Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/0dd80b-c5b4-4e6c-ba2e-b137cfb37463/1/U8pwIecwqorSeXk_mzc57g3zCb0.roa
File: U8pwIecwqorSeXk_mzc57g3zCb0.roa (raw, json)
Hash identifier: rfxCPVTnIhL1ZrRMuFDH5zMC+/TouQ1Hqyesgw9ieAQ=
Subject key identifier: 53:CA:70:21:E7:30:AA:8A:D2:79:79:3F:9B:37:39:EE:0D:F3:09:BD
Certificate issuer: /CN=d9ad0d738c7af0359a0630365416440d01985ba2
Certificate serial: 018CC6B833AD255A13E000D032A514241FD3
Authority key identifier: D9:AD:0D:73:8C:7A:F0:35:9A:06:30:36:54:16:44:0D:01:98:5B:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2a0Nc4x68DWaBjA2VBZEDQGYW6I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/0dd80b-c5b4-4e6c-ba2e-b137cfb37463/1/U8pwIecwqorSeXk_mzc57g3zCb0.roa
Signing time: Mon 01 Jan 2024 20:30:09 +0000
ROA not before: Mon 01 Jan 2024 20:30:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202877
IP address blocks: 185.251.14.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 03:48:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b8:33:ad:25:5a:13:e0:00:d0:32:a5:14:24:1f:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d9ad0d738c7af0359a0630365416440d01985ba2
Validity
Not Before: Jan 1 20:30:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=53ca7021e730aa8ad279793f9b3739ee0df309bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:5a:62:1b:9f:15:3b:d5:53:a5:1a:59:a1:e0:
1e:f6:a9:cc:c5:f9:32:bd:3b:3a:55:f0:87:8a:68:
4d:80:e0:f4:98:13:cb:a3:bf:b9:2f:f2:32:dd:7d:
5a:2e:6e:af:2b:60:0b:89:32:22:ce:ee:70:51:f0:
07:3f:9e:06:96:21:17:b5:62:3c:f9:02:bd:cc:59:
cf:eb:19:e2:65:6f:bd:2a:3c:6b:4f:8f:93:34:80:
71:60:ed:b7:92:b7:93:48:00:0f:94:68:72:a9:de:
69:ad:2b:35:8d:dc:34:2b:48:17:e4:25:06:22:95:
6c:51:0e:bf:e2:c3:1c:64:53:6f:38:7d:e1:1f:13:
35:b8:df:70:06:32:38:47:b0:be:39:d5:65:e9:08:
cd:ce:32:28:39:6e:90:5e:63:eb:d7:96:bc:c7:cf:
e5:13:1a:88:1e:0c:8c:b2:50:18:07:76:17:8d:b1:
36:6a:26:9e:5b:a1:35:14:33:8f:ef:82:13:15:32:
d5:c4:70:87:b2:cc:44:21:98:de:ab:7d:cc:11:77:
8d:26:6b:fe:9b:e5:b8:64:ab:fc:d3:9c:4b:d3:ad:
52:cd:a6:96:06:b6:00:82:cc:0e:1c:65:64:ce:ee:
b0:29:be:d1:2c:d4:51:90:54:7c:da:52:9e:98:63:
37:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:CA:70:21:E7:30:AA:8A:D2:79:79:3F:9B:37:39:EE:0D:F3:09:BD
X509v3 Authority Key Identifier:
keyid:D9:AD:0D:73:8C:7A:F0:35:9A:06:30:36:54:16:44:0D:01:98:5B:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a0Nc4x68DWaBjA2VBZEDQGYW6I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/0dd80b-c5b4-4e6c-ba2e-b137cfb37463/1/U8pwIecwqorSeXk_mzc57g3zCb0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/0dd80b-c5b4-4e6c-ba2e-b137cfb37463/1/2a0Nc4x68DWaBjA2VBZEDQGYW6I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.251.14.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:35:14:a0:87:fe:e5:7d:e0:9d:a2:96:fb:30:ee:91:b4:3d:
