Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/01b1ef-233b-4d6f-8dcf-ceec49124c0f/1/DpvGmEKIILSeN3IWSXO5h2yFvKE.roa
File: DpvGmEKIILSeN3IWSXO5h2yFvKE.roa (raw, json)
Hash identifier: HeS6u5l2waHtWHfNYX8EtU+BmINL878pupN4OLaFxGA=
Subject key identifier: 0E:9B:C6:98:42:88:20:B4:9E:37:72:16:49:73:B9:87:6C:85:BC:A1
Certificate issuer: /CN=49dd8f1a62a5d7f80212de0f3efe75b2fa338ffe
Certificate serial: 0192AF63A96FB8651EE07805F7DDE31BB5C1
Authority key identifier: 49:DD:8F:1A:62:A5:D7:F8:02:12:DE:0F:3E:FE:75:B2:FA:33:8F:FE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Sd2PGmKl1_gCEt4PPv51svozj_4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/06/01b1ef-233b-4d6f-8dcf-ceec49124c0f/1/DpvGmEKIILSeN3IWSXO5h2yFvKE.roa
Signing time: Mon 21 Oct 2024 14:03:17 +0000
ROA not before: Mon 21 Oct 2024 14:03:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215597
IP address blocks: 82.199.222.0/24 maxlen: 24
82.199.223.0/24 maxlen: 24
212.95.142.0/24 maxlen: 24
212.95.148.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 24 Oct 2024 06:15:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:af:63:a9:6f:b8:65:1e:e0:78:05:f7:dd:e3:1b:b5:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=49dd8f1a62a5d7f80212de0f3efe75b2fa338ffe
Validity
Not Before: Oct 21 14:03:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0e9bc698428820b49e3772164973b9876c85bca1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:da:71:89:05:98:dc:0d:e4:87:0b:6a:3b:f0:
87:b2:82:87:9f:00:b0:83:f2:87:39:f5:c2:64:80:
48:a4:2b:14:43:28:50:49:14:0b:7c:52:b5:f0:fa:
a0:68:9d:4b:2c:ee:8c:fb:2b:64:6d:9c:e9:2d:14:
86:36:ab:20:fe:cf:b7:82:9a:89:19:f9:e0:82:24:
9a:4d:67:fa:b2:97:c0:b7:b1:a4:96:a7:0c:05:3a:
1c:98:2a:96:64:00:84:3d:da:97:f4:66:64:f9:25:
3a:11:b7:3c:aa:29:bc:08:c6:fa:0f:9e:3f:3e:8b:
9b:7d:f6:a5:85:1d:5b:94:e0:13:a9:c0:af:14:5a:
7a:91:43:04:0c:3d:60:ab:3a:89:b1:f9:7a:91:74:
6c:ec:09:fa:2c:17:dc:76:98:9b:a9:8e:4b:55:a8:
de:55:1d:4c:96:8a:b9:8a:64:37:3b:f8:17:de:44:
a0:ac:de:cf:0b:f7:8c:f7:b0:b3:46:ab:06:1e:73:
e2:17:d1:95:16:e0:df:94:87:b8:8c:83:f3:71:28:
4a:44:b2:82:62:d4:b3:b3:00:31:d0:a5:62:ca:0c:
6f:9b:80:5e:12:c7:9d:2e:0e:c4:49:b5:70:42:1f:
96:39:a3:6a:d8:2b:ab:1e:be:d4:a5:4c:68:a5:5e:
6b:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:9B:C6:98:42:88:20:B4:9E:37:72:16:49:73:B9:87:6C:85:BC:A1
X509v3 Authority Key Identifier:
keyid:49:DD:8F:1A:62:A5:D7:F8:02:12:DE:0F:3E:FE:75:B2:FA:33:8F:FE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Sd2PGmKl1_gCEt4PPv51svozj_4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/01b1ef-233b-4d6f-8dcf-ceec49124c0f/1/DpvGmEKIILSeN3IWSXO5h2yFvKE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/06/01b1ef-233b-4d6f-8dcf-ceec49124c0f/1/Sd2PGmKl1_gCEt4PPv51svozj_4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.199.222.0/23
