Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/3zmuh92sv5wrW0VAL2W_D8ut2Es.roa
File: 3zmuh92sv5wrW0VAL2W_D8ut2Es.roa (raw, json)
Hash identifier: wSLNuhkN6W8VPlRfnXKxGWGFkt6pGulsgWuPWZxCFqY=
Subject key identifier: DF:39:AE:87:DD:AC:BF:9C:2B:5B:45:40:2F:65:BF:0F:CB:AD:D8:4B
Certificate issuer: /CN=67499595a65aab0b53768def08091e31061e9e65
Certificate serial: 0191A9617EC1A3AF3FC6E638A136B29E089E
Authority key identifier: 67:49:95:95:A6:5A:AB:0B:53:76:8D:EF:08:09:1E:31:06:1E:9E:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z0mVlaZaqwtTdo3vCAkeMQYenmU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/3zmuh92sv5wrW0VAL2W_D8ut2Es.roa
Signing time: Sat 31 Aug 2024 17:00:24 +0000
ROA not before: Sat 31 Aug 2024 17:00:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43824
IP address blocks: 185.100.171.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 12 Nov 2024 20:23:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:a9:61:7e:c1:a3:af:3f:c6:e6:38:a1:36:b2:9e:08:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67499595a65aab0b53768def08091e31061e9e65
Validity
Not Before: Aug 31 17:00:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=df39ae87ddacbf9c2b5b45402f65bf0fcbadd84b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:8d:a0:6d:41:a0:76:f0:44:ad:d4:1f:39:20:
d2:90:df:96:e4:e5:11:71:c6:78:49:0a:b3:f5:ac:
65:56:16:8e:2c:78:00:23:0e:b1:f5:62:94:6f:c5:
8d:68:73:4d:28:79:df:f9:65:e8:73:bf:bd:b0:a9:
d8:94:12:c6:51:61:d4:5b:57:dd:df:2a:60:a6:8a:
8a:28:54:3d:0e:13:29:d4:9d:a4:e4:e7:6f:98:52:
dd:14:16:ab:55:00:a1:52:5f:a0:68:9e:76:30:80:
66:b1:a3:13:b9:83:e2:0d:c4:97:26:34:da:fd:25:
26:9b:43:88:21:49:a8:6c:70:7f:02:0d:8f:4f:6b:
9d:06:3b:86:cb:6e:fb:15:77:a2:23:d2:22:34:22:
98:43:48:50:b9:d3:fa:35:09:24:67:af:04:ff:e2:
bb:fc:51:94:79:f5:c3:16:c1:41:16:b2:80:65:2d:
dd:59:77:79:46:b5:43:69:e3:de:fd:b7:e2:21:d7:
46:cc:37:6d:f4:47:b8:5c:cf:f2:79:29:9d:66:bc:
e6:74:ff:6c:b0:04:10:11:e4:98:bb:a5:c1:1d:95:
86:d9:25:f0:fd:00:9c:c9:79:ae:bc:fe:2c:e9:65:
e6:2c:22:21:16:1a:7a:fe:c3:1e:ee:0e:15:7d:23:
db:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:39:AE:87:DD:AC:BF:9C:2B:5B:45:40:2F:65:BF:0F:CB:AD:D8:4B
X509v3 Authority Key Identifier:
keyid:67:49:95:95:A6:5A:AB:0B:53:76:8D:EF:08:09:1E:31:06:1E:9E:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z0mVlaZaqwtTdo3vCAkeMQYenmU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/3zmuh92sv5wrW0VAL2W_D8ut2Es.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/Z0mVlaZaqwtTdo3vCAkeMQYenmU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.100.171.0/24
