Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/aca912-9e8d-4749-95e0-fea0aff359f5/1/IZ9ExnaD6BffoV2NE9MW2tokpOQ.roa
File: IZ9ExnaD6BffoV2NE9MW2tokpOQ.roa (raw, json)
Hash identifier: PBr4GeO9E6WKOwVy7bo0gR4XL8QG5wZY6CVOIDzpS8A=
Subject key identifier: 21:9F:44:C6:76:83:E8:17:DF:A1:5D:8D:13:D3:16:DA:DA:24:A4:E4
Certificate issuer: /CN=643e1ba91c569a8b21a6d2d67f5dbbd6c04e43ea
Certificate serial: 018E3E6C8D0822020065733532CDBAC83190
Authority key identifier: 64:3E:1B:A9:1C:56:9A:8B:21:A6:D2:D6:7F:5D:BB:D6:C0:4E:43:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZD4bqRxWmoshptLWf1271sBOQ-o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/aca912-9e8d-4749-95e0-fea0aff359f5/1/IZ9ExnaD6BffoV2NE9MW2tokpOQ.roa
Signing time: Thu 14 Mar 2024 19:24:45 +0000
ROA not before: Thu 14 Mar 2024 19:24:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 24953
IP address blocks: 185.23.202.0/23 maxlen: 24
194.34.224.0/24 maxlen: 24
194.34.227.0/24 maxlen: 24
2a0d:f9c3::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 01 Jan 2025 15:48:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:3e:6c:8d:08:22:02:00:65:73:35:32:cd:ba:c8:31:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=643e1ba91c569a8b21a6d2d67f5dbbd6c04e43ea
Validity
Not Before: Mar 14 19:24:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=219f44c67683e817dfa15d8d13d316dada24a4e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:68:cb:36:cd:41:56:97:8e:11:c1:30:55:7f:
c2:8d:52:39:93:aa:33:f8:ed:f3:5b:46:5a:4c:a9:
5d:c2:9a:d4:33:6c:be:95:60:1f:23:47:1a:c3:7c:
c6:e1:f5:31:b5:d9:ae:e8:dd:1b:27:18:a0:bf:71:
81:fe:bd:75:e5:4a:1e:6a:97:de:b2:db:9b:79:3e:
8e:4b:d8:3e:23:b0:b3:2d:f0:57:c8:f5:67:26:8a:
87:c0:f3:dd:d3:c1:42:c5:56:bf:99:05:48:be:90:
34:f3:a7:b2:8a:a7:4c:64:ce:93:f4:04:77:33:8e:
5c:6b:27:e8:31:1d:9d:32:66:a9:52:ff:62:30:0c:
e8:e6:99:13:b0:f5:cc:03:84:83:2e:6d:a8:3f:d7:
46:4f:c5:39:18:18:10:f3:70:91:e1:74:c3:4a:67:
ee:04:80:6c:ed:86:be:52:1a:f2:29:63:5e:61:20:
70:5c:57:2f:73:0c:86:45:ee:fa:bb:4f:da:22:76:
1c:5b:a0:e0:45:f4:0f:45:92:61:ee:2b:dc:fe:13:
42:95:c5:6b:b8:c0:64:eb:76:fa:20:56:d8:3e:4f:
b3:2d:e9:b5:26:54:b9:15:60:6e:a9:a6:4a:ab:f0:
70:d1:7c:74:19:e0:c6:57:b0:d4:d3:7e:81:e9:56:
cb:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:9F:44:C6:76:83:E8:17:DF:A1:5D:8D:13:D3:16:DA:DA:24:A4:E4
X509v3 Authority Key Identifier:
keyid:64:3E:1B:A9:1C:56:9A:8B:21:A6:D2:D6:7F:5D:BB:D6:C0:4E:43:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZD4bqRxWmoshptLWf1271sBOQ-o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/aca912-9e8d-4749-95e0-fea0aff359f5/1/IZ9ExnaD6BffoV2NE9MW2tokpOQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/aca912-9e8d-4749-95e0-fea0aff359f5/1/ZD4bqRxWmoshptLWf1271sBOQ-o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.23.202.0/23
