Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/222399-ecf0-4360-ad34-2bf874a671e8/1/ncyldnuUad6lbICDevoY8KZ-x3w.roa
File: ncyldnuUad6lbICDevoY8KZ-x3w.roa (raw, json)
Hash identifier: OSa+DbEF8WheSbxxiKmk0v1Qp3sUjMtkkFYhRfXtubU=
Subject key identifier: 9D:CC:A5:76:7B:94:69:DE:A5:6C:80:83:7A:FA:18:F0:A6:7E:C7:7C
Certificate issuer: /CN=409bd71ccea37ed9a798d5a069b2169cf4d4e592
Certificate serial: 019426D98FDCFB2581E53A661630A620E625
Authority key identifier: 40:9B:D7:1C:CE:A3:7E:D9:A7:98:D5:A0:69:B2:16:9C:F4:D4:E5:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QJvXHM6jftmnmNWgabIWnPTU5ZI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/222399-ecf0-4360-ad34-2bf874a671e8/1/ncyldnuUad6lbICDevoY8KZ-x3w.roa
Signing time: Thu 02 Jan 2025 11:49:39 +0000
ROA not before: Thu 02 Jan 2025 11:49:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211993
IP address blocks: 185.233.34.0/24 maxlen: 24
2a10:de80::/32 maxlen: 32
2a10:de80::/48 maxlen: 48
2a10:de80:1::/48 maxlen: 48
2a10:de80:b000::/36 maxlen: 48
Validation: Failed, certificate revoked on Tue 04 Mar 2025 10:48:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:8f:dc:fb:25:81:e5:3a:66:16:30:a6:20:e6:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=409bd71ccea37ed9a798d5a069b2169cf4d4e592
Validity
Not Before: Jan 2 11:49:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9dcca5767b9469dea56c80837afa18f0a67ec77c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:5e:43:3d:b5:68:f6:7f:b4:61:41:da:29:fd:
48:a9:b4:ea:9c:52:b1:6f:36:60:bd:58:9e:65:2b:
37:9f:ec:66:cc:d8:f3:b8:63:0b:77:1b:b7:65:66:
ea:9e:c9:7d:fb:22:01:b6:32:a1:9a:f4:92:c0:83:
d7:1c:cd:5c:4d:be:d6:a7:42:87:c5:0d:1b:43:f2:
42:50:03:9e:69:3f:02:85:8e:d3:13:23:83:2b:a9:
3a:d5:c1:a6:9b:6b:41:82:52:c9:d4:f4:1c:8d:09:
99:40:83:30:ac:00:e2:8e:e9:23:ee:9f:e0:b4:63:
a0:a0:af:21:b6:58:cb:85:7d:d6:f9:1c:c3:7e:78:
7c:c5:4b:ca:f2:b6:b8:af:df:27:3d:7f:99:44:8f:
d2:a3:36:4c:a7:be:e1:19:e6:cc:89:46:53:49:41:
2a:f8:0e:6a:6c:b4:cd:f2:3c:0b:a0:8c:e7:ea:41:
36:0c:32:c5:86:25:a2:80:06:f8:55:c7:27:02:6c:
30:e8:c2:00:24:4b:9d:c5:af:b2:6e:c0:a3:0a:be:
76:97:a0:77:7e:4e:3e:f3:f8:f0:ea:06:31:0f:fc:
e4:6c:f5:03:b0:1a:c7:b3:60:9e:e8:74:5f:d1:88:
74:46:37:6c:3b:b6:b6:e1:ea:64:04:33:63:69:7e:
03:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:CC:A5:76:7B:94:69:DE:A5:6C:80:83:7A:FA:18:F0:A6:7E:C7:7C
X509v3 Authority Key Identifier:
keyid:40:9B:D7:1C:CE:A3:7E:D9:A7:98:D5:A0:69:B2:16:9C:F4:D4:E5:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QJvXHM6jftmnmNWgabIWnPTU5ZI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/222399-ecf0-4360-ad34-2bf874a671e8/1/ncyldnuUad6lbICDevoY8KZ-x3w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/222399-ecf0-4360-ad34-2bf874a671e8/1/QJvXHM6jftmnmNWgabIWnPTU5ZI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.233.34.0/24
