Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/cfa9cd-8d7b-4a35-82d0-7bb365f34c6c/1/DegY8Rm_lXB85YbB33SfPLtTIRY.roa
File: DegY8Rm_lXB85YbB33SfPLtTIRY.roa (raw, json)
Hash identifier: vcQdF+9+Kvsv2/OcgN/ons8MQctxJY7zaSA9pZGiro0=
Subject key identifier: 0D:E8:18:F1:19:BF:95:70:7C:E5:86:C1:DF:74:9F:3C:BB:53:21:16
Certificate issuer: /CN=d0bfadf29239ed8cf3f6c693d8bdb79f42000abc
Certificate serial: 0192E1D40711794CEB85AA32A5E5465A369C
Authority key identifier: D0:BF:AD:F2:92:39:ED:8C:F3:F6:C6:93:D8:BD:B7:9F:42:00:0A:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0L-t8pI57Yzz9saT2L23n0IACrw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3f/cfa9cd-8d7b-4a35-82d0-7bb365f34c6c/1/DegY8Rm_lXB85YbB33SfPLtTIRY.roa
Signing time: Thu 31 Oct 2024 09:07:01 +0000
ROA not before: Thu 31 Oct 2024 09:07:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 38934
IP address blocks: 5.158.96.0/19 maxlen: 24
80.251.48.0/20 maxlen: 24
193.178.120.0/22 maxlen: 24
2a01:fc40::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 02 Jan 2025 11:49:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:e1:d4:07:11:79:4c:eb:85:aa:32:a5:e5:46:5a:36:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d0bfadf29239ed8cf3f6c693d8bdb79f42000abc
Validity
Not Before: Oct 31 09:07:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0de818f119bf95707ce586c1df749f3cbb532116
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:f6:0e:02:07:cd:da:13:be:f0:c8:f3:03:bb:
95:cd:21:c2:80:5d:ac:12:f4:a4:62:b2:22:cb:4a:
01:14:dc:11:3e:d1:c4:50:5a:68:3a:32:1b:30:00:
08:74:b2:08:93:2d:31:24:0a:ac:4c:87:ca:bd:a1:
3e:6c:53:b6:32:9b:9d:1e:46:f1:dd:be:bc:d3:fd:
ae:f9:0e:53:e5:25:58:36:45:33:d3:57:83:5b:c0:
a3:56:21:76:e9:f7:62:ae:0a:ba:11:2a:1a:2e:c4:
88:01:b1:ea:d6:88:73:4a:85:b5:37:f3:74:2a:5f:
64:84:c7:1c:0f:dc:c9:59:11:77:9a:57:1e:6d:97:
5d:30:9c:d1:05:20:dc:f4:c0:d2:74:b0:ec:8b:26:
fc:07:a1:08:2e:8f:70:8d:9b:26:3e:e4:f7:2f:a9:
50:81:68:2c:d1:2e:22:fc:49:48:c5:77:28:bd:3e:
e4:a6:a1:71:e7:1c:8b:26:45:f2:46:48:40:fb:9f:
9c:db:20:06:05:ef:b2:54:ad:50:77:3c:49:e0:4e:
d9:75:fc:28:fd:94:c6:92:f9:f3:35:2b:4c:e1:6e:
16:56:ae:af:de:db:83:63:c6:61:9c:d2:41:da:8d:
a8:ef:35:f3:e0:b8:bc:10:46:74:08:6a:51:86:30:
2c:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:E8:18:F1:19:BF:95:70:7C:E5:86:C1:DF:74:9F:3C:BB:53:21:16
X509v3 Authority Key Identifier:
keyid:D0:BF:AD:F2:92:39:ED:8C:F3:F6:C6:93:D8:BD:B7:9F:42:00:0A:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0L-t8pI57Yzz9saT2L23n0IACrw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/cfa9cd-8d7b-4a35-82d0-7bb365f34c6c/1/DegY8Rm_lXB85YbB33SfPLtTIRY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/cfa9cd-8d7b-4a35-82d0-7bb365f34c6c/1/0L-t8pI57Yzz9saT2L23n0IACrw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.158.96.0/19
