Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/0c37c3-9990-4596-99e9-dd5ffd531571/1/4DyPTDdodHkulpDCKNtixUNSWXU.roa
File: 4DyPTDdodHkulpDCKNtixUNSWXU.roa (raw, json)
Hash identifier: lbfg5skUNe69oXqlvJBhjMJyJgHFyas0iFP4bwceENM=
Subject key identifier: E0:3C:8F:4C:37:68:74:79:2E:96:90:C2:28:DB:62:C5:43:52:59:75
Certificate issuer: /CN=9e34b186271ccb89c5e58b30e70bd74109cc284a
Certificate serial: 018FE2481BFDFA1C581EF4643E6D6C11885E
Authority key identifier: 9E:34:B1:86:27:1C:CB:89:C5:E5:8B:30:E7:0B:D7:41:09:CC:28:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/njSxhiccy4nF5Ysw5wvXQQnMKEo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/0c37c3-9990-4596-99e9-dd5ffd531571/1/4DyPTDdodHkulpDCKNtixUNSWXU.roa
Signing time: Tue 04 Jun 2024 08:05:27 +0000
ROA not before: Tue 04 Jun 2024 08:05:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197674
IP address blocks: 185.72.216.0/24 maxlen: 24
185.72.217.0/24 maxlen: 24
185.72.218.0/24 maxlen: 24
185.72.219.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 05 Jun 2024 09:42:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:e2:48:1b:fd:fa:1c:58:1e:f4:64:3e:6d:6c:11:88:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e34b186271ccb89c5e58b30e70bd74109cc284a
Validity
Not Before: Jun 4 08:05:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e03c8f4c376874792e9690c228db62c543525975
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:98:4c:11:8e:97:8e:a2:49:8c:9a:c6:ea:dc:
48:96:0b:fd:0b:81:5f:d5:1b:d2:90:9e:6b:9f:04:
46:d2:d0:81:64:13:22:a5:80:24:27:87:5b:46:ee:
9d:5d:4d:bc:de:cf:d4:e5:f7:95:20:85:c3:22:b3:
38:c2:ff:33:10:e5:5f:ed:db:96:9f:4d:ac:09:00:
67:c4:73:c4:7e:e0:d4:e0:f1:0e:7e:cf:30:fd:86:
90:50:f3:f8:fe:56:87:85:bf:03:42:18:a8:af:00:
83:7f:75:21:87:be:7e:63:be:d5:3a:20:0c:ae:9b:
ef:6c:5b:9b:41:f0:59:b4:8e:e3:63:73:ef:a4:74:
94:98:67:be:95:91:93:a6:aa:86:29:af:a1:ca:cd:
f3:a2:e4:41:cd:41:d0:91:78:1a:89:ff:6c:ac:a5:
44:01:af:1e:6f:c5:44:a5:ff:3a:b5:e6:b8:d1:9f:
ca:80:f8:e8:8b:bf:8b:f0:29:32:87:20:42:d7:30:
67:db:8a:21:f2:6f:01:ae:66:dc:81:2a:5b:af:d2:
85:ce:81:18:95:64:9b:65:13:83:7b:cf:ba:61:03:
79:1e:35:7a:d7:9c:28:ba:d2:d2:9e:95:71:bb:81:
4c:f7:e7:6c:ea:ad:1d:b4:4c:b4:0c:d2:6e:27:d1:
a0:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:3C:8F:4C:37:68:74:79:2E:96:90:C2:28:DB:62:C5:43:52:59:75
X509v3 Authority Key Identifier:
keyid:9E:34:B1:86:27:1C:CB:89:C5:E5:8B:30:E7:0B:D7:41:09:CC:28:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/njSxhiccy4nF5Ysw5wvXQQnMKEo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/0c37c3-9990-4596-99e9-dd5ffd531571/1/4DyPTDdodHkulpDCKNtixUNSWXU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/0c37c3-9990-4596-99e9-dd5ffd531571/1/njSxhiccy4nF5Ysw5wvXQQnMKEo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.72.216.0/22
