Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/c3f4a2-8b8e-49a3-aa9f-d92d64b9f801/1/PbKdORNKJdP7MTpjXvgAWx6Kj2M.roa
File: PbKdORNKJdP7MTpjXvgAWx6Kj2M.roa (raw, json)
Hash identifier: pMmdjtsJ3f0KTjYc+yn/sgXgx44vxiEZmUHD/yi5sto=
Subject key identifier: 3D:B2:9D:39:13:4A:25:D3:FB:31:3A:63:5E:F8:00:5B:1E:8A:8F:63
Certificate issuer: /CN=a57089c45c55088fe90eb61002f07f0f95862672
Certificate serial: 018CC86F285C5188C699065C9B53321D1FAA
Authority key identifier: A5:70:89:C4:5C:55:08:8F:E9:0E:B6:10:02:F0:7F:0F:95:86:26:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pXCJxFxVCI_pDrYQAvB_D5WGJnI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/c3f4a2-8b8e-49a3-aa9f-d92d64b9f801/1/PbKdORNKJdP7MTpjXvgAWx6Kj2M.roa
Signing time: Tue 02 Jan 2024 04:29:37 +0000
ROA not before: Tue 02 Jan 2024 04:29:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59987
IP address blocks: 176.119.196.0/24 maxlen: 24
2a06:6840::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 01 Jan 2025 01:48:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:28:5c:51:88:c6:99:06:5c:9b:53:32:1d:1f:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a57089c45c55088fe90eb61002f07f0f95862672
Validity
Not Before: Jan 2 04:29:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3db29d39134a25d3fb313a635ef8005b1e8a8f63
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:4b:8d:65:40:04:08:60:88:78:de:6f:cf:c4:
b8:44:3d:b0:8a:7f:38:9a:c0:02:f0:e4:91:58:5a:
8e:02:59:e3:8a:1f:73:c9:b9:e0:d5:c7:c0:bd:89:
5f:00:64:a6:3e:d1:d3:17:66:af:a6:01:35:63:97:
58:7c:94:ce:ae:53:e1:39:ce:7c:9d:24:c8:9d:e4:
21:8e:11:3b:49:0f:8c:1f:a3:3d:d5:3d:0a:a7:f9:
82:e7:dd:c1:28:41:8f:5c:67:e4:36:b5:e7:fe:20:
56:3f:3b:8a:91:5b:8a:3a:64:19:9b:06:a9:2a:32:
23:38:51:68:a0:44:57:de:0f:a2:e3:98:61:35:3f:
32:b2:79:9a:8f:7e:6f:e9:93:5c:cc:84:69:01:0e:
4f:b5:88:fd:6a:79:3f:6d:6a:b6:49:a5:d0:8e:a3:
db:3e:67:08:8a:ec:bd:23:82:8f:55:b7:c7:05:39:
8e:3f:1f:0d:72:4a:ca:81:eb:db:c2:48:70:88:0e:
2b:ae:76:1f:f2:98:be:11:ce:f1:cc:6b:fd:91:b5:
9f:45:e6:81:c7:a9:9a:64:7a:b4:8c:95:eb:d6:46:
d7:a9:df:6e:fe:c4:51:27:4d:c2:ec:0f:90:41:be:
5c:1c:8a:b2:19:c7:53:bc:37:10:7a:b9:25:f5:a1:
f1:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:B2:9D:39:13:4A:25:D3:FB:31:3A:63:5E:F8:00:5B:1E:8A:8F:63
X509v3 Authority Key Identifier:
keyid:A5:70:89:C4:5C:55:08:8F:E9:0E:B6:10:02:F0:7F:0F:95:86:26:72
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pXCJxFxVCI_pDrYQAvB_D5WGJnI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/c3f4a2-8b8e-49a3-aa9f-d92d64b9f801/1/PbKdORNKJdP7MTpjXvgAWx6Kj2M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/c3f4a2-8b8e-49a3-aa9f-d92d64b9f801/1/pXCJxFxVCI_pDrYQAvB_D5WGJnI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.119.196.0/24
