Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8d3c82-e403-4da6-b315-8790206f0d74/1/dd3oIxIBaBxRer6cZLbvvWg26Os.roa
File: dd3oIxIBaBxRer6cZLbvvWg26Os.roa (raw, json)
Hash identifier: JD8w4SBsdMT1FEUgLsc4mDvlAo6sAqumvM+7ex6G0SI=
Subject key identifier: 75:DD:E8:23:12:01:68:1C:51:7A:BE:9C:64:B6:EF:BD:68:36:E8:EB
Certificate issuer: /CN=41f5a10e4fd2655adbbb40ede18b2615ac558ea9
Certificate serial: 018CC9BB02445505B5771E684F58C7B181B4
Authority key identifier: 41:F5:A1:0E:4F:D2:65:5A:DB:BB:40:ED:E1:8B:26:15:AC:55:8E:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QfWhDk_SZVrbu0Dt4YsmFaxVjqk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8d3c82-e403-4da6-b315-8790206f0d74/1/dd3oIxIBaBxRer6cZLbvvWg26Os.roa
Signing time: Tue 02 Jan 2024 10:32:05 +0000
ROA not before: Tue 02 Jan 2024 10:32:05 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41844
IP address blocks: 94.26.40.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 17:47:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bb:02:44:55:05:b5:77:1e:68:4f:58:c7:b1:81:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=41f5a10e4fd2655adbbb40ede18b2615ac558ea9
Validity
Not Before: Jan 2 10:32:05 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=75dde8231201681c517abe9c64b6efbd6836e8eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:c5:07:c0:c8:88:3c:48:69:47:b7:07:fd:1e:
88:53:b6:98:d9:b4:7f:72:be:6f:1e:ca:b5:aa:21:
32:6e:b9:88:d6:ee:bc:04:7d:96:5c:ff:c6:a7:05:
d4:25:0d:d1:a2:f8:38:8c:be:d0:5c:a4:47:b7:47:
6b:e4:02:f4:13:46:ab:ce:72:ac:4c:5d:1c:41:09:
e0:3d:67:c3:92:7f:f3:0c:23:34:68:c4:cf:ba:59:
38:ef:52:77:c2:c3:55:94:ad:e9:eb:d1:5e:59:e0:
b2:df:ce:a7:b4:96:41:7d:9f:f7:ce:d1:be:2a:34:
ab:62:30:54:18:51:f5:65:61:02:59:02:85:c7:4d:
f9:7b:c0:ff:82:fc:a3:34:b2:1d:52:b3:fc:8d:c4:
90:60:e7:cf:a7:86:df:a4:a3:e9:36:71:aa:64:80:
a0:58:d5:49:a9:50:5e:4f:c3:ff:50:c9:4c:16:40:
6d:73:82:64:90:1e:72:37:89:18:fe:3b:d7:57:ea:
0b:12:9d:4d:c5:7c:4f:47:ef:fd:4a:18:91:78:0d:
07:02:3d:bf:d7:81:a3:b8:fe:90:e7:52:49:b8:bf:
d7:80:42:43:8c:94:83:0c:25:7e:78:f1:11:0b:57:
07:b0:60:8c:06:fb:7a:c8:a5:c5:0a:1c:80:f0:b1:
d9:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:DD:E8:23:12:01:68:1C:51:7A:BE:9C:64:B6:EF:BD:68:36:E8:EB
X509v3 Authority Key Identifier:
keyid:41:F5:A1:0E:4F:D2:65:5A:DB:BB:40:ED:E1:8B:26:15:AC:55:8E:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QfWhDk_SZVrbu0Dt4YsmFaxVjqk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8d3c82-e403-4da6-b315-8790206f0d74/1/dd3oIxIBaBxRer6cZLbvvWg26Os.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8d3c82-e403-4da6-b315-8790206f0d74/1/QfWhDk_SZVrbu0Dt4YsmFaxVjqk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.26.40.0/24
