Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/ae5206-c843-4bd5-8860-71e95b04b3ec/1/DzojaLJ5vaIlrDO9vw-pk-RtVtU.roa
File: DzojaLJ5vaIlrDO9vw-pk-RtVtU.roa (raw, json)
Hash identifier: f9quenUvHqfWUu1Tqaq0gP2iW+A8MHrE/K5mtGxlrzY=
Subject key identifier: 0F:3A:23:68:B2:79:BD:A2:25:AC:33:BD:BF:0F:A9:93:E4:6D:56:D5
Certificate issuer: /CN=a43b5322b8ea38a7a044dcb0671a75dba1043d7e
Certificate serial: 0191B2C4B8F0D25D970C5A53175E58887A95
Authority key identifier: A4:3B:53:22:B8:EA:38:A7:A0:44:DC:B0:67:1A:75:DB:A1:04:3D:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pDtTIrjqOKegRNywZxp126EEPX4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/ae5206-c843-4bd5-8860-71e95b04b3ec/1/DzojaLJ5vaIlrDO9vw-pk-RtVtU.roa
Signing time: Mon 02 Sep 2024 12:45:22 +0000
ROA not before: Mon 02 Sep 2024 12:45:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214876
IP address blocks: 185.190.17.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 01:47:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:b2:c4:b8:f0:d2:5d:97:0c:5a:53:17:5e:58:88:7a:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a43b5322b8ea38a7a044dcb0671a75dba1043d7e
Validity
Not Before: Sep 2 12:45:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0f3a2368b279bda225ac33bdbf0fa993e46d56d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:c5:63:fb:33:00:90:42:14:f1:82:19:d3:ad:
6c:58:bd:8a:91:be:b8:1b:c4:7b:ac:de:a0:50:13:
cf:b3:c3:f8:c5:44:2b:78:cc:0a:e3:3d:59:a4:8c:
e4:3a:dd:47:66:70:44:fa:24:5c:80:fe:fa:0c:e0:
2a:70:6b:f5:8a:50:ee:d4:12:00:1c:5e:eb:00:88:
e8:1b:56:75:98:d0:af:ed:82:a7:be:a4:55:35:12:
d6:e9:b6:49:ff:3b:89:d3:6c:28:f9:2a:ca:e5:9e:
59:64:1e:a3:71:53:78:7b:3b:78:44:86:f6:e2:e6:
78:c2:43:1e:b9:76:c6:76:43:f7:9b:ab:16:c1:ce:
c3:55:42:fc:b1:1d:3b:2e:97:e0:50:69:6f:2c:c0:
6d:ce:19:4c:b7:8a:f0:b1:94:b8:5e:3e:14:18:b4:
00:16:56:f2:cd:f0:06:45:9a:32:3f:f7:a7:42:b2:
35:da:17:5c:2b:97:84:46:32:d0:41:7e:2a:8a:52:
57:31:6c:f9:51:25:cd:93:c6:c3:d2:77:4a:bb:83:
37:e6:0b:4d:d2:fa:f7:1a:52:74:bb:46:8e:42:cd:
d6:39:ae:be:5d:0a:a0:62:4c:78:1d:15:ac:e4:82:
83:f2:de:48:34:fa:53:1f:d9:7a:5c:2b:2c:e8:c6:
b8:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:3A:23:68:B2:79:BD:A2:25:AC:33:BD:BF:0F:A9:93:E4:6D:56:D5
X509v3 Authority Key Identifier:
keyid:A4:3B:53:22:B8:EA:38:A7:A0:44:DC:B0:67:1A:75:DB:A1:04:3D:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pDtTIrjqOKegRNywZxp126EEPX4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/ae5206-c843-4bd5-8860-71e95b04b3ec/1/DzojaLJ5vaIlrDO9vw-pk-RtVtU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/ae5206-c843-4bd5-8860-71e95b04b3ec/1/pDtTIrjqOKegRNywZxp126EEPX4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.190.17.0/24
