Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/861953-5f65-4465-9046-f4d071f50f1d/1/2rNzZMm3INs3ag552XvlxKkgsEA.roa
File: 2rNzZMm3INs3ag552XvlxKkgsEA.roa (raw, json)
Hash identifier: rXgG+DRcB2ter41Rh6MQzi6NzNIXCAXcCRzWcNp6m8A=
Subject key identifier: DA:B3:73:64:C9:B7:20:DB:37:6A:0E:79:D9:7B:E5:C4:A9:20:B0:40
Certificate issuer: /CN=d5d1cd47a53ef57ebb567bc882ad2986faac5f0d
Certificate serial: 018CC8014BEE5B559440442B8791B990A5E9
Authority key identifier: D5:D1:CD:47:A5:3E:F5:7E:BB:56:7B:C8:82:AD:29:86:FA:AC:5F:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1dHNR6U-9X67VnvIgq0phvqsXw0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/861953-5f65-4465-9046-f4d071f50f1d/1/2rNzZMm3INs3ag552XvlxKkgsEA.roa
Signing time: Tue 02 Jan 2024 02:29:37 +0000
ROA not before: Tue 02 Jan 2024 02:29:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201916
IP address blocks: 185.59.216.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 17:48:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:4b:ee:5b:55:94:40:44:2b:87:91:b9:90:a5:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5d1cd47a53ef57ebb567bc882ad2986faac5f0d
Validity
Not Before: Jan 2 02:29:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dab37364c9b720db376a0e79d97be5c4a920b040
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:98:b5:0f:aa:2b:d3:29:b3:8c:40:b5:3a:d6:
2b:bc:1b:41:0a:52:71:68:05:68:d2:6c:23:ea:41:
aa:f5:0e:57:1f:5b:11:d3:d8:6b:64:2f:9b:56:fc:
c8:0c:53:59:eb:ff:3e:51:e8:cd:b9:a2:3c:69:f8:
fa:6d:a2:3c:a9:b9:c0:c4:93:c7:83:16:bf:f8:4c:
75:31:c5:f0:4c:f7:db:4d:46:a9:1e:46:d0:d5:95:
ca:99:2c:bb:89:f6:97:47:3a:2f:19:cc:f9:f5:c9:
df:8c:86:8e:f0:0c:d5:bd:be:14:98:1c:39:1a:f7:
25:8e:68:d2:c4:c0:ba:2d:39:87:c8:55:74:b2:40:
c4:51:c6:6e:9e:c0:81:1a:15:9a:3f:a1:bf:07:ff:
99:79:19:ce:35:7d:08:b4:99:82:9b:de:13:41:02:
72:a3:c3:d3:37:61:7c:c3:2e:33:4d:99:0e:3e:5c:
b9:72:02:93:2f:a8:c4:d2:55:82:31:fa:98:46:12:
1c:13:a1:dc:7b:02:45:56:c6:71:82:3b:cf:7b:5b:
b7:a3:e1:da:f4:c9:6d:79:f9:69:5c:fe:af:97:17:
cf:26:fc:2c:d3:e5:4f:95:ad:62:51:7a:28:0a:9f:
7a:fc:24:48:2f:14:06:59:9c:ea:2d:da:8b:2f:2c:
38:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:B3:73:64:C9:B7:20:DB:37:6A:0E:79:D9:7B:E5:C4:A9:20:B0:40
X509v3 Authority Key Identifier:
keyid:D5:D1:CD:47:A5:3E:F5:7E:BB:56:7B:C8:82:AD:29:86:FA:AC:5F:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1dHNR6U-9X67VnvIgq0phvqsXw0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/861953-5f65-4465-9046-f4d071f50f1d/1/2rNzZMm3INs3ag552XvlxKkgsEA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/861953-5f65-4465-9046-f4d071f50f1d/1/1dHNR6U-9X67VnvIgq0phvqsXw0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.59.216.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:9d:12:c2:aa:7c:9f:12:0f:83:b1:ff:89:61:e8:e2:3f:83:
