Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/6a87f1-e197-4a23-953d-10fdfce94513/1/1dRmF_rNBpFs8-PcJjc6CElUt_8.roa
File: 1dRmF_rNBpFs8-PcJjc6CElUt_8.roa (raw, json)
Hash identifier: nDNp2FccgQS+Tyi4FS/6mB/oA1EH0NDHZ06bicbLTTg=
Subject key identifier: D5:D4:66:17:FA:CD:06:91:6C:F3:E3:DC:26:37:3A:08:49:54:B7:FF
Certificate issuer: /CN=cb6bf2b89584ec96080048dc3fdc2e3983c277f3
Certificate serial: 018CC3B7080C4DF521D08803A93781D15CD9
Authority key identifier: CB:6B:F2:B8:95:84:EC:96:08:00:48:DC:3F:DC:2E:39:83:C2:77:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/y2vyuJWE7JYIAEjcP9wuOYPCd_M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/6a87f1-e197-4a23-953d-10fdfce94513/1/1dRmF_rNBpFs8-PcJjc6CElUt_8.roa
Signing time: Mon 01 Jan 2024 06:30:01 +0000
ROA not before: Mon 01 Jan 2024 06:30:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198012
IP address blocks: 178.255.24.0/21 maxlen: 21
2a13:4540::/29 maxlen: 32
Validation: Failed, certificate revoked on Thu 02 Jan 2025 15:50:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b7:08:0c:4d:f5:21:d0:88:03:a9:37:81:d1:5c:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cb6bf2b89584ec96080048dc3fdc2e3983c277f3
Validity
Not Before: Jan 1 06:30:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d5d46617facd06916cf3e3dc26373a084954b7ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:22:4c:5f:86:c8:35:02:8e:db:ea:14:a8:72:
32:db:9a:90:eb:68:f4:c8:f3:12:70:60:6b:08:53:
31:5f:ff:9a:3f:d8:95:04:07:b8:15:d5:d5:fd:60:
a9:52:3c:7c:e4:30:39:fd:08:58:9a:39:99:36:e9:
a0:be:7d:33:f8:c5:42:43:f5:52:9b:d9:c4:50:ca:
8e:93:95:f8:0f:fb:f7:f6:33:93:ab:04:6f:c7:f0:
2a:2b:d7:5c:c3:0d:2d:13:e9:70:0d:16:98:14:e8:
ca:33:3e:f2:8f:ab:d6:69:3c:24:f3:03:28:16:a8:
9d:f0:29:a4:b8:1b:10:7d:10:e6:ab:66:08:92:6c:
13:16:b8:7b:a8:96:3b:08:9c:35:9b:d8:c5:08:f0:
3b:2a:3d:d7:0e:82:ac:a1:da:7b:ee:66:f8:69:4a:
f1:81:c9:a9:d0:57:39:c6:ff:06:d8:13:4a:52:62:
4f:65:71:64:86:c8:24:1f:86:f8:d3:d5:61:0d:c9:
61:17:61:0b:37:d5:df:80:04:89:25:53:d9:09:8d:
ad:b9:a0:7b:f2:08:01:83:f7:98:cb:ef:96:38:80:
8b:ee:f4:15:b4:03:49:5f:98:65:d3:a1:32:d2:99:
a6:bc:00:e2:b7:83:99:dd:9c:5d:1a:77:ab:a6:76:
45:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:D4:66:17:FA:CD:06:91:6C:F3:E3:DC:26:37:3A:08:49:54:B7:FF
X509v3 Authority Key Identifier:
keyid:CB:6B:F2:B8:95:84:EC:96:08:00:48:DC:3F:DC:2E:39:83:C2:77:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y2vyuJWE7JYIAEjcP9wuOYPCd_M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/6a87f1-e197-4a23-953d-10fdfce94513/1/1dRmF_rNBpFs8-PcJjc6CElUt_8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/6a87f1-e197-4a23-953d-10fdfce94513/1/y2vyuJWE7JYIAEjcP9wuOYPCd_M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.255.24.0/21
