Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/25cdb4-e508-4b37-81bc-36f82bd379bd/1/n0nZA5Z0P92Iw0ePu3rsbyB4XKc.roa
File: n0nZA5Z0P92Iw0ePu3rsbyB4XKc.roa (raw, json)
Hash identifier: RDjCwyC3fBT356ecE5y9Je1wKTuRKGdPq3Ehst+rctc=
Subject key identifier: 9F:49:D9:03:96:74:3F:DD:88:C3:47:8F:BB:7A:EC:6F:20:78:5C:A7
Certificate issuer: /CN=b10c3cf3dc53ca549c03e4f5f46d91ce90b8e070
Certificate serial: 019150B846CCEAA3ABB0DB186FCB755B4042
Authority key identifier: B1:0C:3C:F3:DC:53:CA:54:9C:03:E4:F5:F4:6D:91:CE:90:B8:E0:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sQw889xTylScA-T19G2RzpC44HA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/25cdb4-e508-4b37-81bc-36f82bd379bd/1/n0nZA5Z0P92Iw0ePu3rsbyB4XKc.roa
Signing time: Wed 14 Aug 2024 11:48:59 +0000
ROA not before: Wed 14 Aug 2024 11:48:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43260
IP address blocks: 185.253.184.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 19 Aug 2024 19:39:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:50:b8:46:cc:ea:a3:ab:b0:db:18:6f:cb:75:5b:40:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b10c3cf3dc53ca549c03e4f5f46d91ce90b8e070
Validity
Not Before: Aug 14 11:48:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9f49d90396743fdd88c3478fbb7aec6f20785ca7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:3b:82:a0:32:a1:62:07:cd:a4:dd:6e:f9:ae:
67:fc:87:b4:a0:d3:c2:0e:36:ca:45:f2:64:2b:aa:
39:0c:05:0b:94:7d:64:2e:84:22:06:a1:1a:4a:28:
dd:76:bf:d8:a3:ea:2d:56:b1:95:7f:1d:0e:20:9e:
a1:28:c1:4c:42:50:87:60:06:c6:78:1d:8c:19:0e:
94:e6:1e:7b:0b:34:07:d4:ba:00:fb:69:be:d8:fb:
50:3a:01:0d:7d:fa:5d:cc:93:02:9b:82:04:18:f6:
a9:85:a8:f0:7f:f4:f8:67:95:fc:d3:2f:8e:db:36:
1f:a7:f2:d4:e9:7f:d2:58:55:26:a4:f1:bc:38:89:
5f:3a:f9:db:4f:50:d0:8d:e3:50:03:00:e5:38:c9:
b4:63:8d:2d:75:e9:40:9b:82:65:32:14:be:dd:74:
cd:9a:78:9b:9a:dd:e5:8e:22:22:b4:e8:8d:21:ac:
5f:1c:85:e4:ec:4f:ac:28:20:9a:67:a8:46:89:63:
b2:5e:ab:d2:6e:96:00:f7:f5:38:f3:56:6c:c2:d5:
12:77:57:49:8e:ed:72:70:d7:20:fa:9a:32:c5:78:
2b:ba:44:9b:06:7b:b2:1c:e0:74:96:3d:29:41:42:
65:16:b0:cf:c0:0e:22:1e:3d:23:fd:a6:21:04:23:
b5:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:49:D9:03:96:74:3F:DD:88:C3:47:8F:BB:7A:EC:6F:20:78:5C:A7
X509v3 Authority Key Identifier:
keyid:B1:0C:3C:F3:DC:53:CA:54:9C:03:E4:F5:F4:6D:91:CE:90:B8:E0:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sQw889xTylScA-T19G2RzpC44HA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/25cdb4-e508-4b37-81bc-36f82bd379bd/1/n0nZA5Z0P92Iw0ePu3rsbyB4XKc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/25cdb4-e508-4b37-81bc-36f82bd379bd/1/sQw889xTylScA-T19G2RzpC44HA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.253.184.0/24
