Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/17a712-4e5a-40c5-a3a2-12025c54f484/1/ArsXbxrRqO4tyHMMGOFe8TJDjrg.roa
File: ArsXbxrRqO4tyHMMGOFe8TJDjrg.roa (raw, json)
Hash identifier: LiIG3gCflSGd4GQQCn5aWsfW+RuijlGyiIRqy2TsgvI=
Subject key identifier: 02:BB:17:6F:1A:D1:A8:EE:2D:C8:73:0C:18:E1:5E:F1:32:43:8E:B8
Certificate issuer: /CN=7c3b8877e1a130fe50386c610d6ead5641b97ba6
Certificate serial: 0191D6421035C6E2F3789F3E302B22F173EB
Authority key identifier: 7C:3B:88:77:E1:A1:30:FE:50:38:6C:61:0D:6E:AD:56:41:B9:7B:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fDuId-GhMP5QOGxhDW6tVkG5e6Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/17a712-4e5a-40c5-a3a2-12025c54f484/1/ArsXbxrRqO4tyHMMGOFe8TJDjrg.roa
Signing time: Mon 09 Sep 2024 10:08:59 +0000
ROA not before: Mon 09 Sep 2024 10:08:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31293
IP address blocks: 185.118.241.0/24 maxlen: 24
185.118.242.0/24 maxlen: 24
185.118.243.0/24 maxlen: 24
194.150.116.0/22 maxlen: 22
194.150.116.0/24 maxlen: 24
194.150.117.0/24 maxlen: 24
194.150.118.0/24 maxlen: 24
2a06:9680::/29 maxlen: 48
2a06:9682::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 01 Jan 2025 09:48:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:d6:42:10:35:c6:e2:f3:78:9f:3e:30:2b:22:f1:73:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7c3b8877e1a130fe50386c610d6ead5641b97ba6
Validity
Not Before: Sep 9 10:08:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=02bb176f1ad1a8ee2dc8730c18e15ef132438eb8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:24:43:26:17:6a:6c:78:9f:81:6a:f0:1f:4c:
98:a4:8a:b8:60:09:d2:cf:a7:c3:2f:97:3c:2c:07:
17:c3:f4:09:52:25:3a:a2:d3:1b:ab:21:d6:17:73:
68:ac:32:66:07:c1:44:ec:c1:25:46:c2:21:7d:cb:
fd:89:ae:ed:35:c6:19:59:7f:73:69:f8:d6:a3:92:
74:78:95:98:c7:94:be:9d:48:5e:5a:bf:6a:f2:c4:
e4:13:e7:93:b3:fc:33:17:2a:6d:7a:ff:d6:b8:56:
0e:82:e1:33:d6:61:8c:74:51:a2:a8:84:c5:de:f2:
5c:30:7c:d7:e2:da:2b:f0:79:93:f5:41:41:00:f1:
cf:13:1e:f5:9f:a3:39:9f:a9:6f:9c:6b:f5:03:e5:
20:e0:05:ab:26:77:24:94:49:52:a6:3f:7b:b6:e7:
aa:51:b1:2b:fa:7f:e9:56:3d:7f:1f:87:2b:a8:33:
cf:25:de:89:3c:0b:bf:59:7c:6a:0b:8a:72:24:1c:
07:cc:fe:be:c5:0f:84:ed:99:d1:be:17:d0:c8:00:
a7:d4:5e:7c:b5:d1:ba:8b:49:0f:b9:ea:70:e4:8e:
7d:bd:3b:d9:b9:3b:6f:2c:ff:c9:cf:90:85:a8:ee:
63:75:e3:3d:fc:33:e6:28:07:af:7e:11:2a:05:67:
eb:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:BB:17:6F:1A:D1:A8:EE:2D:C8:73:0C:18:E1:5E:F1:32:43:8E:B8
X509v3 Authority Key Identifier:
keyid:7C:3B:88:77:E1:A1:30:FE:50:38:6C:61:0D:6E:AD:56:41:B9:7B:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fDuId-GhMP5QOGxhDW6tVkG5e6Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/17a712-4e5a-40c5-a3a2-12025c54f484/1/ArsXbxrRqO4tyHMMGOFe8TJDjrg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/17a712-4e5a-40c5-a3a2-12025c54f484/1/fDuId-GhMP5QOGxhDW6tVkG5e6Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.118.241.0-185.118.243.255
