Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/e65ada-4d4a-404d-8700-c2256804e922/1/dnfHFklZo6occvW-eJjsA220YVE.roa
File: dnfHFklZo6occvW-eJjsA220YVE.roa (raw, json)
Hash identifier: R5+4j+i9sSFBkEiL0zZHxS/FDSVDMHagBXItgtdAoc0=
Subject key identifier: 76:77:C7:16:49:59:A3:AA:1C:72:F5:BE:78:98:EC:03:6D:B4:61:51
Certificate issuer: /CN=3ecd53c66424c3f369ca88ee7af76adb25e18451
Certificate serial: 018CCA9926D6B6D2D7844992BC89E7FDD70C
Authority key identifier: 3E:CD:53:C6:64:24:C3:F3:69:CA:88:EE:7A:F7:6A:DB:25:E1:84:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ps1TxmQkw_Npyojuevdq2yXhhFE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/e65ada-4d4a-404d-8700-c2256804e922/1/dnfHFklZo6occvW-eJjsA220YVE.roa
Signing time: Tue 02 Jan 2024 14:34:43 +0000
ROA not before: Tue 02 Jan 2024 14:34:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48329
IP address blocks: 185.159.86.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 05:48:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:99:26:d6:b6:d2:d7:84:49:92:bc:89:e7:fd:d7:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ecd53c66424c3f369ca88ee7af76adb25e18451
Validity
Not Before: Jan 2 14:34:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7677c7164959a3aa1c72f5be7898ec036db46151
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:17:8b:c3:0e:3b:f6:17:9f:96:de:bb:38:81:
08:57:fb:22:d6:ce:e9:55:37:2d:6b:38:93:94:9a:
40:68:8e:35:93:9a:3e:8e:8c:4a:78:59:08:ee:39:
9a:8c:ab:29:cc:c2:8e:24:24:d2:84:b8:73:43:b2:
c6:7d:41:ed:e2:c4:39:e4:66:c4:79:44:d9:92:0f:
84:a5:1b:81:e2:98:ab:53:88:03:e9:c1:68:c4:3a:
da:3f:d0:f8:05:53:76:4c:b3:0d:04:41:3c:69:87:
10:03:db:71:7e:89:ac:e5:d8:66:d5:46:c4:98:3a:
93:05:e5:f7:6f:89:c5:02:97:08:45:c4:99:f0:72:
58:61:30:4f:23:72:6f:9f:9c:72:64:5b:fb:10:9b:
57:21:29:f6:61:5c:46:d9:c5:a0:90:75:3d:5c:f8:
61:e7:84:a2:29:ed:bf:47:94:f6:50:91:9a:fd:08:
d5:93:f3:27:cb:14:86:e8:a9:fe:85:85:f5:e3:35:
15:4e:5c:22:35:4b:32:15:5f:83:40:0a:70:25:6e:
05:32:dc:34:1f:e8:2d:e7:ed:68:f8:b0:bc:5f:2d:
4f:28:1d:3d:5b:27:12:e5:77:7e:a2:34:16:18:ee:
88:67:61:63:67:8a:bf:7a:47:44:39:55:7e:4f:6d:
e1:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:77:C7:16:49:59:A3:AA:1C:72:F5:BE:78:98:EC:03:6D:B4:61:51
X509v3 Authority Key Identifier:
keyid:3E:CD:53:C6:64:24:C3:F3:69:CA:88:EE:7A:F7:6A:DB:25:E1:84:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ps1TxmQkw_Npyojuevdq2yXhhFE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/e65ada-4d4a-404d-8700-c2256804e922/1/dnfHFklZo6occvW-eJjsA220YVE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/e65ada-4d4a-404d-8700-c2256804e922/1/Ps1TxmQkw_Npyojuevdq2yXhhFE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.159.86.0/24