Signature Algorithm: sha256WithRSAEncryption
d8:ce:b8:43:03:b7:af:1c:37:11:07:ea:d4:f1:0e:e1:bd:b6:
3b:03:83:ba:43:2b:c2:f4:23:a8:07:aa:da:81:32:13:66:df:
58:c1:94:e4:76:b0:3c:6b:1d:c3:0d:37:9a:94:0e:e5:8c:cf:
13:f0:0f:ba:0e:45:36:35:d6:5c:ec:b7:ec:a9:14:c4:e5:68:
43:26:37:d7:a9:ce:d3:83:8a:2d:29:88:bb:e6:1c:96:10:ed:
e2:3c:43:31:38:7e:e1:22:a7:7a:97:eb:15:76:35:95:56:5e:
d1:78:29:23:f8:7b:bf:a8:f5:51:a7:e9:a0:66:f2:bd:7c:dd:
11:cf:01:d2:0e:2a:e4:d2:47:23:c0:8a:cb:aa:0f:2d:bd:29:
7f:e2:fb:91:a8:82:0e:ff:1b:02:73:eb:5f:03:88:2e:62:e8:
78:19:e5:37:a7:2c:d0:c8:0e:61:5e:f0:3b:ae:4a:6c:5b:16:
e0:34:6f:2a:8a:5e:ac:5e:80:52:a9:59:13:f5:fd:e5:93:36:
0a:8d:e3:85:b3:7f:31:07:b4:f3:6a:da:0f:35:a9:0b:1b:4d:
59:a7:83:b6:ac:af:7f:9f:53:94:81:4a:d2:f7:da:39:fa:0f:
b9:20:8a:51:aa:d6:01:a6:1f:ba:06:88:3b:3d:e7:6c:29:f9:
c7:70:1c:76
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZGyxLjw0l2XDFpTF15YiHqVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0M2I1MzIyYjhlYTM4YTdhMDQ0ZGNiMDY3MWE3NWRiYTEw
NDNkN2UwHhcNMjQwOTAyMTI0NTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjNhMjM2OGIyNzliZGEyMjVhYzMzYmRiZjBmYTk5M2U0NmQ1NmQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4MVj+zMAkEIU8YIZ061sWL2Kkb64
G8R7rN6gUBPPs8P4xUQreMwK4z1ZpIzkOt1HZnBE+iRcgP76DOAqcGv1ilDu1BIA
HF7rAIjoG1Z1mNCv7YKnvqRVNRLW6bZJ/zuJ02wo+SrK5Z5ZZB6jcVN4ezt4RIb2
4uZ4wkMeuXbGdkP3m6sWwc7DVUL8sR07LpfgUGlvLMBtzhlMt4rwsZS4Xj4UGLQA
FlbyzfAGRZoyP/enQrI12hdcK5eERjLQQX4qilJXMWz5USXNk8bD0ndKu4M35gtN
0vr3GlJ0u0aOQs3WOa6+XQqgYkx4HRWs5IKD8t5INPpTH9l6XCss6Ma4oQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA86I2iyeb2iJawzvb8PqZPkbVbVMB8GA1UdIwQY
MBaAFKQ7UyK46jinoETcsGcadduhBD1+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcER0VElyanFPS2VnUk55d1p4cDEyNkVFUFg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy9hZTUyMDYtYzg0My00YmQ1LTg4NjAt
NzFlOTViMDRiM2VjLzEvRHpvamFMSjV2YUlsckRPOXZ3LXBrLVJ0VnRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy9hZTUyMDYtYzg0My00YmQ1LTg4NjAtNzFlOTViMDRiM2Vj
LzEvcER0VElyanFPS2VnUk55d1p4cDEyNkVFUFg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAub4RMA0G
CSqGSIb3DQEBCwUAA4IBAQDYzrhDA7evHDcRB+rU8Q7hvbY7A4O6QyvC9COoB6ra
gTITZt9YwZTkdrA8ax3DDTealA7ljM8T8A+6DkU2NdZc7LfsqRTE5WhDJjfXqc7T
g4otKYi75hyWEO3iPEMxOH7hIqd6l+sVdjWVVl7ReCkj+Hu/qPVRp+mgZvK9fN0R
zwHSDirk0kcjwIrLqg8tvSl/4vuRqIIO/xsCc+tfA4guYuh4GeU3pyzQyA5hXvA7
rkpsWxbgNG8qil6sXoBSqVkT9f3lkzYKjeOFs38xB7TzatoPNakLG01Zp4O2rK9/
n1OUgUrS99o5+g+5IIpRqtYBph+6Bog7PedsKfnHcBx2
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:46:22 2025 by rpki-client