Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/7t-zWd6WAREa83-FJokkej2lzIE.roa
File: 7t-zWd6WAREa83-FJokkej2lzIE.roa (raw, json)
Hash identifier: z2BcIVgW69xMtVV6/XZZ9n4OqWpEE6yOGMkgjMZvkQE=
Subject key identifier: EE:DF:B3:59:DE:96:01:11:1A:F3:7F:85:26:89:24:7A:3D:A5:CC:81
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 0193CE9B9404DCA8D26B072C5D6E78DBFD79
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/7t-zWd6WAREa83-FJokkej2lzIE.roa
Signing time: Mon 16 Dec 2024 08:35:22 +0000
ROA not before: Mon 16 Dec 2024 08:35:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 1257
IP address blocks: 192.71.180.0/24 maxlen: 24
192.71.220.0/24 maxlen: 24
193.180.207.0/24 maxlen: 24
193.180.240.0/24 maxlen: 24
193.180.247.0/24 maxlen: 24
193.181.2.0/24 maxlen: 24
193.234.87.0/24 maxlen: 24
193.234.177.0/24 maxlen: 24
194.71.248.0/21 maxlen: 24
194.103.24.0/22 maxlen: 24
194.132.60.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 13:50:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:ce:9b:94:04:dc:a8:d2:6b:07:2c:5d:6e:78:db:fd:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Dec 16 08:35:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=eedfb359de9601111af37f852689247a3da5cc81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:dc:c5:89:e8:96:7a:76:a4:7a:ae:46:d9:be:
ee:77:63:ed:a1:c8:e5:16:a8:5e:68:c5:85:04:b9:
0c:34:0c:45:48:d1:13:93:e2:05:07:24:87:c5:e3:
75:03:b2:75:77:c0:da:e3:c9:ed:ac:65:cc:f8:50:
34:49:1b:bf:12:1a:27:47:8a:8b:f5:ab:fb:07:c2:
90:51:5f:fd:05:99:60:19:ff:2a:c7:f3:af:0d:af:
92:d7:41:83:be:4e:b2:61:4e:c3:de:43:63:8c:fe:
1a:bf:30:f3:29:17:92:96:c8:bb:39:7a:e5:57:41:
ad:9d:3b:42:58:4a:09:37:c4:24:93:14:6d:5b:27:
41:8b:7d:b8:ba:67:12:01:32:2e:ba:44:e7:0e:a2:
28:3e:74:94:98:ef:0c:fe:3b:a9:4c:12:0d:47:d1:
e2:a0:98:e5:d0:38:9c:3f:e5:a2:eb:7f:07:60:07:
b3:2d:f7:58:38:b0:93:d2:ac:e9:55:e5:65:94:b0:
a1:d7:7d:d7:2e:43:38:ae:2b:50:2b:35:45:11:70:
0b:d6:a6:d7:99:29:f1:1b:ee:66:3c:55:0e:91:fd:
0c:78:7f:f6:cf:ae:30:b4:ac:ba:05:d4:49:9e:67:
57:f8:f9:a6:37:9d:cf:80:a7:eb:56:e5:17:f5:01:
59:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:DF:B3:59:DE:96:01:11:1A:F3:7F:85:26:89:24:7A:3D:A5:CC:81
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/7t-zWd6WAREa83-FJokkej2lzIE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.71.180.0/24
192.71.220.0/24
193.180.207.0/24
193.180.240.0/24
193.180.247.0/24
193.181.2.0/24
193.234.87.0/24
193.234.177.0/24
194.71.248.0/21
194.103.24.0/22
194.132.60.0/24
Signature Algorithm: sha256WithRSAEncryption
57:55:78:e3:82:3a:27:2f:cc:1f:cf:22:1f:e5:78:96:d1:cd:
54:e2:2b:3b:55:0f:68:46:4f:79:46:4c:93:6d:eb:1e:27:7c:
1b:4f:cc:f1:20:2a:2f:ec:ba:5e:a9:c5:35:8d:e2:c5:7c:20:
ee:14:15:47:73:2d:69:3b:75:ae:a2:10:b4:ec:db:bd:e8:a5:
91:77:3b:36:ac:b7:a6:58:8d:95:70:ca:ce:94:5d:4d:e3:ef:
8a:56:bb:e9:c1:ca:25:b5:d7:65:ab:be:ad:b0:be:c6:8a:a7:
70:4c:68:43:bc:ba:e9:a7:23:69:1e:a0:12:f8:ef:3d:32:7f:
ad:52:9d:03:5c:c7:ad:2c:0b:48:12:26:9e:76:11:c4:62:67:
00:63:58:f6:45:5c:dc:a8:b0:00:b9:bd:2a:ae:83:a5:fc:ca:
11:4a:3e:13:82:65:10:2a:ee:4f:b7:f8:59:73:af:d1:59:cf:
db:29:03:ef:cb:5f:7a:4e:03:82:aa:4f:ce:8c:ce:80:42:36:
b2:a1:d3:4f:e8:d7:09:f0:12:99:34:cd:58:0b:bf:98:57:a3:
bd:db:ca:bf:88:cc:b0:2c:c8:93:fc:78:b3:8c:24:70:65:8c:
ce:ab:f2:c7:8d:11:89:23:bf:a2:08:11:12:ad:c8:79:7e:08:
1d:3f:fc:18
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAZPOm5QE3KjSawcsXW542/15MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjQxMjE2MDgzNTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZWRmYjM1OWRlOTYwMTExMWFmMzdmODUyNjg5MjQ3YTNkYTVjYzgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmNzFieiWenakeq5G2b7ud2Ptocjl
FqheaMWFBLkMNAxFSNETk+IFBySHxeN1A7J1d8Da48ntrGXM+FA0SRu/EhonR4qL
9av7B8KQUV/9BZlgGf8qx/OvDa+S10GDvk6yYU7D3kNjjP4avzDzKReSlsi7OXrl
V0GtnTtCWEoJN8QkkxRtWydBi324umcSATIuukTnDqIoPnSUmO8M/jupTBINR9Hi
oJjl0DicP+Wi638HYAezLfdYOLCT0qzpVeVllLCh133XLkM4ritQKzVFEXAL1qbX
mSnxG+5mPFUOkf0MeH/2z64wtKy6BdRJnmdX+PmmN53PgKfrVuUX9QFZbwIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFO7fs1nelgERGvN/hSaJJHo9pcyBMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvN3QteldkNldBUkVhODMtRkpva2tlajJseklFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQAwEe0AwQA
wEfcAwQAwbTPAwQAwbTwAwQAwbT3AwQAwbUCAwQAwepXAwQAweqxAwQDwkf4AwQC
wmcYAwQAwoQ8MA0GCSqGSIb3DQEBCwUAA4IBAQBXVXjjgjonL8wfzyIf5XiW0c1U
4is7VQ9oRk95RkyTbeseJ3wbT8zxICov7LpeqcU1jeLFfCDuFBVHcy1pO3WuohC0
7Nu96KWRdzs2rLemWI2VcMrOlF1N4++KVrvpwcoltddlq76tsL7GiqdwTGhDvLrp
pyNpHqAS+O89Mn+tUp0DXMetLAtIEiaedhHEYmcAY1j2RVzcqLAAub0qroOl/MoR
Sj4TgmUQKu5Pt/hZc6/RWc/bKQPvy196TgOCqk/OjM6AQjayodNP6NcJ8BKZNM1Y
C7+YV6O928q/iMywLMiT/HizjCRwZYzOq/LHjRGJI7+iCBESrch5fggdP/wY
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:05:32 2025 by rpki-client