80.251.48.0/20
193.178.120.0/22
IPv6:
2a01:fc40::/32
Signature Algorithm: sha256WithRSAEncryption
05:d9:5d:8c:45:f1:9d:64:78:ff:83:4c:a9:d6:d3:46:d6:2e:
30:f0:85:c0:62:f2:a2:55:44:05:15:d1:b7:ec:9b:a9:f5:83:
68:b4:c4:28:01:47:7e:1e:a9:6b:b2:6f:72:3a:58:67:43:82:
19:f3:df:6e:8c:a7:f7:ae:55:1b:1b:d8:f7:85:48:df:22:0e:
15:b0:25:9c:6b:de:51:4a:e7:82:8d:52:66:9c:cd:d9:41:65:
57:5d:4e:08:88:ce:2b:08:66:5c:ad:c3:25:23:3b:ae:ad:27:
67:f1:9a:2f:e0:95:7d:b1:75:e2:d7:22:5e:90:3f:e1:67:35:
c0:f1:a6:15:9d:80:f4:d8:eb:bc:a1:69:65:aa:8c:ae:6d:af:
8c:cc:0c:c7:9d:d1:54:87:bc:cc:a7:2f:cb:91:73:62:80:ad:
3f:bc:2a:63:d6:5b:90:1e:43:41:02:20:a4:0c:51:e7:ab:41:
8d:0c:b9:48:59:df:cb:1b:63:39:c1:8f:be:75:4a:cb:44:2d:
bc:16:a6:44:f1:43:4e:6c:19:d9:fb:43:99:1a:64:4e:e4:d7:
83:e0:dc:36:46:29:d0:a0:f1:b5:ee:26:77:50:40:47:75:60:
cc:1c:5c:6d:1c:4b:ba:79:69:89:d4:d7:b8:80:0a:cb:17:7c:
bc:4e:7a:04
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZLh1AcReUzrhaoypeVGWjacMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwYmZhZGYyOTIzOWVkOGNmM2Y2YzY5M2Q4YmRiNzlmNDIw
MDBhYmMwHhcNMjQxMDMxMDkwNzAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZGU4MThmMTE5YmY5NTcwN2NlNTg2YzFkZjc0OWYzY2JiNTMyMTE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv/YOAgfN2hO+8MjzA7uVzSHCgF2s
EvSkYrIiy0oBFNwRPtHEUFpoOjIbMAAIdLIIky0xJAqsTIfKvaE+bFO2MpudHkbx
3b680/2u+Q5T5SVYNkUz01eDW8CjViF26fdirgq6ESoaLsSIAbHq1ohzSoW1N/N0
Kl9khMccD9zJWRF3mlcebZddMJzRBSDc9MDSdLDsiyb8B6EILo9wjZsmPuT3L6lQ
gWgs0S4i/ElIxXcovT7kpqFx5xyLJkXyRkhA+5+c2yAGBe+yVK1QdzxJ4E7Zdfwo
/ZTGkvnzNStM4W4WVq6v3tuDY8ZhnNJB2o2o7zXz4Li8EEZ0CGpRhjAsNwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFA3oGPEZv5VwfOWGwd90nzy7UyEWMB8GA1UdIwQY
MBaAFNC/rfKSOe2M8/bGk9i9t59CAAq8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEwtdDhwSTU3WXp6OXNhVDJMMjNuMElBQ3J3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi9jZmE5Y2QtOGQ3Yi00YTM1LTgyZDAt
N2JiMzY1ZjM0YzZjLzEvRGVnWThSbV9sWEI4NVliQjMzU2ZQTHRUSVJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi9jZmE5Y2QtOGQ3Yi00YTM1LTgyZDAtN2JiMzY1ZjM0YzZj
LzEvMEwtdDhwSTU3WXp6OXNhVDJMMjNuMElBQ3J3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQFBZ5gAwQE
UPswAwQCwbJ4MA0EAgACMAcDBQAqAfxAMA0GCSqGSIb3DQEBCwUAA4IBAQAF2V2M
RfGdZHj/g0yp1tNG1i4w8IXAYvKiVUQFFdG37Jup9YNotMQoAUd+Hqlrsm9yOlhn
Q4IZ899ujKf3rlUbG9j3hUjfIg4VsCWca95RSueCjVJmnM3ZQWVXXU4IiM4rCGZc
rcMlIzuurSdn8Zov4JV9sXXi1yJekD/hZzXA8aYVnYD02Ou8oWllqoyuba+MzAzH
ndFUh7zMpy/LkXNigK0/vCpj1luQHkNBAiCkDFHnq0GNDLlIWd/LG2M5wY++dUrL
RC28FqZE8UNObBnZ+0OZGmRO5NeD4Nw2RinQoPG17iZ3UEBHdWDMHFxtHEu6eWmJ
1Ne4gArLF3y8TnoE
-----END CERTIFICATE-----
Generated at Sat Apr 19 15:15:26 2025 by rpki-client