Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/nYDiTDqu3fxPxrnDiYYlCkBMcII.roa
File: nYDiTDqu3fxPxrnDiYYlCkBMcII.roa (raw, json)
Hash identifier: e3sWMpgnJgxa7PW78F8n4RXMQG18e/1OcxcsCRpaO1w=
Subject key identifier: 9D:80:E2:4C:3A:AE:DD:FC:4F:C6:B9:C3:89:86:25:0A:40:4C:70:82
Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Certificate serial: 0193DD44F481FE65738EEB199897FABD19D8
Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/nYDiTDqu3fxPxrnDiYYlCkBMcII.roa
Signing time: Thu 19 Dec 2024 04:55:03 +0000
ROA not before: Thu 19 Dec 2024 04:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61400
IP address blocks: 185.39.205.0/24 maxlen: 24
2a09:6281::/32 maxlen: 32
2a09:6282::/32 maxlen: 32
2a09:6283::/32 maxlen: 32
2a09:6287::/32 maxlen: 32
2a09:e2c0::/32 maxlen: 32
2a09:e2c1::/32 maxlen: 32
2a09:e2c2::/32 maxlen: 32
2a09:e2c3::/32 maxlen: 32
2a09:e2c4::/32 maxlen: 32
2a09:e2c5::/32 maxlen: 32
2a09:e2c6::/32 maxlen: 32
2a09:e2c7::/32 maxlen: 32
2a10:4102::/32 maxlen: 32
2a10:4106::/32 maxlen: 32
2a11:4b45::/32 maxlen: 32
2a12:c300::/30 maxlen: 30
2a12:c300::/32 maxlen: 32
2a12:c301::/32 maxlen: 32
2a12:c302::/32 maxlen: 32
2a12:c303::/32 maxlen: 32
Validation: Failed, certificate revoked on Sat 21 Dec 2024 11:20:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:dd:44:f4:81:fe:65:73:8e:eb:19:98:97:fa:bd:19:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Validity
Not Before: Dec 19 04:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9d80e24c3aaeddfc4fc6b9c38986250a404c7082
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:7e:ab:8d:98:3e:86:69:c4:02:d6:1a:df:1b:
b0:54:83:35:87:8a:c9:f9:11:2a:6b:1d:8b:ed:c9:
97:31:5e:63:c7:87:f9:60:d7:48:9e:e8:a7:ea:ab:
33:ae:0c:8c:89:eb:c7:9a:50:fc:1a:f1:e1:04:b0:
3b:c7:93:e7:56:c1:72:a2:d4:9c:ec:0a:9e:de:6b:
b3:68:40:94:83:00:bc:9f:46:8a:7f:c5:f8:8d:86:
fc:7d:96:c7:6c:73:af:81:ed:25:2e:d0:f3:38:5a:
a6:af:b5:eb:93:e3:22:75:98:30:a0:bc:09:98:0e:
a7:78:89:06:fe:84:dc:22:25:74:0b:07:81:67:00:
bb:c7:61:43:55:cc:8e:ff:24:a2:dd:19:23:e1:d6:
8b:c7:df:bf:e1:6e:8c:86:0f:20:ad:65:39:d0:67:
11:c4:84:ba:de:97:a6:c7:92:32:96:49:44:99:85:
1b:f4:6f:bb:2f:16:02:aa:bf:c0:aa:58:95:b5:71:
ad:1e:17:e0:df:ca:18:8e:a2:b2:57:0d:0b:fe:72:
b1:4e:8e:32:1b:cd:65:78:c4:70:32:04:68:20:9c:
7b:41:54:ce:91:80:78:b3:cf:bc:9a:4e:d6:90:bc:
0c:2e:b8:36:49:d2:eb:e1:d4:96:34:1e:2d:4f:d4:
30:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:80:E2:4C:3A:AE:DD:FC:4F:C6:B9:C3:89:86:25:0A:40:4C:70:82
X509v3 Authority Key Identifier:
keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/nYDiTDqu3fxPxrnDiYYlCkBMcII.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.39.205.0/24
