Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ed821b-3452-427a-8e44-d16e4ae61f80/1/dXY6GAF1C40ipYn4kcv3fbiBZqA.roa
File: dXY6GAF1C40ipYn4kcv3fbiBZqA.roa (raw, json)
Hash identifier: 2ONE9t9ZAE6Xm3jL6lguQZE6JF0OSqfYBQNIRBBos44=
Subject key identifier: 75:76:3A:18:01:75:0B:8D:22:A5:89:F8:91:CB:F7:7D:B8:81:66:A0
Certificate issuer: /CN=7d61b8378e8f368ae4998d51c3a9ace64148d6cd
Certificate serial: 019324CC500559CD9E997278B3CD63593AE9
Authority key identifier: 7D:61:B8:37:8E:8F:36:8A:E4:99:8D:51:C3:A9:AC:E6:41:48:D6:CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fWG4N46PNorkmY1Rw6ms5kFI1s0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ed821b-3452-427a-8e44-d16e4ae61f80/1/dXY6GAF1C40ipYn4kcv3fbiBZqA.roa
Signing time: Wed 13 Nov 2024 09:13:09 +0000
ROA not before: Wed 13 Nov 2024 09:13:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35790
IP address blocks: 185.31.140.0/22 maxlen: 24
185.57.84.0/22 maxlen: 24
185.105.244.0/22 maxlen: 24
185.217.224.0/22 maxlen: 24
213.204.192.0/20 maxlen: 24
213.204.208.0/20 maxlen: 24
213.204.224.0/20 maxlen: 24
213.204.240.0/21 maxlen: 24
2a0b:cdc0::/29 maxlen: 29
2a0b:cdc0::/32 maxlen: 32
2a0b:cdc1::/32 maxlen: 32
2a0b:cdc7::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 13 Nov 2024 10:32:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:24:cc:50:05:59:cd:9e:99:72:78:b3:cd:63:59:3a:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d61b8378e8f368ae4998d51c3a9ace64148d6cd
Validity
Not Before: Nov 13 09:13:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=75763a1801750b8d22a589f891cbf77db88166a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:cf:ab:12:e1:d3:41:93:83:de:38:57:0f:f0:
42:19:18:b2:40:3d:6e:0d:da:56:31:1e:92:dd:6a:
2f:53:0b:c2:ba:d0:21:e5:21:b4:01:bd:cf:a2:8a:
31:52:97:76:c1:2a:d3:58:49:b6:15:2b:e0:7b:02:
44:e9:ed:4d:f9:67:74:85:82:01:39:21:22:c6:48:
f0:52:d9:82:53:12:c9:ac:f4:5c:b3:be:fa:09:5b:
46:9f:1a:6a:12:b3:3f:dc:71:59:08:35:6f:90:50:
70:eb:19:3c:8f:08:a0:49:47:94:ac:1a:e8:4f:f6:
53:3c:cc:cb:04:56:91:17:e9:ab:f5:54:96:4d:1f:
96:2f:7c:50:e0:3e:a1:39:a5:2f:56:45:e3:66:9f:
6d:0d:7b:a4:1c:f6:6f:a7:9a:07:2b:64:37:e1:13:
64:ab:9a:68:85:53:6e:68:62:9f:9e:13:08:c6:f9:
e5:f5:fe:e5:06:2f:69:0e:53:75:9f:21:13:cf:2e:
70:9d:dd:5b:07:ae:19:8c:7d:17:2b:e4:21:57:78:
02:4f:50:8b:1a:bc:41:96:c0:c6:23:e2:b7:8b:f0:
43:25:77:43:4d:30:2c:9b:93:e7:3c:a9:cb:1b:08:
71:51:9c:db:90:ad:32:75:19:be:14:72:fc:d4:68:
00:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:76:3A:18:01:75:0B:8D:22:A5:89:F8:91:CB:F7:7D:B8:81:66:A0
X509v3 Authority Key Identifier:
keyid:7D:61:B8:37:8E:8F:36:8A:E4:99:8D:51:C3:A9:AC:E6:41:48:D6:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fWG4N46PNorkmY1Rw6ms5kFI1s0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ed821b-3452-427a-8e44-d16e4ae61f80/1/dXY6GAF1C40ipYn4kcv3fbiBZqA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ed821b-3452-427a-8e44-d16e4ae61f80/1/fWG4N46PNorkmY1Rw6ms5kFI1s0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.31.140.0/22
