Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/b3d97e-5cc2-4669-b378-5875a4489dba/1/_ezucTOG5aF50VLtPhIG3nZDkgM.roa
File: _ezucTOG5aF50VLtPhIG3nZDkgM.roa (raw, json)
Hash identifier: 4VImfOVQ6WbhYaP06nesDSxESsBNf15lWLwMf6sShY8=
Subject key identifier: FD:EC:EE:71:33:86:E5:A1:79:D1:52:ED:3E:12:06:DE:76:43:92:03
Certificate issuer: /CN=d09a7f7fdd54a17ce5e12a4182eb652479f9d758
Certificate serial: 018CC348BA625A8747BE1B22E3468E7DA539
Authority key identifier: D0:9A:7F:7F:DD:54:A1:7C:E5:E1:2A:41:82:EB:65:24:79:F9:D7:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0Jp_f91UoXzl4SpBgutlJHn511g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/b3d97e-5cc2-4669-b378-5875a4489dba/1/_ezucTOG5aF50VLtPhIG3nZDkgM.roa
Signing time: Mon 01 Jan 2024 04:29:32 +0000
ROA not before: Mon 01 Jan 2024 04:29:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15830
IP address blocks: 185.69.250.0/24 maxlen: 24
185.69.249.0/24 maxlen: 24
185.69.248.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 05:47:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:ba:62:5a:87:47:be:1b:22:e3:46:8e:7d:a5:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d09a7f7fdd54a17ce5e12a4182eb652479f9d758
Validity
Not Before: Jan 1 04:29:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fdecee713386e5a179d152ed3e1206de76439203
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:4c:a8:b2:78:23:e8:36:56:47:35:55:3e:86:
fa:d7:0f:ef:9d:9d:d2:e7:bf:a9:f1:e4:54:80:32:
6f:d3:17:90:8b:81:7f:b2:87:2e:14:5a:41:1b:76:
61:2f:a3:a8:30:6f:12:d8:cf:b8:6e:2e:d1:93:7e:
36:b4:67:92:d8:c5:08:10:c1:f9:fd:ac:3d:17:8c:
10:b7:5b:8f:ec:72:05:d0:a7:59:2a:1c:17:7a:4a:
6e:a4:a6:e6:84:02:95:d8:c4:d4:c9:9b:80:db:69:
8c:87:8e:ac:58:37:12:fb:80:26:b5:ed:a8:f1:df:
14:fb:ff:34:08:41:e2:58:ad:b2:b5:2d:4f:ad:06:
05:56:4c:e0:be:33:fa:24:4a:7f:74:7a:b0:a5:21:
90:cc:8d:30:3d:86:c4:5c:18:e2:76:8e:7b:34:de:
71:8a:d0:ae:b6:19:5c:49:d2:4f:93:29:3f:7e:a1:
b5:6b:a1:c7:ec:07:9b:71:b7:a9:b4:b9:4c:3f:bf:
da:81:03:98:14:31:37:e7:7a:5b:ac:6f:7b:10:9a:
2b:67:b5:83:38:c4:d8:e8:cc:bc:0d:9a:27:43:52:
07:66:f6:80:44:12:32:18:df:c4:1b:95:e1:2c:b4:
90:4e:94:da:1f:a3:ea:71:cb:a4:d4:1f:27:6d:d6:
d3:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:EC:EE:71:33:86:E5:A1:79:D1:52:ED:3E:12:06:DE:76:43:92:03
X509v3 Authority Key Identifier:
keyid:D0:9A:7F:7F:DD:54:A1:7C:E5:E1:2A:41:82:EB:65:24:79:F9:D7:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0Jp_f91UoXzl4SpBgutlJHn511g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/b3d97e-5cc2-4669-b378-5875a4489dba/1/_ezucTOG5aF50VLtPhIG3nZDkgM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/b3d97e-5cc2-4669-b378-5875a4489dba/1/0Jp_f91UoXzl4SpBgutlJHn511g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.69.248.0-185.69.250.255
