Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/662fbf-5576-4595-892b-b5b3aeae98ea/1/xjj9LJNIGgQGtNe8q92-ger1cUA.roa
File: xjj9LJNIGgQGtNe8q92-ger1cUA.roa (raw, json)
Hash identifier: MLv1HgX6pVFu5RBHZEE+vSednURUAHRGPNkp67C+wko=
Subject key identifier: C6:38:FD:2C:93:48:1A:04:06:B4:D7:BC:AB:DD:BE:81:EA:F5:71:40
Certificate issuer: /CN=322639b35e5d9d0fb3696fe2fd61cb6f4c3fa504
Certificate serial: 018CC3B732CB4C96CA1CBABB670C42009573
Authority key identifier: 32:26:39:B3:5E:5D:9D:0F:B3:69:6F:E2:FD:61:CB:6F:4C:3F:A5:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MiY5s15dnQ-zaW_i_WHLb0w_pQQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/662fbf-5576-4595-892b-b5b3aeae98ea/1/xjj9LJNIGgQGtNe8q92-ger1cUA.roa
Signing time: Mon 01 Jan 2024 06:30:12 +0000
ROA not before: Mon 01 Jan 2024 06:30:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204331
IP address blocks: 185.253.76.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 05:47:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b7:32:cb:4c:96:ca:1c:ba:bb:67:0c:42:00:95:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=322639b35e5d9d0fb3696fe2fd61cb6f4c3fa504
Validity
Not Before: Jan 1 06:30:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c638fd2c93481a0406b4d7bcabddbe81eaf57140
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:ad:d9:6e:b2:23:0a:2e:e3:b4:71:71:b1:e9:
45:96:01:7f:b9:5b:aa:4c:c7:98:08:91:3c:06:33:
81:a3:17:23:91:8d:d2:4d:63:ef:4c:96:02:10:28:
64:c2:fb:7a:6c:f5:3d:95:2c:4c:3a:f2:e5:3f:05:
23:70:2f:3c:35:3b:0d:90:24:d7:bb:c5:77:e7:87:
96:63:e8:73:5c:c0:62:e8:8b:7d:cf:53:8b:f9:6d:
31:cc:da:0b:27:ed:ba:52:80:46:6a:70:cb:1e:e1:
c9:8e:35:ce:92:a5:65:d8:ba:82:9e:ff:1d:8d:c3:
ea:8f:8a:8e:af:d4:b0:3d:09:5e:1f:6a:f6:fb:bf:
62:56:7d:14:36:7a:1f:e5:9c:ec:bb:60:33:65:b9:
40:05:8f:0e:a8:fa:eb:98:d0:bb:1e:2a:79:4d:48:
7f:00:df:c2:b3:43:0a:3c:72:15:e5:fb:4d:13:24:
c3:a9:4e:5c:2a:38:45:3a:52:b4:80:b5:99:03:88:
77:07:a8:55:2b:25:1a:be:15:87:1f:01:16:95:05:
d9:59:6b:ee:b6:e5:3b:0c:2e:35:85:f8:34:e8:7d:
4c:e8:f1:98:38:75:7c:77:66:73:e6:fe:21:2a:9f:
b3:c2:04:9e:ff:3e:c2:01:c3:b6:7e:99:e0:77:d5:
d4:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:38:FD:2C:93:48:1A:04:06:B4:D7:BC:AB:DD:BE:81:EA:F5:71:40
X509v3 Authority Key Identifier:
keyid:32:26:39:B3:5E:5D:9D:0F:B3:69:6F:E2:FD:61:CB:6F:4C:3F:A5:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MiY5s15dnQ-zaW_i_WHLb0w_pQQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/662fbf-5576-4595-892b-b5b3aeae98ea/1/xjj9LJNIGgQGtNe8q92-ger1cUA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/662fbf-5576-4595-892b-b5b3aeae98ea/1/MiY5s15dnQ-zaW_i_WHLb0w_pQQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.253.76.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:51:5e:22:0b:c3:9b:8c:2c:bb:c6:1b:42:3e:ca:12:75:97:
86:0c:0f:11:34:47:ea:dd:3f:ab:28:94:e8:7d:9e:f1:ec:7d:
69:c3:05:f4:55:87:dd:82:e4:75:a8:d7:19:63:17:4c:b2:5c:
89:b7:6b:23:25:4f:67:77:0a:90:f7:f1:42:2f:24:f3:cd:1b:
53:b0:24:66:b6:87:b5:c3:55:3a:71:a1:23:a6:45:a5:80:03:
2a:46:e8:62:33:69:88:45:08:a6:85:e1:27:de:0c:9a:95:88:
04:7f:8e:0f:88:b6:95:95:43:f3:b3:a1:e3:91:58:44:98:83:
e2:95:ed:10:c3:8b:50:02:4e:6b:c8:50:9c:21:56:ee:89:67:
f3:82:4f:47:a2:36:1d:ae:f4:8a:ca:f5:27:c5:5e:61:78:07:
7a:b4:57:99:cd:80:ce:fa:05:c3:cd:ac:d3:96:c4:a7:96:41:
20:48:44:19:4b:81:cf:b3:47:7f:02:81:0e:9f:44:ca:d8:3c:
77:06:9c:bc:40:6f:cb:96:8e:9e:5b:67:e0:21:22:5d:66:42:
c4:ce:13:e1:33:6e:9c:83:8b:16:0b:c0:f9:34:c7:31:9b:90:
6f:c9:a3:40:6c:37:f5:02:b9:49:4c:d8:5c:bb:6b:75:3f:e3:
a3:d4:0e:77
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDtzLLTJbKHLq7ZwxCAJVzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyMjYzOWIzNWU1ZDlkMGZiMzY5NmZlMmZkNjFjYjZmNGMz
ZmE1MDQwHhcNMjQwMTAxMDYzMDEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjM4ZmQyYzkzNDgxYTA0MDZiNGQ3YmNhYmRkYmU4MWVhZjU3MTQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkK3ZbrIjCi7jtHFxselFlgF/uVuq
TMeYCJE8BjOBoxcjkY3STWPvTJYCEChkwvt6bPU9lSxMOvLlPwUjcC88NTsNkCTX
u8V354eWY+hzXMBi6It9z1OL+W0xzNoLJ+26UoBGanDLHuHJjjXOkqVl2LqCnv8d
jcPqj4qOr9SwPQleH2r2+79iVn0UNnof5Zzsu2AzZblABY8OqPrrmNC7Hip5TUh/
AN/Cs0MKPHIV5ftNEyTDqU5cKjhFOlK0gLWZA4h3B6hVKyUavhWHHwEWlQXZWWvu
tuU7DC41hfg06H1M6PGYOHV8d2Zz5v4hKp+zwgSe/z7CAcO2fpngd9XUwQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMY4/SyTSBoEBrTXvKvdvoHq9XFAMB8GA1UdIwQY
MBaAFDImObNeXZ0Ps2lv4v1hy29MP6UEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWlZNXMxNWRuUS16YVdfaV9XSExiMHdfcFFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy82NjJmYmYtNTU3Ni00NTk1LTg5MmIt
YjViM2FlYWU5OGVhLzEveGpqOUxKTklHZ1FHdE5lOHE5Mi1nZXIxY1VBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy82NjJmYmYtNTU3Ni00NTk1LTg5MmItYjViM2FlYWU5OGVh
LzEvTWlZNXMxNWRuUS16YVdfaV9XSExiMHdfcFFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuf1MMA0G
CSqGSIb3DQEBCwUAA4IBAQBLUV4iC8ObjCy7xhtCPsoSdZeGDA8RNEfq3T+rKJTo
fZ7x7H1pwwX0VYfdguR1qNcZYxdMslyJt2sjJU9ndwqQ9/FCLyTzzRtTsCRmtoe1
w1U6caEjpkWlgAMqRuhiM2mIRQimheEn3gyalYgEf44PiLaVlUPzs6HjkVhEmIPi
le0Qw4tQAk5ryFCcIVbuiWfzgk9HojYdrvSKyvUnxV5heAd6tFeZzYDO+gXDzazT
lsSnlkEgSEQZS4HPs0d/AoEOn0TK2Dx3Bpy8QG/Llo6eW2fgISJdZkLEzhPhM26c
g4sWC8D5NMcxm5BvyaNAbDf1ArlJTNhcu2t1P+Oj1A53
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:14:02 2025 by rpki-client