Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/eacce5-e4dd-4d9f-8ec1-47120b9069b7/1/_N_ba06kVzNAYmsXKxk5dAgiRhU.roa
File: _N_ba06kVzNAYmsXKxk5dAgiRhU.roa (raw, json)
Hash identifier: XP/8WswF76BuuQaV4bhKx7Bgvsiu2G07tECM+QTY2Ro=
Subject key identifier: FC:DF:DB:6B:4E:A4:57:33:40:62:6B:17:2B:19:39:74:08:22:46:15
Certificate issuer: /CN=411dea53467b6c7143eb23d284569a8183b2e82f
Certificate serial: 019421B1DE47176C69AB6245DC79C4DCBC45
Authority key identifier: 41:1D:EA:53:46:7B:6C:71:43:EB:23:D2:84:56:9A:81:83:B2:E8:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QR3qU0Z7bHFD6yPShFaagYOy6C8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/eacce5-e4dd-4d9f-8ec1-47120b9069b7/1/_N_ba06kVzNAYmsXKxk5dAgiRhU.roa
Signing time: Wed 01 Jan 2025 11:48:12 +0000
ROA not before: Wed 01 Jan 2025 11:48:12 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 174
IP address blocks: 84.239.18.0/24 maxlen: 24
84.239.29.0/24 maxlen: 24
84.239.30.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 31 Jan 2025 22:24:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:de:47:17:6c:69:ab:62:45:dc:79:c4:dc:bc:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=411dea53467b6c7143eb23d284569a8183b2e82f
Validity
Not Before: Jan 1 11:48:12 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fcdfdb6b4ea4573340626b172b19397408224615
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:7e:e4:1f:e9:91:25:ac:9b:e0:c9:73:e1:83:
34:d0:08:12:00:7c:87:87:e1:b7:3d:ac:29:58:88:
ab:d7:9b:54:a0:bd:4f:d3:13:8f:4e:50:1b:f4:d7:
4a:88:4d:57:81:ec:d2:72:fb:16:26:73:8d:57:65:
a2:4b:6a:e5:00:87:ce:41:aa:96:42:73:ce:0c:4c:
ab:42:73:90:bd:dc:6d:25:be:12:2c:5b:dc:2f:41:
fe:60:af:96:42:4c:a8:17:aa:d6:76:84:61:96:1f:
d6:29:37:51:c2:a1:bd:66:db:e5:78:df:98:55:b8:
f0:cf:1c:71:19:bb:f0:d2:42:dd:e5:b3:09:1e:b6:
42:09:f5:22:bc:4e:6c:f4:a9:d2:91:4c:1f:f8:f0:
13:b3:89:94:12:e0:68:49:ba:67:f2:86:4c:71:80:
a4:81:e7:62:c1:8b:79:43:ca:c2:42:ce:bf:dd:f6:
da:15:df:40:b7:75:8c:92:61:a6:91:8e:dc:f5:53:
1f:4a:56:d8:08:a7:67:b7:d0:a9:df:e8:63:9b:5e:
a1:04:e7:39:21:ab:6c:3e:d8:34:8a:c1:7d:68:76:
df:99:db:8b:73:b3:22:11:63:41:c3:96:e6:d4:ed:
42:72:25:b8:d9:6e:ce:69:9f:eb:75:63:c3:61:50:
e3:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:DF:DB:6B:4E:A4:57:33:40:62:6B:17:2B:19:39:74:08:22:46:15
X509v3 Authority Key Identifier:
keyid:41:1D:EA:53:46:7B:6C:71:43:EB:23:D2:84:56:9A:81:83:B2:E8:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QR3qU0Z7bHFD6yPShFaagYOy6C8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/eacce5-e4dd-4d9f-8ec1-47120b9069b7/1/_N_ba06kVzNAYmsXKxk5dAgiRhU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/eacce5-e4dd-4d9f-8ec1-47120b9069b7/1/QR3qU0Z7bHFD6yPShFaagYOy6C8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.239.18.0/24
