Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/f413c2-c2ec-41f1-9d85-5d8634ab7d91/1/IWJwVWpBOxJGAm3Wzkv3bWzJDIs.roa
File: IWJwVWpBOxJGAm3Wzkv3bWzJDIs.roa (raw, json)
Hash identifier: 8+gGD7Jgxjmvom0HoIGttOHRTXE7iqx84sWMXGntaak=
Subject key identifier: 21:62:70:55:6A:41:3B:12:46:02:6D:D6:CE:4B:F7:6D:6C:C9:0C:8B
Certificate issuer: /CN=e7507db088a7c81a0dbec8f1addb52f95bd10143
Certificate serial: 01937366B0E74A0107DBA9CCF320FAAAF70E
Authority key identifier: E7:50:7D:B0:88:A7:C8:1A:0D:BE:C8:F1:AD:DB:52:F9:5B:D1:01:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/51B9sIinyBoNvsjxrdtS-VvRAUM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/f413c2-c2ec-41f1-9d85-5d8634ab7d91/1/IWJwVWpBOxJGAm3Wzkv3bWzJDIs.roa
Signing time: Thu 28 Nov 2024 15:32:09 +0000
ROA not before: Thu 28 Nov 2024 15:32:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213822
IP address blocks: 185.36.229.0/24 maxlen: 24
2a07:cd40::/29 maxlen: 29
2a07:cd40::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 12 Dec 2024 17:11:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:73:66:b0:e7:4a:01:07:db:a9:cc:f3:20:fa:aa:f7:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7507db088a7c81a0dbec8f1addb52f95bd10143
Validity
Not Before: Nov 28 15:32:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=216270556a413b1246026dd6ce4bf76d6cc90c8b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:de:78:bc:e5:50:d1:4e:02:ce:3b:7e:b8:c7:
ff:f0:90:88:12:1c:bf:45:c2:88:99:bc:3f:b8:09:
b7:13:53:7f:f2:91:7f:ea:6f:aa:bd:76:08:df:d5:
f3:b1:29:2c:3d:d4:ec:58:f2:a4:86:ae:72:8b:be:
da:a6:4e:17:db:76:8a:d7:ee:d2:98:05:8e:74:48:
18:e7:81:b6:58:b7:c0:94:ce:d1:5e:ff:74:c5:5c:
d8:e4:6a:60:f6:31:65:5a:d9:6e:bc:3b:5b:5e:ea:
45:4d:02:f6:8d:08:82:4e:18:0b:02:08:1e:78:c4:
34:88:cd:6f:1c:7a:18:98:0a:fe:04:8c:57:bf:5e:
db:a0:dd:9e:f9:0d:06:98:bb:5f:92:24:cf:95:93:
f2:90:68:25:8f:c1:b7:06:b8:69:cf:ee:bb:3f:0c:
03:ac:70:a5:ee:e4:c9:2a:fe:21:cc:89:d9:82:bb:
a7:f3:cf:c0:59:c5:4c:94:cf:89:82:fa:22:1b:01:
7a:5d:36:d9:b4:b6:be:de:8d:de:b8:0f:08:df:56:
8f:d3:ec:9a:a4:ab:69:4d:10:25:e2:b7:c9:de:5f:
e6:c1:17:d4:81:9f:4e:e6:a7:1c:24:a4:e1:58:37:
b7:14:5a:4c:18:c2:68:1f:d9:b2:34:84:08:9a:ef:
aa:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:62:70:55:6A:41:3B:12:46:02:6D:D6:CE:4B:F7:6D:6C:C9:0C:8B
X509v3 Authority Key Identifier:
keyid:E7:50:7D:B0:88:A7:C8:1A:0D:BE:C8:F1:AD:DB:52:F9:5B:D1:01:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/51B9sIinyBoNvsjxrdtS-VvRAUM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/f413c2-c2ec-41f1-9d85-5d8634ab7d91/1/IWJwVWpBOxJGAm3Wzkv3bWzJDIs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/f413c2-c2ec-41f1-9d85-5d8634ab7d91/1/51B9sIinyBoNvsjxrdtS-VvRAUM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.36.229.0/24
