Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/306adb-7aa7-4b82-b05a-2a6b9a0ccabd/1/73tdHyT9nfniQxf43yegCOxjXw8.roa
File: 73tdHyT9nfniQxf43yegCOxjXw8.roa (raw, json)
Hash identifier: ha3F1FcuD9hQXZrtex+NbL6uWx8G/5Ry2SBhRonGKaE=
Subject key identifier: EF:7B:5D:1F:24:FD:9D:F9:E2:43:17:F8:DF:27:A0:08:EC:63:5F:0F
Certificate issuer: /CN=8c856557c4146a8b50dc4d94424b06680cef755b
Certificate serial: 018CC26D46925D2B04DC7705FB8CBDE37AAC
Authority key identifier: 8C:85:65:57:C4:14:6A:8B:50:DC:4D:94:42:4B:06:68:0C:EF:75:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jIVlV8QUaotQ3E2UQksGaAzvdVs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/306adb-7aa7-4b82-b05a-2a6b9a0ccabd/1/73tdHyT9nfniQxf43yegCOxjXw8.roa
Signing time: Mon 01 Jan 2024 00:29:50 +0000
ROA not before: Mon 01 Jan 2024 00:29:50 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20679
IP address blocks: 185.75.31.0/24 maxlen: 24
2001:678:418::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 09:47:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:46:92:5d:2b:04:dc:77:05:fb:8c:bd:e3:7a:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8c856557c4146a8b50dc4d94424b06680cef755b
Validity
Not Before: Jan 1 00:29:50 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ef7b5d1f24fd9df9e24317f8df27a008ec635f0f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:78:13:ae:a8:2b:c0:22:08:0a:28:ac:b9:da:
90:b8:cc:85:43:18:bf:59:83:92:20:ba:06:bd:89:
31:ad:a3:7d:75:2d:df:fb:75:cb:79:e4:72:c7:b6:
b1:e2:7f:ae:ae:e3:8d:38:18:df:da:4b:cf:99:2c:
ec:a7:a5:55:19:32:56:ad:f9:75:86:f8:17:3c:db:
28:65:b8:79:ef:f5:56:44:ed:3e:8d:86:6a:99:b9:
16:6f:ce:26:72:ff:9d:29:fa:4d:e2:2f:c3:8c:0d:
19:67:df:af:6e:1a:3a:c9:05:9a:8b:ba:66:9e:e8:
bd:46:e1:ad:dc:30:a9:f0:da:70:d8:8f:55:8f:6d:
4f:83:33:b7:c3:e6:7f:29:f4:8d:fa:45:36:40:26:
b2:6c:44:79:c6:e1:42:69:59:e8:70:1d:29:9e:ee:
dd:e3:a2:5b:7f:d6:38:4e:95:58:a4:b6:7b:cc:96:
61:a5:dc:cd:0b:12:f4:ba:7d:da:31:31:16:fc:f5:
42:cc:8b:19:52:13:de:a7:e7:b6:dd:61:b4:24:ed:
45:1c:06:7a:31:18:0f:29:78:4e:e6:a9:e6:1c:16:
a1:cc:39:4e:d3:c6:5d:44:ab:7a:c2:56:94:9a:e4:
79:a8:9c:72:d2:ca:b1:58:30:1b:e1:7f:81:37:d0:
ed:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:7B:5D:1F:24:FD:9D:F9:E2:43:17:F8:DF:27:A0:08:EC:63:5F:0F
X509v3 Authority Key Identifier:
keyid:8C:85:65:57:C4:14:6A:8B:50:DC:4D:94:42:4B:06:68:0C:EF:75:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jIVlV8QUaotQ3E2UQksGaAzvdVs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/306adb-7aa7-4b82-b05a-2a6b9a0ccabd/1/73tdHyT9nfniQxf43yegCOxjXw8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/306adb-7aa7-4b82-b05a-2a6b9a0ccabd/1/jIVlV8QUaotQ3E2UQksGaAzvdVs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.75.31.0/24
