Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/0d4810-902a-4b7d-9818-3cef5625aed6/1/7oZFTVxbPY1wyRAFGqq0iEiXfQY.roa
File: 7oZFTVxbPY1wyRAFGqq0iEiXfQY.roa (raw, json)
Hash identifier: g9c7ivm55GRKnyLCBvfz10MVI781xoTPfCldwBVtSXs=
Subject key identifier: EE:86:45:4D:5C:5B:3D:8D:70:C9:10:05:1A:AA:B4:88:48:97:7D:06
Certificate issuer: /CN=dfa69c3d98385d415405fc6fd30a800363c017c1
Certificate serial: 018CC6B901979A7F69CD7B5DFF9C6B71E933
Authority key identifier: DF:A6:9C:3D:98:38:5D:41:54:05:FC:6F:D3:0A:80:03:63:C0:17:C1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/36acPZg4XUFUBfxv0wqAA2PAF8E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/0d4810-902a-4b7d-9818-3cef5625aed6/1/7oZFTVxbPY1wyRAFGqq0iEiXfQY.roa
Signing time: Mon 01 Jan 2024 20:31:02 +0000
ROA not before: Mon 01 Jan 2024 20:31:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44466
IP address blocks: 185.160.162.0/23 maxlen: 24
185.160.160.0/23 maxlen: 24
188.215.109.0/24 maxlen: 24
188.215.110.0/24 maxlen: 24
188.215.111.0/24 maxlen: 24
188.215.108.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 05:47:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b9:01:97:9a:7f:69:cd:7b:5d:ff:9c:6b:71:e9:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dfa69c3d98385d415405fc6fd30a800363c017c1
Validity
Not Before: Jan 1 20:31:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ee86454d5c5b3d8d70c910051aaab48848977d06
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:15:76:b4:42:4d:7d:8a:aa:7f:c5:73:ae:58:
f1:03:7a:ef:92:59:74:b1:5e:bf:f6:28:1b:4a:0c:
8a:94:99:f8:a0:e0:76:fd:7a:d9:77:38:8d:7a:40:
09:75:5e:51:ac:43:9a:dd:29:16:00:4f:b9:e0:33:
3a:cb:70:ef:ee:28:a2:92:f4:7e:63:9a:38:40:3f:
81:d5:f0:00:f1:f8:24:8d:4c:6b:2a:57:99:e6:b6:
49:f4:07:9d:6e:aa:60:47:00:04:d6:99:da:da:f6:
3d:5d:b3:3f:84:55:46:f5:fc:b4:a5:38:fd:4a:83:
24:05:f1:09:77:d3:f1:72:cc:76:59:1d:8c:1f:9f:
d4:03:4f:0e:8d:c1:cb:92:9c:04:53:ea:df:8f:3f:
8a:12:e6:ee:6a:ba:08:05:d7:ba:39:8d:3c:73:14:
ff:be:15:7d:27:53:c3:3a:0b:91:ab:e8:65:ab:0e:
26:b8:67:d7:06:d4:6b:e4:26:31:ab:b8:7c:fe:90:
86:84:84:ce:85:45:97:92:82:3e:76:08:94:7a:b3:
20:f6:da:aa:bd:7a:b3:61:9f:ec:5f:e0:aa:54:c5:
e8:60:02:b3:6c:f6:25:47:cf:d5:84:7a:00:b8:7f:
4b:ce:05:9d:c1:bb:a8:96:c3:21:68:c3:05:51:0d:
55:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:86:45:4D:5C:5B:3D:8D:70:C9:10:05:1A:AA:B4:88:48:97:7D:06
X509v3 Authority Key Identifier:
keyid:DF:A6:9C:3D:98:38:5D:41:54:05:FC:6F:D3:0A:80:03:63:C0:17:C1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/36acPZg4XUFUBfxv0wqAA2PAF8E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/0d4810-902a-4b7d-9818-3cef5625aed6/1/7oZFTVxbPY1wyRAFGqq0iEiXfQY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/0d4810-902a-4b7d-9818-3cef5625aed6/1/36acPZg4XUFUBfxv0wqAA2PAF8E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.160.160.0/22