IPv6:
2a07:cd40::/29
Signature Algorithm: sha256WithRSAEncryption
07:a4:54:44:df:7f:84:a9:19:9f:dc:35:25:30:0d:a1:ab:c6:
6f:5a:a8:38:cf:1c:95:b4:d3:fc:cf:1d:01:12:cb:0e:f3:bd:
45:1f:42:d8:69:d9:68:d5:86:ef:27:0c:4f:31:5e:30:bb:9d:
ac:0a:58:a0:a9:8a:82:c8:af:7a:02:a7:2a:15:dc:a6:61:74:
5f:8f:28:19:64:3d:74:de:9c:f6:85:ff:8d:e8:db:bd:b8:b8:
00:61:32:fe:a5:21:50:8b:5b:2e:b1:bd:4b:68:f0:f9:1b:9f:
98:c2:3d:4d:1e:d5:b4:55:9a:c6:42:1c:12:53:6f:05:59:e4:
be:26:58:88:68:dc:bd:03:6e:ba:da:19:2a:74:81:c5:fe:31:
45:1c:27:1a:22:2f:45:a5:fa:ad:63:40:3b:f6:74:03:94:d9:
90:47:fc:b1:3b:8a:c6:15:0f:96:c0:ed:05:50:44:02:7b:a8:
e1:34:a8:e5:40:92:10:09:ad:40:a5:8f:f2:02:1e:33:6b:b9:
ca:80:33:4c:9f:7d:54:16:55:73:cf:6a:62:8e:f5:11:47:4a:
48:2f:8b:38:87:57:f7:80:e7:54:e8:a2:eb:c7:0b:37:a4:2c:
ac:5c:ae:a1:57:bf:a3:a9:45:b7:9e:5f:b9:9f:a5:71:7f:72:
61:b5:d9:4d
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZNzZrDnSgEH26nM8yD6qvcOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3NTA3ZGIwODhhN2M4MWEwZGJlYzhmMWFkZGI1MmY5NWJk
MTAxNDMwHhcNMjQxMTI4MTUzMjA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTYyNzA1NTZhNDEzYjEyNDYwMjZkZDZjZTRiZjc2ZDZjYzkwYzhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxN54vOVQ0U4Czjt+uMf/8JCIEhy/
RcKImbw/uAm3E1N/8pF/6m+qvXYI39XzsSksPdTsWPKkhq5yi77apk4X23aK1+7S
mAWOdEgY54G2WLfAlM7RXv90xVzY5Gpg9jFlWtluvDtbXupFTQL2jQiCThgLAgge
eMQ0iM1vHHoYmAr+BIxXv17boN2e+Q0GmLtfkiTPlZPykGglj8G3Brhpz+67PwwD
rHCl7uTJKv4hzInZgrun88/AWcVMlM+JgvoiGwF6XTbZtLa+3o3euA8I31aP0+ya
pKtpTRAl4rfJ3l/mwRfUgZ9O5qccJKThWDe3FFpMGMJoH9myNIQImu+qYQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFCFicFVqQTsSRgJt1s5L921syQyLMB8GA1UdIwQY
MBaAFOdQfbCIp8gaDb7I8a3bUvlb0QFDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTFCOXNJaW55Qm9OdnNqeHJkdFMtVnZSQVVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi9mNDEzYzItYzJlYy00MWYxLTlkODUt
NWQ4NjM0YWI3ZDkxLzEvSVdKd1ZXcEJPeEpHQW0zV3prdjNiV3pKRElzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi9mNDEzYzItYzJlYy00MWYxLTlkODUtNWQ4NjM0YWI3ZDkx
LzEvNTFCOXNJaW55Qm9OdnNqeHJkdFMtVnZSQVVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuSTlMA0E
AgACMAcDBQMqB81AMA0GCSqGSIb3DQEBCwUAA4IBAQAHpFRE33+EqRmf3DUlMA2h
q8ZvWqg4zxyVtNP8zx0BEssO871FH0LYadlo1YbvJwxPMV4wu52sCligqYqCyK96
AqcqFdymYXRfjygZZD103pz2hf+N6Nu9uLgAYTL+pSFQi1susb1LaPD5G5+Ywj1N
HtW0VZrGQhwSU28FWeS+JliIaNy9A2662hkqdIHF/jFFHCcaIi9FpfqtY0A79nQD
lNmQR/yxO4rGFQ+WwO0FUEQCe6jhNKjlQJIQCa1ApY/yAh4za7nKgDNMn31UFlVz
z2pijvURR0pIL4s4h1f3gOdU6KLrxws3pCysXK6hV7+jqUW3nl+5n6Vxf3JhtdlN
-----END CERTIFICATE-----
Generated at Sun Apr 20 01:59:33 2025 by rpki-client