Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/IpjNiaZ5QPf-ruiNgLEJ8Pkk7kM.roa
File: IpjNiaZ5QPf-ruiNgLEJ8Pkk7kM.roa (raw, json)
Hash identifier: j6bhsj5vxi7jJO3OpASLnYrbHlWbAKUZy2OeC+oTGRQ=
Subject key identifier: 22:98:CD:89:A6:79:40:F7:FE:AE:E8:8D:80:B1:09:F0:F9:24:EE:43
Certificate issuer: /CN=0d722e4513a39678d8ab23b2d649775340518cb9
Certificate serial: 018CC8DE360F5BDE0046268D5D3251175960
Authority key identifier: 0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/IpjNiaZ5QPf-ruiNgLEJ8Pkk7kM.roa
Signing time: Tue 02 Jan 2024 06:30:55 +0000
ROA not before: Tue 02 Jan 2024 06:30:55 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57974
IP address blocks: 185.21.254.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 05 Jan 2024 12:06:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:36:0f:5b:de:00:46:26:8d:5d:32:51:17:59:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d722e4513a39678d8ab23b2d649775340518cb9
Validity
Not Before: Jan 2 06:30:55 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2298cd89a67940f7feaee88d80b109f0f924ee43
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:1d:6d:7c:49:af:24:2c:a5:53:1e:4e:ed:a1:
d9:e8:42:e5:61:a4:e8:45:aa:37:ec:99:f1:c3:13:
36:20:86:1a:8a:35:c9:0a:f2:64:25:6d:1a:1f:0b:
44:7d:cc:43:14:58:64:12:4c:cd:3e:3e:03:61:72:
9e:2d:e4:c0:ca:29:70:c0:85:6e:bb:92:82:3e:21:
b0:f4:42:42:1d:f9:5f:f6:bb:d9:dd:38:ee:9b:95:
3d:af:a7:1d:06:13:16:0f:90:69:b4:45:8a:9a:51:
a0:08:46:e3:59:98:02:c9:c9:9e:77:2b:60:f3:77:
90:ca:ef:b6:cb:b5:8d:fa:c6:27:5e:41:db:d0:9d:
98:96:55:4e:86:c5:c4:3a:9b:25:c5:72:e8:62:b7:
2b:cd:b1:c6:44:d7:32:45:87:b0:70:d4:81:0b:62:
a3:23:45:25:b6:1f:66:ae:53:20:68:9c:2c:fc:3f:
40:6e:37:7d:c6:86:bf:4a:27:8a:68:90:93:fb:86:
b4:bc:6e:88:05:be:ea:60:ff:9c:aa:e8:a2:1b:d7:
96:9c:20:cf:85:56:28:37:b1:ac:f2:d7:86:cb:bc:
86:01:88:49:65:e9:91:3f:ba:7c:c2:de:b0:58:73:
96:96:c5:c4:3a:de:b6:33:17:a0:17:ab:ff:51:56:
da:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:98:CD:89:A6:79:40:F7:FE:AE:E8:8D:80:B1:09:F0:F9:24:EE:43
X509v3 Authority Key Identifier:
keyid:0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/IpjNiaZ5QPf-ruiNgLEJ8Pkk7kM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/DXIuRROjlnjYqyOy1kl3U0BRjLk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.21.254.0/24
Signature Algorithm: sha256WithRSAEncryption
c1:d7:aa:94:39:12:fd:7c:1d:bd:40:2d:92:6f:81:23:ff:65:
15:47:73:7b:d0:eb:68:c4:f6:58:e4:c3:a9:44:e4:97:63:2f:
e5:11:0f:0d:52:2f:69:94:62:c6:76:38:25:ab:8c:74:c2:d2:
59:f5:00:a8:f9:f2:4c:3f:59:5a:80:3b:ef:90:e0:8e:87:72:
06:5c:78:c0:8b:66:a8:cb:c8:3f:a3:f9:8a:19:f6:62:28:81:
e7:cb:a0:11:a3:ab:c6:76:51:70:70:2a:ba:49:cb:f3:b0:1c:
03:f1:4b:8c:79:32:63:62:7f:25:92:54:b1:15:47:46:d5:fd:
01:cd:e9:ca:b7:8b:f6:2b:49:98:18:71:22:87:57:df:8e:ac:
68:96:7a:48:f2:3a:81:55:78:ce:39:a6:c2:10:55:08:07:e4:
79:b6:d5:d6:94:96:0b:50:83:b1:5a:be:bf:05:2b:13:9e:7d:
af:62:6b:9f:99:c5:44:ff:a1:ac:5d:0e:df:fc:3b:aa:62:67:
16:95:34:ae:96:62:3a:7e:d0:1d:9c:17:55:d9:cf:87:00:52:
0f:92:7d:14:c0:1b:28:6d:4f:4c:bf:3d:4a:5d:73:23:8f:15:
53:25:3d:a9:8d:b2:96:14:c5:21:5c:b2:c6:85:df:a5:57:d4:
37:81:38:70
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzI3jYPW94ARiaNXTJRF1lgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNzIyZTQ1MTNhMzk2NzhkOGFiMjNiMmQ2NDk3NzUzNDA1
MThjYjkwHhcNMjQwMTAyMDYzMDU1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjk4Y2Q4OWE2Nzk0MGY3ZmVhZWU4OGQ4MGIxMDlmMGY5MjRlZTQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjx1tfEmvJCylUx5O7aHZ6ELlYaTo
Rao37JnxwxM2IIYaijXJCvJkJW0aHwtEfcxDFFhkEkzNPj4DYXKeLeTAyilwwIVu
u5KCPiGw9EJCHflf9rvZ3Tjum5U9r6cdBhMWD5BptEWKmlGgCEbjWZgCycmedytg
83eQyu+2y7WN+sYnXkHb0J2YllVOhsXEOpslxXLoYrcrzbHGRNcyRYewcNSBC2Kj
I0Ulth9mrlMgaJws/D9Abjd9xoa/SieKaJCT+4a0vG6IBb7qYP+cquiiG9eWnCDP
hVYoN7Gs8teGy7yGAYhJZemRP7p8wt6wWHOWlsXEOt62MxegF6v/UVbaRQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCKYzYmmeUD3/q7ojYCxCfD5JO5DMB8GA1UdIwQY
MBaAFA1yLkUTo5Z42KsjstZJd1NAUYy5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDIt
MzQyNWIxMjVlYWE3LzEvSXBqTmlhWjVRUGYtcnVpTmdMRUo4UGtrN2tNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDItMzQyNWIxMjVlYWE3
LzEvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuRX+MA0G
CSqGSIb3DQEBCwUAA4IBAQDB16qUORL9fB29QC2Sb4Ej/2UVR3N70OtoxPZY5MOp
ROSXYy/lEQ8NUi9plGLGdjglq4x0wtJZ9QCo+fJMP1lagDvvkOCOh3IGXHjAi2ao
y8g/o/mKGfZiKIHny6ARo6vGdlFwcCq6ScvzsBwD8UuMeTJjYn8lklSxFUdG1f0B
zenKt4v2K0mYGHEih1ffjqxolnpI8jqBVXjOOabCEFUIB+R5ttXWlJYLUIOxWr6/
BSsTnn2vYmufmcVE/6GsXQ7f/DuqYmcWlTSulmI6ftAdnBdV2c+HAFIPkn0UwBso
bU9Mvz1KXXMjjxVTJT2pjbKWFMUhXLLGhd+lV9Q3gThw
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:00:48 2025 by rpki-client