Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/dc76ff-2b35-42be-ab56-5df2de08b695/1/7dDQGw-dcFcI5ogEriPs0r5IlZM.roa
File: 7dDQGw-dcFcI5ogEriPs0r5IlZM.roa (raw, json)
Hash identifier: Vgf4tol51H8cbiE0rjMM+KL+AGkzMGQ4P2Qf1vYc0xY=
Subject key identifier: ED:D0:D0:1B:0F:9D:70:57:08:E6:88:04:AE:23:EC:D2:BE:48:95:93
Certificate issuer: /CN=37d6706a2e270cb486bb47243463ccbbf9f4d5ca
Certificate serial: 018CC8DD02CC28033E701EBA336A3DA2BE2F
Authority key identifier: 37:D6:70:6A:2E:27:0C:B4:86:BB:47:24:34:63:CC:BB:F9:F4:D5:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/N9Zwai4nDLSGu0ckNGPMu_n01co.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/dc76ff-2b35-42be-ab56-5df2de08b695/1/7dDQGw-dcFcI5ogEriPs0r5IlZM.roa
Signing time: Tue 02 Jan 2024 06:29:36 +0000
ROA not before: Tue 02 Jan 2024 06:29:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 188.116.35.0/24 maxlen: 24
185.206.120.0/24 maxlen: 24
2a10:a200::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 17:48:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:dd:02:cc:28:03:3e:70:1e:ba:33:6a:3d:a2:be:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=37d6706a2e270cb486bb47243463ccbbf9f4d5ca
Validity
Not Before: Jan 2 06:29:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=edd0d01b0f9d705708e68804ae23ecd2be489593
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:f1:61:db:b9:b1:7e:93:9d:f5:3d:a6:4f:bc:
27:6c:bf:02:02:15:f7:6d:20:ce:7d:55:e3:8a:b2:
00:26:8a:8f:10:85:87:cd:2f:bc:72:20:8f:30:6c:
60:59:d8:d8:3b:45:ab:1f:6d:44:ee:e7:5a:62:a9:
c9:81:6a:23:5f:ed:b0:6d:d4:18:64:e5:e4:8f:d4:
ad:31:25:0c:e0:79:49:b0:49:af:a6:a4:83:6e:3f:
2d:a0:01:4d:c5:f8:89:5e:f3:ed:89:55:ea:84:05:
1c:85:4e:e7:73:08:6f:00:02:3e:75:d9:b9:23:60:
cc:49:90:67:8e:ba:ce:93:fb:6d:0c:7c:d2:43:79:
91:db:f0:c1:1c:50:1d:42:87:f1:1a:47:c4:61:dc:
e9:e8:8f:38:57:f0:f9:80:59:7a:5f:4e:e7:a6:ea:
67:ff:5f:e6:47:6f:a1:7d:f6:7b:88:54:a0:cf:8e:
bb:dd:6c:43:fd:65:17:a0:ae:13:ae:d4:a6:41:90:
a3:55:e7:48:70:61:0a:e4:f2:f5:13:d3:57:d4:90:
ff:5e:d8:10:72:b8:35:34:a7:29:6d:79:9a:db:94:
29:0f:52:e2:4e:3a:e6:f7:c2:47:a1:0d:a3:6c:f3:
54:76:30:b2:39:3c:5f:73:81:f9:38:4f:93:c9:b5:
8a:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:D0:D0:1B:0F:9D:70:57:08:E6:88:04:AE:23:EC:D2:BE:48:95:93
X509v3 Authority Key Identifier:
keyid:37:D6:70:6A:2E:27:0C:B4:86:BB:47:24:34:63:CC:BB:F9:F4:D5:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N9Zwai4nDLSGu0ckNGPMu_n01co.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/dc76ff-2b35-42be-ab56-5df2de08b695/1/7dDQGw-dcFcI5ogEriPs0r5IlZM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/dc76ff-2b35-42be-ab56-5df2de08b695/1/N9Zwai4nDLSGu0ckNGPMu_n01co.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.206.120.0/24
