Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/24be1a-16da-481c-8bcb-340d625c6dba/1/3nN8Vr9yMJ8KYpDk-U_EtSoyWzA.roa
File: 3nN8Vr9yMJ8KYpDk-U_EtSoyWzA.roa (raw, json)
Hash identifier: cHCFiGwuTeTiLaP8ffR1+nwmgGFYJnb8UZdu7tYUVPQ=
Subject key identifier: DE:73:7C:56:BF:72:30:9F:0A:62:90:E4:F9:4F:C4:B5:2A:32:5B:30
Certificate issuer: /CN=1a7f036e2592391fb45a3dd33caf0b07956973cf
Certificate serial: 018CC6B91A05F5EDD2BB6F3F12F23A92F35E
Authority key identifier: 1A:7F:03:6E:25:92:39:1F:B4:5A:3D:D3:3C:AF:0B:07:95:69:73:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gn8DbiWSOR-0Wj3TPK8LB5Vpc88.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/24be1a-16da-481c-8bcb-340d625c6dba/1/3nN8Vr9yMJ8KYpDk-U_EtSoyWzA.roa
Signing time: Mon 01 Jan 2024 20:31:08 +0000
ROA not before: Mon 01 Jan 2024 20:31:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204171
IP address blocks: 185.103.120.0/24 maxlen: 24
185.103.123.0/24 maxlen: 24
185.103.121.0/24 maxlen: 24
185.103.122.0/24 maxlen: 24
2a06:2bc0::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 01 Jan 2025 21:48:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b9:1a:05:f5:ed:d2:bb:6f:3f:12:f2:3a:92:f3:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1a7f036e2592391fb45a3dd33caf0b07956973cf
Validity
Not Before: Jan 1 20:31:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=de737c56bf72309f0a6290e4f94fc4b52a325b30
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:5d:d5:47:10:0e:c4:f8:b2:f0:3c:f1:0d:9f:
5d:e0:a8:fe:ba:ca:0b:c6:87:ef:8b:f4:58:81:5a:
9d:de:8e:e7:b2:7c:47:d7:44:1f:e6:2a:09:f6:f8:
4c:1b:a8:5d:24:f0:9e:5c:92:e2:d9:7f:f8:f5:3d:
c9:1a:c6:9e:87:95:c6:ff:d1:2b:ec:e7:d3:f1:c0:
47:c0:60:d7:73:46:03:b7:b5:72:f6:c7:14:3c:08:
32:3d:33:13:32:e1:dc:79:7a:21:54:84:72:f0:d0:
aa:13:46:5b:9b:9b:d3:e7:6f:51:82:90:5d:2a:54:
a0:38:46:1d:a9:c5:a9:82:a2:06:99:22:fa:cd:bc:
ce:d4:ea:cb:b0:d4:75:0a:8f:7f:9e:6a:c7:ff:88:
8f:e3:43:5a:df:d7:87:c9:ab:52:6d:f8:35:15:2f:
50:63:c1:b8:6f:98:54:f4:91:60:49:e1:25:26:50:
18:52:1b:92:97:33:30:c6:97:b2:c3:25:7f:11:29:
9c:1a:c5:8f:bf:32:b1:6a:53:c5:27:34:4d:fc:fa:
34:a3:a7:ec:a8:84:ef:b0:4e:05:75:ff:e9:5d:b1:
da:d3:9f:7d:33:19:00:4d:7a:f0:12:5e:6a:10:85:
a5:89:e8:8d:43:26:7b:ea:e5:76:15:ad:eb:b4:35:
0d:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:73:7C:56:BF:72:30:9F:0A:62:90:E4:F9:4F:C4:B5:2A:32:5B:30
X509v3 Authority Key Identifier:
keyid:1A:7F:03:6E:25:92:39:1F:B4:5A:3D:D3:3C:AF:0B:07:95:69:73:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gn8DbiWSOR-0Wj3TPK8LB5Vpc88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/24be1a-16da-481c-8bcb-340d625c6dba/1/3nN8Vr9yMJ8KYpDk-U_EtSoyWzA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/24be1a-16da-481c-8bcb-340d625c6dba/1/Gn8DbiWSOR-0Wj3TPK8LB5Vpc88.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.103.120.0/22
