Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/9c27e4-d7b1-43c1-a38f-94914f5ddb3c/1/w_Dl_maDTTUJ-Qd3lw0WU1k-0iE.roa
File: w_Dl_maDTTUJ-Qd3lw0WU1k-0iE.roa (raw, json)
Hash identifier: VC+rfpe7yGkQXv+85xFyg1AafdOVRcSqn2kkpfysukU=
Subject key identifier: C3:F0:E5:FE:66:83:4D:35:09:F9:07:77:97:0D:16:53:59:3E:D2:21
Certificate issuer: /CN=320b24a740f2e61632050adc146c1ee6a3e686c5
Certificate serial: 018CCA29D9170B243F39518E8ECD5E86953A
Authority key identifier: 32:0B:24:A7:40:F2:E6:16:32:05:0A:DC:14:6C:1E:E6:A3:E6:86:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Mgskp0Dy5hYyBQrcFGwe5qPmhsU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/9c27e4-d7b1-43c1-a38f-94914f5ddb3c/1/w_Dl_maDTTUJ-Qd3lw0WU1k-0iE.roa
Signing time: Tue 02 Jan 2024 12:33:09 +0000
ROA not before: Tue 02 Jan 2024 12:33:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 13242
IP address blocks: 85.254.240.0/21 maxlen: 21
85.254.204.0/23 maxlen: 23
85.254.200.0/22 maxlen: 22
85.254.238.0/23 maxlen: 23
Validation: Failed, certificate revoked on Wed 01 Jan 2025 11:48:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:29:d9:17:0b:24:3f:39:51:8e:8e:cd:5e:86:95:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=320b24a740f2e61632050adc146c1ee6a3e686c5
Validity
Not Before: Jan 2 12:33:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c3f0e5fe66834d3509f90777970d1653593ed221
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:61:53:de:8a:ae:20:e0:9b:51:d5:81:f3:71:
d1:16:3e:e0:b0:58:5b:85:d7:ee:c0:99:9c:0a:f5:
67:51:a9:21:d8:87:58:f1:dd:60:98:df:fc:3a:60:
ee:ec:76:3b:bc:e1:c5:2f:76:0b:cf:26:d2:e1:21:
a0:1f:49:9c:d2:67:e0:3e:4d:74:ef:a9:7d:4b:3b:
61:06:18:f6:a4:67:20:c3:b8:ac:f3:96:70:98:6d:
1d:40:23:99:b7:cc:d2:47:31:fb:53:6e:0e:22:c9:
8d:9d:95:b1:e8:38:84:cf:95:9e:14:dc:70:c8:49:
4e:72:d9:04:1c:9b:47:ca:c0:f0:fa:c7:f4:bc:87:
f7:6d:5e:e1:8f:6d:76:a8:b9:b4:ff:33:63:30:93:
3a:a7:e0:c1:57:27:76:b8:5f:a5:f7:d7:96:83:b8:
c2:c5:99:4e:02:8d:46:e8:40:48:38:b8:8c:47:fa:
f2:6d:91:e0:d3:de:aa:e1:26:95:36:ad:1c:68:ee:
1b:21:a9:6c:9e:10:9e:a4:33:10:88:90:87:c9:04:
9c:ee:33:48:78:8f:55:98:58:5e:ef:75:03:c3:d8:
bd:9f:b3:83:3f:c9:b8:ed:1b:c9:0f:c0:e5:eb:e5:
7e:b3:c6:4d:7d:f8:5e:02:e4:80:7e:6e:9b:3f:c6:
14:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:F0:E5:FE:66:83:4D:35:09:F9:07:77:97:0D:16:53:59:3E:D2:21
X509v3 Authority Key Identifier:
keyid:32:0B:24:A7:40:F2:E6:16:32:05:0A:DC:14:6C:1E:E6:A3:E6:86:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Mgskp0Dy5hYyBQrcFGwe5qPmhsU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/9c27e4-d7b1-43c1-a38f-94914f5ddb3c/1/w_Dl_maDTTUJ-Qd3lw0WU1k-0iE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/9c27e4-d7b1-43c1-a38f-94914f5ddb3c/1/Mgskp0Dy5hYyBQrcFGwe5qPmhsU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.254.200.0-85.254.205.255
