Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/ba6f3e-e95b-48d2-8419-413da667a8be/1/nO16Kyd00zniPznM61VuC4G3uh4.roa
File: nO16Kyd00zniPznM61VuC4G3uh4.roa (raw, json)
Hash identifier: IG3ax0RgG5q1qhPVhovGMaK7WE0GDXw42dCpJvM7RoY=
Subject key identifier: 9C:ED:7A:2B:27:74:D3:39:E2:3F:39:CC:EB:55:6E:0B:81:B7:BA:1E
Certificate issuer: /CN=9b19758a087876816dc19361eaf1e9412de73f86
Certificate serial: 018CC5DC1EAD1C6C4AE325F6F09472BF9040
Authority key identifier: 9B:19:75:8A:08:78:76:81:6D:C1:93:61:EA:F1:E9:41:2D:E7:3F:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mxl1igh4doFtwZNh6vHpQS3nP4Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/ba6f3e-e95b-48d2-8419-413da667a8be/1/nO16Kyd00zniPznM61VuC4G3uh4.roa
Signing time: Mon 01 Jan 2024 16:29:46 +0000
ROA not before: Mon 01 Jan 2024 16:29:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59462
IP address blocks: 185.22.231.0/24 maxlen: 24
185.150.16.0/24 maxlen: 24
2a0e:d487:f000::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 03:49:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:1e:ad:1c:6c:4a:e3:25:f6:f0:94:72:bf:90:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9b19758a087876816dc19361eaf1e9412de73f86
Validity
Not Before: Jan 1 16:29:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9ced7a2b2774d339e23f39cceb556e0b81b7ba1e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:f3:54:a5:88:22:d0:64:90:7b:38:03:d1:c4:
f4:2e:33:dc:f3:31:90:ca:23:25:d7:6a:2a:e1:7e:
a0:0d:6d:6e:b4:55:e0:a1:97:db:af:74:f6:60:13:
70:e9:5f:c4:10:d6:22:cc:b0:88:1e:2e:34:50:33:
d1:f3:f5:f7:63:db:00:c9:86:8f:65:b1:b5:4f:b0:
79:65:06:4d:69:45:2d:82:b8:7f:6d:02:c4:ad:a2:
4e:1f:e6:83:47:65:3e:2e:4b:98:9d:4f:6c:09:dd:
48:47:54:ea:b1:35:18:fb:65:71:4a:75:e6:df:2b:
93:ef:35:80:ec:9a:2e:9c:a7:bf:8d:eb:2a:eb:4e:
51:d3:5a:2f:3d:b9:a4:34:77:79:a6:e8:07:b6:e7:
3c:5f:3d:48:6f:42:2f:17:e6:3e:0e:d3:e1:4f:99:
d2:cb:98:04:e2:a6:62:71:0d:45:61:d9:33:c1:4a:
cd:0b:97:3c:e3:39:cf:f8:a5:96:0a:f3:0a:48:b4:
e4:3b:7e:a1:cc:45:54:2c:e6:00:e0:97:95:75:ed:
af:92:04:9c:b5:1e:0e:c8:3d:55:65:d0:ee:14:6e:
d0:5a:f4:38:47:98:42:4b:70:01:07:4e:2f:d4:fc:
eb:11:f3:87:c2:7b:9e:fa:a6:72:b5:72:b8:c3:76:
40:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:ED:7A:2B:27:74:D3:39:E2:3F:39:CC:EB:55:6E:0B:81:B7:BA:1E
X509v3 Authority Key Identifier:
keyid:9B:19:75:8A:08:78:76:81:6D:C1:93:61:EA:F1:E9:41:2D:E7:3F:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mxl1igh4doFtwZNh6vHpQS3nP4Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/ba6f3e-e95b-48d2-8419-413da667a8be/1/nO16Kyd00zniPznM61VuC4G3uh4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/ba6f3e-e95b-48d2-8419-413da667a8be/1/mxl1igh4doFtwZNh6vHpQS3nP4Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.22.231.0/24
