Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/27e29e-c894-4d39-ac23-12e96ba235d8/1/9zHZ51PfY6kJ6YIn0Eg8ygAiYE8.roa
File: 9zHZ51PfY6kJ6YIn0Eg8ygAiYE8.roa (raw, json)
Hash identifier: vxhY5zULQKWDBKTAw9CJ0kXVzbR2ZuCbPyp+UokD6Lk=
Subject key identifier: F7:31:D9:E7:53:DF:63:A9:09:E9:82:27:D0:48:3C:CA:00:22:60:4F
Certificate issuer: /CN=360a9d26dbb3ea5dfaae83b61908add8fc6dd36f
Certificate serial: 018CC4938CACA47AC2C6D3DB742C90F3EDFB
Authority key identifier: 36:0A:9D:26:DB:B3:EA:5D:FA:AE:83:B6:19:08:AD:D8:FC:6D:D3:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NgqdJtuz6l36roO2GQit2Pxt028.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/27e29e-c894-4d39-ac23-12e96ba235d8/1/9zHZ51PfY6kJ6YIn0Eg8ygAiYE8.roa
Signing time: Mon 01 Jan 2024 10:30:53 +0000
ROA not before: Mon 01 Jan 2024 10:30:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25595
IP address blocks: 185.104.128.0/24 maxlen: 24
2a06:3080::/30 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 01:49:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:8c:ac:a4:7a:c2:c6:d3:db:74:2c:90:f3:ed:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=360a9d26dbb3ea5dfaae83b61908add8fc6dd36f
Validity
Not Before: Jan 1 10:30:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f731d9e753df63a909e98227d0483cca0022604f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:55:a6:77:fe:07:a2:9f:51:8a:24:7b:dc:0e:
33:86:77:f6:8a:f5:f6:2e:63:6e:f8:34:cc:e0:6a:
90:5f:9c:75:ef:82:f1:92:49:79:8d:9b:3f:87:cd:
d6:6f:5c:85:de:2f:87:1f:c5:db:6b:56:41:27:aa:
da:03:77:08:24:ad:27:0c:2c:30:85:83:80:bb:71:
83:87:b7:90:d8:e5:2f:c4:06:cc:73:b8:8c:31:b9:
db:5d:d5:ee:97:7d:f9:b4:5a:c8:8b:56:50:c7:96:
f6:9d:69:8d:71:ac:ca:93:a1:21:4e:40:38:65:b1:
23:1f:b3:bf:c9:19:7a:16:bd:af:cc:e4:3f:71:a9:
45:16:59:62:f4:62:79:f8:e5:40:9e:d0:61:19:dc:
79:e2:ca:c2:f6:2e:8a:1c:aa:cb:62:ae:ac:b9:00:
21:e4:e2:a1:d7:20:4f:f2:b0:12:44:a0:17:dd:57:
c1:87:b3:c0:fc:b0:f5:bd:97:d0:52:7a:b9:39:2f:
77:73:92:6f:8d:ae:51:b9:e6:8b:29:b0:1c:da:fb:
e9:22:07:c6:c3:ba:cb:06:c8:7b:2a:16:f8:e3:7b:
79:74:bd:f7:f7:68:cc:cb:29:57:8f:68:b2:17:65:
fd:bf:53:a0:d0:2f:c3:73:05:14:36:08:2b:e1:1d:
b5:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:31:D9:E7:53:DF:63:A9:09:E9:82:27:D0:48:3C:CA:00:22:60:4F
X509v3 Authority Key Identifier:
keyid:36:0A:9D:26:DB:B3:EA:5D:FA:AE:83:B6:19:08:AD:D8:FC:6D:D3:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NgqdJtuz6l36roO2GQit2Pxt028.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/27e29e-c894-4d39-ac23-12e96ba235d8/1/9zHZ51PfY6kJ6YIn0Eg8ygAiYE8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/27e29e-c894-4d39-ac23-12e96ba235d8/1/NgqdJtuz6l36roO2GQit2Pxt028.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.104.128.0/24
