Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/710934-304b-4f5f-950e-12e8276fdac4/1/r7z6olnPWlBi0_3wfgylRwLJgVk.roa
File: r7z6olnPWlBi0_3wfgylRwLJgVk.roa (raw, json)
Hash identifier: gQ6+aVXbiPyTYwF0bT3sgXvVHRExvAayKqSoRRXyuyw=
Subject key identifier: AF:BC:FA:A2:59:CF:5A:50:62:D3:FD:F0:7E:0C:A5:47:02:C9:81:59
Certificate issuer: /CN=987277fc47d848fa5634ce8031a174fc249fa673
Certificate serial: 01946556232DD71935B250050AAD05CABB25
Authority key identifier: 98:72:77:FC:47:D8:48:FA:56:34:CE:80:31:A1:74:FC:24:9F:A6:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mHJ3_EfYSPpWNM6AMaF0_CSfpnM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/710934-304b-4f5f-950e-12e8276fdac4/1/r7z6olnPWlBi0_3wfgylRwLJgVk.roa
Signing time: Tue 14 Jan 2025 15:02:11 +0000
ROA not before: Tue 14 Jan 2025 15:02:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206190
IP address blocks: 185.194.8.0/23 maxlen: 23
185.194.8.0/24 maxlen: 24
185.194.9.0/24 maxlen: 24
185.194.10.0/23 maxlen: 23
185.194.10.0/24 maxlen: 24
185.194.11.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 28 Jan 2025 13:22:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:65:56:23:2d:d7:19:35:b2:50:05:0a:ad:05:ca:bb:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=987277fc47d848fa5634ce8031a174fc249fa673
Validity
Not Before: Jan 14 15:02:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=afbcfaa259cf5a5062d3fdf07e0ca54702c98159
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:cc:e9:9c:c4:0e:57:08:2d:bc:c0:51:4d:eb:
59:5d:d6:34:96:c3:7b:5d:cc:1f:3b:ee:87:31:62:
98:9f:9b:b1:16:e1:a6:5a:cb:3f:c3:ad:f9:10:52:
b5:36:f3:6f:bf:14:6a:fb:27:3c:2d:0e:ae:9d:3a:
63:ee:ab:36:cc:1c:f9:c2:81:8d:a2:0f:3f:3a:22:
aa:4c:6d:bc:21:7d:4a:8a:6e:f3:71:72:c1:34:8a:
a5:7d:79:28:60:5e:33:5e:68:99:e9:d0:69:1d:96:
44:2b:ba:32:93:cf:83:4f:73:60:ba:af:03:83:a9:
fa:d5:4f:0c:b7:16:0b:98:bd:7a:f3:43:cd:9e:fb:
53:17:8a:f1:3d:ec:88:cc:11:06:d7:ff:4d:2e:43:
3c:f4:9a:86:55:c2:fb:3f:14:ff:3e:2a:45:c3:37:
92:2c:f5:44:e7:ac:06:12:75:4e:22:ac:86:75:4b:
ce:2b:14:39:c7:04:1c:58:11:5b:b2:d5:8d:1e:5b:
fc:00:e1:f6:aa:b6:0e:81:08:64:93:f2:ef:7d:62:
bc:b8:7c:c4:b0:fb:93:4a:78:6d:f4:ff:d9:a3:ad:
5f:b1:ff:5a:e2:b6:10:8a:2b:87:a4:25:f9:5d:71:
19:ae:5a:2d:f8:a1:7d:4e:43:29:22:41:6c:09:fe:
f3:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:BC:FA:A2:59:CF:5A:50:62:D3:FD:F0:7E:0C:A5:47:02:C9:81:59
X509v3 Authority Key Identifier:
keyid:98:72:77:FC:47:D8:48:FA:56:34:CE:80:31:A1:74:FC:24:9F:A6:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mHJ3_EfYSPpWNM6AMaF0_CSfpnM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/710934-304b-4f5f-950e-12e8276fdac4/1/r7z6olnPWlBi0_3wfgylRwLJgVk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/710934-304b-4f5f-950e-12e8276fdac4/1/mHJ3_EfYSPpWNM6AMaF0_CSfpnM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.194.8.0/22