185.57.84.0/22
185.105.244.0/22
185.217.224.0/22
213.204.192.0-213.204.247.255
IPv6:
2a0b:cdc0::/29
Signature Algorithm: sha256WithRSAEncryption
09:eb:e8:03:be:f2:40:ba:13:96:3d:79:f6:33:a8:30:dc:92:
56:e1:3e:be:78:27:1b:33:f6:96:ec:b3:df:2c:26:26:6d:36:
f5:c1:06:03:d9:91:de:2f:0a:a8:1b:4c:f0:2e:00:32:7d:45:
2b:da:b4:02:63:5b:7d:0b:af:1f:92:c9:72:79:2a:62:6e:01:
fc:21:c1:a1:b7:2a:fb:d1:4e:39:c6:12:d9:b1:f4:4f:cb:68:
ca:1b:c0:96:63:c7:ec:0f:c7:4d:68:1e:83:fd:31:69:7a:fb:
20:f5:ec:28:2f:94:4c:79:31:8b:c9:2c:c7:56:5c:cb:24:be:
35:d9:6f:45:43:5e:1e:ac:55:7d:bc:aa:c3:6f:1c:6b:2e:ab:
43:4d:13:d8:cd:4f:01:3f:85:41:09:18:dd:7c:be:fb:a2:4d:
37:dd:88:36:fd:0b:f2:a5:37:e4:13:ba:d4:d9:92:4e:e5:81:
c9:96:2c:9e:77:80:6e:81:00:93:3a:07:92:c0:da:92:21:14:
8f:98:1b:98:0e:6e:69:c3:73:25:c1:c3:0f:a0:c6:b4:b7:99:
a0:17:f2:bb:85:2c:45:b9:67:22:78:01:0a:85:9a:db:ae:28:
03:cb:5c:c5:ce:93:0a:a1:cb:f0:32:96:8e:ba:37:ca:d1:f3:
9c:ce:cd:d9
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAZMkzFAFWc2emXJ4s81jWTrpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNjFiODM3OGU4ZjM2OGFlNDk5OGQ1MWMzYTlhY2U2NDE0
OGQ2Y2QwHhcNMjQxMTEzMDkxMzA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTc2M2ExODAxNzUwYjhkMjJhNTg5Zjg5MWNiZjc3ZGI4ODE2NmEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA48+rEuHTQZOD3jhXD/BCGRiyQD1u
DdpWMR6S3WovUwvCutAh5SG0Ab3PoooxUpd2wSrTWEm2FSvgewJE6e1N+Wd0hYIB
OSEixkjwUtmCUxLJrPRcs776CVtGnxpqErM/3HFZCDVvkFBw6xk8jwigSUeUrBro
T/ZTPMzLBFaRF+mr9VSWTR+WL3xQ4D6hOaUvVkXjZp9tDXukHPZvp5oHK2Q34RNk
q5pohVNuaGKfnhMIxvnl9f7lBi9pDlN1nyETzy5wnd1bB64ZjH0XK+QhV3gCT1CL
GrxBlsDGI+K3i/BDJXdDTTAsm5PnPKnLGwhxUZzbkK0ydRm+FHL81GgAHwIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFHV2OhgBdQuNIqWJ+JHL9324gWagMB8GA1UdIwQY
MBaAFH1huDeOjzaK5JmNUcOprOZBSNbNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZldHNE40NlBOb3JrbVkxUnc2bXM1a0ZJMXMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZDgyMWItMzQ1Mi00MjdhLThlNDQt
ZDE2ZTRhZTYxZjgwLzEvZFhZNkdBRjFDNDBpcFluNGtjdjNmYmlCWnFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZDgyMWItMzQ1Mi00MjdhLThlNDQtZDE2ZTRhZTYxZjgw
LzEvZldHNE40NlBOb3JrbVkxUnc2bXM1a0ZJMXMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAsBAIAATAmAwQCuR+MAwQC
uTlUAwQCuWn0AwQCudngMAwDBAbVzMADBAPVzPAwDQQCAAIwBwMFAyoLzcAwDQYJ
KoZIhvcNAQELBQADggEBAAnr6AO+8kC6E5Y9efYzqDDcklbhPr54Jxsz9pbss98s
JiZtNvXBBgPZkd4vCqgbTPAuADJ9RSvatAJjW30Lrx+SyXJ5KmJuAfwhwaG3KvvR
TjnGEtmx9E/LaMobwJZjx+wPx01oHoP9MWl6+yD17CgvlEx5MYvJLMdWXMskvjXZ
b0VDXh6sVX28qsNvHGsuq0NNE9jNTwE/hUEJGN18vvuiTTfdiDb9C/KlN+QTutTZ
kk7lgcmWLJ53gG6BAJM6B5LA2pIhFI+YG5gObmnDcyXBww+gxrS3maAX8ruFLEW5
ZyJ4AQqFmtuuKAPLXMXOkwqhy/Aylo66N8rR85zOzdk=
-----END CERTIFICATE-----
Generated at Sun May 11 22:08:21 2025 by rpki-client