IPv6:
2a06:2bc0::/29
Signature Algorithm: sha256WithRSAEncryption
1c:55:99:f9:4e:cc:67:5f:05:bb:99:1e:c5:80:81:1d:4a:ad:
44:20:81:eb:de:0b:1b:2c:3d:5c:2e:89:16:cd:fc:7f:a3:69:
6e:ca:05:98:6e:a1:be:47:31:52:4f:a8:54:16:ac:81:d2:f6:
d9:3d:9d:13:25:32:82:ac:e5:4a:63:c5:f0:68:c3:a7:ea:c1:
2e:28:31:6e:36:f2:07:55:bd:b4:5b:2a:ff:c0:34:46:24:3e:
5b:93:6f:33:c3:07:68:7f:7b:a6:8c:1d:e1:2d:59:18:51:06:
3e:e6:44:33:32:36:ce:b1:ab:cf:f8:0b:ba:68:e8:c0:61:c1:
4c:b5:22:2d:f7:d0:36:1c:e5:dc:32:26:ee:b4:41:6e:19:dc:
d5:64:27:23:be:fd:85:f9:0d:73:91:9d:8f:9a:9d:f0:17:b2:
b5:be:d1:78:c6:bd:59:cb:29:8e:7f:4a:db:a9:fd:f3:23:e0:
c9:48:65:45:f8:9c:f2:4e:b4:84:5c:ad:fb:ef:67:10:8f:e5:
86:29:1d:fc:75:cb:c9:9d:f8:9b:73:34:38:f9:dc:66:5c:6d:
0e:15:0a:98:84:67:5f:44:63:70:1f:aa:2b:5f:17:9a:fc:74:
10:6d:c9:8e:b1:f0:68:58:19:bc:48:cb:4f:5c:04:6a:47:1d:
bf:fd:33:ab
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzGuRoF9e3Su28/EvI6kvNeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhN2YwMzZlMjU5MjM5MWZiNDVhM2RkMzNjYWYwYjA3OTU2
OTczY2YwHhcNMjQwMTAxMjAzMTA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTczN2M1NmJmNzIzMDlmMGE2MjkwZTRmOTRmYzRiNTJhMzI1YjMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk13VRxAOxPiy8DzxDZ9d4Kj+usoL
xofvi/RYgVqd3o7nsnxH10Qf5ioJ9vhMG6hdJPCeXJLi2X/49T3JGsaeh5XG/9Er
7OfT8cBHwGDXc0YDt7Vy9scUPAgyPTMTMuHceXohVIRy8NCqE0Zbm5vT529RgpBd
KlSgOEYdqcWpgqIGmSL6zbzO1OrLsNR1Co9/nmrH/4iP40Na39eHyatSbfg1FS9Q
Y8G4b5hU9JFgSeElJlAYUhuSlzMwxpeywyV/ESmcGsWPvzKxalPFJzRN/Po0o6fs
qITvsE4Fdf/pXbHa0599MxkATXrwEl5qEIWlieiNQyZ76uV2Fa3rtDUN8QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFN5zfFa/cjCfCmKQ5PlPxLUqMlswMB8GA1UdIwQY
MBaAFBp/A24lkjkftFo90zyvCweVaXPPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR244RGJpV1NPUi0wV2ozVFBLOExCNVZwYzg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC8yNGJlMWEtMTZkYS00ODFjLThiY2It
MzQwZDYyNWM2ZGJhLzEvM25OOFZyOXlNSjhLWXBEay1VX0V0U295V3pBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC8yNGJlMWEtMTZkYS00ODFjLThiY2ItMzQwZDYyNWM2ZGJh
LzEvR244RGJpV1NPUi0wV2ozVFBLOExCNVZwYzg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuWd4MA0E
AgACMAcDBQMqBivAMA0GCSqGSIb3DQEBCwUAA4IBAQAcVZn5TsxnXwW7mR7FgIEd
Sq1EIIHr3gsbLD1cLokWzfx/o2luygWYbqG+RzFST6hUFqyB0vbZPZ0TJTKCrOVK
Y8XwaMOn6sEuKDFuNvIHVb20Wyr/wDRGJD5bk28zwwdof3umjB3hLVkYUQY+5kQz
MjbOsavP+Au6aOjAYcFMtSIt99A2HOXcMibutEFuGdzVZCcjvv2F+Q1zkZ2Pmp3w
F7K1vtF4xr1ZyymOf0rbqf3zI+DJSGVF+JzyTrSEXK3772cQj+WGKR38dcvJnfib
czQ4+dxmXG0OFQqYhGdfRGNwH6orXxea/HQQbcmOsfBoWBm8SMtPXARqRx2//TOr
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:34:52 2025 by rpki-client