IPv6:
2a06:6840::/29
Signature Algorithm: sha256WithRSAEncryption
5f:5f:c9:76:7d:bf:b9:f5:77:65:c9:ad:a5:c5:46:a1:9e:d1:
de:da:6d:d9:27:a3:8d:49:1f:8c:62:98:c5:d4:3c:b6:38:dc:
d6:9c:aa:0a:63:aa:d5:b2:93:b2:13:14:95:d1:44:3d:4a:b9:
52:20:f7:83:ac:e4:1f:e7:60:e7:fc:54:b2:fa:95:5a:a3:0d:
e1:18:6e:81:85:db:0e:af:7f:07:41:a4:c7:19:5b:b5:c6:35:
d5:29:e1:c9:dd:07:9d:ab:d8:f8:89:a2:bc:0e:ae:a3:43:cc:
a9:91:fa:c6:47:3a:df:b2:b8:60:50:cf:e7:8c:d8:db:3d:23:
ab:6e:e2:11:f1:80:9c:36:84:82:b7:41:c8:c1:af:5f:8d:c4:
8b:65:71:5d:61:3a:69:69:4d:86:c0:49:25:fa:4a:67:c0:44:
2f:60:6c:34:d5:e6:92:2e:4b:9b:a8:f1:56:1d:1b:06:30:cc:
7f:e4:d6:62:65:8c:5a:3c:ca:e4:a4:3e:ee:96:99:e6:3d:5f:
a6:5c:06:a4:cc:c3:65:55:01:8d:5d:25:4d:50:49:ac:80:ee:
be:eb:3b:0c:f4:05:e3:ae:a3:95:dd:84:1e:a7:b9:41:47:a2:
a4:30:1d:9f:90:1b:d7:b9:c1:d3:36:f3:2f:67:05:9f:d7:a7:
e0:83:8c:15
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzIbyhcUYjGmQZcm1MyHR+qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1NzA4OWM0NWM1NTA4OGZlOTBlYjYxMDAyZjA3ZjBmOTU4
NjI2NzIwHhcNMjQwMTAyMDQyOTM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZGIyOWQzOTEzNGEyNWQzZmIzMTNhNjM1ZWY4MDA1YjFlOGE4ZjYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAskuNZUAECGCIeN5vz8S4RD2win84
msAC8OSRWFqOAlnjih9zybng1cfAvYlfAGSmPtHTF2avpgE1Y5dYfJTOrlPhOc58
nSTIneQhjhE7SQ+MH6M91T0Kp/mC593BKEGPXGfkNrXn/iBWPzuKkVuKOmQZmwap
KjIjOFFooERX3g+i45hhNT8ysnmaj35v6ZNczIRpAQ5PtYj9ank/bWq2SaXQjqPb
PmcIiuy9I4KPVbfHBTmOPx8NckrKgevbwkhwiA4rrnYf8pi+Ec7xzGv9kbWfReaB
x6maZHq0jJXr1kbXqd9u/sRRJ03C7A+QQb5cHIqyGcdTvDcQerkl9aHxGwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFD2ynTkTSiXT+zE6Y174AFseio9jMB8GA1UdIwQY
MBaAFKVwicRcVQiP6Q62EALwfw+VhiZyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFhDSnhGeFZDSV9wRHJZUUF2Ql9ENVdHSm5JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9jM2Y0YTItOGI4ZS00OWEzLWFhOWYt
ZDkyZDY0YjlmODAxLzEvUGJLZE9STktKZFA3TVRwalh2Z0FXeDZLajJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS9jM2Y0YTItOGI4ZS00OWEzLWFhOWYtZDkyZDY0YjlmODAx
LzEvcFhDSnhGeFZDSV9wRHJZUUF2Ql9ENVdHSm5JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAsHfEMA0E
AgACMAcDBQMqBmhAMA0GCSqGSIb3DQEBCwUAA4IBAQBfX8l2fb+59Xdlya2lxUah
ntHe2m3ZJ6ONSR+MYpjF1Dy2ONzWnKoKY6rVspOyExSV0UQ9SrlSIPeDrOQf52Dn
/FSy+pVaow3hGG6BhdsOr38HQaTHGVu1xjXVKeHJ3Qedq9j4iaK8Dq6jQ8ypkfrG
RzrfsrhgUM/njNjbPSOrbuIR8YCcNoSCt0HIwa9fjcSLZXFdYTppaU2GwEkl+kpn
wEQvYGw01eaSLkubqPFWHRsGMMx/5NZiZYxaPMrkpD7ulpnmPV+mXAakzMNlVQGN
XSVNUEmsgO6+6zsM9AXjrqOV3YQep7lBR6KkMB2fkBvXucHTNvMvZwWf16fgg4wV
-----END CERTIFICATE-----
Generated at Sun Apr 20 13:17:37 2025 by rpki-client