IPv6:
2a10:de80::/32
Signature Algorithm: sha256WithRSAEncryption
a3:67:5b:21:e6:98:fd:7e:0e:de:69:49:29:d7:72:9f:12:4b:
be:d6:d8:e5:67:2a:53:2e:57:7c:eb:58:90:59:13:0b:84:c7:
45:b6:3c:01:a7:75:4c:1d:4f:86:0f:fc:3b:93:13:32:c8:4a:
6b:b5:0b:38:f2:3d:4e:56:52:64:17:cc:c3:18:91:20:be:53:
9b:79:4e:26:8e:32:cf:ea:26:6c:7d:e5:7b:02:d9:95:77:06:
da:5c:d9:c9:b3:3c:6f:9b:45:7f:98:1c:32:75:dd:83:39:50:
37:c4:9f:49:9c:72:d1:93:f1:de:6a:dd:b2:18:c2:29:6a:d4:
52:8f:56:a7:e7:21:4a:bd:32:51:28:8e:c9:0d:61:17:5a:10:
cb:7c:30:36:89:ce:a9:39:8f:83:64:19:7d:0e:61:c5:e3:69:
ea:39:2e:bc:23:57:20:59:8f:35:85:d8:e0:e9:6a:d7:50:4b:
e9:ac:51:e7:e4:61:f4:ef:fe:c5:6b:b5:e7:ab:bc:04:66:77:
79:3c:8f:a1:a4:e1:10:eb:d4:7e:5c:4e:9c:01:de:cd:b6:93:
49:65:b9:6d:21:7c:fb:f9:d9:64:76:14:95:8d:3d:4e:14:e4:
23:dc:d9:85:40:77:b8:67:7e:26:95:d4:40:1a:ee:4f:87:13:
bc:15:d8:b0
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQm2Y/c+yWB5TpmFjCmIOYlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwOWJkNzFjY2VhMzdlZDlhNzk4ZDVhMDY5YjIxNjljZjRk
NGU1OTIwHhcNMjUwMTAyMTE0OTM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZGNjYTU3NjdiOTQ2OWRlYTU2YzgwODM3YWZhMThmMGE2N2VjNzdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyl5DPbVo9n+0YUHaKf1IqbTqnFKx
bzZgvVieZSs3n+xmzNjzuGMLdxu3ZWbqnsl9+yIBtjKhmvSSwIPXHM1cTb7Wp0KH
xQ0bQ/JCUAOeaT8ChY7TEyODK6k61cGmm2tBglLJ1PQcjQmZQIMwrADijukj7p/g
tGOgoK8htljLhX3W+RzDfnh8xUvK8ra4r98nPX+ZRI/SozZMp77hGebMiUZTSUEq
+A5qbLTN8jwLoIzn6kE2DDLFhiWigAb4VccnAmww6MIAJEudxa+ybsCjCr52l6B3
fk4+8/jw6gYxD/zkbPUDsBrHs2Ce6HRf0Yh0RjdsO7a24epkBDNjaX4D7wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJ3MpXZ7lGnepWyAg3r6GPCmfsd8MB8GA1UdIwQY
MBaAFECb1xzOo37Zp5jVoGmyFpz01OWSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUp2WEhNNmpmdG1ubU5XZ2FiSVduUFRVNVpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yMjIzOTktZWNmMC00MzYwLWFkMzQt
MmJmODc0YTY3MWU4LzEvbmN5bGRudVVhZDZsYklDRGV2b1k4S1oteDN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yMjIzOTktZWNmMC00MzYwLWFkMzQtMmJmODc0YTY3MWU4
LzEvUUp2WEhNNmpmdG1ubU5XZ2FiSVduUFRVNVpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuekiMA0E
AgACMAcDBQAqEN6AMA0GCSqGSIb3DQEBCwUAA4IBAQCjZ1sh5pj9fg7eaUkp13Kf
Eku+1tjlZypTLld861iQWRMLhMdFtjwBp3VMHU+GD/w7kxMyyEprtQs48j1OVlJk
F8zDGJEgvlObeU4mjjLP6iZsfeV7AtmVdwbaXNnJszxvm0V/mBwydd2DOVA3xJ9J
nHLRk/Heat2yGMIpatRSj1an5yFKvTJRKI7JDWEXWhDLfDA2ic6pOY+DZBl9DmHF
42nqOS68I1cgWY81hdjg6WrXUEvprFHn5GH07/7Fa7Xnq7wEZnd5PI+hpOEQ69R+
XE6cAd7NtpNJZbltIXz7+dlkdhSVjT1OFOQj3NmFQHe4Z34mldRAGu5PhxO8Fdiw
-----END CERTIFICATE-----
Generated at Sun Apr 20 18:15:16 2025 by rpki-client