Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/badedf-d0e9-45a9-af75-10edb541e6ff/1/dcdif1aPOuOvOs-Wv-7vox4UdOU.roa
File: dcdif1aPOuOvOs-Wv-7vox4UdOU.roa (raw, json)
Hash identifier: bDeRFbVwNu4DDzSpUV1RmsRn7sAtCXzoD30RoGoMxx8=
Subject key identifier: 75:C7:62:7F:56:8F:3A:E3:AF:3A:CF:96:BF:EE:EF:A3:1E:14:74:E5
Certificate issuer: /CN=306c0866dc25208e6c07d4a21d7d8050b508d6a2
Certificate serial: 018CC94D9E9C4A20617E7468719CC71752D0
Authority key identifier: 30:6C:08:66:DC:25:20:8E:6C:07:D4:A2:1D:7D:80:50:B5:08:D6:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MGwIZtwlII5sB9SiHX2AULUI1qI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/badedf-d0e9-45a9-af75-10edb541e6ff/1/dcdif1aPOuOvOs-Wv-7vox4UdOU.roa
Signing time: Tue 02 Jan 2024 08:32:36 +0000
ROA not before: Tue 02 Jan 2024 08:32:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43350
IP address blocks: 185.56.80.0/24 maxlen: 24
2a06:e80::/36 maxlen: 36
Validation: Failed, certificate revoked on Thu 02 Jan 2025 17:49:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4d:9e:9c:4a:20:61:7e:74:68:71:9c:c7:17:52:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=306c0866dc25208e6c07d4a21d7d8050b508d6a2
Validity
Not Before: Jan 2 08:32:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=75c7627f568f3ae3af3acf96bfeeefa31e1474e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:81:88:ad:54:e3:db:f0:0e:5e:5c:85:b8:cb:
21:6d:59:68:65:38:28:4e:98:c6:d4:5a:07:15:5a:
5c:a1:a6:e8:0a:95:3e:48:1f:0e:90:4e:b2:f2:bc:
a5:1e:7e:00:27:db:a2:5d:76:3c:52:04:8e:56:d7:
d0:20:02:6d:77:13:63:92:d2:85:6b:d7:c1:92:34:
b3:b1:ba:11:a3:f8:31:d9:f3:74:40:e9:1b:26:70:
c6:05:c6:0a:26:2a:bb:c8:f8:20:bc:55:51:ff:7f:
df:dc:72:3c:3e:5a:3f:37:fb:87:b0:f3:58:bf:3e:
ba:9f:44:bf:7b:af:e4:e3:de:65:86:fe:6a:bf:ed:
84:4a:17:d8:2a:0a:21:8c:8c:1f:8b:d0:7c:0c:19:
c4:9d:29:b0:98:ad:55:6d:3a:8c:35:de:05:b0:18:
0b:a0:23:8a:49:f2:57:e1:d5:12:f7:71:ba:67:cb:
4b:7d:cc:ed:61:01:44:03:97:f3:c7:dd:c2:de:9d:
4b:ab:14:ff:21:98:dd:83:c0:96:c9:9f:1d:d5:d3:
eb:ab:5d:ab:5a:66:b8:81:c5:e1:b3:98:a3:81:35:
04:47:a4:d2:b8:a2:5b:53:bb:12:eb:12:b8:6a:56:
30:13:b6:81:c3:2b:28:11:52:a2:4d:d9:38:9a:c6:
ae:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:C7:62:7F:56:8F:3A:E3:AF:3A:CF:96:BF:EE:EF:A3:1E:14:74:E5
X509v3 Authority Key Identifier:
keyid:30:6C:08:66:DC:25:20:8E:6C:07:D4:A2:1D:7D:80:50:B5:08:D6:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MGwIZtwlII5sB9SiHX2AULUI1qI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/badedf-d0e9-45a9-af75-10edb541e6ff/1/dcdif1aPOuOvOs-Wv-7vox4UdOU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/04/badedf-d0e9-45a9-af75-10edb541e6ff/1/MGwIZtwlII5sB9SiHX2AULUI1qI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.56.80.0/24
