Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/2e8537-36be-498f-8155-cc03bd315ff9/1/9SSEqZiEMnIu5Cz0QKEkyS0FQ8w.roa
File: 9SSEqZiEMnIu5Cz0QKEkyS0FQ8w.roa (raw, json)
Hash identifier: EaUXdzzaScaPQgzJDCWGZsR/DHvZ+ytJULmlv+4V8Ts=
Subject key identifier: F5:24:84:A9:98:84:32:72:2E:E4:2C:F4:40:A1:24:C9:2D:05:43:CC
Certificate issuer: /CN=1690970ddbb7619cc82186ddb536eb4e8985d2de
Certificate serial: 019423694DFDBFE1287BE5A49030B00D53B9
Authority key identifier: 16:90:97:0D:DB:B7:61:9C:C8:21:86:DD:B5:36:EB:4E:89:85:D2:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FpCXDdu3YZzIIYbdtTbrTomF0t4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/2e8537-36be-498f-8155-cc03bd315ff9/1/9SSEqZiEMnIu5Cz0QKEkyS0FQ8w.roa
Signing time: Wed 01 Jan 2025 19:48:11 +0000
ROA not before: Wed 01 Jan 2025 19:48:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 13030
IP address blocks: 185.29.76.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 22 Jan 2025 07:53:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:4d:fd:bf:e1:28:7b:e5:a4:90:30:b0:0d:53:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1690970ddbb7619cc82186ddb536eb4e8985d2de
Validity
Not Before: Jan 1 19:48:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f52484a9988432722ee42cf440a124c92d0543cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:10:97:7d:70:f0:bf:e1:18:af:a6:aa:fe:ec:
9a:00:fe:27:3d:45:54:37:9c:49:32:33:b2:fb:46:
fb:c4:d5:5f:4a:b7:88:7d:c0:62:76:84:23:9e:b9:
09:31:7e:8a:b4:31:8f:2b:ca:62:6f:53:a6:55:9b:
2c:1d:b3:06:00:8d:dc:d7:82:8a:cc:0a:b7:e3:5a:
8f:49:b2:c8:e2:f6:8c:5f:64:9d:a1:fb:5c:76:b9:
07:e4:d3:c9:f7:68:e5:b2:ee:12:2e:70:d3:6d:92:
48:0f:a7:81:48:06:06:00:ba:0e:0c:c8:ec:b9:41:
9d:cc:15:71:8b:95:f9:9a:1b:d5:38:7a:de:a9:20:
60:03:45:49:1e:d7:70:2d:74:ed:d4:1c:28:5e:5e:
bb:64:52:7a:cc:81:54:52:c1:fe:88:dc:9a:65:99:
fe:90:02:f9:15:af:64:cd:c2:62:a4:29:79:97:08:
4e:9e:70:11:9d:f8:d0:4d:92:f5:45:f9:00:4d:d3:
78:d9:61:e0:86:a0:0b:9f:33:09:f7:b8:dc:20:84:
f6:66:f1:46:79:2f:e9:b2:8c:94:09:c1:b7:9d:12:
1b:f1:ea:40:16:62:45:5f:3e:26:18:b2:1c:43:6a:
07:23:c7:2e:c4:a3:70:c3:fc:2b:0a:23:c0:2d:dd:
34:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:24:84:A9:98:84:32:72:2E:E4:2C:F4:40:A1:24:C9:2D:05:43:CC
X509v3 Authority Key Identifier:
keyid:16:90:97:0D:DB:B7:61:9C:C8:21:86:DD:B5:36:EB:4E:89:85:D2:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FpCXDdu3YZzIIYbdtTbrTomF0t4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/2e8537-36be-498f-8155-cc03bd315ff9/1/9SSEqZiEMnIu5Cz0QKEkyS0FQ8w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/2e8537-36be-498f-8155-cc03bd315ff9/1/FpCXDdu3YZzIIYbdtTbrTomF0t4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.29.76.0/24
