Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/4d9bad-d2ac-4179-8945-94bb83a20029/1/rRKah9Di5-fwiLSZzckNJJGgc_c.roa
File: rRKah9Di5-fwiLSZzckNJJGgc_c.roa (raw, json)
Hash identifier: ia+p12ww5SvNlj521cLWDANMFMD51juR9S8F6EGHcxo=
Subject key identifier: AD:12:9A:87:D0:E2:E7:E7:F0:88:B4:99:CD:C9:0D:24:91:A0:73:F7
Certificate issuer: /CN=ab6f6a36ec2960d4d05f3d9dcb187b9b904ea59b
Certificate serial: 018CCA72EBEE5A14E09A693AC69252ACE7F0
Authority key identifier: AB:6F:6A:36:EC:29:60:D4:D0:5F:3D:9D:CB:18:7B:9B:90:4E:A5:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q29qNuwpYNTQXz2dyxh7m5BOpZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/4d9bad-d2ac-4179-8945-94bb83a20029/1/rRKah9Di5-fwiLSZzckNJJGgc_c.roa
Signing time: Tue 02 Jan 2024 13:52:58 +0000
ROA not before: Tue 02 Jan 2024 13:52:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21277
IP address blocks: 185.14.251.0/24 maxlen: 24
31.25.142.0/23 maxlen: 23
185.184.197.0/24 maxlen: 24
159.255.165.0/24 maxlen: 24
159.255.166.0/23 maxlen: 23
Validation: Failed, certificate revoked on Thu 02 Jan 2025 09:49:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:72:eb:ee:5a:14:e0:9a:69:3a:c6:92:52:ac:e7:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab6f6a36ec2960d4d05f3d9dcb187b9b904ea59b
Validity
Not Before: Jan 2 13:52:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ad129a87d0e2e7e7f088b499cdc90d2491a073f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:0d:f4:69:42:b0:97:93:41:83:34:d8:ea:1f:
a3:66:2f:89:ef:45:dd:47:1f:6a:35:e1:da:7e:cf:
ae:e8:36:74:23:3a:6d:ec:2e:6b:a9:1c:36:e5:e9:
9a:3f:9a:09:3b:2d:c8:7b:66:cb:fa:c4:62:ab:ff:
55:6b:56:84:0b:43:89:de:c5:01:7b:0e:a6:85:f6:
dd:d7:5f:fc:4c:1f:74:fa:ee:c2:d5:d4:70:29:df:
6b:ed:ae:ee:6a:4e:d8:fe:6c:2d:dd:d3:85:5e:d1:
a1:2c:74:08:ae:6b:5b:df:00:5e:02:13:8b:52:7b:
3e:b9:67:c4:fe:19:5c:e1:a0:9d:b4:2d:41:81:bc:
33:d3:4c:d6:2c:2e:a1:84:2c:51:e9:16:e7:f0:62:
67:74:71:c6:0a:75:df:06:10:d5:0a:d6:dc:7b:19:
bd:f1:d9:d8:29:8e:ea:3e:89:62:85:a6:57:85:a1:
13:f8:26:00:0c:2f:ce:fb:71:8b:4f:ac:8a:29:76:
df:66:69:b8:3b:34:94:2c:a8:88:cd:80:ca:fe:a3:
62:a6:0e:42:3d:56:64:b4:93:14:10:cf:f2:b9:fc:
e6:a1:0c:fd:0d:11:c3:68:fc:75:9d:86:f4:50:1c:
8b:47:2c:7a:c7:a4:f1:f9:e1:9f:04:ce:aa:55:34:
9b:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:12:9A:87:D0:E2:E7:E7:F0:88:B4:99:CD:C9:0D:24:91:A0:73:F7
X509v3 Authority Key Identifier:
keyid:AB:6F:6A:36:EC:29:60:D4:D0:5F:3D:9D:CB:18:7B:9B:90:4E:A5:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q29qNuwpYNTQXz2dyxh7m5BOpZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/4d9bad-d2ac-4179-8945-94bb83a20029/1/rRKah9Di5-fwiLSZzckNJJGgc_c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/4d9bad-d2ac-4179-8945-94bb83a20029/1/q29qNuwpYNTQXz2dyxh7m5BOpZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.25.142.0/23
