Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/af96df-a4d5-48f9-ac0c-24d8e747c38f/1/tUDc5OQGeg0_9N8B6ddCBlwCIS0.roa
File: tUDc5OQGeg0_9N8B6ddCBlwCIS0.roa (raw, json)
Hash identifier: tANFSmInUzbtOjiEhhKBiRR2v4ab0uTI0MpFVMn73Sw=
Subject key identifier: B5:40:DC:E4:E4:06:7A:0D:3F:F4:DF:01:E9:D7:42:06:5C:02:21:2D
Certificate issuer: /CN=12fd558a64e97586a43dc7ee50a8d6b292365b60
Certificate serial: 0194266AD6CBED0853590FA811E1A5933C3D
Authority key identifier: 12:FD:55:8A:64:E9:75:86:A4:3D:C7:EE:50:A8:D6:B2:92:36:5B:60
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ev1VimTpdYakPcfuUKjWspI2W2A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/af96df-a4d5-48f9-ac0c-24d8e747c38f/1/tUDc5OQGeg0_9N8B6ddCBlwCIS0.roa
Signing time: Thu 02 Jan 2025 09:48:43 +0000
ROA not before: Thu 02 Jan 2025 09:48:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44620
IP address blocks: 176.116.6.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 20 Jan 2025 11:51:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6a:d6:cb:ed:08:53:59:0f:a8:11:e1:a5:93:3c:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=12fd558a64e97586a43dc7ee50a8d6b292365b60
Validity
Not Before: Jan 2 09:48:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b540dce4e4067a0d3ff4df01e9d742065c02212d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:8b:92:b7:95:e5:be:45:00:03:42:b7:38:6f:
26:b9:44:8b:01:43:03:32:d3:18:b2:85:16:2c:04:
22:6d:b9:fb:82:bf:e4:68:38:b2:f8:b3:74:bc:85:
60:0a:12:6c:4c:49:b3:7e:6f:8f:b2:e7:27:ed:bc:
5a:00:bc:f9:4b:fe:40:2b:75:a7:82:3d:93:2e:dc:
4a:d4:04:0c:ba:ed:00:c0:65:9d:64:8f:c5:61:b8:
61:33:63:db:e7:4d:c4:33:26:87:dc:ed:8b:e9:59:
f4:c7:79:fe:84:c3:08:0c:c0:38:3b:06:d7:a7:5f:
40:4a:8d:0f:a0:fc:6b:04:ec:d7:c9:84:36:12:e8:
22:4e:e2:05:43:1a:6a:74:7b:a3:57:94:39:53:5d:
99:88:ef:21:66:f7:65:0a:fa:cd:b2:02:9b:db:dd:
17:3b:3a:08:16:6b:de:14:f8:c3:d0:8b:55:58:63:
27:18:b1:3a:a3:e7:81:8d:93:06:59:83:18:d5:07:
5f:8a:ac:cd:99:ce:4c:b1:58:16:39:c2:e0:9e:88:
cc:1f:1b:b1:09:7d:be:41:8e:b9:b6:22:fe:dd:49:
4b:fa:3a:23:df:e2:0b:64:5a:f6:cf:bf:5a:4b:ad:
18:fa:93:19:fa:22:a7:a9:1d:86:bf:2b:dd:56:d3:
c3:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:40:DC:E4:E4:06:7A:0D:3F:F4:DF:01:E9:D7:42:06:5C:02:21:2D
X509v3 Authority Key Identifier:
keyid:12:FD:55:8A:64:E9:75:86:A4:3D:C7:EE:50:A8:D6:B2:92:36:5B:60
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ev1VimTpdYakPcfuUKjWspI2W2A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/af96df-a4d5-48f9-ac0c-24d8e747c38f/1/tUDc5OQGeg0_9N8B6ddCBlwCIS0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/af96df-a4d5-48f9-ac0c-24d8e747c38f/1/Ev1VimTpdYakPcfuUKjWspI2W2A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.116.6.0/24
