Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/nwKI-6QYq0Xdx7Q3akXYcljcRH0.roa
File: nwKI-6QYq0Xdx7Q3akXYcljcRH0.roa (raw, json)
Hash identifier: miy+FyfrkG11MIfhOudevpwJGjmtSvTSD0F1bSExKBA=
Subject key identifier: 9F:02:88:FB:A4:18:AB:45:DD:C7:B4:37:6A:45:D8:72:58:DC:44:7D
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 01938D8C1D9432EE39D835B91CCE34A39BAE
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/nwKI-6QYq0Xdx7Q3akXYcljcRH0.roa
Signing time: Tue 03 Dec 2024 17:23:10 +0000
ROA not before: Tue 03 Dec 2024 17:23:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62240
IP address blocks: 185.199.157.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 13:48:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:8d:8c:1d:94:32:ee:39:d8:35:b9:1c:ce:34:a3:9b:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Dec 3 17:23:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9f0288fba418ab45ddc7b4376a45d87258dc447d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:a3:75:6b:88:fa:ef:17:0e:87:e0:0a:d6:47:
ef:b6:d9:4d:09:93:f7:38:50:7d:39:e8:62:6d:87:
a6:b5:74:47:06:5b:c8:15:f8:8a:3b:a3:a1:93:99:
68:9e:23:8f:2d:2e:87:39:e1:9a:23:01:5c:57:03:
96:97:71:fd:df:9d:7b:80:02:70:9b:5d:b5:89:68:
47:1d:8c:71:2a:cb:49:27:67:19:50:0f:87:fc:58:
23:46:79:b0:4f:87:13:0a:e5:a9:71:c4:e0:c3:6e:
cc:ef:94:68:97:0d:c2:07:53:69:19:2f:a3:9d:1c:
dc:28:b7:ea:ca:7f:58:8e:14:c0:6d:d8:64:56:a0:
16:da:87:fa:e3:1a:84:34:5a:bf:ac:d5:80:04:79:
ff:18:76:45:da:56:b6:1e:fc:c3:5d:41:26:bc:d1:
8b:d6:70:4e:7a:c5:c1:b7:83:f0:af:f2:80:1a:f9:
83:8a:9a:69:21:ab:c5:16:8a:a5:d5:1e:4a:8e:d5:
f8:11:e2:bd:ac:99:a7:b3:2d:9e:45:fe:0c:19:77:
54:99:e0:bf:35:bd:de:1a:7a:0f:64:f7:f7:b4:0b:
d1:b7:82:61:70:fe:aa:32:15:9a:8d:49:32:3a:78:
a9:9c:83:9f:b4:3a:92:d4:96:93:da:9a:8d:55:14:
4f:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:02:88:FB:A4:18:AB:45:DD:C7:B4:37:6A:45:D8:72:58:DC:44:7D
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/nwKI-6QYq0Xdx7Q3akXYcljcRH0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.199.157.0/24
Signature Algorithm: sha256WithRSAEncryption
c2:aa:6b:aa:4f:ec:f3:1e:15:c7:df:c7:b5:0f:eb:89:25:b6:
d0:c2:76:be:88:c0:65:e3:8e:cb:62:8b:47:14:cb:05:8b:fd:
3b:33:b5:e3:7e:f4:58:71:d7:b7:d5:3e:75:e3:ed:d7:1b:59:
f6:77:27:90:25:48:29:5f:fa:31:65:d5:a1:55:2d:66:a7:92:
00:dc:8b:63:39:26:fc:7b:42:f5:18:6f:e4:b8:b8:93:e9:da:
12:8c:8c:fe:7a:60:de:d5:70:b3:40:ea:d8:bd:b7:42:fa:fd:
74:73:7c:42:c1:33:76:3a:ee:5e:17:cb:f0:4a:70:31:42:33:
b2:e8:fa:95:e3:e8:f5:c3:7e:d8:b4:d4:84:0d:a0:90:a4:ec:
fb:39:2e:01:7e:1e:95:dc:60:ef:b0:ab:0d:bc:e7:89:26:83:
7b:24:12:ec:1e:d0:ad:a0:cb:85:45:61:58:36:6f:85:b8:36:
65:d9:c6:29:85:76:ee:28:94:83:80:a1:6b:a5:ad:ce:37:30:
6f:eb:20:38:5a:cb:fe:95:13:bd:12:b5:56:6f:5e:16:69:9a:
94:42:0c:3e:98:ea:5b:03:7d:a8:27:da:1e:d6:a9:85:a0:0f:
41:2c:55:d4:e3:4a:95:86:de:6c:c2:5a:8d:3e:3d:bb:8f:04:
1a:ed:80:a2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZONjB2UMu452DW5HM40o5uuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjQxMjAzMTcyMzEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjAyODhmYmE0MThhYjQ1ZGRjN2I0Mzc2YTQ1ZDg3MjU4ZGM0NDdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn6N1a4j67xcOh+AK1kfvttlNCZP3
OFB9OehibYemtXRHBlvIFfiKO6Ohk5loniOPLS6HOeGaIwFcVwOWl3H93517gAJw
m121iWhHHYxxKstJJ2cZUA+H/FgjRnmwT4cTCuWpccTgw27M75Rolw3CB1NpGS+j
nRzcKLfqyn9YjhTAbdhkVqAW2of64xqENFq/rNWABHn/GHZF2la2HvzDXUEmvNGL
1nBOesXBt4Pwr/KAGvmDipppIavFFoql1R5KjtX4EeK9rJmnsy2eRf4MGXdUmeC/
Nb3eGnoPZPf3tAvRt4JhcP6qMhWajUkyOnipnIOftDqS1JaT2pqNVRRP+QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ8CiPukGKtF3ce0N2pF2HJY3ER9MB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvbndLSS02UVlxMFhkeDdRM2FrWFljbGpjUkgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAucedMA0G
CSqGSIb3DQEBCwUAA4IBAQDCqmuqT+zzHhXH38e1D+uJJbbQwna+iMBl447LYotH
FMsFi/07M7XjfvRYcde31T514+3XG1n2dyeQJUgpX/oxZdWhVS1mp5IA3ItjOSb8
e0L1GG/kuLiT6doSjIz+emDe1XCzQOrYvbdC+v10c3xCwTN2Ou5eF8vwSnAxQjOy
6PqV4+j1w37YtNSEDaCQpOz7OS4Bfh6V3GDvsKsNvOeJJoN7JBLsHtCtoMuFRWFY
Nm+FuDZl2cYphXbuKJSDgKFrpa3ONzBv6yA4Wsv+lRO9ErVWb14WaZqUQgw+mOpb
A32oJ9oe1qmFoA9BLFXU40qVht5swlqNPj27jwQa7YCi
-----END CERTIFICATE-----
Generated at Fri Apr 18 23:34:41 2025 by rpki-client