Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/67b1ec-208f-4d62-9cbc-ede1e4bb611e/1/NMxq8tjujSEn5hfJGwFrNkMdMeU.roa
File: NMxq8tjujSEn5hfJGwFrNkMdMeU.roa (raw, json)
Hash identifier: t6Hz75gfj5zF5y2bS+9lhgtjZ6iWuAxGE9F1z59XBwA=
Subject key identifier: 34:CC:6A:F2:D8:EE:8D:21:27:E6:17:C9:1B:01:6B:36:43:1D:31:E5
Certificate issuer: /CN=5002a33f5ec6680591c097fdb4aba0e028f40845
Certificate serial: 018CC349438F463D4704E565979AE88FE245
Authority key identifier: 50:02:A3:3F:5E:C6:68:05:91:C0:97:FD:B4:AB:A0:E0:28:F4:08:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UAKjP17GaAWRwJf9tKug4Cj0CEU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/67b1ec-208f-4d62-9cbc-ede1e4bb611e/1/NMxq8tjujSEn5hfJGwFrNkMdMeU.roa
Signing time: Mon 01 Jan 2024 04:30:07 +0000
ROA not before: Mon 01 Jan 2024 04:30:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58127
IP address blocks: 185.185.112.0/22 maxlen: 22
185.185.112.0/24 maxlen: 24
185.185.115.0/24 maxlen: 24
185.185.114.0/24 maxlen: 24
185.185.113.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 03:48:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:43:8f:46:3d:47:04:e5:65:97:9a:e8:8f:e2:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5002a33f5ec6680591c097fdb4aba0e028f40845
Validity
Not Before: Jan 1 04:30:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=34cc6af2d8ee8d2127e617c91b016b36431d31e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:0e:12:be:62:27:ad:71:83:5d:61:c8:c6:dc:
bd:09:70:8a:ee:b4:f6:65:1d:ef:47:04:73:e5:d1:
fc:3a:11:c3:be:cd:74:58:cb:54:2d:37:ef:61:80:
17:41:86:4c:90:33:b5:9b:4b:ce:78:d2:6f:0a:3a:
b0:24:0b:b1:47:c9:7b:c6:a9:01:08:0b:e3:b4:bd:
af:c8:89:0a:15:17:54:ef:83:a0:d3:60:c3:fd:44:
dc:7f:14:b7:a3:63:d5:ba:19:f5:24:85:c8:07:b3:
28:92:88:f9:51:8b:7e:cd:f2:f3:6a:cb:93:a8:cd:
6e:56:36:74:df:3f:9b:24:7c:e0:1a:0a:e2:3b:69:
3a:cf:43:dd:86:60:05:40:20:c0:ab:c9:61:6f:7a:
9e:58:20:51:90:cb:92:6e:8b:ae:9d:d7:a8:a3:6b:
0c:d9:8d:3c:4e:8e:91:d6:75:e2:56:28:1f:c5:48:
21:d1:81:84:5b:ef:20:06:d2:c2:ae:16:ab:4a:a0:
e1:57:bb:b7:45:6c:2c:26:6b:43:10:33:06:1a:39:
5d:bd:ec:d9:55:dc:d4:3d:77:34:40:2e:0e:6d:6b:
02:6b:ee:e5:1b:b3:a3:af:b9:e1:00:6e:99:61:82:
28:9e:f5:3a:4f:54:f9:fc:42:68:b0:15:5a:11:46:
52:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:CC:6A:F2:D8:EE:8D:21:27:E6:17:C9:1B:01:6B:36:43:1D:31:E5
X509v3 Authority Key Identifier:
keyid:50:02:A3:3F:5E:C6:68:05:91:C0:97:FD:B4:AB:A0:E0:28:F4:08:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UAKjP17GaAWRwJf9tKug4Cj0CEU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/67b1ec-208f-4d62-9cbc-ede1e4bb611e/1/NMxq8tjujSEn5hfJGwFrNkMdMeU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/67b1ec-208f-4d62-9cbc-ede1e4bb611e/1/UAKjP17GaAWRwJf9tKug4Cj0CEU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.185.112.0/22