Signature Algorithm: sha256WithRSAEncryption
88:87:53:4d:c9:7a:e3:3a:5c:a9:f2:eb:51:ea:6b:53:d2:4f:
1f:71:a1:aa:60:dc:c3:59:63:d0:79:ef:3f:fe:c7:8d:67:7f:
bd:e3:b5:55:f7:9b:e0:23:d5:0f:e1:b6:30:6d:61:d6:ce:aa:
dc:90:0b:70:ad:de:3c:4e:d8:d1:3b:6c:32:04:0b:1f:36:55:
74:89:0e:aa:05:ac:ee:fe:6f:fd:f9:bc:38:dc:5e:6c:46:1a:
2d:a4:a3:90:fa:93:06:c3:6b:19:0c:69:9d:1f:a5:d5:d3:c6:
b4:c3:8d:51:b7:91:4a:4a:9a:1d:e8:54:48:ed:53:c3:c4:ec:
7a:d3:f7:d0:c6:28:c9:e4:a7:c8:fa:7c:44:9a:3c:bc:7b:d2:
0e:bc:99:1a:ab:3c:23:46:a1:3b:20:56:b5:cc:1a:27:f3:ff:
ca:9a:ba:7c:52:01:ef:4f:39:ea:83:93:6b:92:f0:45:e2:3b:
cf:e2:ea:6c:20:8d:bd:a1:c7:ad:d8:36:89:6a:88:80:3c:2b:
a1:8a:2b:b5:4b:10:1b:18:ee:7a:ab:c8:2f:1b:fe:b1:20:fc:
42:0b:63:63:ed:57:88:e4:5f:55:e2:5d:3b:94:c8:b3:60:fb:
24:10:9e:f1:b0:f9:d6:07:84:b6:5b:9f:a0:bf:34:a4:82:32:
a1:40:f0:46
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZGpYX7Bo68/xuY4oTayngieMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3NDk5NTk1YTY1YWFiMGI1Mzc2OGRlZjA4MDkxZTMxMDYx
ZTllNjUwHhcNMjQwODMxMTcwMDI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjM5YWU4N2RkYWNiZjljMmI1YjQ1NDAyZjY1YmYwZmNiYWRkODRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwo2gbUGgdvBErdQfOSDSkN+W5OUR
ccZ4SQqz9axlVhaOLHgAIw6x9WKUb8WNaHNNKHnf+WXoc7+9sKnYlBLGUWHUW1fd
3ypgpoqKKFQ9DhMp1J2k5OdvmFLdFBarVQChUl+gaJ52MIBmsaMTuYPiDcSXJjTa
/SUmm0OIIUmobHB/Ag2PT2udBjuGy277FXeiI9IiNCKYQ0hQudP6NQkkZ68E/+K7
/FGUefXDFsFBFrKAZS3dWXd5RrVDaePe/bfiIddGzDdt9Ee4XM/yeSmdZrzmdP9s
sAQQEeSYu6XBHZWG2SXw/QCcyXmuvP4s6WXmLCIhFhp6/sMe7g4VfSPbvQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN85rofdrL+cK1tFQC9lvw/LrdhLMB8GA1UdIwQY
MBaAFGdJlZWmWqsLU3aN7wgJHjEGHp5lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjBtVmxhWmFxd3RUZG8zdkNBa2VNUVllbm1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9iNzQ0YjgtZjM5ZC00OTViLWIyMTct
MzU1MDgwNDE2NTJkLzEvM3ptdWg5MnN2NXdyVzBWQUwyV19EOHV0MkVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9iNzQ0YjgtZjM5ZC00OTViLWIyMTctMzU1MDgwNDE2NTJk
LzEvWjBtVmxhWmFxd3RUZG8zdkNBa2VNUVllbm1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuWSrMA0G
CSqGSIb3DQEBCwUAA4IBAQCIh1NNyXrjOlyp8utR6mtT0k8fcaGqYNzDWWPQee8/
/seNZ3+947VV95vgI9UP4bYwbWHWzqrckAtwrd48TtjRO2wyBAsfNlV0iQ6qBazu
/m/9+bw43F5sRhotpKOQ+pMGw2sZDGmdH6XV08a0w41Rt5FKSpod6FRI7VPDxOx6
0/fQxijJ5KfI+nxEmjy8e9IOvJkaqzwjRqE7IFa1zBon8//Kmrp8UgHvTznqg5Nr
kvBF4jvP4upsII29ocet2DaJaoiAPCuhiiu1SxAbGO56q8gvG/6xIPxCC2Nj7VeI
5F9V4l07lMizYPskEJ7xsPnWB4S2W5+gvzSkgjKhQPBG
-----END CERTIFICATE-----
Generated at Tue Apr 22 02:12:18 2025 by rpki-client