Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/nDRSD4Kkm4xT9dBWUnKMt_d_ds4.roa
File: nDRSD4Kkm4xT9dBWUnKMt_d_ds4.roa (raw, json)
Hash identifier: 17aOUwUznza4QRq0B1GslAF4ZGUrz565o8yPkZRWIac=
Subject key identifier: 9C:34:52:0F:82:A4:9B:8C:53:F5:D0:56:52:72:8C:B7:F7:7F:76:CE
Certificate issuer: /CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Certificate serial: 019053F61533C284A6A4442773BE7DD72044
Authority key identifier: 7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/nDRSD4Kkm4xT9dBWUnKMt_d_ds4.roa
Signing time: Wed 26 Jun 2024 09:52:34 +0000
ROA not before: Wed 26 Jun 2024 09:52:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57043
IP address blocks: 185.81.217.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 09 Oct 2024 12:15:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:53:f6:15:33:c2:84:a6:a4:44:27:73:be:7d:d7:20:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Validity
Not Before: Jun 26 09:52:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9c34520f82a49b8c53f5d05652728cb7f77f76ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:71:9b:41:e8:3a:de:66:a3:fc:24:7f:52:39:
37:97:d4:80:de:db:e8:84:1a:51:91:dd:48:2f:ba:
09:25:48:21:2b:bb:f3:f4:fc:ef:f6:fb:65:d6:86:
1f:81:35:b0:85:9a:b9:76:79:1c:5f:36:77:cf:86:
a8:c8:54:10:31:0a:fb:18:e2:26:1d:47:cd:04:2a:
6e:f5:7d:f7:01:8b:34:cb:0d:bc:9f:dc:14:6b:26:
01:31:ee:0c:b1:00:8d:8a:7c:de:3e:e1:f8:18:4e:
51:db:8e:0f:9e:a8:3f:8d:e2:2b:66:9e:e0:00:88:
2b:46:1d:8d:7b:d1:e4:c3:ff:43:35:fc:28:3a:aa:
95:bd:9e:06:9f:9e:68:e7:70:da:ac:05:77:0b:2f:
71:df:6b:c6:d9:3e:02:57:7d:68:ce:ad:41:07:2a:
20:4f:02:6b:bb:ae:60:7d:cd:bb:b1:d3:8a:6d:a2:
35:13:0f:55:51:a8:a8:8a:11:18:7b:d8:f5:90:2d:
2c:19:4c:8d:c3:2d:f6:3d:46:92:d7:3e:fe:93:00:
10:bb:15:01:3d:57:fb:c2:b5:a4:82:cf:3f:35:95:
a8:97:61:a6:c6:29:0e:a3:4b:65:25:86:b3:4c:69:
88:b2:29:71:c7:a5:3f:9b:b5:ab:86:62:91:d0:0c:
a7:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:34:52:0F:82:A4:9B:8C:53:F5:D0:56:52:72:8C:B7:F7:7F:76:CE
X509v3 Authority Key Identifier:
keyid:7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/nDRSD4Kkm4xT9dBWUnKMt_d_ds4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/fQakK7JEblHxkuo3W99-7FpRx38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.81.217.0/24
Signature Algorithm: sha256WithRSAEncryption
bc:48:4f:50:d7:55:46:d2:1d:b6:f1:9b:c0:d9:04:e6:e9:9f:
ee:b0:5d:56:0b:4e:e7:70:7a:41:73:72:fe:53:d0:18:fa:09:
4d:ed:60:7e:f2:c9:fc:a5:41:8d:64:07:d5:7a:ac:ac:fa:8f:
a8:b8:30:2f:4b:c9:0a:39:af:af:dc:d4:3a:8c:3c:79:3b:51:
d9:d1:3b:d5:96:29:a6:a1:61:da:cc:f7:3e:f5:f6:7d:53:aa:
23:3a:a1:5b:13:b2:04:3c:d3:b5:28:6c:f8:03:df:b7:b3:de:
05:51:29:51:03:0d:50:0f:c2:20:55:fc:ce:9d:7f:8b:e4:13:
22:68:39:1e:4a:53:6c:2e:d1:5b:7e:cd:b7:b0:83:e5:17:bb:
4a:9f:aa:83:c0:bf:6d:a4:25:1e:25:6c:ce:28:a1:22:27:41:
12:f1:86:03:4a:b3:2b:8a:2c:a8:c0:9b:c2:f8:90:cc:99:e1:
15:86:9d:94:65:b7:0a:45:40:77:2f:4f:d2:c2:a0:3a:0e:18:
71:07:b6:53:1c:f4:a5:36:4b:54:f2:6c:a5:60:a8:ec:f2:42:
ef:0d:9e:b5:12:6a:2a:d6:fe:87:cf:d8:af:ea:03:bf:7b:30:
c8:d7:42:75:58:37:9b:08:72:14:f3:7a:fc:0d:8b:1d:0c:91:
54:2b:a4:0a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZBT9hUzwoSmpEQnc7591yBEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMDZhNDJiYjI0NDZlNTFmMTkyZWEzNzViZGY3ZWVjNWE1
MWM3N2YwHhcNMjQwNjI2MDk1MjM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzM0NTIwZjgyYTQ5YjhjNTNmNWQwNTY1MjcyOGNiN2Y3N2Y3NmNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwnGbQeg63maj/CR/Ujk3l9SA3tvo
hBpRkd1IL7oJJUghK7vz9Pzv9vtl1oYfgTWwhZq5dnkcXzZ3z4aoyFQQMQr7GOIm
HUfNBCpu9X33AYs0yw28n9wUayYBMe4MsQCNinzePuH4GE5R244Pnqg/jeIrZp7g
AIgrRh2Ne9Hkw/9DNfwoOqqVvZ4Gn55o53DarAV3Cy9x32vG2T4CV31ozq1BByog
TwJru65gfc27sdOKbaI1Ew9VUaioihEYe9j1kC0sGUyNwy32PUaS1z7+kwAQuxUB
PVf7wrWkgs8/NZWol2GmxikOo0tlJYazTGmIsilxx6U/m7WrhmKR0AynsQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJw0Ug+CpJuMU/XQVlJyjLf3f3bOMB8GA1UdIwQY
MBaAFH0GpCuyRG5R8ZLqN1vffuxaUcd/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUt
MmNmODA2YjJkMGYyLzEvbkRSU0Q0S2ttNHhUOWRCV1VuS010X2RfZHM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUtMmNmODA2YjJkMGYy
LzEvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuVHZMA0G
CSqGSIb3DQEBCwUAA4IBAQC8SE9Q11VG0h228ZvA2QTm6Z/usF1WC07ncHpBc3L+
U9AY+glN7WB+8sn8pUGNZAfVeqys+o+ouDAvS8kKOa+v3NQ6jDx5O1HZ0TvVlimm
oWHazPc+9fZ9U6ojOqFbE7IEPNO1KGz4A9+3s94FUSlRAw1QD8IgVfzOnX+L5BMi
aDkeSlNsLtFbfs23sIPlF7tKn6qDwL9tpCUeJWzOKKEiJ0ES8YYDSrMriiyowJvC
+JDMmeEVhp2UZbcKRUB3L0/SwqA6DhhxB7ZTHPSlNktU8mylYKjs8kLvDZ61Emoq
1v6Hz9iv6gO/ezDI10J1WDebCHIU83r8DYsdDJFUK6QK
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:32:07 2025 by rpki-client