Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/sXQNdqJYXc8Sduzd9C-9IcnXAPE.roa
File: sXQNdqJYXc8Sduzd9C-9IcnXAPE.roa (raw, json)
Hash identifier: BmsyOYwWH4+xJmi5QJR/GNayYfqHgv+Q6CWNF20asN4=
Subject key identifier: B1:74:0D:76:A2:58:5D:CF:12:76:EC:DD:F4:2F:BD:21:C9:D7:00:F1
Certificate issuer: /CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Certificate serial: 018CC94DAF13DBC9479AA84027D5C517DDDA
Authority key identifier: DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/sXQNdqJYXc8Sduzd9C-9IcnXAPE.roa
Signing time: Tue 02 Jan 2024 08:32:40 +0000
ROA not before: Tue 02 Jan 2024 08:32:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60807
IP address blocks: 84.236.250.0/24 maxlen: 24
178.156.47.0/24 maxlen: 24
84.236.180.0/24 maxlen: 24
88.148.96.0/23 maxlen: 23
Validation: Failed, certificate revoked on Thu 02 Jan 2025 09:49:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4d:af:13:db:c9:47:9a:a8:40:27:d5:c5:17:dd:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Validity
Not Before: Jan 2 08:32:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b1740d76a2585dcf1276ecddf42fbd21c9d700f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:94:79:fd:77:70:e8:20:9d:0e:85:53:14:ff:
9e:e1:f1:a9:c9:a1:eb:12:43:a0:57:34:a9:9a:cc:
e2:67:96:32:c8:7e:56:12:2a:ef:37:52:9e:98:7a:
c1:f5:89:0b:37:b4:86:5d:b6:53:cd:9b:96:12:49:
dc:6d:74:c0:ac:ef:14:c5:e3:73:b8:2a:0f:95:e9:
c3:d9:b7:f9:da:f0:0d:58:09:81:3e:7c:b7:9b:ee:
b3:86:2e:2b:0c:fd:46:cc:be:4a:10:cc:7b:27:42:
00:00:8a:ca:35:7b:07:e4:76:8b:18:b7:32:38:0b:
12:a7:0c:34:2a:76:e2:05:72:93:87:fd:da:35:c9:
d0:2b:4f:c8:a4:3c:83:65:5b:53:2d:24:a7:9c:c7:
80:31:f8:06:dc:c5:ae:27:7c:f5:8b:01:14:4b:8b:
6b:4e:ad:1b:8b:c5:52:c2:d4:31:d8:3b:7c:25:a7:
e8:49:3e:20:49:7a:b0:2a:5a:25:3b:27:a7:44:e4:
64:f6:55:48:29:53:68:83:ae:b1:f0:75:84:6b:65:
62:78:04:09:4c:c7:ad:7d:cd:8d:70:a7:ee:90:1b:
d0:5f:de:32:7b:8c:69:f7:d2:86:7f:c7:30:75:30:
ff:6c:01:88:f0:de:cc:52:a8:91:9a:fd:56:b3:89:
a2:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:74:0D:76:A2:58:5D:CF:12:76:EC:DD:F4:2F:BD:21:C9:D7:00:F1
X509v3 Authority Key Identifier:
keyid:DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/sXQNdqJYXc8Sduzd9C-9IcnXAPE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.236.180.0/24
84.236.250.0/24
88.148.96.0/23
178.156.47.0/24
Signature Algorithm: sha256WithRSAEncryption
