Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/0b2641-bfb5-4e75-a3e8-b9f05e31523a/1/nMV7FHTmQTH2xrNw2izoaEsP9-k.roa
File: nMV7FHTmQTH2xrNw2izoaEsP9-k.roa (raw, json)
Hash identifier: mR8sadg5gLmaLb+Z4272P6QgRhAJrd+Tc9THWDecH2U=
Subject key identifier: 9C:C5:7B:14:74:E6:41:31:F6:C6:B3:70:DA:2C:E8:68:4B:0F:F7:E9
Certificate issuer: /CN=79d10f728d6499a749ae5902e8fa883f1add4517
Certificate serial: 018CC56F01C863E4237CBF5CCADFA0AFAE8F
Authority key identifier: 79:D1:0F:72:8D:64:99:A7:49:AE:59:02:E8:FA:88:3F:1A:DD:45:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/edEPco1kmadJrlkC6PqIPxrdRRc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/0b2641-bfb5-4e75-a3e8-b9f05e31523a/1/nMV7FHTmQTH2xrNw2izoaEsP9-k.roa
Signing time: Mon 01 Jan 2024 14:30:35 +0000
ROA not before: Mon 01 Jan 2024 14:30:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 185.236.142.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 05:48:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6f:01:c8:63:e4:23:7c:bf:5c:ca:df:a0:af:ae:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=79d10f728d6499a749ae5902e8fa883f1add4517
Validity
Not Before: Jan 1 14:30:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9cc57b1474e64131f6c6b370da2ce8684b0ff7e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:fd:de:77:17:4a:bc:67:ce:52:b0:94:e3:ff:
80:b3:5c:ab:e7:98:e7:35:50:76:21:3e:a7:6a:57:
9e:85:34:8c:ce:83:d5:f6:26:bf:3c:8e:e7:06:80:
d5:41:4a:95:61:63:af:b1:bc:8a:39:6f:7b:92:b1:
41:1c:c7:83:a5:e3:8e:13:99:bb:e4:a4:17:de:e5:
2e:bb:bf:2d:a2:32:91:d5:a8:8f:e8:3b:e4:e4:6e:
b5:9c:33:ec:86:2b:45:32:96:5a:60:03:c7:77:0d:
a3:8a:05:67:22:da:3d:7f:1b:96:c3:40:ac:08:41:
ce:2b:70:1f:3b:d9:45:61:99:67:41:11:e3:9c:39:
ac:4a:63:95:1a:dd:9a:62:e3:d2:8c:c1:5b:f1:56:
10:e1:95:09:24:15:98:75:ec:e5:56:d5:72:3a:2c:
31:20:b4:21:30:6b:4e:09:e9:64:66:07:c1:5a:84:
41:c4:ec:14:5e:33:1b:d1:d1:dc:f4:09:22:20:41:
34:1f:fc:1c:83:91:51:2e:3b:c4:ff:fe:0d:6b:f2:
e4:04:73:b2:3c:8f:13:6e:24:cd:45:9d:ec:0f:7d:
af:7b:01:18:13:76:05:44:ea:17:8b:e8:be:49:0d:
af:35:e9:68:c1:3e:55:ea:35:78:e1:94:96:b6:9e:
dc:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:C5:7B:14:74:E6:41:31:F6:C6:B3:70:DA:2C:E8:68:4B:0F:F7:E9
X509v3 Authority Key Identifier:
keyid:79:D1:0F:72:8D:64:99:A7:49:AE:59:02:E8:FA:88:3F:1A:DD:45:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/edEPco1kmadJrlkC6PqIPxrdRRc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/0b2641-bfb5-4e75-a3e8-b9f05e31523a/1/nMV7FHTmQTH2xrNw2izoaEsP9-k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/0b2641-bfb5-4e75-a3e8-b9f05e31523a/1/edEPco1kmadJrlkC6PqIPxrdRRc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.236.142.0/24
