Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/8b2aaf-345b-40bb-a31b-fd98fd70f34f/1/1TAkStDu-6UTcpJPXyS3gsBqI-M.roa
File: 1TAkStDu-6UTcpJPXyS3gsBqI-M.roa (raw, json)
Hash identifier: nfBp5nDTqP5pIKwE6RqCENFkjDydCk2rs/BYrGvnLNA=
Subject key identifier: D5:30:24:4A:D0:EE:FB:A5:13:72:92:4F:5F:24:B7:82:C0:6A:23:E3
Certificate issuer: /CN=3e1ab5f88b1cd7728f177cc86e33bceb9e2214b2
Certificate serial: 018CC500100B4F9941B26C023F873B698BCF
Authority key identifier: 3E:1A:B5:F8:8B:1C:D7:72:8F:17:7C:C8:6E:33:BC:EB:9E:22:14:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Phq1-Isc13KPF3zIbjO8654iFLI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/8b2aaf-345b-40bb-a31b-fd98fd70f34f/1/1TAkStDu-6UTcpJPXyS3gsBqI-M.roa
Signing time: Mon 01 Jan 2024 12:29:24 +0000
ROA not before: Mon 01 Jan 2024 12:29:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39172
IP address blocks: 185.53.60.0/24 maxlen: 24
185.53.61.0/24 maxlen: 24
185.53.62.0/24 maxlen: 24
185.53.63.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 13:50:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:10:0b:4f:99:41:b2:6c:02:3f:87:3b:69:8b:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e1ab5f88b1cd7728f177cc86e33bceb9e2214b2
Validity
Not Before: Jan 1 12:29:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d530244ad0eefba51372924f5f24b782c06a23e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:a2:76:9e:23:1c:ed:ff:81:1e:10:ee:d3:bd:
4e:82:ce:0d:7a:3d:0f:20:e7:f5:ab:e8:af:ff:7c:
d6:40:8d:25:a2:a0:0a:3f:0a:5d:9e:9e:e1:72:ae:
6a:27:e4:15:60:32:7a:dc:d6:67:05:05:98:64:ad:
e9:3d:fb:69:6c:fc:d3:59:55:20:2d:44:e4:35:8a:
81:63:7e:78:be:56:f1:ae:60:b9:eb:6a:7a:7c:c5:
ce:8a:da:38:dd:fb:31:35:2d:be:8a:57:eb:4f:96:
6e:27:3c:18:72:8f:31:de:79:20:d3:97:e9:97:05:
24:6b:c6:13:64:32:43:41:fd:3d:3a:8a:df:9c:4f:
63:1b:ea:5b:70:9f:48:97:7a:d8:91:a8:ac:9d:38:
3f:53:0e:f3:ec:9f:22:92:13:50:ec:19:51:87:8c:
0c:c7:d7:0e:16:a4:2f:55:0c:bc:ee:49:9b:ac:a5:
9f:13:36:4e:7a:9b:f3:22:5f:ea:11:18:01:28:91:
39:fb:7e:4d:58:6c:50:f4:6d:ed:71:10:21:64:aa:
f3:da:3b:ab:93:9c:be:b0:ec:5a:10:68:e9:9a:dd:
32:36:be:56:6a:e0:91:9b:53:ff:06:84:0a:e9:8a:
03:cf:43:17:85:93:4c:b3:7a:21:85:69:3d:0f:1b:
5e:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:30:24:4A:D0:EE:FB:A5:13:72:92:4F:5F:24:B7:82:C0:6A:23:E3
X509v3 Authority Key Identifier:
keyid:3E:1A:B5:F8:8B:1C:D7:72:8F:17:7C:C8:6E:33:BC:EB:9E:22:14:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Phq1-Isc13KPF3zIbjO8654iFLI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/8b2aaf-345b-40bb-a31b-fd98fd70f34f/1/1TAkStDu-6UTcpJPXyS3gsBqI-M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/8b2aaf-345b-40bb-a31b-fd98fd70f34f/1/Phq1-Isc13KPF3zIbjO8654iFLI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.53.60.0/22