185.150.16.0/24
IPv6:
2a0e:d487:f000::/48
Signature Algorithm: sha256WithRSAEncryption
5f:00:ff:7e:eb:27:05:eb:8b:20:ba:e2:69:db:cb:1b:e0:c5:
73:92:53:97:4d:ea:3a:62:16:01:53:a9:41:e1:b9:a9:ca:53:
b2:6b:6e:97:34:1b:7c:96:96:3b:cd:f5:ef:ed:c6:d3:74:80:
a7:6c:bc:bc:7c:ed:5c:9b:87:ad:ef:a2:a4:65:8b:c4:d0:d7:
2a:c3:c1:08:9d:d2:b9:f4:99:f2:7e:c9:0c:da:24:c2:7b:82:
0f:cd:38:05:4a:24:7b:2b:3e:aa:5b:e6:0b:05:21:b2:91:77:
7a:bf:a1:b8:c4:7d:a5:a1:87:52:70:94:c6:31:4c:d8:e3:e2:
9d:32:5e:b9:b2:97:88:c7:47:a7:41:3b:fd:3d:21:09:e4:fd:
0c:5d:75:53:5b:4b:db:49:2b:c5:45:b6:65:41:27:81:66:9d:
ae:05:c6:29:2e:9f:19:25:08:eb:18:42:c5:c5:cc:e6:40:68:
fe:3d:c4:10:8e:4c:cb:20:64:d6:f3:3c:0f:68:9c:9c:42:83:
2c:3e:05:9b:ab:ac:b7:9f:2e:51:1a:b3:7a:df:ce:36:47:ce:
00:7c:5e:29:8c:7c:03:9f:fe:29:15:0e:5a:7a:37:a6:1f:1c:
02:ee:92:95:32:85:8b:23:09:23:28:28:55:99:3a:c7:c2:90:
29:91:1a:f4
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYzF3B6tHGxK4yX28JRyv5BAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliMTk3NThhMDg3ODc2ODE2ZGMxOTM2MWVhZjFlOTQxMmRl
NzNmODYwHhcNMjQwMTAxMTYyOTQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Y2VkN2EyYjI3NzRkMzM5ZTIzZjM5Y2NlYjU1NmUwYjgxYjdiYTFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt/NUpYgi0GSQezgD0cT0LjPc8zGQ
yiMl12oq4X6gDW1utFXgoZfbr3T2YBNw6V/EENYizLCIHi40UDPR8/X3Y9sAyYaP
ZbG1T7B5ZQZNaUUtgrh/bQLEraJOH+aDR2U+LkuYnU9sCd1IR1TqsTUY+2VxSnXm
3yuT7zWA7JounKe/jesq605R01ovPbmkNHd5pugHtuc8Xz1Ib0IvF+Y+DtPhT5nS
y5gE4qZicQ1FYdkzwUrNC5c84znP+KWWCvMKSLTkO36hzEVULOYA4JeVde2vkgSc
tR4OyD1VZdDuFG7QWvQ4R5hCS3ABB04v1PzrEfOHwnue+qZytXK4w3ZAowIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFJzteisndNM54j85zOtVbguBt7oeMB8GA1UdIwQY
MBaAFJsZdYoIeHaBbcGTYerx6UEt5z+GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXhsMWlnaDRkb0Z0d1pOaDZ2SHBRUzNuUDRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi9iYTZmM2UtZTk1Yi00OGQyLTg0MTkt
NDEzZGE2NjdhOGJlLzEvbk8xNkt5ZDAwem5pUHpuTTYxVnVDNEczdWg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi9iYTZmM2UtZTk1Yi00OGQyLTg0MTktNDEzZGE2NjdhOGJl
LzEvbXhsMWlnaDRkb0Z0d1pOaDZ2SHBRUzNuUDRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAuRbnAwQA
uZYQMA8EAgACMAkDBwAqDtSH8AAwDQYJKoZIhvcNAQELBQADggEBAF8A/37rJwXr
iyC64mnbyxvgxXOSU5dN6jpiFgFTqUHhuanKU7Jrbpc0G3yWljvN9e/txtN0gKds
vLx87Vybh63voqRli8TQ1yrDwQid0rn0mfJ+yQzaJMJ7gg/NOAVKJHsrPqpb5gsF
IbKRd3q/objEfaWhh1JwlMYxTNjj4p0yXrmyl4jHR6dBO/09IQnk/QxddVNbS9tJ
K8VFtmVBJ4Fmna4FxikunxklCOsYQsXFzOZAaP49xBCOTMsgZNbzPA9onJxCgyw+
BZurrLefLlEas3rfzjZHzgB8XimMfAOf/ikVDlp6N6YfHALukpUyhYsjCSMoKFWZ
OsfCkCmRGvQ=
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:37:10 2025 by rpki-client