188.116.35.0/24
IPv6:
2a10:a200::/48
Signature Algorithm: sha256WithRSAEncryption
11:e2:68:57:74:e7:a7:57:04:84:0c:3e:34:dd:fc:f8:e7:a6:
d4:37:ee:ed:10:a3:a0:5d:af:03:60:79:6e:b2:81:33:c6:25:
a1:84:a2:4c:21:83:c1:39:65:87:12:bb:93:57:89:dc:88:30:
7a:5c:0c:be:3e:a3:d4:12:7b:2a:26:7a:e2:77:e9:aa:65:77:
73:a8:17:d0:de:b7:51:6d:0a:ce:61:5c:3a:81:35:15:1f:ea:
ae:27:fd:2b:26:25:f4:f2:0d:be:e2:8d:b4:de:b4:6b:99:65:
f6:17:fa:5c:08:dc:2f:01:e0:39:82:32:f7:20:12:e3:ee:99:
47:4e:d8:2e:ce:98:e1:33:51:ed:41:31:01:d0:57:8c:4b:5d:
2e:d8:39:a3:49:8e:3a:b2:49:53:9c:ea:e4:1e:e4:43:f0:b4:
51:1f:01:51:28:35:3e:c6:0b:24:e4:8c:b7:d5:48:fc:40:89:
48:32:0b:fc:23:3d:2a:83:fe:3d:63:0f:c2:51:2a:0a:dd:00:
a9:eb:5b:67:30:f8:25:81:e0:23:35:d6:cf:95:0c:2a:0f:6c:
bf:bc:6a:97:03:11:bd:0a:53:d0:c0:7d:9e:e0:6a:8c:29:f2:
5d:35:91:24:ef:f1:39:04:16:82:30:4a:49:ce:05:24:2f:ac:
3a:0e:52:e1
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYzI3QLMKAM+cB66M2o9or4vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3ZDY3MDZhMmUyNzBjYjQ4NmJiNDcyNDM0NjNjY2JiZjlm
NGQ1Y2EwHhcNMjQwMTAyMDYyOTM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZGQwZDAxYjBmOWQ3MDU3MDhlNjg4MDRhZTIzZWNkMmJlNDg5NTkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlPFh27mxfpOd9T2mT7wnbL8CAhX3
bSDOfVXjirIAJoqPEIWHzS+8ciCPMGxgWdjYO0WrH21E7udaYqnJgWojX+2wbdQY
ZOXkj9StMSUM4HlJsEmvpqSDbj8toAFNxfiJXvPtiVXqhAUchU7ncwhvAAI+ddm5
I2DMSZBnjrrOk/ttDHzSQ3mR2/DBHFAdQofxGkfEYdzp6I84V/D5gFl6X07npupn
/1/mR2+hffZ7iFSgz4673WxD/WUXoK4TrtSmQZCjVedIcGEK5PL1E9NX1JD/XtgQ
crg1NKcpbXma25QpD1LiTjrm98JHoQ2jbPNUdjCyOTxfc4H5OE+TybWKEwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFO3Q0BsPnXBXCOaIBK4j7NK+SJWTMB8GA1UdIwQY
MBaAFDfWcGouJwy0hrtHJDRjzLv59NXKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTjlad2FpNG5ETFNHdTBja05HUE11X24wMWNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi9kYzc2ZmYtMmIzNS00MmJlLWFiNTYt
NWRmMmRlMDhiNjk1LzEvN2REUUd3LWRjRmNJNW9nRXJpUHMwcjVJbFpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi9kYzc2ZmYtMmIzNS00MmJlLWFiNTYtNWRmMmRlMDhiNjk1
LzEvTjlad2FpNG5ETFNHdTBja05HUE11X24wMWNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAuc54AwQA
vHQjMA8EAgACMAkDBwAqEKIAAAAwDQYJKoZIhvcNAQELBQADggEBABHiaFd056dX
BIQMPjTd/PjnptQ37u0Qo6BdrwNgeW6ygTPGJaGEokwhg8E5ZYcSu5NXidyIMHpc
DL4+o9QSeyomeuJ36apld3OoF9Det1FtCs5hXDqBNRUf6q4n/SsmJfTyDb7ijbTe
tGuZZfYX+lwI3C8B4DmCMvcgEuPumUdO2C7OmOEzUe1BMQHQV4xLXS7YOaNJjjqy
SVOc6uQe5EPwtFEfAVEoNT7GCyTkjLfVSPxAiUgyC/wjPSqD/j1jD8JRKgrdAKnr
W2cw+CWB4CM11s+VDCoPbL+8apcDEb0KU9DAfZ7gaowp8l01kSTv8TkEFoIwSknO
BSQvrDoOUuE=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:30:47 2025 by rpki-client