IPv6:
2a06:e80::/36
Signature Algorithm: sha256WithRSAEncryption
7b:23:64:5b:25:67:4c:cb:b4:86:06:f5:f2:a2:b5:3d:9e:18:
3a:9e:aa:60:57:20:1c:79:d2:19:8e:cd:a9:f3:30:b9:49:e2:
fc:8d:b9:1d:ea:3d:4b:99:d4:c2:8f:b2:cc:a7:fc:90:15:a3:
d4:b9:a4:93:91:7c:66:2a:ea:90:2f:14:04:29:c7:a3:b6:61:
51:d6:74:2b:e8:af:df:0d:ab:72:f6:94:2e:93:03:7c:d2:c6:
2f:5a:93:a0:d2:a2:46:48:8c:b5:4b:23:77:61:3a:72:8f:3e:
55:96:86:6b:cc:f0:ad:06:76:e6:62:fd:67:70:69:9d:44:ef:
24:cc:1a:f5:c3:04:83:bb:f0:a9:29:23:79:98:7f:4f:00:eb:
25:fe:3e:b7:ef:0a:87:bb:46:77:9b:6c:04:12:ee:49:c9:61:
94:8d:1e:e3:28:97:50:5e:8c:a5:7f:ed:d3:10:b7:48:7f:a5:
b8:b0:ca:dd:3e:0a:08:b0:d2:96:5d:ed:dc:f5:e4:a9:7e:89:
58:87:2b:64:99:c9:bc:af:e8:f3:e6:b4:34:97:72:0c:e9:e7:
c8:3f:75:96:7f:29:f6:96:65:e1:35:2a:a0:2a:44:ee:bc:bd:
7b:ee:d0:50:ba:e0:d3:e1:ee:98:5e:b7:82:63:46:96:32:c3:
6e:e9:91:79
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYzJTZ6cSiBhfnRocZzHF1LQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwNmMwODY2ZGMyNTIwOGU2YzA3ZDRhMjFkN2Q4MDUwYjUw
OGQ2YTIwHhcNMjQwMTAyMDgzMjM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NWM3NjI3ZjU2OGYzYWUzYWYzYWNmOTZiZmVlZWZhMzFlMTQ3NGU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgoGIrVTj2/AOXlyFuMshbVloZTgo
TpjG1FoHFVpcoaboCpU+SB8OkE6y8rylHn4AJ9uiXXY8UgSOVtfQIAJtdxNjktKF
a9fBkjSzsboRo/gx2fN0QOkbJnDGBcYKJiq7yPggvFVR/3/f3HI8Plo/N/uHsPNY
vz66n0S/e6/k495lhv5qv+2EShfYKgohjIwfi9B8DBnEnSmwmK1VbTqMNd4FsBgL
oCOKSfJX4dUS93G6Z8tLfcztYQFEA5fzx93C3p1LqxT/IZjdg8CWyZ8d1dPrq12r
Wma4gcXhs5ijgTUER6TSuKJbU7sS6xK4alYwE7aBwysoEVKiTdk4msauOQIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFHXHYn9WjzrjrzrPlr/u76MeFHTlMB8GA1UdIwQY
MBaAFDBsCGbcJSCObAfUoh19gFC1CNaiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUd3SVp0d2xJSTVzQjlTaUhYMkFVTFVJMXFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC9iYWRlZGYtZDBlOS00NWE5LWFmNzUt
MTBlZGI1NDFlNmZmLzEvZGNkaWYxYVBPdU92T3MtV3YtN3ZveDRVZE9VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC9iYWRlZGYtZDBlOS00NWE5LWFmNzUtMTBlZGI1NDFlNmZm
LzEvTUd3SVp0d2xJSTVzQjlTaUhYMkFVTFVJMXFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQAuThQMA4E
AgACMAgDBgQqBg6AADANBgkqhkiG9w0BAQsFAAOCAQEAeyNkWyVnTMu0hgb18qK1
PZ4YOp6qYFcgHHnSGY7NqfMwuUni/I25Heo9S5nUwo+yzKf8kBWj1Lmkk5F8Zirq
kC8UBCnHo7ZhUdZ0K+iv3w2rcvaULpMDfNLGL1qToNKiRkiMtUsjd2E6co8+VZaG
a8zwrQZ25mL9Z3BpnUTvJMwa9cMEg7vwqSkjeZh/TwDrJf4+t+8Kh7tGd5tsBBLu
SclhlI0e4yiXUF6MpX/t0xC3SH+luLDK3T4KCLDSll3t3PXkqX6JWIcrZJnJvK/o
8+a0NJdyDOnnyD91ln8p9pZl4TUqoCpE7ry9e+7QULrg0+HumF63gmNGljLDbumR
eQ==
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:52:12 2025 by rpki-client