159.255.165.0-159.255.167.255
185.14.251.0/24
185.184.197.0/24
Signature Algorithm: sha256WithRSAEncryption
5c:15:e7:75:e7:e8:97:3e:3c:ab:12:ad:86:f1:c6:f3:7f:d9:
98:25:46:e5:67:dd:8c:b2:1d:b7:4b:eb:34:da:49:f8:1d:cc:
d3:8e:91:72:14:5b:b9:42:a1:6b:d2:a3:b6:67:c2:33:ab:1c:
83:4d:b5:00:73:21:f3:ae:3c:92:36:13:d4:f0:ae:b0:24:27:
46:8b:6e:43:94:48:36:45:2a:4e:e2:12:e0:17:e7:56:fb:06:
02:b8:12:64:b6:80:0e:0b:15:e0:ab:91:32:22:77:ee:e5:4d:
c2:0f:8f:1a:96:b7:b8:bf:46:9f:83:ee:0f:17:0f:f5:5d:72:
de:6b:94:01:3e:0c:8c:d9:a8:82:4e:8f:25:98:ae:64:45:a3:
05:1a:a0:fd:e9:76:7b:86:61:37:3d:b1:ec:2b:52:de:38:ab:
7d:eb:1f:e4:36:05:d1:45:8c:8a:87:fd:db:b4:15:5c:44:55:
68:38:4b:84:b0:ab:fa:68:12:d0:9b:f0:ba:e6:8d:6e:b2:0a:
e2:61:46:95:42:c6:b3:9d:af:26:0a:7a:f5:05:8b:e7:a6:65:
ac:45:31:ec:56:a8:9d:d9:de:7f:a5:8e:1a:b3:fe:fa:a4:bd:
e9:99:44:b5:fc:22:6f:38:ad:27:af:73:c3:a3:c8:84:02:02:
34:c8:1e:91
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYzKcuvuWhTgmmk6xpJSrOfwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiNmY2YTM2ZWMyOTYwZDRkMDVmM2Q5ZGNiMTg3YjliOTA0
ZWE1OWIwHhcNMjQwMTAyMTM1MjU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDEyOWE4N2QwZTJlN2U3ZjA4OGI0OTljZGM5MGQyNDkxYTA3M2Y3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Q30aUKwl5NBgzTY6h+jZi+J70Xd
Rx9qNeHafs+u6DZ0Izpt7C5rqRw25emaP5oJOy3Ie2bL+sRiq/9Va1aEC0OJ3sUB
ew6mhfbd11/8TB90+u7C1dRwKd9r7a7uak7Y/mwt3dOFXtGhLHQIrmtb3wBeAhOL
Uns+uWfE/hlc4aCdtC1Bgbwz00zWLC6hhCxR6Rbn8GJndHHGCnXfBhDVCtbcexm9
8dnYKY7qPolihaZXhaET+CYADC/O+3GLT6yKKXbfZmm4OzSULKiIzYDK/qNipg5C
PVZktJMUEM/yufzmoQz9DRHDaPx1nYb0UByLRyx6x6Tx+eGfBM6qVTSbCQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFK0SmofQ4ufn8Ii0mc3JDSSRoHP3MB8GA1UdIwQY
MBaAFKtvajbsKWDU0F89ncsYe5uQTqWbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTI5cU51d3BZTlRRWHoyZHl4aDdtNUJPcFpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy80ZDliYWQtZDJhYy00MTc5LTg5NDUt
OTRiYjgzYTIwMDI5LzEvclJLYWg5RGk1LWZ3aUxTWnpja05KSkdnY19jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy80ZDliYWQtZDJhYy00MTc5LTg5NDUtOTRiYjgzYTIwMDI5
LzEvcTI5cU51d3BZTlRRWHoyZHl4aDdtNUJPcFpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQBHxmOMAwD
BACf/6UDBAOf/6ADBAC5DvsDBAC5uMUwDQYJKoZIhvcNAQELBQADggEBAFwV53Xn
6Jc+PKsSrYbxxvN/2ZglRuVn3YyyHbdL6zTaSfgdzNOOkXIUW7lCoWvSo7ZnwjOr
HINNtQBzIfOuPJI2E9TwrrAkJ0aLbkOUSDZFKk7iEuAX51b7BgK4EmS2gA4LFeCr
kTIid+7lTcIPjxqWt7i/Rp+D7g8XD/Vdct5rlAE+DIzZqIJOjyWYrmRFowUaoP3p
dnuGYTc9sewrUt44q33rH+Q2BdFFjIqH/du0FVxEVWg4S4Swq/poEtCb8LrmjW6y
CuJhRpVCxrOdryYKevUFi+emZaxFMexWqJ3Z3n+ljhqz/vqkvemZRLX8Im84rSev
c8OjyIQCAjTIHpE=
-----END CERTIFICATE-----
Generated at Sat Apr 19 06:24:46 2025 by rpki-client