Signature Algorithm: sha256WithRSAEncryption
59:d1:15:8d:3f:d3:00:6b:57:ae:80:ac:49:ae:9b:e4:fc:4f:
c5:4a:b3:e3:af:da:8c:db:d3:74:ce:bf:7f:33:09:db:4e:07:
f7:51:f6:e1:d4:f6:b0:7e:4e:03:52:d7:31:72:2c:a8:82:d0:
33:e5:35:02:d4:b0:a2:21:7e:92:67:7e:20:f8:ab:89:05:f1:
24:49:ef:1f:7a:a4:ee:63:cb:a4:2d:7e:df:b7:11:10:37:46:
5f:e4:24:90:99:df:c5:86:ea:14:3e:5c:38:44:44:f4:96:f4:
0f:1c:d8:81:87:a8:b4:54:de:6d:4a:75:be:f7:04:de:af:a1:
06:8d:36:da:fd:70:ed:32:12:12:c6:59:09:04:15:df:0f:2b:
63:d5:ec:d4:24:1c:68:93:13:76:f4:03:f0:3c:c0:31:c0:11:
8c:e3:6a:01:d2:78:41:24:e7:2d:80:8b:06:45:fb:cb:0b:42:
ff:43:9b:cb:0d:0c:0e:45:8e:c2:d4:53:08:a4:ab:ce:99:fe:
39:2e:99:70:6d:61:4a:bd:c7:ac:09:0e:5e:69:cf:e2:5f:6c:
13:4d:a2:43:72:5b:8d:a6:01:e1:a1:1a:33:69:2d:22:f5:b0:
a3:62:bc:99:d6:d5:64:f0:5f:f7:ae:e9:7f:65:04:d7:82:bf:
40:76:33:82
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFbwHIY+QjfL9cyt+gr66PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5ZDEwZjcyOGQ2NDk5YTc0OWFlNTkwMmU4ZmE4ODNmMWFk
ZDQ1MTcwHhcNMjQwMTAxMTQzMDM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Y2M1N2IxNDc0ZTY0MTMxZjZjNmIzNzBkYTJjZTg2ODRiMGZmN2U5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh/3edxdKvGfOUrCU4/+As1yr55jn
NVB2IT6naleehTSMzoPV9ia/PI7nBoDVQUqVYWOvsbyKOW97krFBHMeDpeOOE5m7
5KQX3uUuu78tojKR1aiP6Dvk5G61nDPshitFMpZaYAPHdw2jigVnIto9fxuWw0Cs
CEHOK3AfO9lFYZlnQRHjnDmsSmOVGt2aYuPSjMFb8VYQ4ZUJJBWYdezlVtVyOiwx
ILQhMGtOCelkZgfBWoRBxOwUXjMb0dHc9AkiIEE0H/wcg5FRLjvE//4Na/LkBHOy
PI8TbiTNRZ3sD32vewEYE3YFROoXi+i+SQ2vNelowT5V6jV44ZSWtp7cOQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJzFexR05kEx9sazcNos6GhLD/fpMB8GA1UdIwQY
MBaAFHnRD3KNZJmnSa5ZAuj6iD8a3UUXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZWRFUGNvMWttYWRKcmxrQzZQcUlQeHJkUlJjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS8wYjI2NDEtYmZiNS00ZTc1LWEzZTgt
YjlmMDVlMzE1MjNhLzEvbk1WN0ZIVG1RVEgyeHJOdzJpem9hRXNQOS1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS8wYjI2NDEtYmZiNS00ZTc1LWEzZTgtYjlmMDVlMzE1MjNh
LzEvZWRFUGNvMWttYWRKcmxrQzZQcUlQeHJkUlJjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAueyOMA0G
CSqGSIb3DQEBCwUAA4IBAQBZ0RWNP9MAa1eugKxJrpvk/E/FSrPjr9qM29N0zr9/
MwnbTgf3Ufbh1Pawfk4DUtcxciyogtAz5TUC1LCiIX6SZ34g+KuJBfEkSe8feqTu
Y8ukLX7ftxEQN0Zf5CSQmd/FhuoUPlw4RET0lvQPHNiBh6i0VN5tSnW+9wTer6EG
jTba/XDtMhISxlkJBBXfDytj1ezUJBxokxN29APwPMAxwBGM42oB0nhBJOctgIsG
RfvLC0L/Q5vLDQwORY7C1FMIpKvOmf45LplwbWFKvcesCQ5eac/iX2wTTaJDcluN
pgHhoRozaS0i9bCjYryZ1tVk8F/3rul/ZQTXgr9AdjOC
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:28:27 2025 by rpki-client