Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/973047-8914-41c6-a1e0-0ac7b7ede42b/1/7KG0GbPGVFkTk0VkSwUA7uBz5dY.roa
File: 7KG0GbPGVFkTk0VkSwUA7uBz5dY.roa (raw, json)
Hash identifier: rDugLdv+O3co+rC5AuQiSH2SBKw2voiO4JEg5Q8EOgQ=
Subject key identifier: EC:A1:B4:19:B3:C6:54:59:13:93:45:64:4B:05:00:EE:E0:73:E5:D6
Certificate issuer: /CN=a5b9df7e98f6f39fe2ba4022da277d2819828021
Certificate serial: 018CC3B727C55A1B976552D1D5D95C6C5780
Authority key identifier: A5:B9:DF:7E:98:F6:F3:9F:E2:BA:40:22:DA:27:7D:28:19:82:80:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pbnffpj285_iukAi2id9KBmCgCE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/973047-8914-41c6-a1e0-0ac7b7ede42b/1/7KG0GbPGVFkTk0VkSwUA7uBz5dY.roa
Signing time: Mon 01 Jan 2024 06:30:09 +0000
ROA not before: Mon 01 Jan 2024 06:30:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197019
IP address blocks: 37.157.192.0/21 maxlen: 24
46.28.104.223/32 maxlen: 32
89.221.208.0/20 maxlen: 24
185.8.236.0/22 maxlen: 24
31.31.72.0/21 maxlen: 24
46.28.104.0/21 maxlen: 24
2a02:2b88::/32 maxlen: 48
Validation: Failed, certificate revoked on Thu 18 Jan 2024 12:04:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b7:27:c5:5a:1b:97:65:52:d1:d5:d9:5c:6c:57:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a5b9df7e98f6f39fe2ba4022da277d2819828021
Validity
Not Before: Jan 1 06:30:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=eca1b419b3c65459139345644b0500eee073e5d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:55:64:91:59:2e:a9:30:ea:c7:00:a5:a8:15:
52:d3:2f:2b:f1:fa:e2:00:07:a1:e3:40:fe:d8:5e:
6d:06:4b:b9:db:c5:75:f8:6e:c6:fb:6c:f6:56:ef:
ff:e1:d8:5b:e3:31:54:57:ef:bf:e5:61:31:11:f3:
4a:d1:d1:0f:2b:59:e1:95:e2:fa:c0:cd:95:14:a9:
f9:1d:db:e0:23:ff:f4:b6:b6:09:d7:c3:fc:45:8f:
74:9d:47:2b:e9:63:13:cd:70:a3:4b:09:e7:cd:4f:
cc:bd:9d:0b:d5:a7:48:f1:c7:b9:fb:d9:98:da:9a:
24:1d:4b:f0:e5:24:11:2d:a9:83:12:90:d9:bb:99:
f8:73:e2:c8:62:f4:01:0c:4a:94:49:9b:55:55:30:
42:17:3a:ac:16:4d:b8:89:a0:59:24:a2:50:1e:91:
56:b8:e9:3f:3d:f3:78:7f:c0:1a:50:17:91:86:99:
b3:8e:44:80:7a:d2:2a:84:73:13:ad:76:d3:73:38:
f5:9f:b4:6a:71:af:10:af:fb:f0:7a:b9:66:55:3d:
6f:77:7a:6d:13:2a:9f:ab:e5:cd:a2:6a:16:7c:44:
ea:36:4c:c6:e7:e8:1c:85:6d:4a:56:5b:59:5f:d0:
e3:1a:a7:cb:98:28:58:07:29:55:3f:2f:63:08:b0:
32:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:A1:B4:19:B3:C6:54:59:13:93:45:64:4B:05:00:EE:E0:73:E5:D6
X509v3 Authority Key Identifier:
keyid:A5:B9:DF:7E:98:F6:F3:9F:E2:BA:40:22:DA:27:7D:28:19:82:80:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pbnffpj285_iukAi2id9KBmCgCE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/973047-8914-41c6-a1e0-0ac7b7ede42b/1/7KG0GbPGVFkTk0VkSwUA7uBz5dY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/973047-8914-41c6-a1e0-0ac7b7ede42b/1/pbnffpj285_iukAi2id9KBmCgCE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.31.72.0/21