IPv6:
2a06:3080::/30
Signature Algorithm: sha256WithRSAEncryption
02:25:dd:82:16:41:1e:de:66:4b:dd:ac:d7:c3:71:16:97:b6:
c5:f6:12:ee:c1:27:df:b5:55:18:3d:f9:bc:d0:fd:70:4c:9e:
14:4e:92:11:05:a9:9d:8e:2a:43:0d:06:01:9c:d6:ed:5e:3c:
84:12:76:67:33:42:ad:58:06:7c:c0:53:3c:02:e9:b4:3e:c6:
a1:54:a0:38:54:06:b8:4f:ad:cd:b0:ad:3b:c0:c3:4b:77:3f:
d4:42:3b:a1:34:4d:f7:d0:3d:33:eb:b7:d1:97:12:72:3c:cb:
49:e9:4e:e3:13:e0:33:de:54:92:5b:e7:56:4b:82:fe:49:d4:
9c:25:a4:0f:26:b3:ec:44:c5:3f:37:12:5d:64:58:3c:03:52:
af:7d:f1:e7:42:d0:03:a1:1e:81:cf:e6:99:c9:f0:bd:6e:68:
35:1e:c7:70:66:13:d3:0b:90:96:b7:4d:f9:c6:61:a9:bc:33:
1b:b2:05:be:95:00:26:51:03:9c:aa:38:7d:4e:16:3b:12:45:
aa:68:47:01:55:0b:db:fb:fd:90:74:09:27:da:07:77:24:63:
f0:3c:82:ea:f8:68:b6:88:3b:6c:30:9d:38:e8:1d:1f:00:b8:
14:26:b6:84:77:5d:9c:d9:c8:45:c9:1e:00:12:7b:e0:e9:98:
a0:99:af:46
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzEk4yspHrCxtPbdCyQ8+37MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2MGE5ZDI2ZGJiM2VhNWRmYWFlODNiNjE5MDhhZGQ4ZmM2
ZGQzNmYwHhcNMjQwMTAxMTAzMDUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNzMxZDllNzUzZGY2M2E5MDllOTgyMjdkMDQ4M2NjYTAwMjI2MDRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmVWmd/4Hop9RiiR73A4zhnf2ivX2
LmNu+DTM4GqQX5x174Lxkkl5jZs/h83Wb1yF3i+HH8Xba1ZBJ6raA3cIJK0nDCww
hYOAu3GDh7eQ2OUvxAbMc7iMMbnbXdXul335tFrIi1ZQx5b2nWmNcazKk6EhTkA4
ZbEjH7O/yRl6Fr2vzOQ/calFFlli9GJ5+OVAntBhGdx54srC9i6KHKrLYq6suQAh
5OKh1yBP8rASRKAX3VfBh7PA/LD1vZfQUnq5OS93c5Jvja5RueaLKbAc2vvpIgfG
w7rLBsh7Khb443t5dL3392jMyylXj2iyF2X9v1Og0C/DcwUUNggr4R21NQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFPcx2edT32OpCemCJ9BIPMoAImBPMB8GA1UdIwQY
MBaAFDYKnSbbs+pd+q6DthkIrdj8bdNvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmdxZEp0dXo2bDM2cm9PMkdRaXQyUHh0MDI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC8yN2UyOWUtYzg5NC00ZDM5LWFjMjMt
MTJlOTZiYTIzNWQ4LzEvOXpIWjUxUGZZNmtKNllJbjBFZzh5Z0FpWUU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC8yN2UyOWUtYzg5NC00ZDM5LWFjMjMtMTJlOTZiYTIzNWQ4
LzEvTmdxZEp0dXo2bDM2cm9PMkdRaXQyUHh0MDI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuWiAMA0E
AgACMAcDBQIqBjCAMA0GCSqGSIb3DQEBCwUAA4IBAQACJd2CFkEe3mZL3azXw3EW
l7bF9hLuwSfftVUYPfm80P1wTJ4UTpIRBamdjipDDQYBnNbtXjyEEnZnM0KtWAZ8
wFM8Aum0PsahVKA4VAa4T63NsK07wMNLdz/UQjuhNE330D0z67fRlxJyPMtJ6U7j
E+Az3lSSW+dWS4L+SdScJaQPJrPsRMU/NxJdZFg8A1KvffHnQtADoR6Bz+aZyfC9
bmg1HsdwZhPTC5CWt035xmGpvDMbsgW+lQAmUQOcqjh9ThY7EkWqaEcBVQvb+/2Q
dAkn2gd3JGPwPILq+Gi2iDtsMJ046B0fALgUJraEd12c2chFyR4AEnvg6Zigma9G
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:17:23 2025 by rpki-client