Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/9A6IZMIRRPD4UrO47EAy1I9ni70.roa
File: 9A6IZMIRRPD4UrO47EAy1I9ni70.roa (raw, json)
Hash identifier: 1G28e2MOvaC6qmPHHeGtqJiqP1Yw4WPiqcDqo7pku7c=
Subject key identifier: F4:0E:88:64:C2:11:44:F0:F8:52:B3:B8:EC:40:32:D4:8F:67:8B:BD
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 0193FDDA8E6B8C111489FA9135040DB8D2D3
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/9A6IZMIRRPD4UrO47EAy1I9ni70.roa
Signing time: Wed 25 Dec 2024 12:46:19 +0000
ROA not before: Wed 25 Dec 2024 12:46:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 176.125.251.0/24 maxlen: 24
185.199.213.0/24 maxlen: 24
185.221.26.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 23:48:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:fd:da:8e:6b:8c:11:14:89:fa:91:35:04:0d:b8:d2:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: Dec 25 12:46:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f40e8864c21144f0f852b3b8ec4032d48f678bbd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:1d:68:54:cb:ec:cd:7b:60:04:7f:b8:5f:e2:
41:05:4f:91:97:f6:f9:2b:0f:56:41:db:3a:b3:d2:
d7:4a:a3:4f:64:0b:e0:05:07:c5:d1:2d:c4:e0:7e:
5a:42:83:fc:d5:f6:c7:5f:5b:21:b5:33:b5:72:e2:
49:0d:91:cb:69:6d:a8:0d:a7:6d:c5:54:34:70:d0:
6a:9c:a8:a0:1d:8a:39:52:d7:93:ac:b2:21:36:29:
2a:bc:ca:00:f0:f4:f2:29:df:0b:7e:e3:57:b5:d8:
70:f3:cd:82:8f:67:e1:9f:93:9e:6c:46:db:5e:22:
8b:da:82:ad:53:11:3a:e6:63:2c:0a:49:54:a8:42:
03:7e:1e:a0:1c:9a:6e:a6:c9:df:16:32:9d:24:69:
83:96:c0:dd:11:84:eb:7c:3e:1c:7c:c6:4f:8c:63:
30:a3:db:39:ff:88:de:bf:07:e0:95:e9:3a:bd:fa:
51:51:a9:7a:35:c5:b3:6c:63:6e:e5:28:80:e7:fd:
05:64:91:b7:95:a2:9d:35:d9:20:ce:2f:55:d9:68:
08:6e:34:28:f1:3b:12:3e:db:99:ad:59:55:c3:5e:
e7:ef:85:a2:55:e2:aa:e2:e8:5c:d4:50:04:21:8a:
aa:36:c8:dd:8f:7f:a5:6f:46:fc:a4:85:5b:10:f7:
9b:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:0E:88:64:C2:11:44:F0:F8:52:B3:B8:EC:40:32:D4:8F:67:8B:BD
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/9A6IZMIRRPD4UrO47EAy1I9ni70.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.125.251.0/24
185.199.213.0/24
185.221.26.0/24
Signature Algorithm: sha256WithRSAEncryption
92:f7:76:1d:da:d7:1f:7c:97:56:d2:5f:12:a3:d4:76:e3:56:
1b:f7:f1:c5:b5:0a:7f:2e:8a:cf:d9:a7:ce:bf:fd:82:f9:10:
89:37:59:2f:89:b7:62:f7:77:5e:ff:6d:6b:3b:9f:b0:12:3f:
c4:a0:e3:7c:a6:9b:ae:f2:ab:08:10:95:74:d9:23:cb:10:3e:
24:c5:a8:a1:a7:24:94:ea:b8:c8:ba:c7:f3:09:8b:ae:e3:01:
4f:7e:09:3b:d2:db:f6:b8:5c:1f:38:4d:7c:e4:b9:5b:c6:ea:
54:3e:49:b3:7e:3c:3e:10:a1:de:8c:d1:11:5e:b0:ff:bd:ac:
14:54:f8:87:17:cf:33:98:ba:3b:3d:a8:a0:81:cc:a8:6c:8e:
cc:f0:cd:a8:6d:a1:9b:b3:54:7d:2e:c8:2c:c9:de:f1:06:b7:
2f:6f:07:1b:77:3d:6b:2d:b0:d2:27:12:b2:10:9d:c3:87:f8:
31:52:f3:44:1e:bd:14:eb:e1:0c:da:8a:1b:82:5c:66:3c:40:
da:5f:ae:0d:f9:86:ad:cc:18:5d:ad:9c:f2:53:40:4f:a4:0a:
df:ba:04:85:95:ca:98:ae:ef:a2:4e:40:e3:f8:b5:02:bf:80:
b4:3a:85:34:2c:37:27:9e:d1:f9:c1:d9:8b:be:ab:03:0f:9f:
79:ec:88:ea
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZP92o5rjBEUifqRNQQNuNLTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjQxMjI1MTI0NjE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDBlODg2NGMyMTE0NGYwZjg1MmIzYjhlYzQwMzJkNDhmNjc4YmJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxx1oVMvszXtgBH+4X+JBBU+Rl/b5
Kw9WQds6s9LXSqNPZAvgBQfF0S3E4H5aQoP81fbHX1shtTO1cuJJDZHLaW2oDadt
xVQ0cNBqnKigHYo5UteTrLIhNikqvMoA8PTyKd8LfuNXtdhw882Cj2fhn5OebEbb
XiKL2oKtUxE65mMsCklUqEIDfh6gHJpupsnfFjKdJGmDlsDdEYTrfD4cfMZPjGMw
o9s5/4jevwfglek6vfpRUal6NcWzbGNu5SiA5/0FZJG3laKdNdkgzi9V2WgIbjQo
8TsSPtuZrVlVw17n74WiVeKq4uhc1FAEIYqqNsjdj3+lb0b8pIVbEPebnQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFPQOiGTCEUTw+FKzuOxAMtSPZ4u9MB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEvOUE2SVpNSVJSUEQ0VXJPNDdFQXkxSTluaTcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky
LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAsH37AwQA
ucfVAwQAud0aMA0GCSqGSIb3DQEBCwUAA4IBAQCS93Yd2tcffJdW0l8So9R241Yb
9/HFtQp/LorP2afOv/2C+RCJN1kvibdi93de/21rO5+wEj/EoON8ppuu8qsIEJV0
2SPLED4kxaihpySU6rjIusfzCYuu4wFPfgk70tv2uFwfOE185LlbxupUPkmzfjw+
EKHejNERXrD/vawUVPiHF88zmLo7PaiggcyobI7M8M2obaGbs1R9Lsgsyd7xBrcv
bwcbdz1rLbDSJxKyEJ3Dh/gxUvNEHr0U6+EM2oobglxmPEDaX64N+YatzBhdrZzy
U0BPpArfugSFlcqYru+iTkDj+LUCv4C0OoU0LDcnntH5wdmLvqsDD5957Ijq
-----END CERTIFICATE-----
Generated at Sun Apr 20 21:28:43 2025 by rpki-client