Signature Algorithm: sha256WithRSAEncryption
51:ab:46:5c:0b:c9:b2:19:22:86:ac:4e:ea:e3:4d:c1:50:94:
cd:2e:3f:ce:3b:e2:ae:bd:45:77:4e:fa:a8:df:38:ab:9f:a0:
b3:6f:2e:9f:54:48:55:e4:c6:e9:73:0a:94:5a:6f:84:fa:aa:
29:b3:f5:73:c9:c5:c6:4b:6d:09:6f:53:dc:a0:53:a9:18:36:
5e:78:a9:63:07:1f:07:4a:cd:92:94:f7:f7:e2:a3:49:64:13:
8b:c9:63:2c:30:8b:62:39:b0:f8:34:cc:5b:f8:38:8b:ce:3f:
69:f4:be:5d:c7:ba:80:ba:f9:29:40:1a:51:07:6f:3b:bc:3c:
51:2a:f4:eb:3e:36:98:55:8d:65:e5:e0:e9:c7:48:84:3b:a1:
f6:6a:cb:22:8c:24:63:bf:0b:c3:6e:88:66:9d:f1:ea:29:93:
0d:ab:7e:f3:9f:be:e0:c3:d5:45:9c:78:f3:1e:9f:fb:6c:28:
bd:06:c6:10:35:3b:5d:51:44:6f:5a:dc:a9:10:58:da:00:1d:
76:ca:40:bc:be:f3:85:f4:4b:b0:95:77:63:ec:53:58:b1:2c:
2a:16:cf:3c:86:9e:72:47:e2:62:fd:a5:2b:82:c9:6f:8d:0a:
d6:6d:ef:3d:e0:36:20:27:d5:d0:d4:ee:34:46:d5:c6:d8:36:
7e:2e:04:70
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJuwJEVQW1dx5oT1jHsYG0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxZjVhMTBlNGZkMjY1NWFkYmJiNDBlZGUxOGIyNjE1YWM1
NThlYTkwHhcNMjQwMTAyMTAzMjA1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NWRkZTgyMzEyMDE2ODFjNTE3YWJlOWM2NGI2ZWZiZDY4MzZlOGViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmcUHwMiIPEhpR7cH/R6IU7aY2bR/
cr5vHsq1qiEybrmI1u68BH2WXP/GpwXUJQ3Rovg4jL7QXKRHt0dr5AL0E0arznKs
TF0cQQngPWfDkn/zDCM0aMTPulk471J3wsNVlK3p69FeWeCy386ntJZBfZ/3ztG+
KjSrYjBUGFH1ZWECWQKFx035e8D/gvyjNLIdUrP8jcSQYOfPp4bfpKPpNnGqZICg
WNVJqVBeT8P/UMlMFkBtc4JkkB5yN4kY/jvXV+oLEp1NxXxPR+/9ShiReA0HAj2/
14GjuP6Q51JJuL/XgEJDjJSDDCV+ePERC1cHsGCMBvt6yKXFChyA8LHZzQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHXd6CMSAWgcUXq+nGS2771oNujrMB8GA1UdIwQY
MBaAFEH1oQ5P0mVa27tA7eGLJhWsVY6pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWZXaERrX1NaVnJidTBEdDRZc21GYXhWanFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84ZDNjODItZTQwMy00ZGE2LWIzMTUt
ODc5MDIwNmYwZDc0LzEvZGQzb0l4SUJhQnhSZXI2Y1pMYnZ2V2cyNk9zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84ZDNjODItZTQwMy00ZGE2LWIzMTUtODc5MDIwNmYwZDc0
LzEvUWZXaERrX1NaVnJidTBEdDRZc21GYXhWanFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXhooMA0G
CSqGSIb3DQEBCwUAA4IBAQBRq0ZcC8myGSKGrE7q403BUJTNLj/OO+KuvUV3Tvqo
3zirn6Czby6fVEhV5MbpcwqUWm+E+qops/VzycXGS20Jb1PcoFOpGDZeeKljBx8H
Ss2SlPf34qNJZBOLyWMsMItiObD4NMxb+DiLzj9p9L5dx7qAuvkpQBpRB287vDxR
KvTrPjaYVY1l5eDpx0iEO6H2assijCRjvwvDbohmnfHqKZMNq37zn77gw9VFnHjz
Hp/7bCi9BsYQNTtdUURvWtypEFjaAB12ykC8vvOF9EuwlXdj7FNYsSwqFs88hp5y
R+Ji/aUrgslvjQrWbe894DYgJ9XQ1O40RtXG2DZ+LgRw
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:42:36 2025 by rpki-client