raw, json)
Hash identifier: PPC8rfmJtKgVc4REClLu0cAqjfg7yW44QNKCoF7xVCg=
Subject key identifier: EE:F6:68:AC:15:D8:B9:EF:1A:C7:3E:72:B3:F0:96:46:AA:DC:F8:EA
Certificate issuer: /CN=b4a2085c7de3b598216b89fb0f2b1d930de66c19
Certificate serial: 0192BFC69B17FD2DAB321F3BF92B6080C67F
Authority key identifier: B4:A2:08:5C:7D:E3:B5:98:21:6B:89:FB:0F:2B:1D:93:0D:E6:6C:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tKIIXH3jtZgha4n7Dysdkw3mbBk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/d6513d-2d53-4022-8360-3117989601ad/1/7vZorBXYue8axz5ys_CWRqrc-Oo.roa
Signing time: Thu 24 Oct 2024 18:25:16 +0000
ROA not before: Thu 24 Oct 2024 18:25:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 185.129.16.0/24 maxlen: 24
185.129.17.0/24 maxlen: 24
185.231.108.0/24 maxlen: 24
185.231.109.0/24 maxlen: 24
2a0f:aac0::/48 maxlen: 48
2a0f:aac0:1::/48 maxlen: 48
2a0f:aac0:2::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 17:48:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:bf:c6:9b:17:fd:2d:ab:32:1f:3b:f9:2b:60:80:c6:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4a2085c7de3b598216b89fb0f2b1d930de66c19
Validity
Not Before: Oct 24 18:25:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=eef668ac15d8b9ef1ac73e72b3f09646aadcf8ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:b8:33:ac:91:89:67:36:a1:59:cb:24:28:6e:
81:45:bc:5d:36:46:e4:ed:b8:72:f6:34:2f:40:8b:
f7:01:a8:61:3f:18:74:2e:09:63:71:c7:ef:e0:28:
04:17:3d:db:e5:3b:01:61:d0:8f:ce:6c:19:44:2b:
cd:a4:fd:ac:54:34:86:59:c4:72:62:24:4b:ff:e3:
7c:44:37:92:57:30:63:b9:bf:a6:14:54:09:56:67:
59:dc:1d:c5:3a:2a:8e:11:45:62:4e:25:c4:68:e0:
da:89:60:40:71:c1:95:ed:78:8c:57:e2:c1:1d:bb:
37:3d:fd:25:28:cb:0e:44:8b:16:7d:6a:c8:33:4f:
3c:a9:a0:a8:6f:23:c8:46:fe:b6:03:88:0f:9e:0d:
52:4f:d9:7c:f0:2c:47:70:8c:60:7f:08:af:06:c9:
68:fa:ee:1c:e6:30:a5:13:ba:f9:30:9a:07:f4:c5:
3c:3b:e8:30:39:f3:5b:0a:92:31:a1:48:00:33:fd:
d8:cd:8b:a7:a1:1b:a2:c7:aa:65:11:3c:2a:aa:5b:
c0:c5:68:09:c4:fb:c3:2d:6f:42:49:28:1f:1e:4f:
e6:cb:5a:f3:42:eb:03:fd:21:14:e2:db:24:6d:98:
51:ec:12:65:7f:c5:a1:42:9a:2a:9a:19:93:21:86:
6e:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:F6:68:AC:15:D8:B9:EF:1A:C7:3E:72:B3:F0:96:46:AA:DC:F8:EA
X509v3 Authority Key Identifier:
keyid:B4:A2:08:5C:7D:E3:B5:98:21:6B:89:FB:0F:2B:1D:93:0D:E6:6C:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tKIIXH3jtZgha4n7Dysdkw3mbBk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/d6513d-2d53-4022-8360-3117989601ad/1/7vZorBXYue8axz5ys_CWRqrc-Oo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/d6513d-2d53-4022-8360-3117989601ad/1/tKIIXH3jtZgha4n7Dysdkw3mbBk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.129.16.0/23
