Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/51bfd9-7ffb-4159-9ed5-3a5fecacd49a/1/2guXr1-pevOZqMVtNOBWc29RjXU.roa
File: 2guXr1-pevOZqMVtNOBWc29RjXU.roa (raw, json)
Hash identifier: P6JG3c7viT3vfAo45MMQ4Qhc0UatLyXRFR7BOdKaTgU=
Subject key identifier: DA:0B:97:AF:5F:A9:7A:F3:99:A8:C5:6D:34:E0:56:73:6F:51:8D:75
Certificate issuer: /CN=cb424b40c1f84084f8d40f2b9dcbe1e1f916af3e
Certificate serial: 018EE8DAA1246477A0BC14804D446FD24F13
Authority key identifier: CB:42:4B:40:C1:F8:40:84:F8:D4:0F:2B:9D:CB:E1:E1:F9:16:AF:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/y0JLQMH4QIT41A8rncvh4fkWrz4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/51bfd9-7ffb-4159-9ed5-3a5fecacd49a/1/2guXr1-pevOZqMVtNOBWc29RjXU.roa
Signing time: Tue 16 Apr 2024 21:40:25 +0000
ROA not before: Tue 16 Apr 2024 21:40:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202710
IP address blocks: 185.9.139.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 19 Apr 2024 06:56:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:e8:da:a1:24:64:77:a0:bc:14:80:4d:44:6f:d2:4f:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cb424b40c1f84084f8d40f2b9dcbe1e1f916af3e
Validity
Not Before: Apr 16 21:40:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=da0b97af5fa97af399a8c56d34e056736f518d75
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:01:7e:81:80:46:30:83:28:6c:84:6d:43:68:
4e:85:d1:0b:10:9b:14:f2:31:b1:07:ea:9e:93:34:
75:e1:c0:60:e0:3a:42:f3:d0:ed:f3:5b:e1:be:af:
d3:70:21:e3:49:f0:ce:c8:aa:ce:26:bc:b3:9c:a7:
41:2f:8a:08:ba:60:b2:11:16:1e:d1:30:6d:28:63:
f8:84:50:c1:5e:09:2e:5c:b2:77:45:3f:dc:a0:7d:
aa:df:e1:8e:1d:b1:3f:45:95:b3:62:07:54:38:3a:
63:87:85:f6:43:96:91:ca:c3:2b:30:c8:7c:47:6d:
6a:b4:43:f8:a5:01:ae:06:9f:21:97:ac:be:e9:8f:
a0:da:ee:08:06:f7:06:f8:69:4b:c7:db:4f:6a:05:
fa:8f:68:b8:96:1a:15:ea:18:2a:1a:cc:9e:9c:de:
32:ae:9e:95:93:c9:6c:64:39:51:f9:3d:48:76:e9:
d5:ab:49:90:51:b4:cc:e4:96:86:83:2c:1a:84:62:
b6:e4:23:b2:80:03:46:01:de:0e:da:c5:e2:15:f2:
61:f7:b6:51:72:02:a8:c8:83:62:ff:14:3f:fb:c8:
7f:95:86:c0:35:0c:c4:10:7f:20:f1:3c:97:38:1c:
1d:92:e4:60:fe:03:ad:c5:1f:9a:20:ed:e3:c1:55:
bf:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:0B:97:AF:5F:A9:7A:F3:99:A8:C5:6D:34:E0:56:73:6F:51:8D:75
X509v3 Authority Key Identifier:
keyid:CB:42:4B:40:C1:F8:40:84:F8:D4:0F:2B:9D:CB:E1:E1:F9:16:AF:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y0JLQMH4QIT41A8rncvh4fkWrz4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/51bfd9-7ffb-4159-9ed5-3a5fecacd49a/1/2guXr1-pevOZqMVtNOBWc29RjXU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/51bfd9-7ffb-4159-9ed5-3a5fecacd49a/1/y0JLQMH4QIT41A8rncvh4fkWrz4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.9.139.0/24