Signature Algorithm: sha256WithRSAEncryption
43:77:a3:a4:28:89:32:a7:22:ff:48:53:36:4e:cc:70:d2:13:
a4:87:c9:a6:b1:b3:de:45:f9:60:6f:b9:4b:25:ee:cd:f6:18:
47:1c:74:7e:6d:79:d2:c6:25:09:39:93:9a:01:ba:14:3f:45:
ac:16:01:a4:d0:bf:04:8c:68:30:80:07:52:e7:4d:79:77:8a:
e8:df:d6:18:9f:18:0c:97:50:c1:44:e6:e7:53:6d:02:0f:89:
66:ca:e3:33:b3:49:86:4e:ad:a8:0b:90:de:71:8e:78:bc:51:
bd:c3:69:bd:3e:83:43:6a:eb:18:a8:83:22:35:d3:fb:94:92:
60:28:b2:60:83:59:84:e7:5f:f3:3d:98:85:55:52:43:b6:2f:
e6:16:dd:26:f3:60:49:3b:43:ba:75:16:e4:71:62:fd:71:66:
cc:17:ef:29:dd:ff:07:81:4b:78:9a:5e:dd:d2:6a:63:bd:fa:
db:79:08:88:17:df:c9:7c:2b:14:47:96:e6:3a:be:c8:31:f2:
59:c5:ae:36:fd:b8:8a:97:af:17:a6:28:eb:74:97:24:80:7f:
c9:db:ca:79:25:a7:60:b7:e6:f6:3a:99:a4:c4:53:66:48:7d:
53:f7:24:76:85:bb:c8:f0:21:ea:cc:41:b9:23:32:06:37:3c:
19:62:83:90
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQmatbL7QhTWQ+oEeGlkzw9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyZmQ1NThhNjRlOTc1ODZhNDNkYzdlZTUwYThkNmIyOTIz
NjViNjAwHhcNMjUwMTAyMDk0ODQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTQwZGNlNGU0MDY3YTBkM2ZmNGRmMDFlOWQ3NDIwNjVjMDIyMTJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk4uSt5XlvkUAA0K3OG8muUSLAUMD
MtMYsoUWLAQibbn7gr/kaDiy+LN0vIVgChJsTEmzfm+Psucn7bxaALz5S/5AK3Wn
gj2TLtxK1AQMuu0AwGWdZI/FYbhhM2Pb503EMyaH3O2L6Vn0x3n+hMMIDMA4OwbX
p19ASo0PoPxrBOzXyYQ2EugiTuIFQxpqdHujV5Q5U12ZiO8hZvdlCvrNsgKb290X
OzoIFmveFPjD0ItVWGMnGLE6o+eBjZMGWYMY1QdfiqzNmc5MsVgWOcLgnojMHxux
CX2+QY65tiL+3UlL+joj3+ILZFr2z79aS60Y+pMZ+iKnqR2GvyvdVtPD+QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLVA3OTkBnoNP/TfAenXQgZcAiEtMB8GA1UdIwQY
MBaAFBL9VYpk6XWGpD3H7lCo1rKSNltgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXYxVmltVHBkWWFrUGNmdVVLaldzcEkyVzJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS9hZjk2ZGYtYTRkNS00OGY5LWFjMGMt
MjRkOGU3NDdjMzhmLzEvdFVEYzVPUUdlZzBfOU44QjZkZENCbHdDSVMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS9hZjk2ZGYtYTRkNS00OGY5LWFjMGMtMjRkOGU3NDdjMzhm
LzEvRXYxVmltVHBkWWFrUGNmdVVLaldzcEkyVzJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsHQGMA0G
CSqGSIb3DQEBCwUAA4IBAQBDd6OkKIkypyL/SFM2Tsxw0hOkh8mmsbPeRflgb7lL
Je7N9hhHHHR+bXnSxiUJOZOaAboUP0WsFgGk0L8EjGgwgAdS5015d4ro39YYnxgM
l1DBRObnU20CD4lmyuMzs0mGTq2oC5DecY54vFG9w2m9PoNDausYqIMiNdP7lJJg
KLJgg1mE51/zPZiFVVJDti/mFt0m82BJO0O6dRbkcWL9cWbMF+8p3f8HgUt4ml7d
0mpjvfrbeQiIF9/JfCsUR5bmOr7IMfJZxa42/biKl68XpijrdJckgH/J28p5Jadg
t+b2OpmkxFNmSH1T9yR2hbvI8CHqzEG5IzIGNzwZYoOQ
-----END CERTIFICATE-----
Generated at Thu Apr 17 13:24:38 2025 by rpki-client