194.150.116.0/22
IPv6:
2a06:9680::/29
Signature Algorithm: sha256WithRSAEncryption
a3:3e:05:1a:67:64:1a:2a:73:1f:63:3e:ec:fd:f0:64:df:1a:
40:96:8c:a1:5e:d2:a9:2b:d5:79:cb:34:2d:8e:0e:b7:b2:b7:
4b:c9:41:a6:3f:b8:73:6a:8c:e0:06:de:a7:90:18:25:61:4f:
74:56:1c:06:08:51:1c:d2:27:76:5e:33:bd:51:80:61:1e:bc:
a9:a5:41:cb:2f:77:d3:05:07:8d:1c:27:56:0a:44:12:18:83:
61:77:cc:8b:08:09:a2:8c:ca:1c:9c:ab:04:d2:86:a1:e3:c9:
5d:9e:d4:62:89:27:fd:f1:66:fa:d3:64:78:e6:e6:25:06:c0:
ea:4f:87:c0:8b:d1:c2:5d:de:b4:60:96:b7:ca:15:f7:d1:60:
fc:cf:15:85:f0:0a:9f:b5:ec:20:23:d1:a7:5d:97:20:11:45:
c2:7e:95:46:86:9a:13:12:65:59:92:76:4f:88:67:c3:62:87:
80:c8:75:c5:56:d2:2c:44:bc:41:02:97:3e:d9:77:43:d1:82:
8a:1b:59:6b:14:ef:01:e0:3b:96:0a:53:54:83:2d:91:b2:60:
f7:fd:3e:04:b0:f5:d4:43:2e:15:4a:2b:e6:05:16:86:3a:78:
d9:30:ff:d9:fc:6b:21:df:98:4d:0c:15:51:e3:30:c6:76:db:
95:c5:e1:a2
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZHWQhA1xuLzeJ8+MCsi8XPrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjM2I4ODc3ZTFhMTMwZmU1MDM4NmM2MTBkNmVhZDU2NDFi
OTdiYTYwHhcNMjQwOTA5MTAwODU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMmJiMTc2ZjFhZDFhOGVlMmRjODczMGMxOGUxNWVmMTMyNDM4ZWI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmSRDJhdqbHifgWrwH0yYpIq4YAnS
z6fDL5c8LAcXw/QJUiU6otMbqyHWF3NorDJmB8FE7MElRsIhfcv9ia7tNcYZWX9z
afjWo5J0eJWYx5S+nUheWr9q8sTkE+eTs/wzFyptev/WuFYOguEz1mGMdFGiqITF
3vJcMHzX4tor8HmT9UFBAPHPEx71n6M5n6lvnGv1A+Ug4AWrJncklElSpj97tueq
UbEr+n/pVj1/H4crqDPPJd6JPAu/WXxqC4pyJBwHzP6+xQ+E7ZnRvhfQyACn1F58
tdG6i0kPuepw5I59vTvZuTtvLP/Jz5CFqO5jdeM9/DPmKAevfhEqBWfrZwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFAK7F28a0ajuLchzDBjhXvEyQ464MB8GA1UdIwQY
MBaAFHw7iHfhoTD+UDhsYQ1urVZBuXumMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZkR1SWQtR2hNUDVRT0d4aERXNnRWa0c1ZTZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi8xN2E3MTItNGU1YS00MGM1LWEzYTIt
MTIwMjVjNTRmNDg0LzEvQXJzWGJ4clJxTzR0eUhNTUdPRmU4VEpEanJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi8xN2E3MTItNGU1YS00MGM1LWEzYTItMTIwMjVjNTRmNDg0
LzEvZkR1SWQtR2hNUDVRT0d4aERXNnRWa0c1ZTZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUMAwDBAC5dvED
BAK5dvADBALClnQwDQQCAAIwBwMFAyoGloAwDQYJKoZIhvcNAQELBQADggEBAKM+
BRpnZBoqcx9jPuz98GTfGkCWjKFe0qkr1XnLNC2ODreyt0vJQaY/uHNqjOAG3qeQ
GCVhT3RWHAYIURzSJ3ZeM71RgGEevKmlQcsvd9MFB40cJ1YKRBIYg2F3zIsICaKM
yhycqwTShqHjyV2e1GKJJ/3xZvrTZHjm5iUGwOpPh8CL0cJd3rRglrfKFffRYPzP
FYXwCp+17CAj0addlyARRcJ+lUaGmhMSZVmSdk+IZ8Nih4DIdcVW0ixEvEEClz7Z
d0PRgoobWWsU7wHgO5YKU1SDLZGyYPf9PgSw9dRDLhVKK+YFFoY6eNkw/9n8ayHf
mE0MFVHjMMZ225XF4aI=
-----END CERTIFICATE-----
Generated at Sun Feb 16 21:52:48 2025 by rpki-client