37.157.192.0/21
46.28.104.0/21
89.221.208.0/20
185.8.236.0/22
IPv6:
2a02:2b88::/32
Signature Algorithm: sha256WithRSAEncryption
41:38:b8:a5:46:be:97:58:2c:5b:07:44:9c:c8:a4:1b:0d:a8:
ac:43:e2:19:5f:5e:38:1c:60:91:23:30:f0:a5:17:e2:5f:df:
7e:46:45:3e:7e:74:16:61:53:b9:26:49:5a:9a:08:21:9e:fb:
c2:79:24:80:94:76:75:e3:db:1c:ef:80:e1:ba:e5:33:b4:1e:
87:6e:f7:f5:1b:bc:30:32:cc:85:3d:67:5f:90:d4:19:cc:9f:
f4:4d:99:28:fb:fa:54:ee:1c:d1:45:34:c0:c3:31:3f:06:f8:
ee:28:b3:68:04:65:9f:1e:11:df:f0:d3:4f:71:ba:3e:79:19:
46:3d:7e:b9:e5:81:be:a1:60:d0:f1:d6:01:a9:62:01:49:36:
20:50:96:c5:ba:72:a5:f2:63:48:dc:64:28:c7:49:2e:d8:7b:
64:0f:c3:f0:68:4b:7b:e1:1d:af:b3:9d:4d:2a:78:13:e8:31:
ea:5f:ea:70:54:dd:9e:84:13:58:24:f6:93:3c:a3:f4:c1:cc:
07:29:42:60:0c:e1:2b:09:37:e3:fe:04:f8:88:13:1c:a6:a2:
7b:f3:75:73:bc:de:17:23:34:43:0f:55:42:94:a4:07:ff:d3:
6b:44:ef:b6:27:22:81:f0:bc:fa:ab:f5:a2:d6:ae:a0:35:d0:
58:55:86:ac
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYzDtyfFWhuXZVLR1dlcbFeAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1YjlkZjdlOThmNmYzOWZlMmJhNDAyMmRhMjc3ZDI4MTk4
MjgwMjEwHhcNMjQwMTAxMDYzMDA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlY2ExYjQxOWIzYzY1NDU5MTM5MzQ1NjQ0YjA1MDBlZWUwNzNlNWQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnVVkkVkuqTDqxwClqBVS0y8r8fri
AAeh40D+2F5tBku528V1+G7G+2z2Vu//4dhb4zFUV++/5WExEfNK0dEPK1nhleL6
wM2VFKn5HdvgI//0trYJ18P8RY90nUcr6WMTzXCjSwnnzU/MvZ0L1adI8ce5+9mY
2pokHUvw5SQRLamDEpDZu5n4c+LIYvQBDEqUSZtVVTBCFzqsFk24iaBZJKJQHpFW
uOk/PfN4f8AaUBeRhpmzjkSAetIqhHMTrXbTczj1n7Rqca8Qr/vwerlmVT1vd3pt
Eyqfq+XNomoWfETqNkzG5+gchW1KVltZX9DjGqfLmChYBylVPy9jCLAykwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFOyhtBmzxlRZE5NFZEsFAO7gc+XWMB8GA1UdIwQY
MBaAFKW5336Y9vOf4rpAItonfSgZgoAhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGJuZmZwajI4NV9pdWtBaTJpZDlLQm1DZ0NFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC85NzMwNDctODkxNC00MWM2LWExZTAt
MGFjN2I3ZWRlNDJiLzEvN0tHMEdiUEdWRmtUazBWa1N3VUE3dUJ6NWRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC85NzMwNDctODkxNC00MWM2LWExZTAtMGFjN2I3ZWRlNDJi
LzEvcGJuZmZwajI4NV9pdWtBaTJpZDlLQm1DZ0NFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQDHx9IAwQD
JZ3AAwQDLhxoAwQEWd3QAwQCuQjsMA0EAgACMAcDBQAqAiuIMA0GCSqGSIb3DQEB
CwUAA4IBAQBBOLilRr6XWCxbB0ScyKQbDaisQ+IZX144HGCRIzDwpRfiX99+RkU+
fnQWYVO5JklamgghnvvCeSSAlHZ149sc74DhuuUztB6Hbvf1G7wwMsyFPWdfkNQZ
zJ/0TZko+/pU7hzRRTTAwzE/BvjuKLNoBGWfHhHf8NNPcbo+eRlGPX655YG+oWDQ
8dYBqWIBSTYgUJbFunKl8mNI3GQox0ku2HtkD8PwaEt74R2vs51NKngT6DHqX+pw
VN2ehBNYJPaTPKP0wcwHKUJgDOErCTfj/gT4iBMcpqJ783VzvN4XIzRDD1VClKQH
/9NrRO+2JyKB8Lz6q/Wi1q6gNdBYVYas
-----END CERTIFICATE-----
Generated at Sat Apr 19 08:22:03 2025 by rpki-client