Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/5bf826-921e-44f5-af33-676b428925ab/1/DjrhI7JmgBrfv-lwmgHlSFqSk0I.roa
File: DjrhI7JmgBrfv-lwmgHlSFqSk0I.roa (raw, json)
Hash identifier: eFSzDep2NbcND/L+HB9zD0y1J0fXSQdElnTlbAFw3Vw=
Subject key identifier: 0E:3A:E1:23:B2:66:80:1A:DF:BF:E9:70:9A:01:E5:48:5A:92:93:42
Certificate issuer: /CN=d425900312ff3bda4d2f896f64df65646fd9c251
Certificate serial: 01856EC2115715BACC8E4F9DD5C01EF49A22
Authority key identifier: D4:25:90:03:12:FF:3B:DA:4D:2F:89:6F:64:DF:65:64:6F:D9:C2:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1CWQAxL_O9pNL4lvZN9lZG_ZwlE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/5bf826-921e-44f5-af33-676b428925ab/1/DjrhI7JmgBrfv-lwmgHlSFqSk0I.roa
Signing time: Sun 01 Jan 2023 19:14:50 +0000
ROA not before: Sun 01 Jan 2023 19:14:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25376
IP address blocks: 82.148.224.0/19 maxlen: 24
185.12.232.0/22 maxlen: 24
2a02:f0a0::/30 maxlen: 32
2a00:1b98::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:29:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:c2:11:57:15:ba:cc:8e:4f:9d:d5:c0:1e:f4:9a:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d425900312ff3bda4d2f896f64df65646fd9c251
Validity
Not Before: Jan 1 19:14:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0e3ae123b266801adfbfe9709a01e5485a929342
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:c7:ff:e6:17:88:56:e9:0a:55:b0:8e:7c:b9:
21:98:97:30:aa:38:f6:cf:93:53:6b:e3:fd:0f:d2:
6f:3d:c9:2c:14:01:53:45:f8:68:4c:56:96:c6:3b:
c7:66:6f:be:68:6b:ac:25:da:46:ba:48:c3:3e:86:
a7:5c:3b:a7:90:ae:cd:92:fc:37:38:ca:4c:a1:08:
4e:d5:60:10:5a:e5:d8:bf:5d:66:28:1c:9e:4b:e0:
a9:02:3e:5b:3e:0d:aa:aa:67:4a:d8:4c:a9:66:5f:
a3:76:77:69:d8:2e:ab:cb:a9:0a:5e:f4:63:d3:c7:
27:50:9c:38:43:39:8e:8a:0a:82:66:a0:82:7f:2f:
e0:a0:a2:bb:56:60:02:11:94:ee:53:6b:98:a3:07:
d3:a8:df:1b:df:22:c8:21:0d:99:0e:08:5f:10:ad:
1e:9b:e6:d4:df:08:b3:e9:7b:ad:05:2a:98:24:93:
af:47:fb:2f:9c:d8:93:e5:34:cf:76:fb:20:ea:cb:
c3:b1:9a:60:cb:37:6c:84:56:db:96:4b:84:17:d5:
7c:9f:d6:cd:2d:3e:bf:15:9a:2f:29:ad:50:b3:4b:
ef:ef:d7:d6:2e:7e:20:11:f2:0f:40:63:66:08:b6:
b1:b6:f9:9f:e0:cc:9d:5d:25:5b:46:e4:91:65:90:
58:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:3A:E1:23:B2:66:80:1A:DF:BF:E9:70:9A:01:E5:48:5A:92:93:42
X509v3 Authority Key Identifier:
keyid:D4:25:90:03:12:FF:3B:DA:4D:2F:89:6F:64:DF:65:64:6F:D9:C2:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1CWQAxL_O9pNL4lvZN9lZG_ZwlE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/5bf826-921e-44f5-af33-676b428925ab/1/DjrhI7JmgBrfv-lwmgHlSFqSk0I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/5bf826-921e-44f5-af33-676b428925ab/1/1CWQAxL_O9pNL4lvZN9lZG_ZwlE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.148.224.0/19