188.215.108.0/22
Signature Algorithm: sha256WithRSAEncryption
7c:f1:48:7f:56:68:31:e0:b5:a9:19:c8:35:9d:a7:36:e8:ed:
3f:5a:e5:ce:19:12:65:cb:d2:84:0f:67:03:72:f0:ea:00:7a:
c3:74:c9:3b:d6:a4:8e:98:f8:c3:17:0c:0b:f5:89:c2:8c:36:
b4:ad:d0:2c:ab:9b:35:c2:01:69:d2:38:ed:9e:6a:35:fc:e1:
bb:63:4a:7c:ff:61:e2:c5:dd:4f:e4:9b:4b:1f:c9:27:b5:30:
44:09:5e:2b:da:65:88:9e:69:0c:65:e6:f8:dd:d1:39:de:8e:
94:0a:5e:bc:90:08:dd:a3:ee:f3:69:d8:32:77:8c:ed:11:d9:
b1:a7:63:bb:50:75:e3:c1:63:f8:f1:21:61:d9:49:24:32:24:
ea:33:77:2c:21:8c:4e:7c:03:0f:ab:2b:3a:a8:7b:56:1f:5f:
64:8e:59:7f:d3:78:3d:23:70:12:df:1d:4b:ed:7a:9a:77:23:
90:4b:91:43:89:c4:99:3f:01:ca:f7:5c:3d:61:e4:71:aa:1f:
55:07:08:01:e6:d1:b1:07:7a:b9:58:21:79:1a:1a:35:04:79:
00:6e:5f:43:21:c4:63:e8:cb:6d:70:61:68:da:2c:a5:c3:62:
a1:38:e9:de:f4:1f:bc:10:55:fd:08:02:c0:8e:c8:38:de:d5:
f3:90:64:5c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzGuQGXmn9pzXtd/5xrcekzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmYTY5YzNkOTgzODVkNDE1NDA1ZmM2ZmQzMGE4MDAzNjNj
MDE3YzEwHhcNMjQwMTAxMjAzMTAyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZTg2NDU0ZDVjNWIzZDhkNzBjOTEwMDUxYWFhYjQ4ODQ4OTc3ZDA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAihV2tEJNfYqqf8VzrljxA3rvkll0
sV6/9igbSgyKlJn4oOB2/XrZdziNekAJdV5RrEOa3SkWAE+54DM6y3Dv7iiikvR+
Y5o4QD+B1fAA8fgkjUxrKleZ5rZJ9AedbqpgRwAE1pna2vY9XbM/hFVG9fy0pTj9
SoMkBfEJd9Pxcsx2WR2MH5/UA08OjcHLkpwEU+rfjz+KEubuaroIBde6OY08cxT/
vhV9J1PDOguRq+hlqw4muGfXBtRr5CYxq7h8/pCGhITOhUWXkoI+dgiUerMg9tqq
vXqzYZ/sX+CqVMXoYAKzbPYlR8/VhHoAuH9LzgWdwbuolsMhaMMFUQ1V/QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFO6GRU1cWz2NcMkQBRqqtIhIl30GMB8GA1UdIwQY
MBaAFN+mnD2YOF1BVAX8b9MKgANjwBfBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMzZhY1BaZzRYVUZVQmZ4djB3cUFBMlBBRjhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy8wZDQ4MTAtOTAyYS00YjdkLTk4MTgt
M2NlZjU2MjVhZWQ2LzEvN29aRlRWeGJQWTF3eVJBRkdxcTBpRWlYZlFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy8wZDQ4MTAtOTAyYS00YjdkLTk4MTgtM2NlZjU2MjVhZWQ2
LzEvMzZhY1BaZzRYVUZVQmZ4djB3cUFBMlBBRjhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuaCgAwQC
vNdsMA0GCSqGSIb3DQEBCwUAA4IBAQB88Uh/Vmgx4LWpGcg1nac26O0/WuXOGRJl
y9KED2cDcvDqAHrDdMk71qSOmPjDFwwL9YnCjDa0rdAsq5s1wgFp0jjtnmo1/OG7
Y0p8/2Hixd1P5JtLH8kntTBECV4r2mWInmkMZeb43dE53o6UCl68kAjdo+7zadgy
d4ztEdmxp2O7UHXjwWP48SFh2UkkMiTqM3csIYxOfAMPqys6qHtWH19kjll/03g9
I3AS3x1L7XqadyOQS5FDicSZPwHK91w9YeRxqh9VBwgB5tGxB3q5WCF5Gho1BHkA
bl9DIcRj6MttcGFo2iylw2KhOOne9B+8EFX9CALAjsg43tXzkGRc
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:59:32 2025 by rpki-client