Signature Algorithm: sha256WithRSAEncryption
91:39:4d:e4:f9:3f:7a:34:43:3a:b9:39:6e:9d:b8:1f:5d:d1:
f9:5d:77:68:96:ed:c5:e2:05:e2:0b:d7:35:b0:f3:3e:f7:03:
18:a8:74:00:aa:10:b4:fd:d0:7f:db:51:5c:36:ce:82:7b:fa:
ca:ca:28:3f:e9:2a:c0:6d:8a:ce:6e:1c:e5:45:14:b6:03:91:
90:a7:f3:b8:76:5e:27:8e:e6:a7:19:80:ca:e6:89:88:6f:df:
12:24:dd:61:07:8f:8a:43:89:8e:5f:78:0e:65:94:ea:e1:2f:
7b:78:37:95:b9:05:82:2c:a3:4b:41:a7:15:b7:55:82:19:a5:
b0:8b:a7:d4:88:ff:72:27:6c:52:b2:01:10:4f:10:e6:bb:d4:
20:7f:7c:e2:36:da:b4:a9:2f:18:a8:01:9f:51:30:da:b0:d8:
51:7b:d0:79:6b:a6:10:0f:83:8d:5e:7b:1c:0c:17:cc:f6:2b:
87:e1:f3:30:4f:66:31:f5:25:ce:f9:f1:0c:3d:7e:87:f0:b8:
66:98:30:7f:31:38:35:37:62:7c:87:03:ac:51:6d:68:88:a6:
ee:ad:3d:4d:c8:da:2f:4c:a1:28:a3:4c:f0:3f:6e:4e:f2:a2:
f0:ce:6c:bf:7c:a6:e7:23:c1:d2:46:4d:73:2d:a7:61:df:b9:
64:50:fe:91
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQjaU39v+Eoe+WkkDCwDVO5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2OTA5NzBkZGJiNzYxOWNjODIxODZkZGI1MzZlYjRlODk4
NWQyZGUwHhcNMjUwMTAxMTk0ODExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTI0ODRhOTk4ODQzMjcyMmVlNDJjZjQ0MGExMjRjOTJkMDU0M2NjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0hCXfXDwv+EYr6aq/uyaAP4nPUVU
N5xJMjOy+0b7xNVfSreIfcBidoQjnrkJMX6KtDGPK8pib1OmVZssHbMGAI3c14KK
zAq341qPSbLI4vaMX2SdoftcdrkH5NPJ92jlsu4SLnDTbZJID6eBSAYGALoODMjs
uUGdzBVxi5X5mhvVOHreqSBgA0VJHtdwLXTt1BwoXl67ZFJ6zIFUUsH+iNyaZZn+
kAL5Fa9kzcJipCl5lwhOnnARnfjQTZL1RfkATdN42WHghqALnzMJ97jcIIT2ZvFG
eS/psoyUCcG3nRIb8epAFmJFXz4mGLIcQ2oHI8cuxKNww/wrCiPALd000QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPUkhKmYhDJyLuQs9EChJMktBUPMMB8GA1UdIwQY
MBaAFBaQlw3bt2GcyCGG3bU2606JhdLeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRnBDWERkdTNZWnpJSVliZHRUYnJUb21GMHQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC8yZTg1MzctMzZiZS00OThmLTgxNTUt
Y2MwM2JkMzE1ZmY5LzEvOVNTRXFaaUVNbkl1NUN6MFFLRWt5UzBGUTh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC8yZTg1MzctMzZiZS00OThmLTgxNTUtY2MwM2JkMzE1ZmY5
LzEvRnBDWERkdTNZWnpJSVliZHRUYnJUb21GMHQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuR1MMA0G
CSqGSIb3DQEBCwUAA4IBAQCROU3k+T96NEM6uTlunbgfXdH5XXdolu3F4gXiC9c1
sPM+9wMYqHQAqhC0/dB/21FcNs6Ce/rKyig/6SrAbYrObhzlRRS2A5GQp/O4dl4n
juanGYDK5omIb98SJN1hB4+KQ4mOX3gOZZTq4S97eDeVuQWCLKNLQacVt1WCGaWw
i6fUiP9yJ2xSsgEQTxDmu9Qgf3ziNtq0qS8YqAGfUTDasNhRe9B5a6YQD4ONXnsc
DBfM9iuH4fMwT2Yx9SXO+fEMPX6H8LhmmDB/MTg1N2J8hwOsUW1oiKburT1NyNov
TKEoo0zwP25O8qLwzmy/fKbnI8HSRk1zLadh37lkUP6R
-----END CERTIFICATE-----
Generated at Sat Apr 19 04:49:39 2025 by rpki-client