185.12.232.0/22
IPv6:
2a00:1b98::/32
2a02:f0a0::/30
Signature Algorithm: sha256WithRSAEncryption
9b:37:95:aa:da:55:f0:c6:73:0e:05:7e:52:33:6b:a0:a9:f0:
ff:31:00:4d:4c:af:9a:1e:66:e0:6d:00:ed:c5:35:42:98:7b:
42:31:94:9c:d6:d6:20:f4:2b:64:f8:25:e1:7f:41:74:5e:1d:
51:9c:c7:06:5a:de:73:71:15:54:db:9c:7d:81:b7:ae:0b:c5:
bd:05:35:04:f3:f5:ff:c2:2b:d4:8f:b6:1f:64:fc:0a:cc:d1:
09:57:68:73:7e:b7:6e:42:0f:d5:40:be:b1:13:e5:4f:22:26:
bc:2d:f8:60:ac:d1:ae:2b:61:77:04:3a:f6:5e:65:cf:67:1b:
2e:77:29:ac:06:00:7e:15:5b:a7:c1:2f:a5:e8:22:85:7f:35:
06:a9:ff:42:cc:c7:f9:a0:d3:e0:fd:04:9b:9a:cd:a6:44:84:
0c:4b:86:d6:84:24:aa:61:c1:88:18:24:ff:cd:d5:ad:54:e6:
ac:ec:aa:7d:f3:e4:a4:98:0d:c7:3a:93:e7:38:c7:73:27:4b:
c1:80:d1:31:c8:61:39:2c:f3:7c:56:2a:41:da:69:86:36:b6:
db:c9:20:31:00:56:c2:2b:c4:af:24:a1:4f:2d:3b:14:73:cc:
cf:7f:4a:81:59:9a:09:fa:85:b2:02:e7:27:d7:7c:d4:a6:90:
a2:bf:ef:78
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYVuwhFXFbrMjk+d1cAe9JoiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0MjU5MDAzMTJmZjNiZGE0ZDJmODk2ZjY0ZGY2NTY0NmZk
OWMyNTEwHhcNMjMwMTAxMTkxNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZTNhZTEyM2IyNjY4MDFhZGZiZmU5NzA5YTAxZTU0ODVhOTI5MzQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn8f/5heIVukKVbCOfLkhmJcwqjj2
z5NTa+P9D9JvPcksFAFTRfhoTFaWxjvHZm++aGusJdpGukjDPoanXDunkK7Nkvw3
OMpMoQhO1WAQWuXYv11mKByeS+CpAj5bPg2qqmdK2EypZl+jdndp2C6ry6kKXvRj
08cnUJw4QzmOigqCZqCCfy/goKK7VmACEZTuU2uYowfTqN8b3yLIIQ2ZDghfEK0e
m+bU3wiz6XutBSqYJJOvR/svnNiT5TTPdvsg6svDsZpgyzdshFbblkuEF9V8n9bN
LT6/FZovKa1Qs0vv79fWLn4gEfIPQGNmCLaxtvmf4MydXSVbRuSRZZBYfwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFA464SOyZoAa37/pcJoB5UhakpNCMB8GA1UdIwQY
MBaAFNQlkAMS/zvaTS+Jb2TfZWRv2cJRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUNXUUF4TF9POXBOTDRsdlpOOWxaR19ad2xFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy81YmY4MjYtOTIxZS00NGY1LWFmMzMt
Njc2YjQyODkyNWFiLzEvRGpyaEk3Sm1nQnJmdi1sd21nSGxTRnFTazBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy81YmY4MjYtOTIxZS00NGY1LWFmMzMtNjc2YjQyODkyNWFi
LzEvMUNXUUF4TF9POXBOTDRsdlpOOWxaR19ad2xFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQFUpTgAwQC
uQzoMBQEAgACMA4DBQAqABuYAwUCKgLwoDANBgkqhkiG9w0BAQsFAAOCAQEAmzeV
qtpV8MZzDgV+UjNroKnw/zEATUyvmh5m4G0A7cU1Qph7QjGUnNbWIPQrZPgl4X9B
dF4dUZzHBlrec3EVVNucfYG3rgvFvQU1BPP1/8Ir1I+2H2T8CszRCVdoc363bkIP
1UC+sRPlTyImvC34YKzRrithdwQ69l5lz2cbLncprAYAfhVbp8EvpegihX81Bqn/
QszH+aDT4P0Em5rNpkSEDEuG1oQkqmHBiBgk/83VrVTmrOyqffPkpJgNxzqT5zjH
cydLwYDRMchhOSzzfFYqQdpphja228kgMQBWwivEryShTy07FHPMz39KgVmaCfqF
sgLnJ9d81KaQor/veA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:20 2024 by rpki-client on console-ams.rpki-client.org