Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/7dP5xOFDTRKvAz7QGsls3CRiM5g.roa
File: 7dP5xOFDTRKvAz7QGsls3CRiM5g.roa (raw, json)
Hash identifier: 7osNX/qVpem0SWD5hwP4/6PRZToM5BMvH77cb/dLi6w=
Subject key identifier: ED:D3:F9:C4:E1:43:4D:12:AF:03:3E:D0:1A:C9:6C:DC:24:62:33:98
Certificate issuer: /CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Certificate serial: 018CC3B676849459116F7942133BEC77D6D0
Authority key identifier: 4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/7dP5xOFDTRKvAz7QGsls3CRiM5g.roa
Signing time: Mon 01 Jan 2024 06:29:24 +0000
ROA not before: Mon 01 Jan 2024 06:29:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20473
IP address blocks: 85.117.240.0/24 maxlen: 24
2a09:ff00:8800::/37 maxlen: 48
Validation: Failed, certificate revoked on Wed 17 Jan 2024 10:20:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:76:84:94:59:11:6f:79:42:13:3b:ec:77:d6:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Validity
Not Before: Jan 1 06:29:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=edd3f9c4e1434d12af033ed01ac96cdc24623398
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:9b:97:95:cd:54:16:06:f9:11:37:ab:2c:f8:
be:0d:68:2f:a9:a0:b4:b8:4a:c5:3f:9a:bd:53:8d:
a6:0a:ec:34:4a:06:6f:14:e6:68:f8:84:c3:75:38:
00:3d:c4:56:85:0a:00:d9:69:a8:47:1a:20:ca:3f:
a5:c0:1f:aa:58:ba:3a:06:d5:39:3c:ac:b6:ea:de:
b4:19:50:e2:92:fc:d0:8e:dd:c2:06:cb:fe:54:0a:
93:04:61:12:22:bb:11:b4:08:f1:11:99:76:39:3b:
0e:59:59:54:76:b1:dc:92:a4:e7:55:df:bf:73:2b:
b7:99:7c:d8:bd:5e:e8:d6:3c:4d:46:67:88:2f:57:
73:15:7a:f2:da:01:38:31:b2:78:26:04:cb:95:15:
3f:f5:4d:e5:19:83:ca:a8:aa:16:5c:36:c1:75:3a:
43:e2:33:0f:9b:d7:90:97:66:64:c5:1f:f2:8d:2b:
c3:33:2f:f5:ce:67:50:33:07:0b:52:90:81:09:9c:
d6:7a:ac:2d:96:ca:1c:df:1a:3c:0f:a5:0c:0c:a9:
db:f8:31:a2:2e:db:55:27:15:a6:a8:b6:57:77:17:
6a:71:65:33:90:43:07:af:71:db:63:43:e2:15:8a:
46:d9:47:c3:35:59:35:c8:fc:f8:f3:8d:82:b3:89:
ad:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:D3:F9:C4:E1:43:4D:12:AF:03:3E:D0:1A:C9:6C:DC:24:62:33:98
X509v3 Authority Key Identifier:
keyid:4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/7dP5xOFDTRKvAz7QGsls3CRiM5g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/T4rqLwJfSVvqzufOWoggUZ3aE3A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.117.240.0/24
IPv6:
2a09:ff00:8800::/37
Signature Algorithm: sha256WithRSAEncryption
53:a6:6a:de:dc:76:4c:72:b0:e9:94:44:f3:92:50:92:de:9d:
