Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/303105-e7c8-4a44-a181-cb40ee048dc0/1/c7GHjUXvP8btIvcml4LcD4VkYOM.roa
File: c7GHjUXvP8btIvcml4LcD4VkYOM.roa (raw, json)
Hash identifier: lgKa9wCtaIjipobvxaCb69zyYXCluB6896+GR28i1Y4=
Subject key identifier: 73:B1:87:8D:45:EF:3F:C6:ED:22:F7:26:97:82:DC:0F:85:64:60:E3
Certificate issuer: /CN=a07dcb6db9a75c1017fee672f73b961771b77ca1
Certificate serial: 018CCA29827D38BB8325074AE0F73A6C33AA
Authority key identifier: A0:7D:CB:6D:B9:A7:5C:10:17:FE:E6:72:F7:3B:96:17:71:B7:7C:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oH3LbbmnXBAX_uZy9zuWF3G3fKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/303105-e7c8-4a44-a181-cb40ee048dc0/1/c7GHjUXvP8btIvcml4LcD4VkYOM.roa
Signing time: Tue 02 Jan 2024 12:32:47 +0000
ROA not before: Tue 02 Jan 2024 12:32:47 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212472
IP address blocks: 31.12.72.0/24 maxlen: 24
213.163.252.0/23 maxlen: 24
2a12:acc0::/29 maxlen: 32
Validation: Failed, certificate revoked on Wed 01 Jan 2025 05:48:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:29:82:7d:38:bb:83:25:07:4a:e0:f7:3a:6c:33:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a07dcb6db9a75c1017fee672f73b961771b77ca1
Validity
Not Before: Jan 2 12:32:47 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=73b1878d45ef3fc6ed22f7269782dc0f856460e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:87:50:75:1e:98:ec:08:23:79:4f:95:69:40:
d1:ab:35:ef:71:9a:f8:09:c2:7a:8f:2a:6a:f8:6a:
56:e1:0b:a1:29:b1:42:02:19:4a:70:dc:d2:d2:96:
32:7a:aa:03:01:bb:4e:86:32:da:d9:d3:96:2e:fb:
d3:3f:55:c6:6a:64:fa:c0:5f:d1:7e:f4:fb:73:99:
fe:4a:1d:93:7b:e1:c5:12:1d:27:88:7b:df:3f:84:
6d:26:8f:38:2e:b3:e4:f3:10:13:26:0e:36:9b:24:
05:75:29:de:72:9d:69:a3:b2:d5:99:91:ba:94:15:
ae:d7:c2:4e:be:ea:3f:9b:50:64:c5:46:f0:ed:45:
ea:cc:00:fa:b5:a8:e5:1c:a2:26:da:f0:18:fd:56:
a8:72:f4:43:26:75:3b:cd:5b:16:f3:d6:a6:1d:7c:
e0:71:45:72:1b:29:39:ec:63:f1:84:fa:cd:16:45:
89:e1:29:e4:2a:a9:8f:f0:67:0f:b5:4c:96:1a:04:
bd:bd:39:7c:27:20:8a:b2:38:60:77:8e:66:82:c1:
22:34:51:c4:29:c1:bf:39:2a:db:d5:5c:0f:5e:65:
44:65:e2:75:2c:a1:b7:e0:c9:e2:76:19:a1:03:2f:
79:8f:39:af:95:f7:1a:07:a6:ae:1a:7a:b2:d5:f2:
5e:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:B1:87:8D:45:EF:3F:C6:ED:22:F7:26:97:82:DC:0F:85:64:60:E3
X509v3 Authority Key Identifier:
keyid:A0:7D:CB:6D:B9:A7:5C:10:17:FE:E6:72:F7:3B:96:17:71:B7:7C:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oH3LbbmnXBAX_uZy9zuWF3G3fKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/303105-e7c8-4a44-a181-cb40ee048dc0/1/c7GHjUXvP8btIvcml4LcD4VkYOM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/303105-e7c8-4a44-a181-cb40ee048dc0/1/oH3LbbmnXBAX_uZy9zuWF3G3fKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.12.72.0/24