IPv6:
2a13:4540::/29
Signature Algorithm: sha256WithRSAEncryption
0a:fc:65:f7:d9:30:5d:bd:cf:0f:62:da:43:68:d0:9b:05:b2:
1f:5e:ba:72:09:e6:8c:21:c1:20:ef:5b:98:88:fa:c3:33:60:
d7:d4:62:05:b9:07:60:8d:ba:ef:9b:dc:5b:09:2b:27:42:c8:
a7:ab:da:34:bc:10:ac:c3:23:6e:53:a5:a8:bd:a7:8d:12:8d:
bf:36:1e:6e:f4:cd:09:6e:67:1f:56:12:f5:f4:ab:19:5b:6b:
60:df:e8:2e:b0:e3:3a:88:41:65:57:20:bf:f9:6e:00:a0:93:
59:6c:66:e9:ee:cd:ca:80:07:16:a7:9a:ee:12:ff:53:90:be:
4a:1f:4f:56:f8:ab:34:11:8f:43:c9:66:0f:d1:e0:5a:62:d3:
a5:58:2e:88:52:9c:6d:3f:9c:f5:f3:a1:c6:3e:62:f4:53:c0:
e5:b8:2d:9a:0e:ba:2d:77:1d:41:76:ef:1b:51:40:30:b4:8b:
17:4b:08:f4:8a:80:86:91:c5:4d:d1:19:1e:b8:2c:b9:84:0e:
de:ad:ac:a7:32:af:cd:45:cf:c9:41:9e:d7:fa:f7:24:ae:5b:
2a:5e:53:69:83:a7:09:f3:a2:ac:ff:13:90:92:72:3d:6b:4b:
e2:3f:14:0e:38:3e:fa:1d:e1:48:0a:0e:64:bf:aa:56:ba:76:
50:dd:da:80
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzDtwgMTfUh0IgDqTeB0VzZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiNmJmMmI4OTU4NGVjOTYwODAwNDhkYzNmZGMyZTM5ODNj
Mjc3ZjMwHhcNMjQwMTAxMDYzMDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNWQ0NjYxN2ZhY2QwNjkxNmNmM2UzZGMyNjM3M2EwODQ5NTRiN2ZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsyJMX4bINQKO2+oUqHIy25qQ62j0
yPMScGBrCFMxX/+aP9iVBAe4FdXV/WCpUjx85DA5/QhYmjmZNumgvn0z+MVCQ/VS
m9nEUMqOk5X4D/v39jOTqwRvx/AqK9dcww0tE+lwDRaYFOjKMz7yj6vWaTwk8wMo
Fqid8CmkuBsQfRDmq2YIkmwTFrh7qJY7CJw1m9jFCPA7Kj3XDoKsodp77mb4aUrx
gcmp0Fc5xv8G2BNKUmJPZXFkhsgkH4b409VhDclhF2ELN9XfgASJJVPZCY2tuaB7
8ggBg/eYy++WOICL7vQVtANJX5hl06Ey0pmmvADit4OZ3ZxdGnerpnZFJwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNXUZhf6zQaRbPPj3CY3OghJVLf/MB8GA1UdIwQY
MBaAFMtr8riVhOyWCABI3D/cLjmDwnfzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveTJ2eXVKV0U3SllJQUVqY1A5d3VPWVBDZF9NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC82YTg3ZjEtZTE5Ny00YTIzLTk1M2Qt
MTBmZGZjZTk0NTEzLzEvMWRSbUZfck5CcEZzOC1QY0pqYzZDRWxVdF84LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC82YTg3ZjEtZTE5Ny00YTIzLTk1M2QtMTBmZGZjZTk0NTEz
LzEveTJ2eXVKV0U3SllJQUVqY1A5d3VPWVBDZF9NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDsv8YMA0E
AgACMAcDBQMqE0VAMA0GCSqGSIb3DQEBCwUAA4IBAQAK/GX32TBdvc8PYtpDaNCb
BbIfXrpyCeaMIcEg71uYiPrDM2DX1GIFuQdgjbrvm9xbCSsnQsinq9o0vBCswyNu
U6WovaeNEo2/Nh5u9M0JbmcfVhL19KsZW2tg3+gusOM6iEFlVyC/+W4AoJNZbGbp
7s3KgAcWp5ruEv9TkL5KH09W+Ks0EY9DyWYP0eBaYtOlWC6IUpxtP5z186HGPmL0
U8DluC2aDrotdx1Bdu8bUUAwtIsXSwj0ioCGkcVN0RkeuCy5hA7eraynMq/NRc/J
QZ7X+vckrlsqXlNpg6cJ86Ks/xOQknI9a0viPxQOOD76HeFICg5kv6pWunZQ3dqA
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:27:09 2025 by rpki-client