Signature Algorithm: sha256WithRSAEncryption
2e:d5:fd:eb:86:6a:0e:db:29:20:58:e3:d4:84:d5:e1:f9:d8:
75:31:c1:ff:7d:ab:1c:65:a0:8a:f4:a4:9f:de:bb:7f:62:25:
0e:ab:f1:5e:aa:33:5a:ca:a5:ae:d4:98:c2:b2:ba:d1:d6:83:
cc:9d:ac:33:88:a5:9a:c4:6e:96:70:87:6c:f1:63:67:f3:0b:
d0:47:ee:4d:79:43:7e:4a:e5:33:f1:6d:11:cf:ab:10:55:68:
d3:c0:e4:c6:0e:d8:0e:94:63:50:54:b4:8a:cb:fe:76:41:8c:
63:30:5f:5b:8a:67:9e:26:c3:a7:e9:2c:a6:0a:9a:f8:f3:c8:
79:09:90:29:6b:f5:cd:5d:09:3a:23:39:25:af:1f:bc:60:b0:
cf:0e:e9:58:73:7a:39:3f:39:ef:15:f4:16:74:c7:7c:15:d9:
d8:ef:2a:55:29:0c:1f:5a:92:d8:10:01:e5:d4:ce:7f:d0:fb:
6a:8d:84:53:cf:da:db:73:ed:35:61:44:69:93:d5:99:9c:47:
f8:5f:8c:f2:b0:8c:05:b5:dc:e8:50:82:8f:10:ed:0a:8a:61:
e1:04:5b:d3:f3:27:7b:ad:86:5f:33:e3:0e:bf:82:eb:eb:30:
e8:9a:88:b7:06:30:be:bc:16:c5:74:9d:4f:82:16:b6:d7:6d:
99:27:95:f8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDSUOPRj1HBOVll5roj+JFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwMDJhMzNmNWVjNjY4MDU5MWMwOTdmZGI0YWJhMGUwMjhm
NDA4NDUwHhcNMjQwMTAxMDQzMDA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNGNjNmFmMmQ4ZWU4ZDIxMjdlNjE3YzkxYjAxNmIzNjQzMWQzMWU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3A4SvmInrXGDXWHIxty9CXCK7rT2
ZR3vRwRz5dH8OhHDvs10WMtULTfvYYAXQYZMkDO1m0vOeNJvCjqwJAuxR8l7xqkB
CAvjtL2vyIkKFRdU74Og02DD/UTcfxS3o2PVuhn1JIXIB7Mokoj5UYt+zfLzasuT
qM1uVjZ03z+bJHzgGgriO2k6z0PdhmAFQCDAq8lhb3qeWCBRkMuSbouundeoo2sM
2Y08To6R1nXiVigfxUgh0YGEW+8gBtLCrharSqDhV7u3RWwsJmtDEDMGGjldvezZ
VdzUPXc0QC4ObWsCa+7lG7Ojr7nhAG6ZYYIonvU6T1T5/EJosBVaEUZSHwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDTMavLY7o0hJ+YXyRsBazZDHTHlMB8GA1UdIwQY
MBaAFFACoz9exmgFkcCX/bSroOAo9AhFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUFLalAxN0dhQVdSd0pmOXRLdWc0Q2owQ0VVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi82N2IxZWMtMjA4Zi00ZDYyLTljYmMt
ZWRlMWU0YmI2MTFlLzEvTk14cTh0anVqU0VuNWhmSkd3RnJOa01kTWVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi82N2IxZWMtMjA4Zi00ZDYyLTljYmMtZWRlMWU0YmI2MTFl
LzEvVUFLalAxN0dhQVdSd0pmOXRLdWc0Q2owQ0VVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCublwMA0G
CSqGSIb3DQEBCwUAA4IBAQAu1f3rhmoO2ykgWOPUhNXh+dh1McH/fascZaCK9KSf
3rt/YiUOq/FeqjNayqWu1JjCsrrR1oPMnawziKWaxG6WcIds8WNn8wvQR+5NeUN+
SuUz8W0Rz6sQVWjTwOTGDtgOlGNQVLSKy/52QYxjMF9bimeeJsOn6SymCpr488h5
CZApa/XNXQk6Izklrx+8YLDPDulYc3o5PznvFfQWdMd8FdnY7ypVKQwfWpLYEAHl
1M5/0PtqjYRTz9rbc+01YURpk9WZnEf4X4zysIwFtdzoUIKPEO0KimHhBFvT8yd7
rYZfM+MOv4Lr6zDomoi3BjC+vBbFdJ1Pgha2122ZJ5X4
-----END CERTIFICATE-----
Generated at Wed Apr 23 01:48:21 2025 by rpki-client