IPv6:
2001:678:418::/48
Signature Algorithm: sha256WithRSAEncryption
33:66:f2:38:e6:a3:1f:76:a9:f9:5f:19:ba:f5:c6:2a:e6:6a:
21:f2:21:a4:28:4d:b4:04:57:80:cf:48:75:91:61:14:5a:bb:
ec:e2:02:e0:b2:df:9a:27:9f:2e:93:20:59:8d:77:dd:31:44:
57:8b:48:74:a4:e9:d3:37:ba:95:36:59:5b:79:b8:ad:5c:a5:
60:16:b5:62:f2:98:f6:30:7d:40:4c:e9:3a:10:07:63:c3:13:
28:2b:93:18:73:64:e6:5b:e2:d2:55:bd:f7:82:cd:50:ef:b3:
ab:83:ea:b7:89:41:9f:56:6f:5c:9a:62:ae:e2:de:a3:e1:b3:
20:50:28:95:05:d2:25:08:41:19:fa:38:ee:e3:f1:44:ff:86:
17:a8:1f:28:26:27:2d:58:58:22:54:63:c3:77:d8:33:3d:ad:
b3:44:30:29:ed:7d:a1:dd:5e:c1:b9:11:ae:bd:62:c8:73:8a:
92:08:bc:e3:b8:cb:cc:f1:6d:93:35:7d:f8:42:bc:67:08:01:
75:e4:5e:c0:15:f9:a3:0c:da:fc:e7:5d:e9:f7:51:fe:94:50:
cc:76:da:da:e8:ea:90:7c:89:14:44:f7:72:22:6f:2c:f9:a3:
01:a6:b0:7e:ae:d9:9d:94:aa:f9:4e:4f:a4:3d:22:3c:e6:c2:
e1:27:88:5a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzCbUaSXSsE3HcF+4y943qsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhjODU2NTU3YzQxNDZhOGI1MGRjNGQ5NDQyNGIwNjY4MGNl
Zjc1NWIwHhcNMjQwMTAxMDAyOTUwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZjdiNWQxZjI0ZmQ5ZGY5ZTI0MzE3ZjhkZjI3YTAwOGVjNjM1ZjBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj3gTrqgrwCIICiisudqQuMyFQxi/
WYOSILoGvYkxraN9dS3f+3XLeeRyx7ax4n+uruONOBjf2kvPmSzsp6VVGTJWrfl1
hvgXPNsoZbh57/VWRO0+jYZqmbkWb84mcv+dKfpN4i/DjA0ZZ9+vbho6yQWai7pm
nui9RuGt3DCp8Npw2I9Vj21PgzO3w+Z/KfSN+kU2QCaybER5xuFCaVnocB0pnu7d
46Jbf9Y4TpVYpLZ7zJZhpdzNCxL0un3aMTEW/PVCzIsZUhPep+e23WG0JO1FHAZ6
MRgPKXhO5qnmHBahzDlO08ZdRKt6wlaUmuR5qJxy0sqxWDAb4X+BN9DtuQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFO97XR8k/Z354kMX+N8noAjsY18PMB8GA1UdIwQY
MBaAFIyFZVfEFGqLUNxNlEJLBmgM73VbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaklWbFY4UVVhb3RRM0UyVVFrc0dhQXp2ZFZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC8zMDZhZGItN2FhNy00YjgyLWIwNWEt
MmE2YjlhMGNjYWJkLzEvNzN0ZEh5VDluZm5pUXhmNDN5ZWdDT3hqWHc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC8zMDZhZGItN2FhNy00YjgyLWIwNWEtMmE2YjlhMGNjYWJk
LzEvaklWbFY4UVVhb3RRM0UyVVFrc0dhQXp2ZFZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAuUsfMA8E
AgACMAkDBwAgAQZ4BBgwDQYJKoZIhvcNAQELBQADggEBADNm8jjmox92qflfGbr1
xirmaiHyIaQoTbQEV4DPSHWRYRRau+ziAuCy35onny6TIFmNd90xRFeLSHSk6dM3
upU2WVt5uK1cpWAWtWLymPYwfUBM6ToQB2PDEygrkxhzZOZb4tJVvfeCzVDvs6uD
6reJQZ9Wb1yaYq7i3qPhsyBQKJUF0iUIQRn6OO7j8UT/hheoHygmJy1YWCJUY8N3
2DM9rbNEMCntfaHdXsG5Ea69YshzipIIvOO4y8zxbZM1ffhCvGcIAXXkXsAV+aMM
2vznXen3Uf6UUMx22tro6pB8iRRE93Iibyz5owGmsH6u2Z2UqvlOT6Q9IjzmwuEn
iFo=
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:44:51 2025 by rpki-client