Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/d79c98-c27d-45b3-86d9-dad3bb13c0a2/1/fFhUa9vOAVU-gioxc4cJj3BCWxs.roa
File: fFhUa9vOAVU-gioxc4cJj3BCWxs.roa (raw, json)
Hash identifier: xK7WXDb1ry0VJqLydVKkgq0PO3LJ40tD+vR4H8dIBiQ=
Subject key identifier: 7C:58:54:6B:DB:CE:01:55:3E:82:2A:31:73:87:09:8F:70:42:5B:1B
Certificate issuer: /CN=d79da465615c60094370833892da84c886e1c4ef
Certificate serial: 01931AB8ABD59B0635F8C3EC8F5D2B9F9F15
Authority key identifier: D7:9D:A4:65:61:5C:60:09:43:70:83:38:92:DA:84:C8:86:E1:C4:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/152kZWFcYAlDcIM4ktqEyIbhxO8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/d79c98-c27d-45b3-86d9-dad3bb13c0a2/1/fFhUa9vOAVU-gioxc4cJj3BCWxs.roa
Signing time: Mon 11 Nov 2024 10:15:30 +0000
ROA not before: Mon 11 Nov 2024 10:15:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 185.1.186.0/24 maxlen: 24
185.1.231.0/24 maxlen: 24
185.188.83.0/24 maxlen: 24
217.29.64.0/21 maxlen: 21
217.29.66.0/23 maxlen: 23
217.29.68.0/23 maxlen: 23
2001:7f8:b:100::/64 maxlen: 64
2001:7f8:b:101::/64 maxlen: 64
2001:7f8:101:7::/64 maxlen: 64
2001:7f8:101:13::/64 maxlen: 64
2001:7f8:101:14::/64 maxlen: 64
Validation: Failed, certificate revoked on Mon 11 Nov 2024 10:29:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:1a:b8:ab:d5:9b:06:35:f8:c3:ec:8f:5d:2b:9f:9f:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d79da465615c60094370833892da84c886e1c4ef
Validity
Not Before: Nov 11 10:15:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7c58546bdbce01553e822a317387098f70425b1b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:da:c8:c5:fc:52:c6:20:d3:a2:df:ac:e8:b2:
07:7b:43:23:57:eb:d0:b1:2f:83:5f:1d:77:c2:3a:
5e:01:69:32:97:f1:a4:17:fa:95:58:d8:a9:91:27:
bf:43:a1:d0:85:fa:73:51:63:6a:16:73:8b:27:5a:
a2:5e:e4:e8:38:c5:e0:ab:54:aa:87:2e:cd:0a:81:
1c:32:63:f3:17:f1:7b:1b:0c:e0:4d:08:36:4c:23:
2d:ba:88:f6:11:f8:d7:6a:4b:0c:2c:13:64:7b:ca:
9c:ae:11:9e:c8:45:b5:02:63:14:f7:4c:8f:b2:2c:
f7:82:25:9a:43:3e:0d:a5:d3:50:53:51:a8:51:51:
cb:d4:14:bc:97:c2:27:a7:f9:a6:59:93:be:3c:0e:
08:55:58:3c:ce:12:30:b0:a3:6c:0e:b2:06:1b:38:
de:1d:c3:9d:69:32:38:e5:57:67:fc:b6:87:ca:84:
fe:b3:fa:f0:18:23:5d:de:6b:77:4e:d2:7d:b4:b6:
82:d3:55:0a:16:10:5e:30:50:4f:ec:0b:18:59:c9:
14:a2:d5:1e:0e:a6:51:ce:5c:7d:63:0d:93:dc:10:
dc:27:ab:c0:6a:6b:5c:30:fe:4a:8b:f3:62:10:b2:
8d:ae:d2:58:26:51:42:28:c2:e8:73:44:96:13:c0:
62:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:58:54:6B:DB:CE:01:55:3E:82:2A:31:73:87:09:8F:70:42:5B:1B
X509v3 Authority Key Identifier:
keyid:D7:9D:A4:65:61:5C:60:09:43:70:83:38:92:DA:84:C8:86:E1:C4:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/152kZWFcYAlDcIM4ktqEyIbhxO8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/d79c98-c27d-45b3-86d9-dad3bb13c0a2/1/fFhUa9vOAVU-gioxc4cJj3BCWxs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/d79c98-c27d-45b3-86d9-dad3bb13c0a2/1/152kZWFcYAlDcIM4ktqEyIbhxO8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.1.186.0/24
