Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/eacce5-e4dd-4d9f-8ec1-47120b9069b7/1/POtqDp-uNr2xhVOvytwoisQsuC0.roa
File: POtqDp-uNr2xhVOvytwoisQsuC0.roa (raw, json)
Hash identifier: sqoPPrxe2RJxQ7fSAL55+fer/bU3keZN/k8nanE/tyE=
Subject key identifier: 3C:EB:6A:0E:9F:AE:36:BD:B1:85:53:AF:CA:DC:28:8A:C4:2C:B8:2D
Certificate issuer: /CN=411dea53467b6c7143eb23d284569a8183b2e82f
Certificate serial: 018CCA2A06C4D8DCBD6A49EFD75F7C350555
Authority key identifier: 41:1D:EA:53:46:7B:6C:71:43:EB:23:D2:84:56:9A:81:83:B2:E8:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QR3qU0Z7bHFD6yPShFaagYOy6C8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/eacce5-e4dd-4d9f-8ec1-47120b9069b7/1/POtqDp-uNr2xhVOvytwoisQsuC0.roa
Signing time: Tue 02 Jan 2024 12:33:21 +0000
ROA not before: Tue 02 Jan 2024 12:33:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35638
IP address blocks: 84.239.21.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 11:48:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:06:c4:d8:dc:bd:6a:49:ef:d7:5f:7c:35:05:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=411dea53467b6c7143eb23d284569a8183b2e82f
Validity
Not Before: Jan 2 12:33:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3ceb6a0e9fae36bdb18553afcadc288ac42cb82d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:d8:cb:60:85:b3:0e:6e:d9:ea:16:9c:60:88:
46:32:8c:ed:f1:12:b3:46:bc:90:98:f3:53:be:30:
28:0f:6b:8f:07:d5:81:e4:aa:4d:fb:97:bf:1f:79:
ba:f5:70:12:7b:34:db:be:ae:9c:42:21:a4:c2:c6:
72:19:61:33:01:7a:ac:16:79:3c:fe:f0:a6:a7:47:
1d:96:0d:70:c4:2e:a2:e6:9f:f9:8d:32:23:34:2c:
c4:7d:27:03:73:b1:f6:00:6b:4d:c0:a3:42:1c:44:
bc:c7:0b:7e:c6:a0:41:ba:c4:3f:3b:80:88:88:e3:
d4:e5:24:66:4c:db:f8:85:69:8d:1b:e5:00:52:fd:
ce:2b:57:d7:ca:5f:ed:42:09:d2:13:a7:c2:c6:93:
cd:09:20:89:4b:9a:89:5a:4a:0d:93:38:15:ef:7a:
94:8c:c3:9e:08:51:1c:76:40:80:c3:46:e0:77:cb:
7c:12:73:38:d3:cc:a7:a9:92:8e:31:f6:a5:91:ac:
a7:8c:c8:af:4e:a7:0f:b2:c9:ed:af:62:7f:81:28:
a5:51:f8:f2:74:ed:b9:c1:91:cc:a7:bf:29:73:82:
e1:fa:88:ef:bf:9a:c5:e4:56:69:a5:b6:17:cc:82:
fc:d6:e7:4b:b5:a0:dd:2e:00:d7:22:c1:47:b6:29:
8c:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:EB:6A:0E:9F:AE:36:BD:B1:85:53:AF:CA:DC:28:8A:C4:2C:B8:2D
X509v3 Authority Key Identifier:
keyid:41:1D:EA:53:46:7B:6C:71:43:EB:23:D2:84:56:9A:81:83:B2:E8:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QR3qU0Z7bHFD6yPShFaagYOy6C8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/eacce5-e4dd-4d9f-8ec1-47120b9069b7/1/POtqDp-uNr2xhVOvytwoisQsuC0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/eacce5-e4dd-4d9f-8ec1-47120b9069b7/1/QR3qU0Z7bHFD6yPShFaagYOy6C8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.239.21.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:1d:dc:95:c4:f4:c5:0d:d1:ba:79:ac:bb:94:b7:b4:01:44:
5b:79:72:86:03:85:65:cd:c5:5e:15:20:19:ef:b9:28:7f:f5:
71:8f:de:10:9e:88:a2:15:30:12:f6:f2:f2:9d:f3:85:2d:84:
d6:ff:03:69:f7:6a:70:21:6c:72:57:d6:00:a4:8c:66:ec:fa:
63:5c:66:27:d9:29:f6:83:90:6e:13:0d:18:bf:76:22:79:8f:
b7:75:63:f0:3e:72:dd:45:11:6e:18:5f:5d:e1:b5:0f:fc:cd:
b6:60:37:bc:b5:4a:f6:a2:22:fe:73:34:13:9b:fe:d8:85:d2:
c6:56:74:31:43:4c:de:65:89:f8:f5:19:b5:b1:c1:b2:8a:b5:
f4:af:19:13:84:3e:42:a5:c3:40:64:15:54:17:01:a9:0f:b2:
2a:0f:90:04:cd:22:92:7b:37:3f:25:58:cb:3c:06:89:18:7f:
02:24:fd:8d:38:1d:96:1c:6b:83:99:70:82:31:88:d9:7d:86:
db:a3:d6:47:01:03:8c:af:22:56:45:0c:ed:a2:a4:6e:41:ff:
86:2e:f2:a6:c9:08:ce:6c:a3:28:77:a1:09:a6:f1:32:fd:24:
d4:02:34:a2:50:8b:8d:91:63:49:7f:6f:1c:9d:ea:6f:7e:32:
c6:e0:95:f4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKKgbE2Ny9aknv1198NQVVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxMWRlYTUzNDY3YjZjNzE0M2ViMjNkMjg0NTY5YTgxODNi
MmU4MmYwHhcNMjQwMTAyMTIzMzIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzY2ViNmEwZTlmYWUzNmJkYjE4NTUzYWZjYWRjMjg4YWM0MmNiODJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqNjLYIWzDm7Z6hacYIhGMozt8RKz
RryQmPNTvjAoD2uPB9WB5KpN+5e/H3m69XASezTbvq6cQiGkwsZyGWEzAXqsFnk8
/vCmp0cdlg1wxC6i5p/5jTIjNCzEfScDc7H2AGtNwKNCHES8xwt+xqBBusQ/O4CI
iOPU5SRmTNv4hWmNG+UAUv3OK1fXyl/tQgnSE6fCxpPNCSCJS5qJWkoNkzgV73qU
jMOeCFEcdkCAw0bgd8t8EnM408ynqZKOMfalkaynjMivTqcPssntr2J/gSilUfjy
dO25wZHMp78pc4Lh+ojvv5rF5FZppbYXzIL81udLtaDdLgDXIsFHtimMOQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDzrag6frja9sYVTr8rcKIrELLgtMB8GA1UdIwQY
MBaAFEEd6lNGe2xxQ+sj0oRWmoGDsugvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVIzcVUwWjdiSEZENnlQU2hGYWFnWU95NkM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS9lYWNjZTUtZTRkZC00ZDlmLThlYzEt
NDcxMjBiOTA2OWI3LzEvUE90cURwLXVOcjJ4aFZPdnl0d29pc1FzdUMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS9lYWNjZTUtZTRkZC00ZDlmLThlYzEtNDcxMjBiOTA2OWI3
LzEvUVIzcVUwWjdiSEZENnlQU2hGYWFnWU95NkM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVO8VMA0G
CSqGSIb3DQEBCwUAA4IBAQCMHdyVxPTFDdG6eay7lLe0AURbeXKGA4VlzcVeFSAZ
77kof/Vxj94QnoiiFTAS9vLynfOFLYTW/wNp92pwIWxyV9YApIxm7PpjXGYn2Sn2
g5BuEw0Yv3YieY+3dWPwPnLdRRFuGF9d4bUP/M22YDe8tUr2oiL+czQTm/7YhdLG
VnQxQ0zeZYn49Rm1scGyirX0rxkThD5CpcNAZBVUFwGpD7IqD5AEzSKSezc/JVjL
PAaJGH8CJP2NOB2WHGuDmXCCMYjZfYbbo9ZHAQOMryJWRQztoqRuQf+GLvKmyQjO
bKMod6EJpvEy/STUAjSiUIuNkWNJf28cnepvfjLG4JX0
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:20:06 2025 by rpki-client