85.254.238.0-85.254.247.255
Signature Algorithm: sha256WithRSAEncryption
29:17:c2:66:9c:0d:ea:d0:b7:92:66:bc:e3:f2:e1:bd:54:f7:
79:2a:a8:48:1d:f3:c9:4b:26:03:42:56:81:16:bb:c2:10:14:
3b:04:5a:3e:ab:d6:5f:68:8a:33:cf:bf:02:2f:3e:c5:9a:9b:
73:ea:c8:57:5a:20:62:58:7a:7d:1d:1a:5b:70:ea:b5:ed:7f:
9e:6e:c6:64:14:30:66:6e:fe:65:76:fe:c2:03:fb:c4:27:89:
17:d3:72:1f:34:21:74:87:79:c5:a3:17:65:66:4d:5a:82:f7:
02:03:d0:87:d1:1a:08:9e:55:25:cc:f0:6b:cf:2b:25:9c:d6:
d8:ae:1d:1c:bc:16:c8:98:ec:f3:84:ab:70:cc:8e:a9:12:35:
14:5f:75:9b:12:d7:77:6a:4a:45:8f:6a:34:9e:0f:d2:f5:3c:
61:3e:c8:b5:4c:60:51:0c:23:18:a0:5b:28:ce:48:66:90:94:
fe:dc:9d:ee:8d:c9:7d:1c:19:4a:d9:f5:95:e0:96:ef:79:9e:
21:a8:11:9e:46:f4:c4:7f:32:d4:2f:b8:f4:59:60:cd:48:67:
09:a2:5b:02:f7:98:b1:67:56:fd:5b:3d:4a:e0:69:c4:7f:78:
58:6f:73:05:96:72:c6:31:a7:45:1a:71:2b:0b:c8:2b:a0:7f:
12:a7:e5:ac
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYzKKdkXCyQ/OVGOjs1ehpU6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyMGIyNGE3NDBmMmU2MTYzMjA1MGFkYzE0NmMxZWU2YTNl
Njg2YzUwHhcNMjQwMTAyMTIzMzA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjM2YwZTVmZTY2ODM0ZDM1MDlmOTA3Nzc5NzBkMTY1MzU5M2VkMjIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn2FT3oquIOCbUdWB83HRFj7gsFhb
hdfuwJmcCvVnUakh2IdY8d1gmN/8OmDu7HY7vOHFL3YLzybS4SGgH0mc0mfgPk10
76l9SzthBhj2pGcgw7is85ZwmG0dQCOZt8zSRzH7U24OIsmNnZWx6DiEz5WeFNxw
yElOctkEHJtHysDw+sf0vIf3bV7hj212qLm0/zNjMJM6p+DBVyd2uF+l99eWg7jC
xZlOAo1G6EBIOLiMR/rybZHg096q4SaVNq0caO4bIalsnhCepDMQiJCHyQSc7jNI
eI9VmFhe73UDw9i9n7ODP8m47RvJD8Dl6+V+s8ZNffheAuSAfm6bP8YU6QIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFMPw5f5mg001CfkHd5cNFlNZPtIhMB8GA1UdIwQY
MBaAFDILJKdA8uYWMgUK3BRsHuaj5obFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWdza3AwRHk1aFl5QlFyY0ZHd2U1cVBtaHNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy85YzI3ZTQtZDdiMS00M2MxLWEzOGYt
OTQ5MTRmNWRkYjNjLzEvd19EbF9tYURUVFVKLVFkM2x3MFdVMWstMGlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy85YzI3ZTQtZDdiMS00M2MxLWEzOGYtOTQ5MTRmNWRkYjNj
LzEvTWdza3AwRHk1aFl5QlFyY0ZHd2U1cVBtaHNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAATAcMAwDBANV/sgD
BAFV/swwDAMEAVX+7gMEA1X+8DANBgkqhkiG9w0BAQsFAAOCAQEAKRfCZpwN6tC3
kma84/LhvVT3eSqoSB3zyUsmA0JWgRa7whAUOwRaPqvWX2iKM8+/Ai8+xZqbc+rI
V1ogYlh6fR0aW3Dqte1/nm7GZBQwZm7+ZXb+wgP7xCeJF9NyHzQhdId5xaMXZWZN
WoL3AgPQh9EaCJ5VJczwa88rJZzW2K4dHLwWyJjs84SrcMyOqRI1FF91mxLXd2pK
RY9qNJ4P0vU8YT7ItUxgUQwjGKBbKM5IZpCU/tyd7o3JfRwZStn1leCW73meIagR
nkb0xH8y1C+49FlgzUhnCaJbAveYsWdW/Vs9SuBpxH94WG9zBZZyxjGnRRpxKwvI
K6B/EqflrA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:08:44 2025 by rpki-client