Signature Algorithm: sha256WithRSAEncryption
79:42:93:dd:b2:67:a9:b7:d4:65:f1:8b:91:df:ce:d8:88:45:
30:74:4c:db:06:8c:8c:ad:cf:6f:77:b2:c2:8b:e9:11:69:0f:
03:5e:1f:2b:af:f4:1f:78:9a:38:d3:53:b6:1f:db:b3:47:91:
1f:15:3e:11:8d:1a:d3:d6:2f:43:57:6e:6e:b2:0f:d6:96:f5:
41:8d:cb:dd:ca:b4:88:97:a5:df:db:52:6e:ca:20:5b:14:26:
4b:c6:b4:cf:51:ff:ed:13:db:34:93:6f:f5:19:fb:30:89:ce:
4f:f8:7b:50:41:42:a8:44:df:53:4a:b0:02:2c:e3:d9:e7:b9:
6f:35:d1:12:d1:bf:c6:c6:2c:ec:f2:f6:c9:47:25:9a:3b:9e:
2b:aa:4b:87:9e:60:df:9e:0c:f5:92:70:87:ef:1f:d8:f2:8a:
86:60:98:6b:c4:4e:99:7e:44:fb:b2:3f:e3:5d:ba:f1:41:5e:
de:ea:54:74:8c:8f:cd:2c:ca:4d:e3:61:41:7b:ee:ce:e9:8f:
14:b0:c0:57:1d:5e:34:e7:dd:ec:7b:7e:02:b4:a1:f1:31:00:
d9:ef:07:cf:7f:8c:e8:5f:3c:f7:02:7d:f4:2b:c2:00:e8:49:
2e:6b:57:7a:f2:89:fc:e3:81:c5:11:c0:71:35:b1:db:8e:60:
8f:f1:29:d8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZFQuEbM6qOrsNsYb8t1W0BCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxMGMzY2YzZGM1M2NhNTQ5YzAzZTRmNWY0NmQ5MWNlOTBi
OGUwNzAwHhcNMjQwODE0MTE0ODU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjQ5ZDkwMzk2NzQzZmRkODhjMzQ3OGZiYjdhZWM2ZjIwNzg1Y2E3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqzuCoDKhYgfNpN1u+a5n/Ie0oNPC
DjbKRfJkK6o5DAULlH1kLoQiBqEaSijddr/Yo+otVrGVfx0OIJ6hKMFMQlCHYAbG
eB2MGQ6U5h57CzQH1LoA+2m+2PtQOgENffpdzJMCm4IEGPaphajwf/T4Z5X80y+O
2zYfp/LU6X/SWFUmpPG8OIlfOvnbT1DQjeNQAwDlOMm0Y40tdelAm4JlMhS+3XTN
mnibmt3ljiIitOiNIaxfHIXk7E+sKCCaZ6hGiWOyXqvSbpYA9/U481ZswtUSd1dJ
ju1ycNcg+poyxXgrukSbBnuyHOB0lj0pQUJlFrDPwA4iHj0j/aYhBCO1nQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ9J2QOWdD/diMNHj7t67G8geFynMB8GA1UdIwQY
MBaAFLEMPPPcU8pUnAPk9fRtkc6QuOBwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1F3ODg5eFR5bFNjQS1UMTlHMlJ6cEM0NEhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8yNWNkYjQtZTUwOC00YjM3LTgxYmMt
MzZmODJiZDM3OWJkLzEvbjBuWkE1WjBQOTJJdzBlUHUzcnNieUI0WEtjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8yNWNkYjQtZTUwOC00YjM3LTgxYmMtMzZmODJiZDM3OWJk
LzEvc1F3ODg5eFR5bFNjQS1UMTlHMlJ6cEM0NEhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuf24MA0G
CSqGSIb3DQEBCwUAA4IBAQB5QpPdsmept9Rl8YuR387YiEUwdEzbBoyMrc9vd7LC
i+kRaQ8DXh8rr/QfeJo401O2H9uzR5EfFT4RjRrT1i9DV25usg/WlvVBjcvdyrSI
l6Xf21JuyiBbFCZLxrTPUf/tE9s0k2/1Gfswic5P+HtQQUKoRN9TSrACLOPZ57lv
NdES0b/Gxizs8vbJRyWaO54rqkuHnmDfngz1knCH7x/Y8oqGYJhrxE6ZfkT7sj/j
XbrxQV7e6lR0jI/NLMpN42FBe+7O6Y8UsMBXHV40593se34CtKHxMQDZ7wfPf4zo
Xzz3An30K8IA6Ekua1d68on844HFEcBxNbHbjmCP8SnY
-----END CERTIFICATE-----
Generated at Sun May 11 16:39:03 2025 by rpki-client