be:aa:3a:c6:44:80:8d:df:00:19:cf:1c:18:09:84:b3:e4:0b:
c3:2e:dd:ce:04:d4:10:a3:d6:a3:92:74:35:8d:a0:0f:bc:50:
71:79:83:b4:91:21:5f:16:7f:93:9d:f1:15:12:8c:2e:b8:9e:
9c:93:c8:a3:4e:ad:44:9a:6d:ce:75:8f:4c:22:0c:15:dd:43:
ad:9f:97:6b:5b:41:ba:4f:2f:19:50:90:50:22:14:07:6a:ab:
a1:44:39:19:8f:53:28:ad:0a:dc:d2:86:46:36:05:a1:3b:cb:
6b:16:7a:6b:51:18:b7:45:ee:a9:65:41:47:1a:8c:66:98:79:
02:ba:de:6d:3b:7f:54:6d:94:8e:04:f0:f6:3f:7d:ad:92:8a:
4c:e7:7a:d0:89:b4:64:19:78:01:e7:69:c3:3d:91:99:fc:c7:
1b:ad:d4:08:49:63:c2:77:fb:d6:d6:52:0c:58:74:8d:98:f6:
f4:e9:fa:84:ac:d7:6f:a2:90:9a:bd:67:e4:43:a5:59:df:20:
9b:ce:86:4a:b2:18:1b:b1:39:3a:ca:95:70:68:2f:83:d5:47:
73:6b:a1:07:22:9e:7a:08:a4:dc:8a:11:4b:96:00:19:e4:03:
7f:f4:56:3f:73:64:1d:15:1f:07:a3:b1:2c:9a:bf:89:8c:97:
8d:3a:41:18
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzJTa8T28lHmqhAJ9XFF93aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhYWYxN2IwMDE1ZGJiN2NkOTkyZjI2Y2RmZjAxYzRlMjYy
MGI3M2UwHhcNMjQwMTAyMDgzMjQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTc0MGQ3NmEyNTg1ZGNmMTI3NmVjZGRmNDJmYmQyMWM5ZDcwMGYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArZR5/Xdw6CCdDoVTFP+e4fGpyaHr
EkOgVzSpmsziZ5YyyH5WEirvN1KemHrB9YkLN7SGXbZTzZuWEkncbXTArO8UxeNz
uCoPlenD2bf52vANWAmBPny3m+6zhi4rDP1GzL5KEMx7J0IAAIrKNXsH5HaLGLcy
OAsSpww0KnbiBXKTh/3aNcnQK0/IpDyDZVtTLSSnnMeAMfgG3MWuJ3z1iwEUS4tr
Tq0bi8VSwtQx2Dt8JafoST4gSXqwKlolOyenRORk9lVIKVNog66x8HWEa2VieAQJ
TMetfc2NcKfukBvQX94ye4xp99KGf8cwdTD/bAGI8N7MUqiRmv1Ws4mitQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFLF0DXaiWF3PEnbs3fQvvSHJ1wDxMB8GA1UdIwQY
MBaAFNqvF7ABXbt82ZLybN/wHE4mILc+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAt
Y2YwNmQxOTgzYmExLzEvc1hRTmRxSllYYzhTZHV6ZDlDLTlJY25YQVBFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAtY2YwNmQxOTgzYmEx
LzEvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAVOy0AwQA
VOz6AwQBWJRgAwQAspwvMA0GCSqGSIb3DQEBCwUAA4IBAQC+qjrGRICN3wAZzxwY
CYSz5AvDLt3OBNQQo9ajknQ1jaAPvFBxeYO0kSFfFn+TnfEVEowuuJ6ck8ijTq1E
mm3OdY9MIgwV3UOtn5drW0G6Ty8ZUJBQIhQHaquhRDkZj1MorQrc0oZGNgWhO8tr
FnprURi3Re6pZUFHGoxmmHkCut5tO39UbZSOBPD2P32tkopM53rQibRkGXgB52nD
PZGZ/McbrdQISWPCd/vW1lIMWHSNmPb06fqErNdvopCavWfkQ6VZ3yCbzoZKshgb
sTk6ypVwaC+D1Udza6EHIp56CKTcihFLlgAZ5AN/9FY/c2QdFR8Ho7Esmr+JjJeN
OkEY
-----END CERTIFICATE-----
Generated at Sat Apr 19 14:05:02 2025 by rpki-client