3a:7e:0b:10:6d:92:fd:a8:09:68:d4:cc:a1:97:0f:d6:25:33:
96:db:b5:bd:a8:2f:16:72:06:62:27:a0:45:4f:c1:ec:88:a2:
6b:fd:9d:6d:a7:de:d0:03:2f:9c:3a:3c:e9:a4:48:db:9a:e0:
df:3a:b5:87:6e:00:5c:b1:6c:b3:65:1a:88:8c:75:51:30:2a:
c0:b5:04:a1:c9:de:a3:ea:76:55:94:01:d0:87:dd:bc:de:3f:
5f:00:a9:39:bd:73:24:7e:ff:02:61:cd:2c:1d:df:50:5f:91:
81:a1:a2:15:4c:43:de:dc:c0:30:be:27:e9:79:29:ac:b0:40:
e1:d0:17:94:c8:ec:bc:cc:14:d9:00:d5:f5:18:12:cc:79:44:
07:a7:73:0b:c0:66:bd:05:98:40:69:43:61:d9:63:0c:60:74:
ab:ca:71:4b:4e:bb:5e:18:16:ab:c6:58:f8:f0:9a:5e:af:b8:
f3:9e:63:2c:0f:65:5a:57:f6:ca:b1:7d:6c:c9:8f:6d:50:99:
0d:ae:a0:d7:32:62:3a:f3:fe:b2:ac:89:f3:f7:35:bd:66:e6:
65:fc:93:eb:ce:00:c8:57:fa:3a:8f:54:da:bd:4e:53:cc:45:
c7:76:8d:84
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGuDOtJVoT4ADQMqUUJB/TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5YWQwZDczOGM3YWYwMzU5YTA2MzAzNjU0MTY0NDBkMDE5
ODViYTIwHhcNMjQwMTAxMjAzMDA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1M2NhNzAyMWU3MzBhYThhZDI3OTc5M2Y5YjM3MzllZTBkZjMwOWJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmVpiG58VO9VTpRpZoeAe9qnMxfky
vTs6VfCHimhNgOD0mBPLo7+5L/Iy3X1aLm6vK2ALiTIizu5wUfAHP54GliEXtWI8
+QK9zFnP6xniZW+9KjxrT4+TNIBxYO23kreTSAAPlGhyqd5prSs1jdw0K0gX5CUG
IpVsUQ6/4sMcZFNvOH3hHxM1uN9wBjI4R7C+OdVl6QjNzjIoOW6QXmPr15a8x8/l
ExqIHgyMslAYB3YXjbE2aiaeW6E1FDOP74ITFTLVxHCHssxEIZjeq33MEXeNJmv+
m+W4ZKv805xL061SzaaWBrYAgswOHGVkzu6wKb7RLNRRkFR82lKemGM3DwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFPKcCHnMKqK0nl5P5s3Oe4N8wm9MB8GA1UdIwQY
MBaAFNmtDXOMevA1mgYwNlQWRA0BmFuiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmEwTmM0eDY4RFdhQmpBMlZCWkVEUUdZVzZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS8wZGQ4MGItYzViNC00ZTZjLWJhMmUt
YjEzN2NmYjM3NDYzLzEvVThwd0llY3dxb3JTZVhrX216YzU3ZzN6Q2IwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS8wZGQ4MGItYzViNC00ZTZjLWJhMmUtYjEzN2NmYjM3NDYz
LzEvMmEwTmM0eDY4RFdhQmpBMlZCWkVEUUdZVzZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAufsOMA0G
CSqGSIb3DQEBCwUAA4IBAQBNNRSgh/7lfeCdopb7MO6RtD06fgsQbZL9qAlo1Myh
lw/WJTOW27W9qC8WcgZiJ6BFT8HsiKJr/Z1tp97QAy+cOjzppEjbmuDfOrWHbgBc
sWyzZRqIjHVRMCrAtQShyd6j6nZVlAHQh9283j9fAKk5vXMkfv8CYc0sHd9QX5GB
oaIVTEPe3MAwvifpeSmssEDh0BeUyOy8zBTZANX1GBLMeUQHp3MLwGa9BZhAaUNh
2WMMYHSrynFLTrteGBarxlj48Jper7jznmMsD2VaV/bKsX1syY9tUJkNrqDXMmI6
8/6yrInz9zW9ZuZl/JPrzgDIV/o6j1TavU5TzEXHdo2E
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:32:16 2025 by rpki-client