Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/18c498-2171-4e1c-8d80-a6c49eb28287/1/kDQAf3UuemyZGgnzHRxV3GhPVzQ.roa
File: kDQAf3UuemyZGgnzHRxV3GhPVzQ.roa (raw, json)
Hash identifier: 30DMugw9dWx86uv1YKdRU6PD/RfknUnbf4hTWNStwQ4=
Subject key identifier: 90:34:00:7F:75:2E:7A:6C:99:1A:09:F3:1D:1C:55:DC:68:4F:57:34
Certificate issuer: /CN=74e3c336972094b1a8c13d41816857d197a3aae9
Certificate serial: 019422FB5F147FFBD3F5E1CD6B6773A8BE72
Authority key identifier: 74:E3:C3:36:97:20:94:B1:A8:C1:3D:41:81:68:57:D1:97:A3:AA:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dOPDNpcglLGowT1BgWhX0Zejquk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3f/18c498-2171-4e1c-8d80-a6c49eb28287/1/kDQAf3UuemyZGgnzHRxV3GhPVzQ.roa
Signing time: Wed 01 Jan 2025 17:48:06 +0000
ROA not before: Wed 01 Jan 2025 17:48:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16509
IP address blocks: 185.192.217.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 20 Jan 2025 11:09:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:5f:14:7f:fb:d3:f5:e1:cd:6b:67:73:a8:be:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=74e3c336972094b1a8c13d41816857d197a3aae9
Validity
Not Before: Jan 1 17:48:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9034007f752e7a6c991a09f31d1c55dc684f5734
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:32:22:89:f3:3e:51:2e:98:90:58:fc:42:39:
86:fa:a0:d8:39:db:ca:1d:6a:19:36:c3:f1:6d:8b:
a8:a2:fa:86:33:a9:4b:4a:55:60:86:45:85:fb:69:
bf:9b:d2:be:02:23:c5:ff:d9:b2:bb:10:fa:5b:53:
3c:20:18:44:ef:51:58:36:7b:e9:fd:3a:c3:33:fa:
12:06:4e:4a:68:68:24:cc:6f:94:b4:e8:dc:86:49:
28:a6:d1:48:1c:0b:dd:3b:f0:f8:74:58:f1:65:7b:
29:1e:3b:da:ba:da:d1:a8:28:4c:6f:9d:ca:ae:13:
a6:ff:63:18:fa:55:af:9f:8c:74:e8:68:e7:77:f4:
17:ab:8e:9d:d2:ae:35:36:35:52:a8:db:7c:9b:4c:
ac:67:4c:98:c9:84:4a:f7:a3:19:f0:ac:20:c7:f6:
cc:91:cf:ba:23:59:c8:ea:c1:63:50:c5:11:b7:dc:
96:55:08:ca:10:43:59:a5:98:55:5d:31:3c:c4:4f:
35:47:ac:b6:0a:17:63:14:01:2a:5a:94:bc:fe:68:
bf:cb:00:a6:d8:42:cd:20:49:87:1f:1e:37:46:28:
e5:02:69:43:b6:92:d2:2c:5a:88:93:7a:22:a6:42:
79:54:64:0d:51:fe:d3:bf:7e:2e:3b:63:7c:8c:c6:
ad:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:34:00:7F:75:2E:7A:6C:99:1A:09:F3:1D:1C:55:DC:68:4F:57:34
X509v3 Authority Key Identifier:
keyid:74:E3:C3:36:97:20:94:B1:A8:C1:3D:41:81:68:57:D1:97:A3:AA:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dOPDNpcglLGowT1BgWhX0Zejquk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/18c498-2171-4e1c-8d80-a6c49eb28287/1/kDQAf3UuemyZGgnzHRxV3GhPVzQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/18c498-2171-4e1c-8d80-a6c49eb28287/1/dOPDNpcglLGowT1BgWhX0Zejquk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.192.217.0/24
