Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/2d43c2-3b2e-4f2e-a6ad-a0a72a733c02/1/x8cVD2HrSsr6fGlXKp5MKcVAmew.roa
File: x8cVD2HrSsr6fGlXKp5MKcVAmew.roa (raw, json)
Hash identifier: Gv3Z9vbUtpNsVey4SBxbQNfUX7sW5hY/zDSygXM0OCc=
Subject key identifier: C7:C7:15:0F:61:EB:4A:CA:FA:7C:69:57:2A:9E:4C:29:C5:40:99:EC
Certificate issuer: /CN=3db8a2adddb002850854996a94b72b87f4a7b30f
Certificate serial: 018CC4250002D41ED4EEEB40157768150F8D
Authority key identifier: 3D:B8:A2:AD:DD:B0:02:85:08:54:99:6A:94:B7:2B:87:F4:A7:B3:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Pbiird2wAoUIVJlqlLcrh_Snsw8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/2d43c2-3b2e-4f2e-a6ad-a0a72a733c02/1/x8cVD2HrSsr6fGlXKp5MKcVAmew.roa
Signing time: Mon 01 Jan 2024 08:30:08 +0000
ROA not before: Mon 01 Jan 2024 08:30:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 24892
IP address blocks: 185.107.49.0/24 maxlen: 24
185.107.50.0/24 maxlen: 24
185.107.48.0/24 maxlen: 24
185.107.51.0/24 maxlen: 24
185.107.48.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 01 Jan 2025 03:47:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:00:02:d4:1e:d4:ee:eb:40:15:77:68:15:0f:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3db8a2adddb002850854996a94b72b87f4a7b30f
Validity
Not Before: Jan 1 08:30:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c7c7150f61eb4acafa7c69572a9e4c29c54099ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:91:11:2b:4a:89:ff:7e:9f:a2:1c:f3:5f:40:
2a:fb:e3:6d:82:4a:ca:36:06:62:a9:79:cf:17:fd:
45:93:d8:ca:35:73:79:d4:e9:5b:ef:21:a8:50:f8:
6e:80:4a:4f:bb:25:c4:39:cc:5d:e9:8b:b1:b7:5b:
ed:db:00:68:76:a4:9c:e7:4a:4f:21:e3:81:5f:d0:
6c:13:0e:88:dd:5b:53:8f:3f:e7:11:4a:45:5c:a3:
44:e8:56:92:00:71:96:a7:58:74:ee:5d:2b:f3:99:
d8:94:0a:87:0c:ec:6a:58:a8:69:85:02:ae:0d:7f:
43:40:98:50:10:74:df:b4:36:3a:21:6e:d1:db:2e:
b1:0c:63:8c:4f:31:03:2e:e0:df:20:fd:95:ee:26:
90:0c:c2:86:61:c3:03:ea:e2:5f:a3:5a:68:f6:2e:
f9:64:28:11:2a:67:ac:30:e7:c2:36:6e:1b:2d:5e:
95:5c:7d:d7:0b:c9:11:96:89:45:35:90:a4:1e:e7:
c0:bc:47:5a:b9:81:02:d2:1c:9e:64:6f:0e:5f:43:
89:9f:77:bd:39:24:20:a2:ad:7b:09:9d:f9:25:25:
ac:40:6b:c9:08:94:33:f8:aa:4b:a3:5b:ee:c9:80:
3a:d2:47:03:2b:dd:76:ba:8a:94:a0:3f:91:12:5a:
68:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:C7:15:0F:61:EB:4A:CA:FA:7C:69:57:2A:9E:4C:29:C5:40:99:EC
X509v3 Authority Key Identifier:
keyid:3D:B8:A2:AD:DD:B0:02:85:08:54:99:6A:94:B7:2B:87:F4:A7:B3:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Pbiird2wAoUIVJlqlLcrh_Snsw8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/2d43c2-3b2e-4f2e-a6ad-a0a72a733c02/1/x8cVD2HrSsr6fGlXKp5MKcVAmew.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/2d43c2-3b2e-4f2e-a6ad-a0a72a733c02/1/Pbiird2wAoUIVJlqlLcrh_Snsw8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.107.48.0/22
