Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/45a539-4a1e-494b-be94-1ee56c5cfbf5/1/0A-My1D83ZmQ786y-Of6Qvl5QoI.roa
File: 0A-My1D83ZmQ786y-Of6Qvl5QoI.roa (raw, json)
Hash identifier: Ha98GoCnPcsE3WpwOJkZjQKw1Tnb5osEkjJyhILMT5M=
Subject key identifier: D0:0F:8C:CB:50:FC:DD:99:90:EF:CE:B2:F8:E7:FA:42:F9:79:42:82
Certificate issuer: /CN=34603406cf0e1d7dc4a8784a188a6238e3c13abe
Certificate serial: 01928F0E2429FF9A61CF746C2251EFBDFF54
Authority key identifier: 34:60:34:06:CF:0E:1D:7D:C4:A8:78:4A:18:8A:62:38:E3:C1:3A:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NGA0Bs8OHX3EqHhKGIpiOOPBOr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/45a539-4a1e-494b-be94-1ee56c5cfbf5/1/0A-My1D83ZmQ786y-Of6Qvl5QoI.roa
Signing time: Tue 15 Oct 2024 07:22:01 +0000
ROA not before: Tue 15 Oct 2024 07:22:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25400
IP address blocks: 185.53.116.0/22 maxlen: 22
Validation: Failed, certificate revoked on Thu 02 Jan 2025 13:50:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:8f:0e:24:29:ff:9a:61:cf:74:6c:22:51:ef:bd:ff:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34603406cf0e1d7dc4a8784a188a6238e3c13abe
Validity
Not Before: Oct 15 07:22:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d00f8ccb50fcdd9990efceb2f8e7fa42f9794282
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:ba:01:4f:4a:0a:ea:35:93:6c:84:9d:70:d6:
91:62:c9:50:1d:12:ed:f0:c1:dc:a8:ea:d2:ec:64:
9b:b7:81:c1:f0:72:81:95:c3:a6:b2:66:1e:ff:2c:
b2:fd:4d:1b:b8:36:78:f9:2a:ef:c4:5b:db:30:93:
27:83:85:ae:a3:e3:aa:87:0e:5b:7a:fb:8d:e4:94:
35:90:cf:57:c6:26:59:8f:d0:c1:2b:58:59:92:63:
ec:a3:f3:24:39:10:d5:4e:75:e6:3c:f8:37:7b:c8:
9c:bd:0e:94:88:64:d3:70:7c:46:4b:5c:db:b6:67:
77:5c:17:c8:d1:96:28:4a:56:33:ea:06:3b:6a:15:
19:ee:1d:c9:c3:24:64:f9:bb:70:8b:8f:58:c1:3d:
c4:19:cd:39:cc:81:0a:76:d4:00:cf:ba:f6:87:e4:
30:92:f7:18:9a:c8:47:d9:50:ff:1f:bf:46:7c:02:
9d:e8:c4:fe:74:3d:03:54:8d:44:a4:80:53:fc:a8:
91:9e:01:5c:55:cd:8e:d5:ca:fd:c8:ec:0f:5a:6d:
b8:36:8c:c5:76:20:df:dd:65:7b:d6:d9:23:7e:22:
88:ac:b7:8d:cb:bb:cc:64:65:51:66:fb:6e:e1:f8:
7f:15:c0:b7:ae:b6:67:05:ab:00:fa:19:66:f9:8a:
0c:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:0F:8C:CB:50:FC:DD:99:90:EF:CE:B2:F8:E7:FA:42:F9:79:42:82
X509v3 Authority Key Identifier:
keyid:34:60:34:06:CF:0E:1D:7D:C4:A8:78:4A:18:8A:62:38:E3:C1:3A:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NGA0Bs8OHX3EqHhKGIpiOOPBOr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/45a539-4a1e-494b-be94-1ee56c5cfbf5/1/0A-My1D83ZmQ786y-Of6Qvl5QoI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/45a539-4a1e-494b-be94-1ee56c5cfbf5/1/NGA0Bs8OHX3EqHhKGIpiOOPBOr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.53.116.0/22