185.231.108.0/23
IPv6:
2a0f:aac0::-2a0f:aac0:2:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
44:11:1e:20:cb:86:35:c6:bb:9e:2b:72:90:68:0c:33:27:d1:
3b:65:dd:2c:16:3c:94:e8:ec:d8:0d:b7:1d:fe:85:60:7d:7e:
df:ee:f9:5f:03:32:a2:0e:ab:41:c8:41:47:c7:cb:4c:a9:b0:
6a:17:1d:43:70:4b:50:eb:16:93:12:72:56:14:16:1e:b0:e5:
d1:07:b1:cb:89:b8:3e:cf:3e:37:a6:58:d0:29:59:0e:1c:93:
04:a0:7d:13:a1:07:4e:c3:2a:65:73:b0:f7:01:7c:61:4d:f8:
d7:6c:24:37:cb:f2:b8:ed:01:28:61:0a:42:0a:5a:df:fa:b0:
08:16:36:7c:35:56:99:f6:28:90:10:e5:32:0e:0b:b4:00:0e:
9e:73:38:62:f0:14:c4:9d:e4:8a:ea:b3:cb:65:33:b3:bd:ee:
21:ab:2e:64:64:06:19:48:ab:72:25:4d:4e:6c:aa:0b:82:bb:
e4:a8:f5:ac:14:c4:5a:b5:fa:7b:8d:25:1b:8d:7e:a7:be:7a:
ac:c9:40:50:fa:5c:36:21:76:87:3d:94:30:0d:93:7d:03:99:
e1:35:ba:56:08:11:0f:43:77:fd:bd:b4:1c:a1:e4:b8:7e:f2:
89:15:eb:60:0d:30:c1:8c:f0:3b:2f:2b:7d:45:26:f1:60:46:
ed:53:48:ef
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZK/xpsX/S2rMh87+StggMZ/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0YTIwODVjN2RlM2I1OTgyMTZiODlmYjBmMmIxZDkzMGRl
NjZjMTkwHhcNMjQxMDI0MTgyNTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZWY2NjhhYzE1ZDhiOWVmMWFjNzNlNzJiM2YwOTY0NmFhZGNmOGVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtrgzrJGJZzahWcskKG6BRbxdNkbk
7bhy9jQvQIv3AahhPxh0Lgljccfv4CgEFz3b5TsBYdCPzmwZRCvNpP2sVDSGWcRy
YiRL/+N8RDeSVzBjub+mFFQJVmdZ3B3FOiqOEUViTiXEaODaiWBAccGV7XiMV+LB
Hbs3Pf0lKMsORIsWfWrIM088qaCobyPIRv62A4gPng1ST9l88CxHcIxgfwivBslo
+u4c5jClE7r5MJoH9MU8O+gwOfNbCpIxoUgAM/3YzYunoRuix6plETwqqlvAxWgJ
xPvDLW9CSSgfHk/my1rzQusD/SEU4tskbZhR7BJlf8WhQpoqmhmTIYZuEwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFO72aKwV2LnvGsc+crPwlkaq3PjqMB8GA1UdIwQY
MBaAFLSiCFx947WYIWuJ+w8rHZMN5mwZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEtJSVhIM2p0WmdoYTRuN0R5c2RrdzNtYkJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC9kNjUxM2QtMmQ1My00MDIyLTgzNjAt
MzExNzk4OTYwMWFkLzEvN3Zab3JCWFl1ZThheHo1eXNfQ1dScXJjLU9vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC9kNjUxM2QtMmQ1My00MDIyLTgzNjAtMzExNzk4OTYwMWFk
LzEvdEtJSVhIM2p0WmdoYTRuN0R5c2RrdzNtYkJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjASBAIAATAMAwQBuYEQAwQB
uedsMBgEAgACMBIwEAMFBioPqsADBwAqD6rAAAIwDQYJKoZIhvcNAQELBQADggEB
AEQRHiDLhjXGu54rcpBoDDMn0Ttl3SwWPJTo7NgNtx3+hWB9ft/u+V8DMqIOq0HI
QUfHy0ypsGoXHUNwS1DrFpMSclYUFh6w5dEHscuJuD7PPjemWNApWQ4ckwSgfROh
B07DKmVzsPcBfGFN+NdsJDfL8rjtAShhCkIKWt/6sAgWNnw1Vpn2KJAQ5TIOC7QA
Dp5zOGLwFMSd5Irqs8tlM7O97iGrLmRkBhlIq3IlTU5sqguCu+So9awUxFq1+nuN
JRuNfqe+eqzJQFD6XDYhdoc9lDANk30DmeE1ulYIEQ9Dd/29tByh5Lh+8okV62AN
MMGM8DsvK31FJvFgRu1TSO8=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:44:03 2025 by rpki-client