Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/5ddee9-c1c4-4b57-b6b8-d49916b5f2b4/1/tueNwYcK9qgB-TOVb0QkjKO4-f0.roa
File: tueNwYcK9qgB-TOVb0QkjKO4-f0.roa (raw, json)
Hash identifier: /pXK99OIyMALNjGkbfDOks9+++nasPA8JO6d8wRSZlg=
Subject key identifier: B6:E7:8D:C1:87:0A:F6:A8:01:F9:33:95:6F:44:24:8C:A3:B8:F9:FD
Certificate issuer: /CN=3b0bf18d6bbdb33da82fe61a28624ba72e235040
Certificate serial: 01926B859F69B85955233272FDAAA2B99EB7
Authority key identifier: 3B:0B:F1:8D:6B:BD:B3:3D:A8:2F:E6:1A:28:62:4B:A7:2E:23:50:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OwvxjWu9sz2oL-YaKGJLpy4jUEA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/5ddee9-c1c4-4b57-b6b8-d49916b5f2b4/1/tueNwYcK9qgB-TOVb0QkjKO4-f0.roa
Signing time: Tue 08 Oct 2024 09:46:11 +0000
ROA not before: Tue 08 Oct 2024 09:46:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 63150
IP address blocks: 185.241.40.0/24 maxlen: 24
185.241.41.0/24 maxlen: 24
185.241.42.0/24 maxlen: 24
2a14:4900:2000::/36 maxlen: 48
Validation: Failed, certificate revoked on Fri 08 Nov 2024 06:21:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:6b:85:9f:69:b8:59:55:23:32:72:fd:aa:a2:b9:9e:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b0bf18d6bbdb33da82fe61a28624ba72e235040
Validity
Not Before: Oct 8 09:46:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b6e78dc1870af6a801f933956f44248ca3b8f9fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:9a:49:ae:60:ff:fb:1c:8a:79:8e:96:18:89:
0e:d5:da:ea:82:fb:c5:87:34:04:ff:1f:ac:d6:7d:
5c:f2:1b:6e:9e:cd:28:6a:ad:20:b1:21:ca:68:ab:
99:c1:d2:75:50:4b:03:9d:0c:7d:d3:bd:43:14:79:
6f:55:4a:cb:77:29:0e:b6:da:ee:54:10:87:12:e2:
8e:f6:d9:ef:2a:6d:9e:a0:2e:40:16:b9:67:a6:d9:
71:17:59:4b:b5:09:4c:0f:53:d5:6f:08:14:78:68:
bd:7e:7b:1a:1b:02:e6:af:45:da:45:3b:13:b7:50:
81:31:bb:56:02:97:20:86:c0:99:96:d6:20:8b:e2:
ac:c9:ca:3e:0d:7e:65:44:35:b6:33:24:c5:1a:37:
f6:b7:ec:ad:ff:4c:62:95:e7:a0:50:89:2e:ec:27:
52:10:47:a8:2c:b6:d0:2f:4f:6c:eb:34:70:b2:ff:
e5:73:3c:89:a6:a6:e9:1c:cd:0c:9f:5b:29:25:ed:
60:f8:72:12:96:ef:33:81:71:0f:8e:fd:fa:14:7f:
96:d5:95:b7:c0:a0:7f:20:37:15:3d:49:dc:3b:61:
f9:d6:e8:97:f4:b0:4f:63:48:a0:34:0e:be:92:cf:
a3:6a:ab:ba:49:d0:61:18:c5:a5:01:af:51:29:8e:
6b:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:E7:8D:C1:87:0A:F6:A8:01:F9:33:95:6F:44:24:8C:A3:B8:F9:FD
X509v3 Authority Key Identifier:
keyid:3B:0B:F1:8D:6B:BD:B3:3D:A8:2F:E6:1A:28:62:4B:A7:2E:23:50:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OwvxjWu9sz2oL-YaKGJLpy4jUEA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/5ddee9-c1c4-4b57-b6b8-d49916b5f2b4/1/tueNwYcK9qgB-TOVb0QkjKO4-f0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/5ddee9-c1c4-4b57-b6b8-d49916b5f2b4/1/OwvxjWu9sz2oL-YaKGJLpy4jUEA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.241.40.0-185.241.42.255