IPv6:
2a09:6281::-2a09:6283:ffff:ffff:ffff:ffff:ffff:ffff
2a09:6287::/32
2a09:e2c0::/29
2a10:4102::/32
2a10:4106::/32
2a11:4b45::/32
2a12:c300::/30
Signature Algorithm: sha256WithRSAEncryption
5a:97:53:12:91:85:b0:b7:b6:bd:83:b8:8d:55:1a:16:81:06:
e2:e1:90:9c:b1:20:53:0e:b9:25:63:b0:59:b1:3b:96:28:cc:
43:1f:19:79:64:ba:ac:e9:aa:11:fe:ce:d2:f7:e2:f5:31:09:
04:a0:c3:c1:b3:06:fe:2e:88:bb:af:ed:60:56:63:14:80:31:
ba:a8:5a:21:a1:13:21:77:1d:73:04:a3:c7:b9:52:66:7a:1a:
b9:97:c8:01:56:a6:af:a9:10:69:35:25:c1:bd:e9:c8:76:fc:
89:00:b0:a9:eb:bb:1c:ef:f1:f7:97:9c:c2:7a:4a:68:a8:31:
33:e8:ac:5d:51:29:7c:ab:00:1f:63:bb:5e:96:13:ec:e4:f6:
7a:74:cf:6c:3e:8a:99:8c:27:db:22:7c:49:31:18:50:3f:7d:
76:90:ab:43:11:e3:d5:04:c9:6a:a1:2e:3f:90:95:f4:ea:0e:
85:f9:5f:95:64:67:9e:bb:41:ea:7e:6f:3f:3d:b6:7c:07:77:
28:a9:0d:3e:12:f2:2c:03:ff:4c:01:95:d6:93:94:21:ef:dc:
c8:6f:57:78:6d:96:24:30:67:1d:3e:1e:eb:fb:10:43:65:11:
03:67:fc:5c:db:74:6d:01:6e:7e:d6:34:ec:e3:3a:9a:62:e8:
8f:12:19:c4
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAZPdRPSB/mVzjusZmJf6vRnYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl
NWVjZjIwHhcNMjQxMjE5MDQ1NTAzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDgwZTI0YzNhYWVkZGZjNGZjNmI5YzM4OTg2MjUwYTQwNGM3MDgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhn6rjZg+hmnEAtYa3xuwVIM1h4rJ
+REqax2L7cmXMV5jx4f5YNdInuin6qszrgyMievHmlD8GvHhBLA7x5PnVsFyotSc
7Aqe3muzaECUgwC8n0aKf8X4jYb8fZbHbHOvge0lLtDzOFqmr7Xrk+MidZgwoLwJ
mA6neIkG/oTcIiV0CweBZwC7x2FDVcyO/ySi3Rkj4daLx9+/4W6Mhg8grWU50GcR
xIS63pemx5IylklEmYUb9G+7LxYCqr/AqliVtXGtHhfg38oYjqKyVw0L/nKxTo4y
G81leMRwMgRoIJx7QVTOkYB4s8+8mk7WkLwMLrg2SdLr4dSWNB4tT9QwtwIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFJ2A4kw6rt38T8a5w4mGJQpATHCCMB8GA1UdIwQY
MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt
MTcxYzM2N2JlNzgyLzEvbllEaVREcXUzZnhQeHJuRGlZWWxDa0JNY0lJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWItMTcxYzM2N2JlNzgy
LzEvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDAMBAIAATAGAwQAuSfNMEAE
AgACMDowDgMFACoJYoEDBQIqCWKAAwUAKglihwMFAyoJ4sADBQAqEEECAwUAKhBB
BgMFACoRS0UDBQIqEsMAMA0GCSqGSIb3DQEBCwUAA4IBAQBal1MSkYWwt7a9g7iN
VRoWgQbi4ZCcsSBTDrklY7BZsTuWKMxDHxl5ZLqs6aoR/s7S9+L1MQkEoMPBswb+
Loi7r+1gVmMUgDG6qFohoRMhdx1zBKPHuVJmehq5l8gBVqavqRBpNSXBvenIdvyJ
ALCp67sc7/H3l5zCekpoqDEz6KxdUSl8qwAfY7telhPs5PZ6dM9sPoqZjCfbInxJ
MRhQP312kKtDEePVBMlqoS4/kJX06g6F+V+VZGeeu0Hqfm8/PbZ8B3coqQ0+EvIs
A/9MAZXWk5Qh79zIb1d4bZYkMGcdPh7r+xBDZREDZ/xc23RtAW5+1jTs4zqaYuiP
EhnE
-----END CERTIFICATE-----
Generated at Sat Apr 5 19:08:57 2025 by rpki-client