Signature Algorithm: sha256WithRSAEncryption
4b:d6:cc:47:0c:1c:e1:bb:4c:58:44:8c:bd:88:04:3d:9f:65:
58:c5:34:bd:16:05:ae:08:d1:3d:8b:3d:35:b9:37:d6:02:f0:
ce:1d:b6:98:80:5e:97:fc:5b:54:03:75:6b:e1:b5:14:67:fa:
b0:32:ca:6e:df:4f:95:ab:28:3f:1b:69:fe:af:3c:03:60:19:
81:bf:fc:b7:c0:97:48:3c:60:25:07:a7:18:77:43:73:df:1d:
a2:5a:4f:36:46:7d:bb:9b:26:1f:25:1b:5c:b0:3e:99:f9:82:
38:94:4e:24:6b:e4:50:36:db:52:e3:9f:17:f1:79:ac:06:8a:
b2:4d:46:87:f0:11:aa:5e:dc:01:d5:63:d2:bf:9f:54:89:da:
79:fb:74:9b:dd:99:48:53:7b:8a:cb:14:88:27:83:8d:4a:8b:
18:f8:de:67:8a:9c:74:cd:9c:b6:dc:4c:9c:9c:2f:d7:16:cb:
78:07:fc:de:44:3f:4a:58:cc:ba:78:82:70:34:ea:cc:d2:7b:
87:08:fa:da:92:60:b3:70:1f:8c:31:08:ff:c3:74:7e:47:47:
68:01:e0:16:f2:6e:2c:82:2a:b5:73:b4:36:c2:ed:6b:84:0b:
f7:12:13:80:14:e5:e7:1d:bb:90:b9:a7:e6:2c:65:fc:ef:78:
13:73:68:85
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFABALT5lBsmwCP4c7aYvPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlMWFiNWY4OGIxY2Q3NzI4ZjE3N2NjODZlMzNiY2ViOWUy
MjE0YjIwHhcNMjQwMTAxMTIyOTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTMwMjQ0YWQwZWVmYmE1MTM3MjkyNGY1ZjI0Yjc4MmMwNmEyM2UzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn6J2niMc7f+BHhDu071Ogs4Nej0P
IOf1q+iv/3zWQI0loqAKPwpdnp7hcq5qJ+QVYDJ63NZnBQWYZK3pPftpbPzTWVUg
LUTkNYqBY354vlbxrmC562p6fMXOito43fsxNS2+ilfrT5ZuJzwYco8x3nkg05fp
lwUka8YTZDJDQf09OorfnE9jG+pbcJ9Il3rYkaisnTg/Uw7z7J8ikhNQ7BlRh4wM
x9cOFqQvVQy87kmbrKWfEzZOepvzIl/qERgBKJE5+35NWGxQ9G3tcRAhZKrz2jur
k5y+sOxaEGjpmt0yNr5WauCRm1P/BoQK6YoDz0MXhZNMs3ohhWk9DxtevQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNUwJErQ7vulE3KST18kt4LAaiPjMB8GA1UdIwQY
MBaAFD4atfiLHNdyjxd8yG4zvOueIhSyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGhxMS1Jc2MxM0tQRjN6SWJqTzg2NTRpRkxJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy84YjJhYWYtMzQ1Yi00MGJiLWEzMWIt
ZmQ5OGZkNzBmMzRmLzEvMVRBa1N0RHUtNlVUY3BKUFh5UzNnc0JxSS1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy84YjJhYWYtMzQ1Yi00MGJiLWEzMWItZmQ5OGZkNzBmMzRm
LzEvUGhxMS1Jc2MxM0tQRjN6SWJqTzg2NTRpRkxJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuTU8MA0G
CSqGSIb3DQEBCwUAA4IBAQBL1sxHDBzhu0xYRIy9iAQ9n2VYxTS9FgWuCNE9iz01
uTfWAvDOHbaYgF6X/FtUA3Vr4bUUZ/qwMspu30+Vqyg/G2n+rzwDYBmBv/y3wJdI
PGAlB6cYd0Nz3x2iWk82Rn27myYfJRtcsD6Z+YI4lE4ka+RQNttS458X8XmsBoqy
TUaH8BGqXtwB1WPSv59Uidp5+3Sb3ZlIU3uKyxSIJ4ONSosY+N5nipx0zZy23Eyc
nC/XFst4B/zeRD9KWMy6eIJwNOrM0nuHCPrakmCzcB+MMQj/w3R+R0doAeAW8m4s
giq1c7Q2wu1rhAv3EhOAFOXnHbuQuafmLGX873gTc2iF
-----END CERTIFICATE-----
Generated at Sun Apr 20 13:07:26 2025 by rpki-client