Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/fd6070-9e0b-433a-8a75-7f73a4671a1e/1/sokPXsQjqakTtocG5TR2TfBlkkc.roa
File: sokPXsQjqakTtocG5TR2TfBlkkc.roa (raw, json)
Hash identifier: Bwd3W6JTpDkJhn7hNs5BBypXqW4HUDq5FUSwer4+uFc=
Subject key identifier: B2:89:0F:5E:C4:23:A9:A9:13:B6:87:06:E5:34:76:4D:F0:65:92:47
Certificate issuer: /CN=613d5e1379fea9d1d0f7256ed0fc9183be74fefb
Certificate serial: 018CC793EFF6BE3F93DD56FE48F0D7194C8D
Authority key identifier: 61:3D:5E:13:79:FE:A9:D1:D0:F7:25:6E:D0:FC:91:83:BE:74:FE:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YT1eE3n-qdHQ9yVu0PyRg750_vs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/fd6070-9e0b-433a-8a75-7f73a4671a1e/1/sokPXsQjqakTtocG5TR2TfBlkkc.roa
Signing time: Tue 02 Jan 2024 00:30:10 +0000
ROA not before: Tue 02 Jan 2024 00:30:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207335
IP address blocks: 185.106.133.0/24 maxlen: 24
2a10:1380::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 02 Jan 2025 03:49:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:93:ef:f6:be:3f:93:dd:56:fe:48:f0:d7:19:4c:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=613d5e1379fea9d1d0f7256ed0fc9183be74fefb
Validity
Not Before: Jan 2 00:30:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b2890f5ec423a9a913b68706e534764df0659247
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:c4:27:9d:01:5c:7f:18:ef:7b:56:0b:7e:9e:
8d:4f:50:c1:5a:d2:60:b3:98:45:81:c1:31:a4:7e:
14:40:98:0b:97:37:1b:a0:a0:cf:33:52:00:a3:85:
a2:07:47:88:e3:3f:82:58:03:1d:39:c4:6b:1f:2c:
29:e2:1f:12:8f:f4:17:8d:c4:a7:b5:fe:a4:a0:ea:
1f:e1:75:b6:ab:8d:79:37:be:32:3c:0c:d8:dd:2b:
1d:ca:4d:d5:8f:f3:fc:4c:a2:59:2c:e9:bb:4b:e1:
e3:4b:31:e3:9f:53:9f:21:3f:fc:c5:e6:d6:8b:a9:
94:23:fb:d9:1a:3a:e4:f5:c1:3a:5e:b0:04:30:f8:
9d:c5:44:11:95:86:4a:7d:24:b9:76:b0:7a:72:9d:
bd:9b:3d:12:ba:0f:2b:01:0d:05:1e:1d:9c:1d:1d:
1d:56:4a:2e:71:6c:33:33:05:17:ca:c6:77:52:98:
5e:e9:69:1f:37:1e:37:73:46:0b:d7:e3:79:44:d1:
ea:9e:63:aa:6f:67:e8:81:73:11:45:c7:4e:5c:10:
a0:ea:ab:18:df:e9:cb:82:a1:9f:bc:72:23:c0:0f:
f9:de:94:e1:d5:56:dd:3a:89:55:7e:f7:7f:5e:08:
3b:cb:f0:9f:ef:ef:09:68:b1:e3:46:6d:46:f8:ea:
84:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:89:0F:5E:C4:23:A9:A9:13:B6:87:06:E5:34:76:4D:F0:65:92:47
X509v3 Authority Key Identifier:
keyid:61:3D:5E:13:79:FE:A9:D1:D0:F7:25:6E:D0:FC:91:83:BE:74:FE:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YT1eE3n-qdHQ9yVu0PyRg750_vs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/fd6070-9e0b-433a-8a75-7f73a4671a1e/1/sokPXsQjqakTtocG5TR2TfBlkkc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/fd6070-9e0b-433a-8a75-7f73a4671a1e/1/YT1eE3n-qdHQ9yVu0PyRg750_vs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.106.133.0/24