IPv6:
2a14:4900:2000::/36
Signature Algorithm: sha256WithRSAEncryption
0d:21:6e:11:6c:8b:2e:78:f9:d4:28:49:a2:d8:ec:99:e5:92:
d7:be:ab:b7:cd:e5:15:ae:79:00:38:74:c0:d1:29:3b:e8:77:
0c:a6:fa:8c:da:ea:3b:12:a6:e9:9c:1d:d0:d5:cb:4c:03:7f:
11:9e:d4:50:bc:fb:8c:ab:a0:5a:fd:02:6e:0d:ed:67:da:6d:
8c:f5:cd:d7:3d:9a:83:c5:50:e5:9e:eb:11:53:3f:fd:5b:72:
2f:96:2d:56:b6:6d:56:4b:90:62:60:91:a6:50:1f:2c:f1:15:
46:ed:ac:a5:ab:d3:a4:d7:af:13:21:40:33:fb:85:ba:19:16:
dc:b0:26:72:95:5c:98:dc:e0:8a:8b:05:64:b8:00:4a:2d:a2:
25:f7:ed:37:6a:69:b5:a4:54:85:9f:43:3a:08:e8:2f:dd:66:
94:52:6a:63:51:96:48:c8:df:5c:d9:cf:c5:14:da:56:99:46:
f1:42:89:5f:30:08:54:c2:fd:22:a8:eb:12:50:b0:45:4c:9c:
97:ce:47:03:24:33:9b:4d:4c:2d:15:70:cb:66:ab:86:6e:71:
a6:a2:dd:d7:39:80:e5:32:fd:81:4d:e6:73:5e:64:cd:e4:13:
74:a3:08:da:e6:75:a3:86:3b:da:59:b1:42:33:31:0b:1b:93:
50:20:73:12
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZJrhZ9puFlVIzJy/aqiuZ63MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiMGJmMThkNmJiZGIzM2RhODJmZTYxYTI4NjI0YmE3MmUy
MzUwNDAwHhcNMjQxMDA4MDk0NjExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNmU3OGRjMTg3MGFmNmE4MDFmOTMzOTU2ZjQ0MjQ4Y2EzYjhmOWZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuJpJrmD/+xyKeY6WGIkO1drqgvvF
hzQE/x+s1n1c8htuns0oaq0gsSHKaKuZwdJ1UEsDnQx9071DFHlvVUrLdykOttru
VBCHEuKO9tnvKm2eoC5AFrlnptlxF1lLtQlMD1PVbwgUeGi9fnsaGwLmr0XaRTsT
t1CBMbtWApcghsCZltYgi+Ksyco+DX5lRDW2MyTFGjf2t+yt/0xileegUIku7CdS
EEeoLLbQL09s6zRwsv/lczyJpqbpHM0Mn1spJe1g+HISlu8zgXEPjv36FH+W1ZW3
wKB/IDcVPUncO2H51uiX9LBPY0igNA6+ks+jaqu6SdBhGMWlAa9RKY5rTwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFLbnjcGHCvaoAfkzlW9EJIyjuPn9MB8GA1UdIwQY
MBaAFDsL8Y1rvbM9qC/mGihiS6cuI1BAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3d2eGpXdTlzejJvTC1ZYUtHSkxweTRqVUVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS81ZGRlZTktYzFjNC00YjU3LWI2Yjgt
ZDQ5OTE2YjVmMmI0LzEvdHVlTndZY0s5cWdCLVRPVmIwUWtqS080LWYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS81ZGRlZTktYzFjNC00YjU3LWI2YjgtZDQ5OTE2YjVmMmI0
LzEvT3d2eGpXdTlzejJvTC1ZYUtHSkxweTRqVUVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAUBAIAATAOMAwDBAO58SgD
BAC58SowDgQCAAIwCAMGBCoUSQAgMA0GCSqGSIb3DQEBCwUAA4IBAQANIW4RbIsu
ePnUKEmi2OyZ5ZLXvqu3zeUVrnkAOHTA0Sk76HcMpvqM2uo7EqbpnB3Q1ctMA38R
ntRQvPuMq6Ba/QJuDe1n2m2M9c3XPZqDxVDlnusRUz/9W3Ivli1Wtm1WS5BiYJGm
UB8s8RVG7aylq9Ok168TIUAz+4W6GRbcsCZylVyY3OCKiwVkuABKLaIl9+03amm1
pFSFn0M6COgv3WaUUmpjUZZIyN9c2c/FFNpWmUbxQolfMAhUwv0iqOsSULBFTJyX
zkcDJDObTUwtFXDLZquGbnGmot3XOYDlMv2BTeZzXmTN5BN0owja5nWjhjvaWbFC
MzELG5NQIHMS
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:39:43 2025 by rpki-client