Signature Algorithm: sha256WithRSAEncryption
27:8b:20:39:e9:c2:b3:96:f9:4b:90:0b:0c:4f:99:9e:07:6c:
4d:1c:41:87:96:a9:bb:81:ab:93:bd:2a:90:e3:b4:2b:51:fa:
13:e3:d6:ab:ad:22:b2:d5:a1:99:e2:66:88:f5:31:58:d1:d9:
3c:1e:b0:b9:34:05:cb:a9:78:2e:e8:e2:75:f4:ae:94:11:05:
22:89:5d:91:39:56:de:9a:29:e5:23:64:41:bb:ba:34:79:b4:
24:f0:5e:2a:83:b6:26:09:9d:7b:1a:9e:61:3f:20:c2:8f:08:
9e:57:bf:22:74:b5:0e:77:99:52:19:58:a6:93:16:34:e2:72:
ec:68:25:9e:e1:07:fa:b5:a3:1b:bb:93:61:66:80:1e:59:2e:
c6:fc:15:b8:d0:fd:a3:3b:f3:ab:a9:b0:e9:8d:e0:46:82:b6:
e1:72:90:6e:2c:fc:82:e6:f1:ba:e8:29:f0:2b:7a:f6:91:a8:
93:7b:53:5b:a6:8f:89:54:20:df:ac:74:08:f6:76:6a:2a:b9:
fa:df:ed:f2:9e:0a:c8:7e:ef:df:57:95:9d:02:15:12:6f:da:
e3:74:3c:69:75:de:4d:b4:44:23:e2:c5:80:63:df:63:19:7f:
35:3c:70:ca:06:f3:f9:85:8a:4c:c2:cf:be:5c:06:bd:4c:ba:
59:bd:a9:1c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY7o2qEkZHegvBSATURv0k8TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiNDI0YjQwYzFmODQwODRmOGQ0MGYyYjlkY2JlMWUxZjkx
NmFmM2UwHhcNMjQwNDE2MjE0MDI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTBiOTdhZjVmYTk3YWYzOTlhOGM1NmQzNGUwNTY3MzZmNTE4ZDc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxwF+gYBGMIMobIRtQ2hOhdELEJsU
8jGxB+qekzR14cBg4DpC89Dt81vhvq/TcCHjSfDOyKrOJryznKdBL4oIumCyERYe
0TBtKGP4hFDBXgkuXLJ3RT/coH2q3+GOHbE/RZWzYgdUODpjh4X2Q5aRysMrMMh8
R21qtEP4pQGuBp8hl6y+6Y+g2u4IBvcG+GlLx9tPagX6j2i4lhoV6hgqGsyenN4y
rp6Vk8lsZDlR+T1IdunVq0mQUbTM5JaGgywahGK25COygANGAd4O2sXiFfJh97ZR
cgKoyINi/xQ/+8h/lYbANQzEEH8g8TyXOBwdkuRg/gOtxR+aIO3jwVW/8wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNoLl69fqXrzmajFbTTgVnNvUY11MB8GA1UdIwQY
MBaAFMtCS0DB+ECE+NQPK53L4eH5Fq8+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveTBKTFFNSDRRSVQ0MUE4cm5jdmg0ZmtXcno0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS81MWJmZDktN2ZmYi00MTU5LTllZDUt
M2E1ZmVjYWNkNDlhLzEvMmd1WHIxLXBldk9acU1WdE5PQldjMjlSalhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS81MWJmZDktN2ZmYi00MTU5LTllZDUtM2E1ZmVjYWNkNDlh
LzEveTBKTFFNSDRRSVQ0MUE4cm5jdmg0ZmtXcno0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuQmLMA0G
CSqGSIb3DQEBCwUAA4IBAQAniyA56cKzlvlLkAsMT5meB2xNHEGHlqm7gauTvSqQ
47QrUfoT49arrSKy1aGZ4maI9TFY0dk8HrC5NAXLqXgu6OJ19K6UEQUiiV2ROVbe
minlI2RBu7o0ebQk8F4qg7YmCZ17Gp5hPyDCjwieV78idLUOd5lSGVimkxY04nLs
aCWe4Qf6taMbu5NhZoAeWS7G/BW40P2jO/OrqbDpjeBGgrbhcpBuLPyC5vG66Cnw
K3r2kaiTe1Nbpo+JVCDfrHQI9nZqKrn63+3yngrIfu/fV5WdAhUSb9rjdDxpdd5N
tEQj4sWAY99jGX81PHDKBvP5hYpMws++XAa9TLpZvakc
-----END CERTIFICATE-----
Generated at Sun Apr 20 03:31:21 2025 by rpki-client