b3:eb:8b:be:00:b2:e0:f2:a7:c1:04:28:09:d0:dc:b9:97:f5:
29:4e:8c:a1:22:f1:5a:82:f6:2e:68:2a:fb:2d:51:a2:a3:20:
c2:14:1d:73:c7:13:4e:e5:55:72:97:a1:05:dd:58:31:f5:5a:
5e:8c:bf:0a:1f:e2:09:e3:0f:dc:d0:9a:98:e1:d2:07:c9:e4:
d6:bd:dd:b6:22:24:a6:9f:83:db:c2:92:5d:52:ff:b9:df:77:
7b:57:c2:5b:4f:43:c1:fa:d1:43:64:88:9c:57:3d:63:d0:54:
3d:17:0c:41:59:17:07:72:93:b7:74:f2:99:0a:c1:4a:0c:72:
f8:2d:a4:6e:bd:48:9d:ac:56:dd:64:ea:b4:2a:ae:be:c0:81:
cd:62:7d:38:14:c3:ac:f1:24:fd:ab:ef:a6:05:f8:d4:c6:b2:
47:a9:c6:81:dc:d6:c2:26:f9:f1:3f:28:07:bf:a9:de:ce:ab:
cf:62:db:49:eb:02:d4:8e:87:59:c7:44:17:1e:5b:f7:97:1e:
1d:f1:1c:cc:e0:35:44:c7:7f:ec:0c:40:05:1a:74:18:4c:e6:
18:37:85:9c:06:78:0a:69:c8:15:72:c1:57:3e:ea:49:b2:87:
8f:db:eb:98
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIAUvuW1WUQEQrh5G5kKXpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1ZDFjZDQ3YTUzZWY1N2ViYjU2N2JjODgyYWQyOTg2ZmFh
YzVmMGQwHhcNMjQwMTAyMDIyOTM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYWIzNzM2NGM5YjcyMGRiMzc2YTBlNzlkOTdiZTVjNGE5MjBiMDQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm5i1D6or0ymzjEC1OtYrvBtBClJx
aAVo0mwj6kGq9Q5XH1sR09hrZC+bVvzIDFNZ6/8+UejNuaI8afj6baI8qbnAxJPH
gxa/+Ex1McXwTPfbTUapHkbQ1ZXKmSy7ifaXRzovGcz59cnfjIaO8AzVvb4UmBw5
GvcljmjSxMC6LTmHyFV0skDEUcZunsCBGhWaP6G/B/+ZeRnONX0ItJmCm94TQQJy
o8PTN2F8wy4zTZkOPly5cgKTL6jE0lWCMfqYRhIcE6HcewJFVsZxgjvPe1u3o+Ha
9MlteflpXP6vlxfPJvws0+VPla1iUXooCp96/CRILxQGWZzqLdqLLyw47QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNqzc2TJtyDbN2oOedl75cSpILBAMB8GA1UdIwQY
MBaAFNXRzUelPvV+u1Z7yIKtKYb6rF8NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWRITlI2VS05WDY3Vm52SWdxMHBodnFzWHcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS84NjE5NTMtNWY2NS00NDY1LTkwNDYt
ZjRkMDcxZjUwZjFkLzEvMnJOelpNbTNJTnMzYWc1NTJYdmx4S2tnc0VBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS84NjE5NTMtNWY2NS00NDY1LTkwNDYtZjRkMDcxZjUwZjFk
LzEvMWRITlI2VS05WDY3Vm52SWdxMHBodnFzWHcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuTvYMA0G
CSqGSIb3DQEBCwUAA4IBAQAtnRLCqnyfEg+Dsf+JYejiP4Oz64u+ALLg8qfBBCgJ
0Ny5l/UpToyhIvFagvYuaCr7LVGioyDCFB1zxxNO5VVyl6EF3Vgx9VpejL8KH+IJ
4w/c0JqY4dIHyeTWvd22IiSmn4PbwpJdUv+533d7V8JbT0PB+tFDZIicVz1j0FQ9
FwxBWRcHcpO3dPKZCsFKDHL4LaRuvUidrFbdZOq0Kq6+wIHNYn04FMOs8ST9q++m
BfjUxrJHqcaB3NbCJvnxPygHv6nezqvPYttJ6wLUjodZx0QXHlv3lx4d8RzM4DVE
x3/sDEAFGnQYTOYYN4WcBngKacgVcsFXPupJsoeP2+uY
-----END CERTIFICATE-----
Generated at Sun Feb 16 21:56:24 2025 by rpki-client