Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/737469-aa66-43df-9e94-70393f9f8ae3/1/u5z9O7Zz-kokPqmRRThfu5AD5Ps.roa
File: u5z9O7Zz-kokPqmRRThfu5AD5Ps.roa (raw, json)
Hash identifier: OSUc6I0QF5Vbn2BVPcBOj6e9w5PjOKAzkqQ8POb2QNw=
Subject key identifier: BB:9C:FD:3B:B6:73:FA:4A:24:3E:A9:91:45:38:5F:BB:90:03:E4:FB
Certificate issuer: /CN=41f83d21734e0555c7a13c48561ca0b7757a6a0a
Certificate serial: 018CC6B9205EC0B96DF2025DFDF2E3CE22A6
Authority key identifier: 41:F8:3D:21:73:4E:05:55:C7:A1:3C:48:56:1C:A0:B7:75:7A:6A:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Qfg9IXNOBVXHoTxIVhygt3V6ago.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/737469-aa66-43df-9e94-70393f9f8ae3/1/u5z9O7Zz-kokPqmRRThfu5AD5Ps.roa
Signing time: Mon 01 Jan 2024 20:31:10 +0000
ROA not before: Mon 01 Jan 2024 20:31:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206391
IP address blocks: 185.187.204.0/24 maxlen: 24
185.187.206.0/24 maxlen: 24
185.187.205.0/24 maxlen: 24
185.187.207.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 03:47:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b9:20:5e:c0:b9:6d:f2:02:5d:fd:f2:e3:ce:22:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=41f83d21734e0555c7a13c48561ca0b7757a6a0a
Validity
Not Before: Jan 1 20:31:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bb9cfd3bb673fa4a243ea99145385fbb9003e4fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:ad:6a:65:1f:0a:21:51:e1:6b:7c:ef:84:aa:
95:7b:88:7e:d6:52:40:08:48:ac:c5:97:4a:5b:ff:
3c:36:ab:61:9a:31:54:fd:66:b0:c9:42:3e:fc:ab:
08:fa:8f:0a:df:ce:fd:6d:c9:ea:eb:77:06:41:4e:
71:12:23:ff:80:68:63:a7:3f:a7:c3:63:d5:a9:a4:
c7:22:bc:3e:87:37:5d:0e:3d:77:c9:b4:7d:92:06:
e1:69:64:83:1e:9e:ed:46:11:db:c7:9a:06:af:26:
75:e6:f5:5c:5b:22:80:a0:e1:dc:95:f3:ea:af:e5:
c5:49:5b:55:76:2b:b9:ad:0e:55:67:5e:7d:15:94:
eb:d8:ef:44:99:48:e7:c4:01:a7:8f:26:a0:fa:b2:
66:a6:d7:6b:fd:89:18:73:1f:b6:b2:2a:01:57:7e:
7e:9a:3c:89:7f:db:a1:d3:a3:2a:a1:74:40:f4:bf:
95:c7:69:85:52:0b:b8:9c:bd:1a:56:95:43:de:2a:
e3:cf:b4:f6:22:de:c7:f4:e2:69:f1:3b:cb:5a:28:
2a:14:67:b5:a9:76:ae:3c:b7:dd:06:94:d6:7a:27:
f5:0b:97:9c:95:25:24:46:48:21:7a:6a:b8:3f:7b:
5b:6b:14:16:8c:27:87:ba:40:88:3e:1e:0a:30:0b:
a4:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:9C:FD:3B:B6:73:FA:4A:24:3E:A9:91:45:38:5F:BB:90:03:E4:FB
X509v3 Authority Key Identifier:
keyid:41:F8:3D:21:73:4E:05:55:C7:A1:3C:48:56:1C:A0:B7:75:7A:6A:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Qfg9IXNOBVXHoTxIVhygt3V6ago.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/737469-aa66-43df-9e94-70393f9f8ae3/1/u5z9O7Zz-kokPqmRRThfu5AD5Ps.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/737469-aa66-43df-9e94-70393f9f8ae3/1/Qfg9IXNOBVXHoTxIVhygt3V6ago.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.187.204.0/22