212.95.142.0/24
212.95.148.0/24
Signature Algorithm: sha256WithRSAEncryption
12:ee:22:f5:59:7e:e2:ab:f1:d4:cb:ca:cb:dc:8f:26:ee:61:
58:f8:88:3a:8b:4a:81:8c:a8:4d:03:c2:9c:42:94:8e:f2:1d:
37:62:ad:0a:e1:64:c9:53:b4:f2:a5:26:c5:88:51:4f:5d:4f:
fa:f1:2b:df:7e:2a:50:6f:a7:b5:8f:23:7c:4f:1a:b7:bf:7d:
ff:f9:21:6e:ca:f4:89:98:dd:90:42:b2:48:bd:a6:e6:0d:64:
7d:f9:e8:f4:3a:56:7c:28:d9:43:65:76:a3:16:29:d2:f3:fa:
4f:d3:63:2a:af:a4:25:ac:2d:1d:f9:81:87:ad:ae:f1:33:49:
e3:84:cc:82:3e:16:2b:3f:dd:7c:a1:f4:b9:2d:3a:78:67:42:
23:dc:be:3f:06:22:d2:94:a9:95:a3:40:d9:bf:dd:f5:e2:a9:
b1:15:5a:74:29:f9:8a:b1:a8:b1:b5:ea:9b:3b:a9:16:a3:f5:
ae:5e:ec:4c:bd:7b:57:0b:dd:e4:df:0e:bc:3c:8a:cb:d1:ea:
0c:8f:04:7a:8c:ca:24:06:73:c7:a0:cb:f8:20:36:9a:96:18:
51:a4:c3:94:58:65:1d:fc:12:34:e6:4c:e6:1f:97:ef:b2:a1:
87:93:9e:ae:b4:74:c7:56:99:47:60:ef:af:10:55:f4:73:5f:
cc:88:1f:d0
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZKvY6lvuGUe4HgF993jG7XBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ZGQ4ZjFhNjJhNWQ3ZjgwMjEyZGUwZjNlZmU3NWIyZmEz
MzhmZmUwHhcNMjQxMDIxMTQwMzE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZTliYzY5ODQyODgyMGI0OWUzNzcyMTY0OTczYjk4NzZjODViY2ExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvdpxiQWY3A3khwtqO/CHsoKHnwCw
g/KHOfXCZIBIpCsUQyhQSRQLfFK18PqgaJ1LLO6M+ytkbZzpLRSGNqsg/s+3gpqJ
GfnggiSaTWf6spfAt7GklqcMBTocmCqWZACEPdqX9GZk+SU6Ebc8qim8CMb6D54/
PoubffalhR1blOATqcCvFFp6kUMEDD1gqzqJsfl6kXRs7An6LBfcdpibqY5LVaje
VR1Mloq5imQ3O/gX3kSgrN7PC/eM97CzRqsGHnPiF9GVFuDflIe4jIPzcShKRLKC
YtSzswAx0KViygxvm4BeEsedLg7ESbVwQh+WOaNq2CurHr7UpUxopV5rdQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFA6bxphCiCC0njdyFklzuYdshbyhMB8GA1UdIwQY
MBaAFEndjxpipdf4AhLeDz7+dbL6M4/+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2QyUEdtS2wxX2dDRXQ0UFB2NTFzdm96al80LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi8wMWIxZWYtMjMzYi00ZDZmLThkY2Yt
Y2VlYzQ5MTI0YzBmLzEvRHB2R21FS0lJTFNlTjNJV1NYTzVoMnlGdktFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi8wMWIxZWYtMjMzYi00ZDZmLThkY2YtY2VlYzQ5MTI0YzBm
LzEvU2QyUEdtS2wxX2dDRXQ0UFB2NTFzdm96al80LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBUsfeAwQA
1F+OAwQA1F+UMA0GCSqGSIb3DQEBCwUAA4IBAQAS7iL1WX7iq/HUy8rL3I8m7mFY
+Ig6i0qBjKhNA8KcQpSO8h03Yq0K4WTJU7TypSbFiFFPXU/68SvffipQb6e1jyN8
Txq3v33/+SFuyvSJmN2QQrJIvabmDWR9+ej0OlZ8KNlDZXajFinS8/pP02Mqr6Ql
rC0d+YGHra7xM0njhMyCPhYrP918ofS5LTp4Z0Ij3L4/BiLSlKmVo0DZv9314qmx
FVp0KfmKsaixteqbO6kWo/WuXuxMvXtXC93k3w68PIrL0eoMjwR6jMokBnPHoMv4
IDaalhhRpMOUWGUd/BI05kzmH5fvsqGHk56utHTHVplHYO+vEFX0c1/MiB/Q
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:48:17 2025 by rpki-client