185.1.231.0/24
185.188.83.0/24
217.29.64.0/21
IPv6:
2001:7f8:b:100::/63
2001:7f8:101:7::/64
2001:7f8:101:13::-2001:7f8:101:14:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
39:2d:c4:79:f5:5a:48:dc:45:d5:98:88:fd:94:46:39:28:c4:
9f:2e:66:79:74:9e:01:32:6b:e8:6b:4d:75:39:c3:e1:64:43:
d8:64:12:30:41:b3:b0:e9:8e:a4:10:46:86:f1:55:c8:47:11:
30:b1:bc:41:79:57:ed:8b:91:02:26:ba:d6:74:a7:51:28:d6:
3a:a8:37:2e:ed:9b:94:c0:35:b0:35:ef:84:f4:e4:06:68:86:
70:82:58:f4:c8:f0:ef:8f:be:93:d9:4f:dd:16:92:ce:dc:68:
f1:5c:34:08:f3:fe:34:8a:28:e5:6d:4b:dc:fe:98:83:b0:7f:
5a:49:26:b6:c3:89:73:2c:e3:89:11:92:26:d4:73:a2:78:43:
5a:a8:83:39:3d:50:f5:62:bd:bb:93:29:df:94:51:cd:f0:a3:
6d:96:35:2b:b8:15:c2:7f:ca:3d:3d:10:e4:f6:55:23:3a:cd:
bd:50:40:b8:d8:f1:17:05:d7:95:8c:3b:95:48:e7:b6:31:5e:
2e:3c:e9:7f:3d:2a:0e:d5:06:17:c6:aa:5d:43:30:70:09:9b:
b9:e3:12:bb:fd:b5:74:30:0a:9f:af:3b:60:01:1c:31:3f:c1:
f5:90:0b:86:a4:bc:c9:6a:15:19:3d:0f:01:3f:67:ca:c5:31:
60:8e:e7:2d
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAZMauKvVmwY1+MPsj10rn58VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3OWRhNDY1NjE1YzYwMDk0MzcwODMzODkyZGE4NGM4ODZl
MWM0ZWYwHhcNMjQxMTExMTAxNTMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YzU4NTQ2YmRiY2UwMTU1M2U4MjJhMzE3Mzg3MDk4ZjcwNDI1YjFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo9rIxfxSxiDTot+s6LIHe0MjV+vQ
sS+DXx13wjpeAWkyl/GkF/qVWNipkSe/Q6HQhfpzUWNqFnOLJ1qiXuToOMXgq1Sq
hy7NCoEcMmPzF/F7GwzgTQg2TCMtuoj2EfjXaksMLBNke8qcrhGeyEW1AmMU90yP
siz3giWaQz4NpdNQU1GoUVHL1BS8l8Inp/mmWZO+PA4IVVg8zhIwsKNsDrIGGzje
HcOdaTI45Vdn/LaHyoT+s/rwGCNd3mt3TtJ9tLaC01UKFhBeMFBP7AsYWckUotUe
DqZRzlx9Yw2T3BDcJ6vAamtcMP5Ki/NiELKNrtJYJlFCKMLoc0SWE8BiMwIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFHxYVGvbzgFVPoIqMXOHCY9wQlsbMB8GA1UdIwQY
MBaAFNedpGVhXGAJQ3CDOJLahMiG4cTvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTUya1pXRmNZQWxEY0lNNGt0cUV5SWJoeE84LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC9kNzljOTgtYzI3ZC00NWIzLTg2ZDkt
ZGFkM2JiMTNjMGEyLzEvZkZoVWE5dk9BVlUtZ2lveGM0Y0pqM0JDV3hzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC9kNzljOTgtYzI3ZC00NWIzLTg2ZDktZGFkM2JiMTNjMGEy
LzEvMTUya1pXRmNZQWxEY0lNNGt0cUV5SWJoeE84LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjAeBAIAATAYAwQAuQG6AwQA
uQHnAwQAubxTAwQD2R1AMDQEAgACMC4DCQEgAQf4AAsBAAMJACABB/gBAQAHMBYD
CQAgAQf4AQEAEwMJACABB/gBAQAUMA0GCSqGSIb3DQEBCwUAA4IBAQA5LcR59VpI
3EXVmIj9lEY5KMSfLmZ5dJ4BMmvoa011OcPhZEPYZBIwQbOw6Y6kEEaG8VXIRxEw
sbxBeVfti5ECJrrWdKdRKNY6qDcu7ZuUwDWwNe+E9OQGaIZwglj0yPDvj76T2U/d
FpLO3GjxXDQI8/40iijlbUvc/piDsH9aSSa2w4lzLOOJEZIm1HOieENaqIM5PVD1
Yr27kynflFHN8KNtljUruBXCf8o9PRDk9lUjOs29UEC42PEXBdeVjDuVSOe2MV4u
POl/PSoO1QYXxqpdQzBwCZu54xK7/bV0MAqfrztgARwxP8H1kAuGpLzJahUZPQ8B
P2fKxTFgjuct
-----END CERTIFICATE-----
Generated at Sun Apr 27 23:11:11 2025 by rpki-client