IPv6:
2a10:1380::/29
Signature Algorithm: sha256WithRSAEncryption
ea:67:ae:fa:e3:a3:cc:0f:3a:54:53:1d:b6:70:d2:9f:cb:64:
3e:fd:78:08:1f:f2:0c:48:f4:71:b9:af:36:f5:c1:b8:cd:35:
5f:d4:d8:32:59:9a:14:7a:74:4d:df:d7:2f:cb:f9:f6:20:81:
55:08:b9:e3:85:d2:31:41:d3:82:04:88:41:c9:7c:7b:f7:73:
d3:d6:36:35:4e:66:35:f2:8a:65:b7:d1:9a:a4:bf:2a:65:b2:
a4:dc:9a:bf:73:38:6c:28:9f:e6:51:95:9f:22:26:6b:be:24:
fc:c8:7f:f1:66:e5:2a:e2:e0:5c:6e:32:70:af:86:8d:70:91:
69:57:0d:89:c5:b4:f4:66:b7:bc:92:d3:6b:ec:74:97:9f:1a:
cc:47:cf:5f:83:af:71:db:6d:87:a9:ef:18:76:f3:69:c3:c3:
77:c7:39:a9:6c:45:b7:46:1b:98:95:3b:c6:67:e0:f6:a4:ba:
0c:06:a4:24:56:8c:8b:88:7b:0e:68:6c:30:aa:f3:3f:cb:5c:
76:65:f8:01:2a:80:97:51:bf:e4:6d:75:54:64:0a:0c:1c:5e:
20:23:7d:d3:fa:d8:54:b9:4e:03:be:32:69:1e:d0:69:aa:c5:
33:cd:16:04:18:3a:dd:5f:ad:19:37:2d:13:8d:c0:48:0a:f1:
d3:f6:b2:15
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzHk+/2vj+T3Vb+SPDXGUyNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxM2Q1ZTEzNzlmZWE5ZDFkMGY3MjU2ZWQwZmM5MTgzYmU3
NGZlZmIwHhcNMjQwMTAyMDAzMDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjg5MGY1ZWM0MjNhOWE5MTNiNjg3MDZlNTM0NzY0ZGYwNjU5MjQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhcQnnQFcfxjve1YLfp6NT1DBWtJg
s5hFgcExpH4UQJgLlzcboKDPM1IAo4WiB0eI4z+CWAMdOcRrHywp4h8Sj/QXjcSn
tf6koOof4XW2q415N74yPAzY3Ssdyk3Vj/P8TKJZLOm7S+HjSzHjn1OfIT/8xebW
i6mUI/vZGjrk9cE6XrAEMPidxUQRlYZKfSS5drB6cp29mz0Sug8rAQ0FHh2cHR0d
VkoucWwzMwUXysZ3Uphe6WkfNx43c0YL1+N5RNHqnmOqb2fogXMRRcdOXBCg6qsY
3+nLgqGfvHIjwA/53pTh1VbdOolVfvd/Xgg7y/Cf7+8JaLHjRm1G+OqECwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLKJD17EI6mpE7aHBuU0dk3wZZJHMB8GA1UdIwQY
MBaAFGE9XhN5/qnR0PclbtD8kYO+dP77MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVQxZUUzbi1xZEhROXlWdTBQeVJnNzUwX3ZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS9mZDYwNzAtOWUwYi00MzNhLThhNzUt
N2Y3M2E0NjcxYTFlLzEvc29rUFhzUWpxYWtUdG9jRzVUUjJUZkJsa2tjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS9mZDYwNzAtOWUwYi00MzNhLThhNzUtN2Y3M2E0NjcxYTFl
LzEvWVQxZUUzbi1xZEhROXlWdTBQeVJnNzUwX3ZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuWqFMA0E
AgACMAcDBQMqEBOAMA0GCSqGSIb3DQEBCwUAA4IBAQDqZ67646PMDzpUUx22cNKf
y2Q+/XgIH/IMSPRxua829cG4zTVf1NgyWZoUenRN39cvy/n2IIFVCLnjhdIxQdOC
BIhByXx793PT1jY1TmY18oplt9GapL8qZbKk3Jq/czhsKJ/mUZWfIiZrviT8yH/x
ZuUq4uBcbjJwr4aNcJFpVw2JxbT0Zre8ktNr7HSXnxrMR89fg69x222Hqe8YdvNp
w8N3xzmpbEW3RhuYlTvGZ+D2pLoMBqQkVoyLiHsOaGwwqvM/y1x2ZfgBKoCXUb/k
bXVUZAoMHF4gI33T+thUuU4DvjJpHtBpqsUzzRYEGDrdX60ZNy0TjcBICvHT9rIV
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:33:25 2025 by rpki-client