Signature Algorithm: sha256WithRSAEncryption
5a:76:04:dc:fb:d1:5e:24:68:5d:2d:b1:4e:a7:5c:a9:ea:ca:
24:9c:41:74:1d:83:40:0b:cf:a1:98:b9:a3:c7:7f:cc:ba:aa:
16:23:00:8f:12:8a:22:85:49:a5:6f:c5:e9:c2:10:d1:fe:71:
94:f8:29:d9:5d:25:8b:46:c2:f1:c5:eb:dd:ec:97:71:e7:35:
f1:d5:3d:5d:5f:a7:22:ab:4d:ee:8e:11:fe:15:84:14:42:fc:
89:6e:76:8b:e8:a3:c9:52:02:7c:c4:de:02:27:12:1a:da:c0:
ad:24:52:88:e1:f3:e3:c5:56:46:18:89:e1:ee:5f:75:a3:07:
ac:60:e1:ab:f2:6c:ce:1d:97:51:b9:07:d1:f2:ee:fe:ba:96:
01:09:3a:a7:d0:46:e1:45:0b:fa:03:1f:ac:3e:dd:b5:69:9d:
bd:9d:8b:e2:14:eb:e3:c5:a8:c2:a9:eb:00:c2:81:da:bc:c5:
32:d2:a1:48:1b:55:9d:32:2b:28:a2:a2:a5:c3:7b:e1:76:35:
40:15:f9:65:8a:47:cf:87:2f:fd:76:11:08:fc:8d:41:5a:8e:
0b:2f:5a:9f:9c:3e:97:b4:8b:3c:ef:ec:72:a7:b0:4a:01:a7:
aa:dd:0b:38:c3:a2:5f:94:62:2c:8a:b6:ac:49:d0:59:26:ae:
2c:ab:e2:09
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZRlViMt1xk1slAFCq0FyrslMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4NzI3N2ZjNDdkODQ4ZmE1NjM0Y2U4MDMxYTE3NGZjMjQ5
ZmE2NzMwHhcNMjUwMTE0MTUwMjExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZmJjZmFhMjU5Y2Y1YTUwNjJkM2ZkZjA3ZTBjYTU0NzAyYzk4MTU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoczpnMQOVwgtvMBRTetZXdY0lsN7
XcwfO+6HMWKYn5uxFuGmWss/w635EFK1NvNvvxRq+yc8LQ6unTpj7qs2zBz5woGN
og8/OiKqTG28IX1Kim7zcXLBNIqlfXkoYF4zXmiZ6dBpHZZEK7oyk8+DT3Nguq8D
g6n61U8MtxYLmL1680PNnvtTF4rxPeyIzBEG1/9NLkM89JqGVcL7PxT/PipFwzeS
LPVE56wGEnVOIqyGdUvOKxQ5xwQcWBFbstWNHlv8AOH2qrYOgQhkk/LvfWK8uHzE
sPuTSnht9P/Zo61fsf9a4rYQiiuHpCX5XXEZrlot+KF9TkMpIkFsCf7zKwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK+8+qJZz1pQYtP98H4MpUcCyYFZMB8GA1UdIwQY
MBaAFJhyd/xH2Ej6VjTOgDGhdPwkn6ZzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUhKM19FZllTUHBXTk02QU1hRjBfQ1NmcG5NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi83MTA5MzQtMzA0Yi00ZjVmLTk1MGUt
MTJlODI3NmZkYWM0LzEvcjd6Nm9sblBXbEJpMF8zd2ZneWxSd0xKZ1ZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi83MTA5MzQtMzA0Yi00ZjVmLTk1MGUtMTJlODI3NmZkYWM0
LzEvbUhKM19FZllTUHBXTk02QU1hRjBfQ1NmcG5NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCucIIMA0G
CSqGSIb3DQEBCwUAA4IBAQBadgTc+9FeJGhdLbFOp1yp6soknEF0HYNAC8+hmLmj
x3/MuqoWIwCPEooihUmlb8XpwhDR/nGU+CnZXSWLRsLxxevd7Jdx5zXx1T1dX6ci
q03ujhH+FYQUQvyJbnaL6KPJUgJ8xN4CJxIa2sCtJFKI4fPjxVZGGInh7l91owes
YOGr8mzOHZdRuQfR8u7+upYBCTqn0EbhRQv6Ax+sPt21aZ29nYviFOvjxajCqesA
woHavMUy0qFIG1WdMisooqKlw3vhdjVAFfllikfPhy/9dhEI/I1BWo4LL1qfnD6X
tIs87+xyp7BKAaeq3Qs4w6JflGIsirasSdBZJq4sq+IJ
-----END CERTIFICATE-----
Generated at Fri Apr 18 00:03:38 2025 by rpki-client