Signature Algorithm: sha256WithRSAEncryption
6a:fa:53:d2:15:17:5c:96:ba:db:81:66:9a:91:25:c1:b5:fa:
39:36:65:77:13:82:a0:2c:27:b7:da:74:50:bd:fc:88:3b:62:
84:c5:95:c5:3c:8f:59:cc:93:57:de:c9:f7:22:78:aa:81:9c:
c4:b0:81:c5:2b:a7:46:7e:85:52:27:86:c6:3b:af:bc:44:e0:
9f:0f:29:7f:5b:3b:3e:41:3c:d2:b7:8d:ba:d6:52:7a:96:40:
c1:28:ab:d8:53:f0:d1:73:0d:60:cb:63:d9:8a:f1:d9:0d:cb:
be:66:a8:5e:94:95:fa:11:e2:0e:d7:98:84:b5:7b:66:d1:f6:
42:47:62:85:fc:9e:cc:fb:61:7f:be:c2:8c:40:6d:34:a1:c8:
e5:73:ef:88:3d:3a:f7:33:37:b2:1f:65:32:f8:d1:dd:37:17:
7b:32:ea:95:84:82:e8:28:f8:59:ac:9f:8c:3d:b5:4d:d1:4a:
e4:6e:a1:a2:27:fa:7a:d4:40:46:0c:77:4c:a7:18:44:75:07:
a3:4b:a0:8c:8a:0d:b4:13:f4:63:b3:e9:25:15:5c:2b:c8:5c:
ac:01:c9:ef:fa:69:4c:4d:7e:f8:a7:ab:ac:a3:1d:b2:85:74:
8c:b8:ed:41:d5:f0:d6:86:9c:df:14:5f:cc:88:7d:69:7d:40:
8d:19:52:77
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY/iSBv9+hxYHvRkPm1sEYheMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllMzRiMTg2MjcxY2NiODljNWU1OGIzMGU3MGJkNzQxMDlj
YzI4NGEwHhcNMjQwNjA0MDgwNTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDNjOGY0YzM3Njg3NDc5MmU5NjkwYzIyOGRiNjJjNTQzNTI1OTc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3ZhMEY6XjqJJjJrG6txIlgv9C4Ff
1RvSkJ5rnwRG0tCBZBMipYAkJ4dbRu6dXU283s/U5feVIIXDIrM4wv8zEOVf7duW
n02sCQBnxHPEfuDU4PEOfs8w/YaQUPP4/laHhb8DQhiorwCDf3Uhh75+Y77VOiAM
rpvvbFubQfBZtI7jY3PvpHSUmGe+lZGTpqqGKa+hys3zouRBzUHQkXgaif9srKVE
Aa8eb8VEpf86tea40Z/KgPjoi7+L8CkyhyBC1zBn24oh8m8BrmbcgSpbr9KFzoEY
lWSbZRODe8+6YQN5HjV615woutLSnpVxu4FM9+ds6q0dtEy0DNJuJ9GgAwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOA8j0w3aHR5LpaQwijbYsVDUll1MB8GA1UdIwQY
MBaAFJ40sYYnHMuJxeWLMOcL10EJzChKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmpTeGhpY2N5NG5GNVlzdzV3dlhRUW5NS0VvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy8wYzM3YzMtOTk5MC00NTk2LTk5ZTkt
ZGQ1ZmZkNTMxNTcxLzEvNER5UFREZG9kSGt1bHBEQ0tOdGl4VU5TV1hVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy8wYzM3YzMtOTk5MC00NTk2LTk5ZTktZGQ1ZmZkNTMxNTcx
LzEvbmpTeGhpY2N5NG5GNVlzdzV3dlhRUW5NS0VvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuUjYMA0G
CSqGSIb3DQEBCwUAA4IBAQBq+lPSFRdclrrbgWaakSXBtfo5NmV3E4KgLCe32nRQ
vfyIO2KExZXFPI9ZzJNX3sn3IniqgZzEsIHFK6dGfoVSJ4bGO6+8ROCfDyl/Wzs+
QTzSt4261lJ6lkDBKKvYU/DRcw1gy2PZivHZDcu+ZqhelJX6EeIO15iEtXtm0fZC
R2KF/J7M+2F/vsKMQG00ocjlc++IPTr3MzeyH2Uy+NHdNxd7MuqVhILoKPhZrJ+M
PbVN0UrkbqGiJ/p61EBGDHdMpxhEdQejS6CMig20E/Rjs+klFVwryFysAcnv+mlM
TX74p6usox2yhXSMuO1B1fDWhpzfFF/MiH1pfUCNGVJ3
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:13:35 2025 by rpki-client