213.163.252.0/23
IPv6:
2a12:acc0::/29
Signature Algorithm: sha256WithRSAEncryption
05:60:b0:11:50:17:3b:21:13:31:4d:ea:ec:5f:f8:33:dd:c6:
cf:29:50:96:58:a5:25:9f:1a:4f:e5:54:41:cc:14:46:38:3e:
32:e9:28:af:96:73:56:cd:fa:a1:2e:ad:23:aa:48:cd:57:df:
42:9f:1b:49:c1:44:fe:de:b6:df:48:06:81:d7:13:5d:1e:3e:
f5:a7:4f:91:b3:65:28:a6:86:66:f2:e0:f3:ac:71:c7:b0:a8:
0c:42:7c:57:ca:45:9f:e7:23:e6:d7:90:e9:b9:1b:09:35:84:
53:58:70:64:91:9d:14:b1:bd:f6:d4:a3:db:e1:72:64:98:93:
8d:ad:a5:b1:3b:83:29:e5:18:f9:93:11:2a:bc:9f:47:bd:8a:
37:60:ef:ba:44:f9:9e:95:b5:03:a4:33:6a:54:c2:69:10:60:
b7:bd:36:92:80:bd:ed:9a:ca:59:fa:1c:58:4f:c5:d3:44:15:
05:5f:07:9a:32:c1:63:c4:a8:c5:08:73:eb:7f:6b:b2:0f:28:
15:b9:8d:18:5a:6c:d1:81:05:bb:03:84:4f:7f:6f:73:35:c8:
ec:9a:bc:d5:3e:cf:e8:33:3f:9a:27:27:4c:4e:e5:06:fe:60:
2a:85:62:24:82:d4:f0:2b:cd:e0:84:8d:51:60:a5:cb:35:35:
f5:e7:f0:39
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzKKYJ9OLuDJQdK4Pc6bDOqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwN2RjYjZkYjlhNzVjMTAxN2ZlZTY3MmY3M2I5NjE3NzFi
NzdjYTEwHhcNMjQwMTAyMTIzMjQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3M2IxODc4ZDQ1ZWYzZmM2ZWQyMmY3MjY5NzgyZGMwZjg1NjQ2MGUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjodQdR6Y7AgjeU+VaUDRqzXvcZr4
CcJ6jypq+GpW4QuhKbFCAhlKcNzS0pYyeqoDAbtOhjLa2dOWLvvTP1XGamT6wF/R
fvT7c5n+Sh2Te+HFEh0niHvfP4RtJo84LrPk8xATJg42myQFdSnecp1po7LVmZG6
lBWu18JOvuo/m1BkxUbw7UXqzAD6tajlHKIm2vAY/VaocvRDJnU7zVsW89amHXzg
cUVyGyk57GPxhPrNFkWJ4SnkKqmP8GcPtUyWGgS9vTl8JyCKsjhgd45mgsEiNFHE
KcG/OSrb1VwPXmVEZeJ1LKG34MnidhmhAy95jzmvlfcaB6auGnqy1fJePQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFHOxh41F7z/G7SL3JpeC3A+FZGDjMB8GA1UdIwQY
MBaAFKB9y225p1wQF/7mcvc7lhdxt3yhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0gzTGJibW5YQkFYX3VaeTl6dVdGM0czZktFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS8zMDMxMDUtZTdjOC00YTQ0LWExODEt
Y2I0MGVlMDQ4ZGMwLzEvYzdHSGpVWHZQOGJ0SXZjbWw0TGNENFZrWU9NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS8zMDMxMDUtZTdjOC00YTQ0LWExODEtY2I0MGVlMDQ4ZGMw
LzEvb0gzTGJibW5YQkFYX3VaeTl6dVdGM0czZktFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAHwxIAwQB
1aP8MA0EAgACMAcDBQMqEqzAMA0GCSqGSIb3DQEBCwUAA4IBAQAFYLARUBc7IRMx
TersX/gz3cbPKVCWWKUlnxpP5VRBzBRGOD4y6SivlnNWzfqhLq0jqkjNV99CnxtJ
wUT+3rbfSAaB1xNdHj71p0+Rs2UopoZm8uDzrHHHsKgMQnxXykWf5yPm15DpuRsJ
NYRTWHBkkZ0Usb321KPb4XJkmJONraWxO4Mp5Rj5kxEqvJ9HvYo3YO+6RPmelbUD
pDNqVMJpEGC3vTaSgL3tmspZ+hxYT8XTRBUFXweaMsFjxKjFCHPrf2uyDygVuY0Y
WmzRgQW7A4RPf29zNcjsmrzVPs/oMz+aJydMTuUG/mAqhWIkgtTwK83ghI1RYKXL
NTX15/A5
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:51:14 2025 by rpki-client