194.34.224.0/24
194.34.227.0/24
IPv6:
2a0d:f9c3::/32
Signature Algorithm: sha256WithRSAEncryption
cd:67:ab:ab:71:b2:5f:25:72:3a:f6:50:29:16:e8:00:52:6d:
4a:7c:c0:a6:a6:c4:2d:9b:69:dc:35:c3:9e:58:77:05:04:36:
1d:5d:6c:9f:00:a6:da:0f:ee:cc:07:f8:79:20:a0:9f:27:e2:
6c:e5:b5:d2:d6:c1:df:ff:df:88:5f:6b:f7:f1:33:80:3a:0d:
c9:2d:f0:57:ee:40:92:4c:67:2f:c0:4c:99:dc:6d:76:3c:e9:
ab:e2:74:90:b0:f6:eb:92:17:8b:1d:26:f6:15:cd:14:b7:63:
cd:6f:2d:5c:75:e2:75:74:c5:49:a6:49:eb:0b:57:f5:93:a7:
7f:08:03:bf:f6:57:a8:f3:4f:ad:52:d3:37:58:be:34:4d:7c:
bb:a2:4e:4f:93:e4:a2:a8:93:67:3a:9f:5c:5c:9b:75:4e:ec:
c6:4a:76:7e:5c:ba:20:c8:70:60:51:be:39:26:8a:ce:03:2b:
ce:c6:7a:50:cb:b0:b9:a9:85:19:dd:85:98:68:2f:2d:d2:8b:
cc:57:c2:39:71:09:6f:19:9b:b4:60:43:fa:91:29:31:22:d2:
24:8b:37:fa:1d:5a:29:b3:55:27:ad:e8:94:7e:ef:6a:ee:ff:
a8:ba:a7:99:1a:5b:80:e0:2a:fe:d2:af:22:cd:c7:f4:3f:a6:
17:83:94:8f
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAY4+bI0IIgIAZXM1Ms26yDGQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0M2UxYmE5MWM1NjlhOGIyMWE2ZDJkNjdmNWRiYmQ2YzA0
ZTQzZWEwHhcNMjQwMzE0MTkyNDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTlmNDRjNjc2ODNlODE3ZGZhMTVkOGQxM2QzMTZkYWRhMjRhNGU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArWjLNs1BVpeOEcEwVX/CjVI5k6oz
+O3zW0ZaTKldwprUM2y+lWAfI0caw3zG4fUxtdmu6N0bJxigv3GB/r115Uoeapfe
stubeT6OS9g+I7CzLfBXyPVnJoqHwPPd08FCxVa/mQVIvpA086eyiqdMZM6T9AR3
M45cayfoMR2dMmapUv9iMAzo5pkTsPXMA4SDLm2oP9dGT8U5GBgQ83CR4XTDSmfu
BIBs7Ya+UhryKWNeYSBwXFcvcwyGRe76u0/aInYcW6DgRfQPRZJh7ivc/hNClcVr
uMBk63b6IFbYPk+zLem1JlS5FWBuqaZKq/Bw0Xx0GeDGV7DU036B6VbL6wIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFCGfRMZ2g+gX36FdjRPTFtraJKTkMB8GA1UdIwQY
MBaAFGQ+G6kcVpqLIabS1n9du9bATkPqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWkQ0YnFSeFdtb3NocHRMV2YxMjcxc0JPUS1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My9hY2E5MTItOWU4ZC00NzQ5LTk1ZTAt
ZmVhMGFmZjM1OWY1LzEvSVo5RXhuYUQ2QmZmb1YyTkU5TVcydG9rcE9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My9hY2E5MTItOWU4ZC00NzQ5LTk1ZTAtZmVhMGFmZjM1OWY1
LzEvWkQ0YnFSeFdtb3NocHRMV2YxMjcxc0JPUS1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQBuRfKAwQA
wiLgAwQAwiLjMA0EAgACMAcDBQAqDfnDMA0GCSqGSIb3DQEBCwUAA4IBAQDNZ6ur
cbJfJXI69lApFugAUm1KfMCmpsQtm2ncNcOeWHcFBDYdXWyfAKbaD+7MB/h5IKCf
J+Js5bXS1sHf/9+IX2v38TOAOg3JLfBX7kCSTGcvwEyZ3G12POmr4nSQsPbrkheL
HSb2Fc0Ut2PNby1cdeJ1dMVJpknrC1f1k6d/CAO/9leo80+tUtM3WL40TXy7ok5P
k+SiqJNnOp9cXJt1TuzGSnZ+XLogyHBgUb45JorOAyvOxnpQy7C5qYUZ3YWYaC8t
0ovMV8I5cQlvGZu0YEP6kSkxItIkizf6HVops1UnreiUfu9q7v+ouqeZGluA4Cr+
0q8izcf0P6YXg5SP
-----END CERTIFICATE-----
Generated at Wed Apr 23 05:25:10 2025 by rpki-client