Signature Algorithm: sha256WithRSAEncryption
4c:ba:78:03:13:f3:1b:96:a4:93:9c:3d:94:13:4a:f6:31:26:
6e:d8:5e:9a:be:ea:56:96:2f:46:15:56:20:80:39:28:4c:46:
df:05:c0:fd:3e:ad:f8:0f:db:0e:1e:c9:33:a8:cb:7c:b0:fd:
4c:ca:de:cd:97:ce:7d:3c:26:fa:e4:63:aa:74:fa:a4:22:e8:
24:b6:79:e5:03:82:a9:ae:02:e4:28:e8:28:e6:84:cc:56:41:
45:f7:dd:38:34:e2:44:ba:7b:5e:0e:0b:1e:bf:c7:4d:48:bd:
c0:d6:8e:6a:4c:48:5e:ee:ef:5f:08:e6:7c:88:f0:59:94:0c:
dc:c3:f1:b5:56:af:1e:d9:d2:b4:83:8b:ed:2d:fe:2a:db:a8:
d9:c7:f1:78:6c:46:f3:32:49:d8:d0:31:2f:08:93:0d:28:da:
a4:2e:02:23:c0:70:bf:a6:ba:bb:90:02:98:7f:3d:6a:54:8f:
0e:78:91:5d:92:27:93:90:91:5b:44:fa:51:77:5c:8e:91:50:
d8:9d:fe:5e:81:1b:17:b4:b8:da:2a:29:fe:27:a6:de:d5:3a:
e8:e1:c7:55:12:76:52:81:e5:2f:d4:5f:71:c9:81:19:f5:c0:
c9:cc:f1:ac:ce:0d:17:d8:1e:54:12:b2:e4:77:40:42:10:1c:
1b:45:bf:5c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzEJQAC1B7U7utAFXdoFQ+NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkYjhhMmFkZGRiMDAyODUwODU0OTk2YTk0YjcyYjg3ZjRh
N2IzMGYwHhcNMjQwMTAxMDgzMDA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjN2M3MTUwZjYxZWI0YWNhZmE3YzY5NTcyYTllNGMyOWM1NDA5OWVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0ZERK0qJ/36fohzzX0Aq++NtgkrK
NgZiqXnPF/1Fk9jKNXN51Olb7yGoUPhugEpPuyXEOcxd6Yuxt1vt2wBodqSc50pP
IeOBX9BsEw6I3VtTjz/nEUpFXKNE6FaSAHGWp1h07l0r85nYlAqHDOxqWKhphQKu
DX9DQJhQEHTftDY6IW7R2y6xDGOMTzEDLuDfIP2V7iaQDMKGYcMD6uJfo1po9i75
ZCgRKmesMOfCNm4bLV6VXH3XC8kRlolFNZCkHufAvEdauYEC0hyeZG8OX0OJn3e9
OSQgoq17CZ35JSWsQGvJCJQz+KpLo1vuyYA60kcDK912uoqUoD+RElponwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMfHFQ9h60rK+nxpVyqeTCnFQJnsMB8GA1UdIwQY
MBaAFD24oq3dsAKFCFSZapS3K4f0p7MPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGJpaXJkMndBb1VJVkpscWxMY3JoX1Nuc3c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi8yZDQzYzItM2IyZS00ZjJlLWE2YWQt
YTBhNzJhNzMzYzAyLzEveDhjVkQySHJTc3I2ZkdsWEtwNU1LY1ZBbWV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi8yZDQzYzItM2IyZS00ZjJlLWE2YWQtYTBhNzJhNzMzYzAy
LzEvUGJpaXJkMndBb1VJVkpscWxMY3JoX1Nuc3c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuWswMA0G
CSqGSIb3DQEBCwUAA4IBAQBMungDE/MblqSTnD2UE0r2MSZu2F6avupWli9GFVYg
gDkoTEbfBcD9Pq34D9sOHskzqMt8sP1Myt7Nl859PCb65GOqdPqkIugktnnlA4Kp
rgLkKOgo5oTMVkFF9904NOJEunteDgsev8dNSL3A1o5qTEhe7u9fCOZ8iPBZlAzc
w/G1Vq8e2dK0g4vtLf4q26jZx/F4bEbzMknY0DEvCJMNKNqkLgIjwHC/prq7kAKY
fz1qVI8OeJFdkieTkJFbRPpRd1yOkVDYnf5egRsXtLjaKin+J6be1Tro4cdVEnZS
geUv1F9xyYEZ9cDJzPGszg0X2B5UErLkd0BCEBwbRb9c
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:53:20 2025 by rpki-client