Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/Nud7dSR9Um1nlg89oo3d4Qmfs2Q.roa
File: Nud7dSR9Um1nlg89oo3d4Qmfs2Q.roa (raw, json)
Hash identifier: 5B9YbFKhaaDDuo3VC0t0UAa3WXFmVW7SoXukv9NDmvs=
Subject key identifier: 36:E7:7B:75:24:7D:52:6D:67:96:0F:3D:A2:8D:DD:E1:09:9F:B3:64
Certificate issuer: /CN=0d722e4513a39678d8ab23b2d649775340518cb9
Certificate serial: 0190F6A6CCC13D833A6552A729C6835AD43D
Authority key identifier: 0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/Nud7dSR9Um1nlg89oo3d4Qmfs2Q.roa
Signing time: Sun 28 Jul 2024 00:04:04 +0000
ROA not before: Sun 28 Jul 2024 00:04:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211975
IP address blocks: 185.21.255.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 27 Aug 2024 10:45:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:f6:a6:cc:c1:3d:83:3a:65:52:a7:29:c6:83:5a:d4:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d722e4513a39678d8ab23b2d649775340518cb9
Validity
Not Before: Jul 28 00:04:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=36e77b75247d526d67960f3da28ddde1099fb364
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:d7:15:53:94:bd:a9:a6:61:7b:3b:c2:c3:d1:
9c:97:0c:5b:e7:ff:fb:9a:d2:7f:a0:55:a4:53:8b:
25:8f:31:db:30:34:cd:f1:46:93:64:d3:78:9b:f6:
5a:d3:8f:f3:8b:d2:69:df:30:9d:d6:04:d9:0f:92:
f8:98:c7:d5:21:96:e1:b1:2e:6d:e4:81:6c:61:3d:
22:39:60:13:45:59:02:32:cd:be:6c:eb:79:2a:04:
9c:95:80:e6:01:a1:85:5f:bb:29:c5:f4:e7:8f:64:
87:45:2e:94:85:83:b4:0e:97:9c:1f:e1:6d:bb:fb:
60:2b:c8:1e:3f:7d:ad:07:38:29:a5:66:60:d0:be:
1b:b9:4e:df:0f:1b:fe:db:13:f8:44:ee:bc:b4:de:
8d:c3:72:fb:77:aa:6e:91:9a:5a:60:6a:c0:83:33:
41:01:40:b5:a3:e5:23:07:55:a1:6e:66:f1:e0:ad:
7f:06:5f:29:2a:cb:de:19:32:d6:60:cf:2e:fe:79:
a9:b7:8a:37:80:bc:96:47:eb:20:70:ac:3e:44:93:
aa:75:43:10:09:7e:81:18:2a:85:52:4e:35:33:cf:
e5:6f:21:7a:46:9e:42:d1:98:6a:0e:cb:5d:e8:c0:
8d:f4:58:14:be:c5:ad:ff:0d:fe:66:7c:5e:a1:b7:
aa:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:E7:7B:75:24:7D:52:6D:67:96:0F:3D:A2:8D:DD:E1:09:9F:B3:64
X509v3 Authority Key Identifier:
keyid:0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/Nud7dSR9Um1nlg89oo3d4Qmfs2Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/DXIuRROjlnjYqyOy1kl3U0BRjLk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.21.255.0/24
Signature Algorithm: sha256WithRSAEncryption
da:a1:a6:1a:71:e6:c4:c2:b4:d2:79:f2:94:cd:3d:29:7f:bd:
86:ae:99:1a:ee:92:d9:77:39:2d:84:c3:7b:a1:2f:83:f1:ca:
18:cf:68:85:4e:38:53:60:b2:48:f5:91:c9:1d:82:ec:1c:4b:
e6:6a:f4:4a:e8:8b:70:d7:8c:a1:06:82:ec:11:73:34:db:4e:
55:5b:30:89:bf:13:32:95:b6:c3:9f:3b:de:65:d3:8c:1d:4e:
49:19:6d:75:a9:d7:2c:8a:54:d4:9b:00:20:4f:49:d1:33:d7:
8c:8e:40:9b:52:7c:da:44:6c:61:02:a2:fc:aa:08:7b:9c:d3:
4a:f6:09:d0:c5:2a:6e:8c:03:c0:88:99:68:43:33:ce:f4:63:
65:1f:ca:d4:cf:0b:21:95:13:0e:55:93:57:17:4c:c8:31:30:
09:be:8e:80:85:15:4f:16:f0:7e:60:53:8b:78:db:db:82:02:
c6:c4:00:4c:e9:37:08:11:ac:44:14:fc:1e:86:c9:62:4b:f1:
b4:de:1f:46:d3:f3:7f:51:05:e8:09:cc:db:73:bc:f3:a8:74:
54:f3:e9:bc:f5:47:08:71:33:dd:5d:1a:7d:b4:e4:52:d3:14:
c9:b7:79:5a:96:92:69:06:d4:da:f0:17:3c:45:76:af:c8:44:
b8:3b:09:1d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZD2pszBPYM6ZVKnKcaDWtQ9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNzIyZTQ1MTNhMzk2NzhkOGFiMjNiMmQ2NDk3NzUzNDA1
MThjYjkwHhcNMjQwNzI4MDAwNDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNmU3N2I3NTI0N2Q1MjZkNjc5NjBmM2RhMjhkZGRlMTA5OWZiMzY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4tcVU5S9qaZhezvCw9Gclwxb5//7
mtJ/oFWkU4sljzHbMDTN8UaTZNN4m/Za04/zi9Jp3zCd1gTZD5L4mMfVIZbhsS5t
5IFsYT0iOWATRVkCMs2+bOt5KgSclYDmAaGFX7spxfTnj2SHRS6UhYO0DpecH+Ft
u/tgK8geP32tBzgppWZg0L4buU7fDxv+2xP4RO68tN6Nw3L7d6pukZpaYGrAgzNB
AUC1o+UjB1Whbmbx4K1/Bl8pKsveGTLWYM8u/nmpt4o3gLyWR+sgcKw+RJOqdUMQ
CX6BGCqFUk41M8/lbyF6Rp5C0ZhqDstd6MCN9FgUvsWt/w3+ZnxeobeqgQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDbne3UkfVJtZ5YPPaKN3eEJn7NkMB8GA1UdIwQY
MBaAFA1yLkUTo5Z42KsjstZJd1NAUYy5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDIt
MzQyNWIxMjVlYWE3LzEvTnVkN2RTUjlVbTFubGc4OW9vM2Q0UW1mczJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDItMzQyNWIxMjVlYWE3
LzEvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuRX/MA0G
CSqGSIb3DQEBCwUAA4IBAQDaoaYacebEwrTSefKUzT0pf72Grpka7pLZdzkthMN7
oS+D8coYz2iFTjhTYLJI9ZHJHYLsHEvmavRK6Itw14yhBoLsEXM0205VWzCJvxMy
lbbDnzveZdOMHU5JGW11qdcsilTUmwAgT0nRM9eMjkCbUnzaRGxhAqL8qgh7nNNK
9gnQxSpujAPAiJloQzPO9GNlH8rUzwshlRMOVZNXF0zIMTAJvo6AhRVPFvB+YFOL
eNvbggLGxABM6TcIEaxEFPwehsliS/G03h9G0/N/UQXoCczbc7zzqHRU8+m89UcI
cTPdXRp9tORS0xTJt3lalpJpBtTa8Bc8RXavyES4Owkd
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:01:16 2025 by rpki-client