Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/b42949-ee0a-4123-87bf-30189a5a4eba/1/DBNKWtZ75XZO-r690n0yNsTXAcc.roa
File: DBNKWtZ75XZO-r690n0yNsTXAcc.roa (raw, json)
Hash identifier: 0dQAP6tKtR04YEIrVHCuOhWzgzn6hDYXw0uqTIVF9Fg=
Subject key identifier: 0C:13:4A:5A:D6:7B:E5:76:4E:FA:BE:BD:D2:7D:32:36:C4:D7:01:C7
Certificate issuer: /CN=a85310f503137ae8b35d4f329f46f069dd703815
Certificate serial: 019363D3DB089D09664EE1A4E16F624C0DFB
Authority key identifier: A8:53:10:F5:03:13:7A:E8:B3:5D:4F:32:9F:46:F0:69:DD:70:38:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qFMQ9QMTeuizXU8yn0bwad1wOBU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/b42949-ee0a-4123-87bf-30189a5a4eba/1/DBNKWtZ75XZO-r690n0yNsTXAcc.roa
Signing time: Mon 25 Nov 2024 14:57:28 +0000
ROA not before: Mon 25 Nov 2024 14:57:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197927
IP address blocks: 130.255.174.0/24 maxlen: 24
146.19.85.0/24 maxlen: 24
193.42.214.0/24 maxlen: 24
193.42.217.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 13:48:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:63:d3:db:08:9d:09:66:4e:e1:a4:e1:6f:62:4c:0d:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a85310f503137ae8b35d4f329f46f069dd703815
Validity
Not Before: Nov 25 14:57:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0c134a5ad67be5764efabebdd27d3236c4d701c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:33:40:6f:6c:a0:5b:65:5e:e5:cd:bf:a9:42:
41:46:8d:48:18:b4:6d:7e:1a:0f:5d:ee:78:5b:14:
72:68:cc:60:f7:70:eb:ff:04:1c:c8:f3:f5:d9:c1:
8e:57:5d:2b:37:f3:e8:d1:5b:74:5d:ea:c0:87:f5:
83:85:97:8c:8e:86:16:35:ed:84:31:13:96:bd:b3:
78:26:77:a2:c4:24:0c:be:f2:b4:7a:fc:9d:1e:8e:
4a:66:ed:ff:ce:4a:b6:61:fe:81:6a:3c:57:7a:a9:
c0:b5:88:08:7b:64:43:ca:38:2d:26:54:a6:e7:0d:
51:37:aa:fb:b7:8f:78:7f:71:de:e5:92:a8:35:48:
eb:e1:a2:2f:1a:b3:5b:00:44:fd:f8:56:d2:cf:0b:
28:69:5b:9b:a7:30:04:b7:86:42:98:8e:ec:a0:7f:
70:69:28:30:7d:a9:a1:37:86:52:e1:ff:58:b5:9f:
3e:5e:18:5e:50:9a:bd:e2:80:79:c6:ec:db:02:f5:
7f:8f:dc:92:04:82:02:32:b2:26:b4:52:9d:1c:31:
c8:71:87:fb:09:14:9e:45:83:de:a9:00:b2:a5:3e:
59:03:79:58:fa:f1:e6:8b:b0:fd:2b:08:46:29:88:
d4:fe:54:9c:d0:e3:e7:47:58:51:83:98:fb:c4:24:
6a:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:13:4A:5A:D6:7B:E5:76:4E:FA:BE:BD:D2:7D:32:36:C4:D7:01:C7
X509v3 Authority Key Identifier:
keyid:A8:53:10:F5:03:13:7A:E8:B3:5D:4F:32:9F:46:F0:69:DD:70:38:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qFMQ9QMTeuizXU8yn0bwad1wOBU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/b42949-ee0a-4123-87bf-30189a5a4eba/1/DBNKWtZ75XZO-r690n0yNsTXAcc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/b42949-ee0a-4123-87bf-30189a5a4eba/1/qFMQ9QMTeuizXU8yn0bwad1wOBU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