Signature Algorithm: sha256WithRSAEncryption
af:17:21:53:68:5d:1c:1d:02:26:4c:c3:3e:c4:b1:5d:e8:fe:
cc:7b:a6:81:62:bd:62:36:47:e4:11:33:59:a3:ae:d7:26:ea:
03:f4:68:33:a5:9b:d5:3f:36:8b:60:97:32:80:0a:85:74:17:
77:82:d7:68:0b:e5:c0:c3:da:90:80:2f:27:1c:3c:fc:a0:09:
b6:1a:b5:31:12:7b:98:6e:3f:44:cc:6b:0f:6f:d1:fd:c6:9d:
27:e8:37:91:21:8f:54:85:b2:e5:1e:5e:51:ca:f3:cf:2c:6d:
4d:3f:02:f8:d3:23:98:eb:67:bf:15:37:ed:20:05:c7:78:13:
ba:f5:5b:6d:3c:7b:4b:ce:81:9b:da:73:d3:d5:dc:99:52:ef:
0b:09:e0:5a:79:d9:46:99:4f:dd:53:aa:1a:81:ca:54:70:9d:
08:6e:5c:25:4f:9e:48:83:c4:da:82:23:3d:a2:f7:ce:b1:28:
12:b5:d6:a7:4d:91:e1:2d:43:f6:f2:cb:a7:26:29:ac:1f:c8:
75:53:7a:b2:e8:5f:79:0d:ba:56:54:a4:79:fe:8a:81:4f:68:
45:4e:d6:e4:41:5a:7e:13:70:0e:1e:1d:71:39:1e:b2:e0:cc:
9a:36:50:f1:a0:d4:1f:96:42:d5:11:d9:42:47:0c:d4:21:e1:
8f:e3:36:29
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZKPDiQp/5phz3RsIlHvvf9UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0NjAzNDA2Y2YwZTFkN2RjNGE4Nzg0YTE4OGE2MjM4ZTNj
MTNhYmUwHhcNMjQxMDE1MDcyMjAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDBmOGNjYjUwZmNkZDk5OTBlZmNlYjJmOGU3ZmE0MmY5Nzk0MjgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsroBT0oK6jWTbISdcNaRYslQHRLt
8MHcqOrS7GSbt4HB8HKBlcOmsmYe/yyy/U0buDZ4+SrvxFvbMJMng4Wuo+Oqhw5b
evuN5JQ1kM9XxiZZj9DBK1hZkmPso/MkORDVTnXmPPg3e8icvQ6UiGTTcHxGS1zb
tmd3XBfI0ZYoSlYz6gY7ahUZ7h3JwyRk+btwi49YwT3EGc05zIEKdtQAz7r2h+Qw
kvcYmshH2VD/H79GfAKd6MT+dD0DVI1EpIBT/KiRngFcVc2O1cr9yOwPWm24NozF
diDf3WV71tkjfiKIrLeNy7vMZGVRZvtu4fh/FcC3rrZnBasA+hlm+YoMSwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNAPjMtQ/N2ZkO/Osvjn+kL5eUKCMB8GA1UdIwQY
MBaAFDRgNAbPDh19xKh4ShiKYjjjwTq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkdBMEJzOE9IWDNFcUhoS0dJcGlPT1BCT3I0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS80NWE1MzktNGExZS00OTRiLWJlOTQt
MWVlNTZjNWNmYmY1LzEvMEEtTXkxRDgzWm1RNzg2eS1PZjZRdmw1UW9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS80NWE1MzktNGExZS00OTRiLWJlOTQtMWVlNTZjNWNmYmY1
LzEvTkdBMEJzOE9IWDNFcUhoS0dJcGlPT1BCT3I0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuTV0MA0G
CSqGSIb3DQEBCwUAA4IBAQCvFyFTaF0cHQImTMM+xLFd6P7Me6aBYr1iNkfkETNZ
o67XJuoD9GgzpZvVPzaLYJcygAqFdBd3gtdoC+XAw9qQgC8nHDz8oAm2GrUxEnuY
bj9EzGsPb9H9xp0n6DeRIY9UhbLlHl5RyvPPLG1NPwL40yOY62e/FTftIAXHeBO6
9VttPHtLzoGb2nPT1dyZUu8LCeBaedlGmU/dU6oagcpUcJ0IblwlT55Ig8TagiM9
ovfOsSgStdanTZHhLUP28sunJimsH8h1U3qy6F95DbpWVKR5/oqBT2hFTtbkQVp+
E3AOHh1xOR6y4MyaNlDxoNQflkLVEdlCRwzUIeGP4zYp
-----END CERTIFICATE-----
Generated at Mon Apr 21 02:11:05 2025 by rpki-client