Signature Algorithm: sha256WithRSAEncryption
1f:e9:93:bb:ae:a0:e8:d4:2b:52:bf:4c:3f:c8:78:12:25:ef:
64:d7:93:32:28:97:ce:f2:6f:47:94:b3:3b:17:00:aa:a0:5f:
e6:99:53:8a:cc:be:16:61:ad:18:f3:13:4e:b8:cd:91:da:e4:
8e:49:6b:3a:51:2a:8d:a7:f9:1a:81:7d:06:09:a2:9b:86:be:
31:ea:88:f5:3b:31:96:3a:ab:8f:1e:b8:40:42:cb:68:f0:1b:
28:e0:c6:dd:99:10:d9:e3:d4:30:83:20:37:3b:c9:92:63:b7:
9b:d2:cb:db:bd:8e:3d:ec:d5:58:0c:e1:ec:01:14:e2:ee:83:
d0:2c:9b:81:30:ee:84:7b:b5:da:48:ef:9c:34:f8:52:d3:ab:
78:1d:33:c9:72:75:38:ad:86:c5:04:e4:9e:65:75:c7:69:8e:
b3:32:f6:6e:bd:95:0f:d0:65:32:b0:09:87:ae:ad:e9:fd:49:
fc:0c:05:1a:bf:a0:04:3c:52:c1:93:e5:68:57:22:f8:b1:01:
ad:ff:e9:74:9a:9a:53:2a:54:65:7c:2a:ad:a2:3d:23:04:e4:
c8:56:7e:31:b9:bc:ec:be:d9:db:37:2d:f7:2b:65:2a:97:1c:
0f:73:b2:b0:e5:a6:64:6a:71:ec:11:32:90:12:26:2a:34:21:
84:34:b1:cc
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzDSLpiWodHvhsi40aOfaU5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwOWE3ZjdmZGQ1NGExN2NlNWUxMmE0MTgyZWI2NTI0Nzlm
OWQ3NTgwHhcNMjQwMTAxMDQyOTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZGVjZWU3MTMzODZlNWExNzlkMTUyZWQzZTEyMDZkZTc2NDM5MjAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlkyosngj6DZWRzVVPob61w/vnZ3S
57+p8eRUgDJv0xeQi4F/socuFFpBG3ZhL6OoMG8S2M+4bi7Rk342tGeS2MUIEMH5
/aw9F4wQt1uP7HIF0KdZKhwXekpupKbmhAKV2MTUyZuA22mMh46sWDcS+4Amte2o
8d8U+/80CEHiWK2ytS1PrQYFVkzgvjP6JEp/dHqwpSGQzI0wPYbEXBjido57NN5x
itCuthlcSdJPkyk/fqG1a6HH7AebcbeptLlMP7/agQOYFDE353pbrG97EJorZ7WD
OMTY6My8DZonQ1IHZvaARBIyGN/EG5XhLLSQTpTaH6Pqccuk1B8nbdbTsQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFP3s7nEzhuWhedFS7T4SBt52Q5IDMB8GA1UdIwQY
MBaAFNCaf3/dVKF85eEqQYLrZSR5+ddYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEpwX2Y5MVVvWHpsNFNwQmd1dGxKSG41MTFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9iM2Q5N2UtNWNjMi00NjY5LWIzNzgt
NTg3NWE0NDg5ZGJhLzEvX2V6dWNUT0c1YUY1MFZMdFBoSUczblpEa2dNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9iM2Q5N2UtNWNjMi00NjY5LWIzNzgtNTg3NWE0NDg5ZGJh
LzEvMEpwX2Y5MVVvWHpsNFNwQmd1dGxKSG41MTFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAO5RfgD
BAC5RfowDQYJKoZIhvcNAQELBQADggEBAB/pk7uuoOjUK1K/TD/IeBIl72TXkzIo
l87yb0eUszsXAKqgX+aZU4rMvhZhrRjzE064zZHa5I5JazpRKo2n+RqBfQYJopuG
vjHqiPU7MZY6q48euEBCy2jwGyjgxt2ZENnj1DCDIDc7yZJjt5vSy9u9jj3s1VgM
4ewBFOLug9Asm4Ew7oR7tdpI75w0+FLTq3gdM8lydTithsUE5J5ldcdpjrMy9m69
lQ/QZTKwCYeuren9SfwMBRq/oAQ8UsGT5WhXIvixAa3/6XSamlMqVGV8Kq2iPSME
5MhWfjG5vOy+2ds3LfcrZSqXHA9zsrDlpmRqcewRMpASJio0IYQ0scw=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:26:22 2025 by rpki-client