Signature Algorithm: sha256WithRSAEncryption
88:1f:67:b8:06:43:45:a8:7a:ed:61:10:e0:b5:8b:23:46:05:
92:5a:73:0d:db:1e:9a:9c:2f:f7:5c:df:09:43:8e:32:4d:9e:
ea:57:60:69:02:45:a0:a7:b9:93:7a:56:7d:71:3f:0f:bc:b5:
8a:bc:98:c3:ad:03:a6:6b:3f:85:f7:eb:a5:a1:37:3c:d5:9b:
98:af:10:46:23:d6:41:c2:64:8d:84:3c:0f:f9:74:16:99:28:
da:14:69:06:49:c7:8b:24:4d:0a:cf:53:ec:d8:20:4a:65:1c:
3a:b7:36:d2:ae:77:d6:85:48:1a:99:af:c8:65:74:48:76:2e:
3d:2c:18:71:60:6f:7f:ac:bf:1d:37:02:ff:19:d3:08:17:49:
25:82:48:6e:db:fe:61:43:82:ed:c4:37:16:16:ca:59:cc:c9:
b5:51:bb:94:78:45:9d:b1:99:23:d0:64:92:9a:f9:91:ba:9b:
01:63:21:01:ee:cc:47:ab:d7:69:33:7e:c9:bd:19:af:b1:75:
7e:a8:c9:f0:7a:4d:61:c6:c0:6d:f4:6c:84:26:0d:0b:34:3c:
68:4c:8c:37:78:b0:1d:0f:c0:2f:8d:4b:c1:d4:b8:1a:a0:bb:
c4:07:39:ff:ac:01:2f:9f:f0:ab:e9:ec:8c:7b:d3:aa:4b:3f:
2a:dd:af:b2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQi+18Uf/vT9eHNa2dzqL5yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0ZTNjMzM2OTcyMDk0YjFhOGMxM2Q0MTgxNjg1N2QxOTdh
M2FhZTkwHhcNMjUwMTAxMTc0ODA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDM0MDA3Zjc1MmU3YTZjOTkxYTA5ZjMxZDFjNTVkYzY4NGY1NzM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzzIiifM+US6YkFj8QjmG+qDYOdvK
HWoZNsPxbYuoovqGM6lLSlVghkWF+2m/m9K+AiPF/9myuxD6W1M8IBhE71FYNnvp
/TrDM/oSBk5KaGgkzG+UtOjchkkoptFIHAvdO/D4dFjxZXspHjvautrRqChMb53K
rhOm/2MY+lWvn4x06Gjnd/QXq46d0q41NjVSqNt8m0ysZ0yYyYRK96MZ8Kwgx/bM
kc+6I1nI6sFjUMURt9yWVQjKEENZpZhVXTE8xE81R6y2ChdjFAEqWpS8/mi/ywCm
2ELNIEmHHx43RijlAmlDtpLSLFqIk3oipkJ5VGQNUf7Tv34uO2N8jMatvwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJA0AH91LnpsmRoJ8x0cVdxoT1c0MB8GA1UdIwQY
MBaAFHTjwzaXIJSxqME9QYFoV9GXo6rpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZE9QRE5wY2dsTEdvd1QxQmdXaFgwWmVqcXVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi8xOGM0OTgtMjE3MS00ZTFjLThkODAt
YTZjNDllYjI4Mjg3LzEva0RRQWYzVXVlbXlaR2duekhSeFYzR2hQVnpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi8xOGM0OTgtMjE3MS00ZTFjLThkODAtYTZjNDllYjI4Mjg3
LzEvZE9QRE5wY2dsTEdvd1QxQmdXaFgwWmVqcXVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAucDZMA0G
CSqGSIb3DQEBCwUAA4IBAQCIH2e4BkNFqHrtYRDgtYsjRgWSWnMN2x6anC/3XN8J
Q44yTZ7qV2BpAkWgp7mTelZ9cT8PvLWKvJjDrQOmaz+F9+uloTc81ZuYrxBGI9ZB
wmSNhDwP+XQWmSjaFGkGSceLJE0Kz1Ps2CBKZRw6tzbSrnfWhUgama/IZXRIdi49
LBhxYG9/rL8dNwL/GdMIF0klgkhu2/5hQ4LtxDcWFspZzMm1UbuUeEWdsZkj0GSS
mvmRupsBYyEB7sxHq9dpM37JvRmvsXV+qMnwek1hxsBt9GyEJg0LNDxoTIw3eLAd
D8AvjUvB1LgaoLvEBzn/rAEvn/Cr6eyMe9OqSz8q3a+y
-----END CERTIFICATE-----
Generated at Sun Apr 6 17:55:32 2025 by rpki-client