f2:0a:b6:1c:bf:8c:4d:ea:18:f0:df:94:68:db:5b:25:48:bd:
34:b6:b2:19:63:dc:de:08:f6:b0:70:16:c2:0c:09:3d:73:44:
59:fb:d7:56:eb:5c:ee:41:74:a7:bc:62:71:17:92:e5:41:71:
e9:19:5e:d1:d2:c5:77:41:dc:ea:c5:5b:5c:0c:2f:38:af:3a:
56:37:37:91:72:93:bd:ee:f8:b1:46:fc:98:a1:3b:6c:8c:a9:
8e:8e:1b:94:d9:d3:2b:ce:7c:e9:08:b4:85:4a:0c:a0:89:aa:
9c:e5:4d:33:c6:b9:9d:21:76:ff:e1:e5:72:3d:cc:58:00:ef:
41:11:bf:8e:07:e6:c2:c3:81:e9:bd:bf:f6:78:3c:6f:40:9f:
d8:36:d5:bc:4b:90:39:22:77:e6:3d:b0:65:9b:d7:cd:b5:65:
20:85:e3:8b:ab:20:5a:f2:b0:2e:33:6a:6f:57:cd:eb:70:4b:
00:8f:fd:13:bf:3d:9d:1e:e9:db:1b:a4:16:ca:29:0e:c0:ee:
5d:1e:37:be:06:38:69:43:d6:86:78:ad:ad:fb:ae:e0:a7:88:
5b:bb:38:cf:35:b0:b6:9a:d1:8d:5c:92:96:b9:c1:4c:05:6c:
6d:54:61:59
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYzDtnaElFkRb3lCEzvsd9bQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOGFlYTJmMDI1ZjQ5NWJlYWNlZTdjZTVhODgyMDUxOWRk
YTEzNzAwHhcNMjQwMTAxMDYyOTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZGQzZjljNGUxNDM0ZDEyYWYwMzNlZDAxYWM5NmNkYzI0NjIzMzk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkpuXlc1UFgb5ETerLPi+DWgvqaC0
uErFP5q9U42mCuw0SgZvFOZo+ITDdTgAPcRWhQoA2WmoRxogyj+lwB+qWLo6BtU5
PKy26t60GVDikvzQjt3CBsv+VAqTBGESIrsRtAjxEZl2OTsOWVlUdrHckqTnVd+/
cyu3mXzYvV7o1jxNRmeIL1dzFXry2gE4MbJ4JgTLlRU/9U3lGYPKqKoWXDbBdTpD
4jMPm9eQl2ZkxR/yjSvDMy/1zmdQMwcLUpCBCZzWeqwtlsoc3xo8D6UMDKnb+DGi
LttVJxWmqLZXdxdqcWUzkEMHr3HbY0PiFYpG2UfDNVk1yPz4842Cs4mtYwIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFO3T+cThQ00SrwM+0BrJbNwkYjOYMB8GA1UdIwQY
MBaAFE+K6i8CX0lb6s7nzlqIIFGd2hNwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDRycUx3SmZTVnZxenVmT1dvZ2dVWjNhRTNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9lYjcwYTMtMTdlMS00ZDg2LThiOWUt
NjA4MDk1MmYwZTA0LzEvN2RQNXhPRkRUUkt2QXo3UUdzbHMzQ1JpTTVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS9lYjcwYTMtMTdlMS00ZDg2LThiOWUtNjA4MDk1MmYwZTA0
LzEvVDRycUx3SmZTVnZxenVmT1dvZ2dVWjNhRTNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQAVXXwMA4E
AgACMAgDBgMqCf8AiDANBgkqhkiG9w0BAQsFAAOCAQEAU6Zq3tx2THKw6ZRE85JQ
kt6d8gq2HL+MTeoY8N+UaNtbJUi9NLayGWPc3gj2sHAWwgwJPXNEWfvXVutc7kF0
p7xicReS5UFx6Rle0dLFd0Hc6sVbXAwvOK86Vjc3kXKTve74sUb8mKE7bIypjo4b
lNnTK8586Qi0hUoMoImqnOVNM8a5nSF2/+Hlcj3MWADvQRG/jgfmwsOB6b2/9ng8
b0Cf2DbVvEuQOSJ35j2wZZvXzbVlIIXji6sgWvKwLjNqb1fN63BLAI/9E789nR7p
2xukFsopDsDuXR43vgY4aUPWhnitrfuu4KeIW7s4zzWwtprRjVySlrnBTAVsbVRh
WQ==
-----END CERTIFICATE-----
Generated at Wed Apr 9 01:07:53 2025 by rpki-client