130.255.174.0/24
146.19.85.0/24
193.42.214.0/24
193.42.217.0/24
Signature Algorithm: sha256WithRSAEncryption
13:3e:f3:a2:19:23:f6:21:ab:16:08:92:7f:5a:a1:01:d9:25:
80:2d:99:a6:b2:53:63:38:b4:fb:b3:5a:62:3a:a8:f5:ec:89:
84:7e:54:4a:03:82:0d:c6:77:17:79:c3:81:a5:4d:84:04:97:
4c:4c:2e:1f:64:6c:2a:74:7c:61:e0:25:5e:d0:7d:7b:4c:7e:
23:04:97:ed:69:0b:48:14:89:f3:8f:1f:7d:ee:14:50:26:e2:
5b:28:b0:8f:66:05:56:5d:d6:64:a3:a0:68:cb:5b:54:d9:08:
5e:cd:ef:07:07:3e:8c:10:62:9c:91:d9:b4:df:bf:25:f8:bb:
b5:c6:1a:a9:45:52:7f:b4:a9:fa:75:d0:d6:cf:d0:a2:49:e7:
9e:cb:34:19:5b:27:be:29:46:a8:01:95:1e:57:b3:eb:41:0a:
b8:db:24:5b:21:46:35:2a:07:74:b6:df:50:54:1e:a2:cd:59:
bb:f2:f8:b8:7e:5f:7f:57:d8:92:76:bd:4f:00:7c:5e:1e:80:
47:8d:eb:10:43:08:0d:30:70:95:33:8c:a1:e1:83:40:a0:ee:
02:74:15:53:c8:d6:db:ad:13:87:02:34:d7:d1:ae:1f:6a:8d:
f8:df:78:72:ed:cc:c0:64:ff:07:13:8d:f6:83:6f:c4:83:fe:
d7:2a:f3:de
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZNj09sInQlmTuGk4W9iTA37MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4NTMxMGY1MDMxMzdhZThiMzVkNGYzMjlmNDZmMDY5ZGQ3
MDM4MTUwHhcNMjQxMTI1MTQ1NzI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzEzNGE1YWQ2N2JlNTc2NGVmYWJlYmRkMjdkMzIzNmM0ZDcwMWM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuzNAb2ygW2Ve5c2/qUJBRo1IGLRt
fhoPXe54WxRyaMxg93Dr/wQcyPP12cGOV10rN/Po0Vt0XerAh/WDhZeMjoYWNe2E
MROWvbN4JneixCQMvvK0evydHo5KZu3/zkq2Yf6BajxXeqnAtYgIe2RDyjgtJlSm
5w1RN6r7t494f3He5ZKoNUjr4aIvGrNbAET9+FbSzwsoaVubpzAEt4ZCmI7soH9w
aSgwfamhN4ZS4f9YtZ8+XhheUJq94oB5xuzbAvV/j9ySBIICMrImtFKdHDHIcYf7
CRSeRYPeqQCypT5ZA3lY+vHmi7D9KwhGKYjU/lSc0OPnR1hRg5j7xCRquwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFAwTSlrWe+V2Tvq+vdJ9MjbE1wHHMB8GA1UdIwQY
MBaAFKhTEPUDE3ros11PMp9G8GndcDgVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUZNUTlRTVRldWl6WFU4eW4wYndhZDF3T0JVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi9iNDI5NDktZWUwYS00MTIzLTg3YmYt
MzAxODlhNWE0ZWJhLzEvREJOS1d0Wjc1WFpPLXI2OTBuMHlOc1RYQWNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi9iNDI5NDktZWUwYS00MTIzLTg3YmYtMzAxODlhNWE0ZWJh
LzEvcUZNUTlRTVRldWl6WFU4eW4wYndhZDF3T0JVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAgv+uAwQA
khNVAwQAwSrWAwQAwSrZMA0GCSqGSIb3DQEBCwUAA4IBAQATPvOiGSP2IasWCJJ/
WqEB2SWALZmmslNjOLT7s1piOqj17ImEflRKA4INxncXecOBpU2EBJdMTC4fZGwq
dHxh4CVe0H17TH4jBJftaQtIFInzjx997hRQJuJbKLCPZgVWXdZko6Boy1tU2Qhe
ze8HBz6MEGKckdm0378l+Lu1xhqpRVJ/tKn6ddDWz9CiSeeeyzQZWye+KUaoAZUe
V7PrQQq42yRbIUY1Kgd0tt9QVB6izVm78vi4fl9/V9iSdr1PAHxeHoBHjesQQwgN
MHCVM4yh4YNAoO4CdBVTyNbbrROHAjTX0a4fao3433hy7czAZP8HE432g2/Eg/7X
KvPe
-----END CERTIFICATE-----
Generated at Tue Apr 8 15:33:02 2025 by rpki-client