Signature Algorithm: sha256WithRSAEncryption
13:44:a0:3c:ed:ee:b5:60:88:51:4d:6f:95:e5:de:a0:88:45:
46:6c:95:3c:c9:f3:3a:63:cc:22:20:c9:2c:90:f7:af:b7:c4:
9f:5b:83:95:ed:4d:dd:56:78:69:f6:c3:e2:d3:94:bb:e1:1b:
92:91:26:cd:fd:82:ae:a7:f4:2e:e1:18:7d:6b:b1:87:ef:cc:
02:53:54:f1:a8:a3:40:f6:0b:cd:bb:b9:19:e4:ce:c0:7f:01:
88:41:e0:12:71:f1:06:e5:39:36:9f:a5:f9:b1:fd:10:94:e4:
e2:31:c9:f2:27:9e:5a:21:9b:27:0e:d3:e2:a1:e9:67:7b:89:
be:41:0d:17:99:14:1a:cd:d3:a2:a7:a8:4d:38:84:36:0c:ca:
bc:45:3d:f7:d6:9b:55:e5:72:e4:8c:89:2e:ed:41:03:70:56:
8e:f0:57:5b:54:90:62:a1:2c:52:21:1a:b5:07:f5:94:a6:03:
2e:cc:82:63:da:39:21:bb:2b:c2:21:eb:dd:4d:00:af:90:66:
af:24:35:c6:55:da:89:65:bd:4f:80:66:99:8f:3a:dc:d7:3e:
30:3d:52:58:a6:c2:a0:1a:2d:2e:58:2b:bc:2d:f6:26:34:03:
2f:4b:02:0a:63:1a:31:ba:9d:97:55:63:2b:b4:bd:78:62:17:
ea:19:1d:4b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKmSbWttLXhEmSvInn/dcMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlY2Q1M2M2NjQyNGMzZjM2OWNhODhlZTdhZjc2YWRiMjVl
MTg0NTEwHhcNMjQwMTAyMTQzNDQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Njc3YzcxNjQ5NTlhM2FhMWM3MmY1YmU3ODk4ZWMwMzZkYjQ2MTUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjBeLww479heflt67OIEIV/si1s7p
VTctaziTlJpAaI41k5o+joxKeFkI7jmajKspzMKOJCTShLhzQ7LGfUHt4sQ55GbE
eUTZkg+EpRuB4pirU4gD6cFoxDraP9D4BVN2TLMNBEE8aYcQA9txfoms5dhm1UbE
mDqTBeX3b4nFApcIRcSZ8HJYYTBPI3Jvn5xyZFv7EJtXISn2YVxG2cWgkHU9XPhh
54SiKe2/R5T2UJGa/QjVk/MnyxSG6Kn+hYX14zUVTlwiNUsyFV+DQApwJW4FMtw0
H+gt5+1o+LC8Xy1PKB09WycS5Xd+ojQWGO6IZ2FjZ4q/ekdEOVV+T23hHQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHZ3xxZJWaOqHHL1vniY7ANttGFRMB8GA1UdIwQY
MBaAFD7NU8ZkJMPzacqI7nr3atsl4YRRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHMxVHhtUWt3X05weW9qdWV2ZHEyeVhoaEZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS9lNjVhZGEtNGQ0YS00MDRkLTg3MDAt
YzIyNTY4MDRlOTIyLzEvZG5mSEZrbFpvNm9jY3ZXLWVKanNBMjIwWVZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS9lNjVhZGEtNGQ0YS00MDRkLTg3MDAtYzIyNTY4MDRlOTIy
LzEvUHMxVHhtUWt3X05weW9qdWV2ZHEyeVhoaEZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuZ9WMA0G
CSqGSIb3DQEBCwUAA4IBAQATRKA87e61YIhRTW+V5d6giEVGbJU8yfM6Y8wiIMks
kPevt8SfW4OV7U3dVnhp9sPi05S74RuSkSbN/YKup/Qu4Rh9a7GH78wCU1TxqKNA
9gvNu7kZ5M7AfwGIQeAScfEG5Tk2n6X5sf0QlOTiMcnyJ55aIZsnDtPioelne4m+
QQ0XmRQazdOip6hNOIQ2DMq8RT331ptV5XLkjIku7UEDcFaO8FdbVJBioSxSIRq1
B/WUpgMuzIJj2jkhuyvCIevdTQCvkGavJDXGVdqJZb1PgGaZjzrc1z4wPVJYpsKg
Gi0uWCu8LfYmNAMvSwIKYxoxup2XVWMrtL14YhfqGR1L
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:35:36 2025 by rpki-client