Signature Algorithm: sha256WithRSAEncryption
7a:cb:6e:f6:39:ac:99:41:a4:98:90:5c:55:ee:91:00:03:34:
24:31:86:f5:b5:64:d2:c8:01:5b:16:72:96:0b:76:96:bd:10:
ec:ab:46:42:7b:9a:ff:2f:e3:89:15:57:7a:40:62:04:b6:2b:
0d:de:ce:98:ff:38:3b:f1:6d:90:35:ae:b0:85:35:32:f8:d3:
bb:16:3b:a6:0a:93:dc:1b:c6:5b:47:10:fd:c7:86:1b:25:89:
7e:33:0b:4d:55:35:a3:3f:07:78:c3:bb:15:17:c5:e7:db:da:
c2:1f:d6:98:d9:45:e4:54:c6:0d:71:39:74:d1:2d:bf:46:cb:
e0:19:12:a4:a5:10:20:19:5c:0a:d4:e2:95:a8:62:e7:57:df:
58:47:ea:9c:cf:76:89:ec:4c:4e:5f:32:58:a9:d0:24:aa:2d:
c2:0c:ae:4e:9c:6c:e9:06:d2:7f:9a:20:32:46:cd:35:dd:5f:
9a:ce:2f:54:90:6a:58:cb:8c:f5:93:54:17:c0:37:1e:e5:92:
e6:c2:e7:f2:91:d5:2d:d0:a3:d3:8a:af:e2:3f:5d:d7:ea:95:
db:c6:41:f4:4a:bb:85:ea:4f:ae:b9:66:aa:ce:28:c0:9e:ce:
b1:ff:a4:26:6f:d6:85:9a:92:f9:03:96:64:79:92:17:b6:83:
bb:ac:16:1b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGuSBewLlt8gJd/fLjziKmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxZjgzZDIxNzM0ZTA1NTVjN2ExM2M0ODU2MWNhMGI3NzU3
YTZhMGEwHhcNMjQwMTAxMjAzMTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjljZmQzYmI2NzNmYTRhMjQzZWE5OTE0NTM4NWZiYjkwMDNlNGZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAga1qZR8KIVHha3zvhKqVe4h+1lJA
CEisxZdKW/88NqthmjFU/WawyUI+/KsI+o8K3879bcnq63cGQU5xEiP/gGhjpz+n
w2PVqaTHIrw+hzddDj13ybR9kgbhaWSDHp7tRhHbx5oGryZ15vVcWyKAoOHclfPq
r+XFSVtVdiu5rQ5VZ159FZTr2O9EmUjnxAGnjyag+rJmptdr/YkYcx+2sioBV35+
mjyJf9uh06MqoXRA9L+Vx2mFUgu4nL0aVpVD3irjz7T2It7H9OJp8TvLWigqFGe1
qXauPLfdBpTWeif1C5eclSUkRkghemq4P3tbaxQWjCeHukCIPh4KMAukzwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLuc/Tu2c/pKJD6pkUU4X7uQA+T7MB8GA1UdIwQY
MBaAFEH4PSFzTgVVx6E8SFYcoLd1emoKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWZnOUlYTk9CVlhIb1R4SVZoeWd0M1Y2YWdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC83Mzc0NjktYWE2Ni00M2RmLTllOTQt
NzAzOTNmOWY4YWUzLzEvdTV6OU83Wnota29rUHFtUlJUaGZ1NUFENVBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC83Mzc0NjktYWE2Ni00M2RmLTllOTQtNzAzOTNmOWY4YWUz
LzEvUWZnOUlYTk9CVlhIb1R4SVZoeWd0M1Y2YWdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCubvMMA0G
CSqGSIb3DQEBCwUAA4IBAQB6y272OayZQaSYkFxV7pEAAzQkMYb1tWTSyAFbFnKW
C3aWvRDsq0ZCe5r/L+OJFVd6QGIEtisN3s6Y/zg78W2QNa6whTUy+NO7FjumCpPc
G8ZbRxD9x4YbJYl+MwtNVTWjPwd4w7sVF8Xn29rCH9aY2UXkVMYNcTl00S2/Rsvg
GRKkpRAgGVwK1OKVqGLnV99YR+qcz3aJ7ExOXzJYqdAkqi3CDK5OnGzpBtJ/miAy
Rs013V+azi9UkGpYy4z1k1QXwDce5ZLmwufykdUt0KPTiq/iP13X6pXbxkH0SruF
6k+uuWaqzijAns6x/6Qmb9aFmpL5A5ZkeZIXtoO7rBYb
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:23:19 2025 by rpki-client