Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/bc0a25-933a-4f5a-a5f3-9dcfd2ef3023/1/NvDqnLK2ciE1EVUcyfErSedfkTY.roa
File: NvDqnLK2ciE1EVUcyfErSedfkTY.roa (raw, json)
Hash identifier: NIT76YjAc7swOHZF8XtgEb/YjDxVp38O4C0pU3dCTpM=
Subject key identifier: 36:F0:EA:9C:B2:B6:72:21:35:11:55:1C:C9:F1:2B:49:E7:5F:91:36
Certificate issuer: /CN=dd5f2e7cc2c687f58c0d1f6132bb2dcfdf38cb64
Certificate serial: 0193C54D605948B6719CBB14C9F67193B012
Authority key identifier: DD:5F:2E:7C:C2:C6:87:F5:8C:0D:1F:61:32:BB:2D:CF:DF:38:CB:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3V8ufMLGh_WMDR9hMrstz984y2Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/bc0a25-933a-4f5a-a5f3-9dcfd2ef3023/1/NvDqnLK2ciE1EVUcyfErSedfkTY.roa
Signing time: Sat 14 Dec 2024 13:13:22 +0000
ROA not before: Sat 14 Dec 2024 13:13:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43824
IP address blocks: 109.75.64.0/24 maxlen: 24
109.75.65.0/24 maxlen: 24
109.75.66.0/24 maxlen: 24
109.75.67.0/24 maxlen: 24
109.75.68.0/24 maxlen: 24
109.75.69.0/24 maxlen: 24
109.75.70.0/24 maxlen: 24
109.75.71.0/24 maxlen: 24
109.75.72.0/24 maxlen: 24
109.75.73.0/24 maxlen: 24
109.75.74.0/24 maxlen: 24
109.75.75.0/24 maxlen: 24
109.75.76.0/24 maxlen: 24
109.75.77.0/24 maxlen: 24
109.75.79.0/24 maxlen: 24
185.204.48.0/24 maxlen: 24
185.204.49.0/24 maxlen: 24
185.204.50.0/24 maxlen: 24
185.204.51.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 13:50:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:c5:4d:60:59:48:b6:71:9c:bb:14:c9:f6:71:93:b0:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dd5f2e7cc2c687f58c0d1f6132bb2dcfdf38cb64
Validity
Not Before: Dec 14 13:13:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=36f0ea9cb2b672213511551cc9f12b49e75f9136
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:2c:28:b1:ec:16:c4:f1:63:aa:42:e6:c7:b9:
51:61:87:70:87:2c:b3:06:81:d2:ea:95:a0:81:43:
36:ae:85:6c:10:12:52:61:8c:eb:62:c9:b7:10:a0:
65:44:c6:f6:dc:fe:00:d0:43:5a:73:da:c9:bf:70:
a2:f8:b1:16:5d:d8:c7:e1:d4:79:e3:61:df:19:70:
e3:2a:77:13:c3:8a:f1:e5:67:51:ab:9d:96:62:1c:
ef:0a:8b:d9:73:69:8b:63:38:b7:ea:f5:00:0e:48:
a9:59:b0:55:9f:47:a5:4e:7a:bf:02:a6:b0:7d:81:
40:c3:23:ce:77:0d:a4:ea:61:50:19:5d:2b:77:98:
92:11:73:62:b1:a2:33:d4:0a:d8:ef:e7:79:c1:23:
7a:b1:9a:2a:c3:cf:f7:8f:17:97:4e:5a:50:cc:89:
74:ba:9a:9c:98:45:5e:11:2e:ed:82:6a:83:5b:d3:
5c:ef:d8:2f:b4:a1:52:ec:5f:52:c3:7c:c1:7d:06:
14:c7:78:d9:9d:cc:3c:cb:28:cf:6e:76:ea:a5:b2:
8c:04:95:ac:2f:f6:de:04:21:ac:f0:db:4a:a8:c5:
6d:0c:8d:61:22:16:a5:cd:c7:73:aa:d3:47:a3:f7:
e5:28:75:11:d3:c5:b4:7c:10:4b:17:4d:bf:95:dd:
da:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:F0:EA:9C:B2:B6:72:21:35:11:55:1C:C9:F1:2B:49:E7:5F:91:36
X509v3 Authority Key Identifier:
keyid:DD:5F:2E:7C:C2:C6:87:F5:8C:0D:1F:61:32:BB:2D:CF:DF:38:CB:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3V8ufMLGh_WMDR9hMrstz984y2Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/bc0a25-933a-4f5a-a5f3-9dcfd2ef3023/1/NvDqnLK2ciE1EVUcyfErSedfkTY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/bc0a25-933a-4f5a-a5f3-9dcfd2ef3023/1/3V8ufMLGh_WMDR9hMrstz984y2Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.75.64.0-109.75.77.255
109.75.79.0/24
185.204.48.0/22
Signature Algorithm: sha256WithRSAEncryption
03:25:4f:51:4a:b6:35:5c:c0:60:7e:ae:11:3a:00:72:16:a5:
fb:63:8b:75:50:eb:e1:81:04:92:9d:e1:fc:7e:16:5d:bd:2a:
c5:24:1e:fa:ce:af:69:c3:6b:34:a6:52:da:38:ae:c5:87:11:
2a:d6:81:db:5e:13:92:99:53:9a:8b:8c:9a:35:f4:86:58:94:
db:4b:5e:25:d5:cc:1f:d2:cc:d1:cd:7d:e0:1a:82:f1:19:fc:
11:4e:46:3c:a2:a3:01:34:54:8b:72:52:d7:c3:73:55:17:dc:
fe:c0:fa:64:54:38:f7:57:9a:8b:ec:39:0e:8a:be:1e:24:c1:
bd:c0:12:f1:a1:0c:06:5f:bf:f3:92:bf:d0:e9:ec:e7:27:5c:
4c:1d:0d:be:18:8d:13:87:c7:08:29:fd:85:9e:9a:e3:bb:40:
d2:6c:37:9e:bf:ad:9e:75:3f:a5:2f:e5:50:c1:9d:80:f0:26:
4a:4d:0a:00:5e:1d:d4:ac:28:9a:e8:1f:b3:57:f0:50:b7:83:
03:20:9f:24:9d:f3:47:3a:b5:07:88:a1:dd:bd:07:02:20:26:
7d:35:8d:20:7c:97:5d:a9:64:1f:04:58:1f:f9:97:ec:ab:0c:
25:41:f5:e8:b5:92:ae:a2:6f:6f:4e:a4:87:e8:41:58:39:8c:
78:83:d7:2c
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZPFTWBZSLZxnLsUyfZxk7ASMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkNWYyZTdjYzJjNjg3ZjU4YzBkMWY2MTMyYmIyZGNmZGYz
OGNiNjQwHhcNMjQxMjE0MTMxMzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNmYwZWE5Y2IyYjY3MjIxMzUxMTU1MWNjOWYxMmI0OWU3NWY5MTM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxSwosewWxPFjqkLmx7lRYYdwhyyz
BoHS6pWggUM2roVsEBJSYYzrYsm3EKBlRMb23P4A0ENac9rJv3Ci+LEWXdjH4dR5
42HfGXDjKncTw4rx5WdRq52WYhzvCovZc2mLYzi36vUADkipWbBVn0elTnq/Aqaw
fYFAwyPOdw2k6mFQGV0rd5iSEXNisaIz1ArY7+d5wSN6sZoqw8/3jxeXTlpQzIl0
upqcmEVeES7tgmqDW9Nc79gvtKFS7F9Sw3zBfQYUx3jZncw8yyjPbnbqpbKMBJWs
L/beBCGs8NtKqMVtDI1hIhalzcdzqtNHo/flKHUR08W0fBBLF02/ld3aIwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFDbw6pyytnIhNRFVHMnxK0nnX5E2MB8GA1UdIwQY
MBaAFN1fLnzCxof1jA0fYTK7Lc/fOMtkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1Y4dWZNTEdoX1dNRFI5aE1yc3R6OTg0eTJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi9iYzBhMjUtOTMzYS00ZjVhLWE1ZjMt
OWRjZmQyZWYzMDIzLzEvTnZEcW5MSzJjaUUxRVZVY3lmRXJTZWRma1RZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi9iYzBhMjUtOTMzYS00ZjVhLWE1ZjMtOWRjZmQyZWYzMDIz
LzEvM1Y4dWZNTEdoX1dNRFI5aE1yc3R6OTg0eTJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAZtS0AD
BAFtS0wDBABtS08DBAK5zDAwDQYJKoZIhvcNAQELBQADggEBAAMlT1FKtjVcwGB+
rhE6AHIWpftji3VQ6+GBBJKd4fx+Fl29KsUkHvrOr2nDazSmUto4rsWHESrWgdte
E5KZU5qLjJo19IZYlNtLXiXVzB/SzNHNfeAagvEZ/BFORjyiowE0VItyUtfDc1UX
3P7A+mRUOPdXmovsOQ6Kvh4kwb3AEvGhDAZfv/OSv9Dp7OcnXEwdDb4YjROHxwgp
/YWemuO7QNJsN56/rZ51P6Uv5VDBnYDwJkpNCgBeHdSsKJroH7NX8FC3gwMgnySd
80c6tQeIod29BwIgJn01jSB8l12pZB8EWB/5l+yrDCVB9ei1kq6ib29OpIfoQVg5
jHiD1yw=
-----END CERTIFICATE-----
Generated at Thu Apr 17 22:43:15 2025 by rpki-client