84.239.29.0-84.239.30.255
Signature Algorithm: sha256WithRSAEncryption
55:31:46:a3:4f:bd:42:05:ca:88:33:50:90:a2:47:a8:29:3c:
99:c3:de:9d:ef:1d:ed:f2:19:45:14:e5:1c:bf:1b:c4:6c:8d:
9c:03:7a:10:31:cf:5e:1c:e7:5b:3a:ca:c9:65:7f:e2:29:8a:
33:5d:c6:2e:8a:2d:f7:c9:42:f4:1c:08:38:9d:35:a6:40:b8:
02:a1:9c:86:68:01:4b:2b:74:db:7d:30:49:19:a9:09:4e:d2:
2f:c9:e9:19:10:4a:2c:06:1e:82:9c:ad:63:25:cf:21:7e:c8:
4f:47:d6:e3:af:b2:3d:0f:97:d1:40:4b:f2:1f:90:6a:36:76:
c0:cf:2d:d1:2c:32:3d:5c:17:92:9b:76:c4:f4:74:89:1d:4f:
a2:69:56:7a:78:70:e3:59:49:48:2b:f6:fc:40:0a:63:69:b7:
1a:8e:02:2e:c2:8d:48:47:9e:62:b1:aa:bc:6c:59:89:c0:04:
41:5d:62:b0:5b:e4:25:0c:7d:61:d6:36:ea:1f:22:69:b6:58:
dc:ff:57:a6:fb:d0:89:da:3a:2d:81:ed:62:9b:46:51:73:70:
b0:e3:61:32:3f:4c:c0:83:35:ff:bf:a3:0b:13:cc:d6:f5:8d:
5b:0d:97:96:8c:ee:a2:4a:b0:28:42:4c:f6:f0:af:a2:f9:3b:
83:e8:9a:37
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZQhsd5HF2xpq2JF3HnE3LxFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxMWRlYTUzNDY3YjZjNzE0M2ViMjNkMjg0NTY5YTgxODNi
MmU4MmYwHhcNMjUwMTAxMTE0ODEyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmY2RmZGI2YjRlYTQ1NzMzNDA2MjZiMTcyYjE5Mzk3NDA4MjI0NjE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA137kH+mRJayb4Mlz4YM00AgSAHyH
h+G3PawpWIir15tUoL1P0xOPTlAb9NdKiE1XgezScvsWJnONV2WiS2rlAIfOQaqW
QnPODEyrQnOQvdxtJb4SLFvcL0H+YK+WQkyoF6rWdoRhlh/WKTdRwqG9ZtvleN+Y
VbjwzxxxGbvw0kLd5bMJHrZCCfUivE5s9KnSkUwf+PATs4mUEuBoSbpn8oZMcYCk
gediwYt5Q8rCQs6/3fbaFd9At3WMkmGmkY7c9VMfSlbYCKdnt9Cp3+hjm16hBOc5
IatsPtg0isF9aHbfmduLc7MiEWNBw5bm1O1CciW42W7OaZ/rdWPDYVDjdQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFPzf22tOpFczQGJrFysZOXQIIkYVMB8GA1UdIwQY
MBaAFEEd6lNGe2xxQ+sj0oRWmoGDsugvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVIzcVUwWjdiSEZENnlQU2hGYWFnWU95NkM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS9lYWNjZTUtZTRkZC00ZDlmLThlYzEt
NDcxMjBiOTA2OWI3LzEvX05fYmEwNmtWek5BWW1zWEt4azVkQWdpUmhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS9lYWNjZTUtZTRkZC00ZDlmLThlYzEtNDcxMjBiOTA2OWI3
LzEvUVIzcVUwWjdiSEZENnlQU2hGYWFnWU95NkM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQAVO8SMAwD
BABU7x0DBABU7x4wDQYJKoZIhvcNAQELBQADggEBAFUxRqNPvUIFyogzUJCiR6gp
PJnD3p3vHe3yGUUU5Ry/G8RsjZwDehAxz14c51s6ysllf+IpijNdxi6KLffJQvQc
CDidNaZAuAKhnIZoAUsrdNt9MEkZqQlO0i/J6RkQSiwGHoKcrWMlzyF+yE9H1uOv
sj0Pl9FAS/IfkGo2dsDPLdEsMj1cF5KbdsT0dIkdT6JpVnp4cONZSUgr9vxACmNp
txqOAi7CjUhHnmKxqrxsWYnABEFdYrBb5CUMfWHWNuofImm2WNz/V6b70InaOi2B
7WKbRlFzcLDjYTI/TMCDNf+/owsTzNb1jVsNl5aM7qJKsChCTPbwr6L5O4Pomjc=
-----END CERTIFICATE-----
Generated at Wed Feb 5 10:43:13 2025 by rpki-client