Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/53fb34-25db-4684-984f-3b445f29f5b7/1/bDmpuQYn9BuDLErflk3RspTqdis.roa
File: bDmpuQYn9BuDLErflk3RspTqdis.roa (raw, json)
Hash identifier: +Ph1flofIRnVATe1+DXhhiMmz8tMwrj3F1iln7OdC5k=
Subject key identifier: 6C:39:A9:B9:06:27:F4:1B:83:2C:4A:DF:96:4D:D1:B2:94:EA:76:2B
Certificate issuer: /CN=7df904ab14066c7a9fe61a521d5492a0e52965ca
Certificate serial: 018ED387F73755323773F691893A18B8993B
Authority key identifier: 7D:F9:04:AB:14:06:6C:7A:9F:E6:1A:52:1D:54:92:A0:E5:29:65:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ffkEqxQGbHqf5hpSHVSSoOUpZco.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/53fb34-25db-4684-984f-3b445f29f5b7/1/bDmpuQYn9BuDLErflk3RspTqdis.roa
Signing time: Fri 12 Apr 2024 18:18:06 +0000
ROA not before: Fri 12 Apr 2024 18:18:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201642
IP address blocks: 121.127.36.0/24 maxlen: 24
185.249.100.0/23 maxlen: 23
185.249.102.0/23 maxlen: 23
194.164.0.0/23 maxlen: 23
2a14:3200:2a14::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 18 Apr 2024 10:04:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:d3:87:f7:37:55:32:37:73:f6:91:89:3a:18:b8:99:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7df904ab14066c7a9fe61a521d5492a0e52965ca
Validity
Not Before: Apr 12 18:18:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6c39a9b90627f41b832c4adf964dd1b294ea762b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:3a:ad:19:e5:5b:95:67:f8:e8:68:e2:60:02:
81:78:43:fc:0d:a2:29:cd:a8:3f:15:5a:6b:e6:0c:
00:e0:44:a1:80:49:49:c9:21:8f:a1:84:d1:82:3d:
4b:b8:47:91:23:02:aa:ee:f4:14:e8:cd:ab:92:3f:
05:53:8c:04:0d:05:2f:36:19:68:d2:33:9f:19:42:
60:e4:e3:13:38:25:32:ba:f4:e6:ed:95:10:a6:0b:
ed:21:84:53:09:b0:c7:d4:a2:c0:35:05:58:24:f0:
78:04:3e:da:43:aa:6c:6c:da:8e:e9:8c:00:04:45:
0e:b8:09:18:9a:30:2d:02:3a:a4:9b:71:0c:b5:44:
d2:fa:04:32:0c:76:16:38:75:b6:d0:36:14:52:6c:
76:15:c8:60:ff:0e:39:47:dc:ab:88:87:7f:9f:30:
6c:81:97:4d:4c:c1:1c:c9:2f:d9:35:3b:93:cf:1e:
f2:9e:d9:44:51:96:1f:92:a4:f4:85:f0:71:df:67:
b4:c0:3f:2b:7f:88:ea:4b:96:99:4c:77:92:17:37:
fe:2d:92:b5:e9:a1:dc:e2:71:2b:ed:5b:a1:da:23:
80:e3:52:26:ea:a5:2f:d1:0f:c6:ed:3b:2d:dd:27:
48:42:1b:ac:e4:e4:1f:48:ec:b9:3b:ad:42:40:75:
f6:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:39:A9:B9:06:27:F4:1B:83:2C:4A:DF:96:4D:D1:B2:94:EA:76:2B
X509v3 Authority Key Identifier:
keyid:7D:F9:04:AB:14:06:6C:7A:9F:E6:1A:52:1D:54:92:A0:E5:29:65:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ffkEqxQGbHqf5hpSHVSSoOUpZco.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/53fb34-25db-4684-984f-3b445f29f5b7/1/bDmpuQYn9BuDLErflk3RspTqdis.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/53fb34-25db-4684-984f-3b445f29f5b7/1/ffkEqxQGbHqf5hpSHVSSoOUpZco.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
121.127.36.0/24
185.249.100.0/22
194.164.0.0/23
IPv6:
2a14:3200:2a14::/48
Signature Algorithm: sha256WithRSAEncryption
63:72:96:ad:95:9a:3c:26:6f:93:8c:9e:29:dd:f7:d3:7c:ca:
0a:d1:a4:57:02:2f:c0:7a:16:75:f9:b4:9b:54:09:d4:18:72:
cb:10:f8:0a:bb:aa:ca:4a:c6:c4:e4:5c:05:ac:ea:99:8b:d2:
e5:ce:31:99:cf:03:2e:fc:73:d3:2d:00:36:30:23:2e:32:68:
8d:5d:90:c0:74:7c:b0:e1:a9:8c:b7:5f:2e:3d:5f:a8:30:ea:
3c:5f:90:36:b2:81:fe:79:67:43:91:32:42:17:4a:4c:9e:9b:
91:ec:36:9c:49:cc:4d:99:49:4d:84:ff:6b:55:27:69:1b:c1:
36:bf:d9:08:cf:dc:3b:72:68:76:19:42:5c:9e:d8:ea:48:56:
58:93:95:ad:a2:e7:6f:7d:67:23:93:dc:91:57:f3:d7:86:f2:
eb:1f:36:e5:95:b0:2f:cf:9f:44:75:8a:e7:9a:1f:62:e8:d2:
ae:d2:05:ea:b5:da:e6:2c:30:f9:c7:09:a2:ba:f1:04:27:0e:
07:fa:19:6e:19:8c:86:55:f2:b5:d4:f6:32:76:b9:7e:c9:b2:
3d:58:16:6e:97:04:9b:b6:a2:4a:1a:60:a2:20:53:d3:05:5e:
59:a8:fa:74:5b:07:fc:3a:cb:ee:a9:cb:8c:7c:fc:bd:df:42:
35:fe:f6:b1
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAY7Th/c3VTI3c/aRiToYuJk7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkZjkwNGFiMTQwNjZjN2E5ZmU2MWE1MjFkNTQ5MmEwZTUy
OTY1Y2EwHhcNMjQwNDEyMTgxODA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzM5YTliOTA2MjdmNDFiODMyYzRhZGY5NjRkZDFiMjk0ZWE3NjJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoTqtGeVblWf46GjiYAKBeEP8DaIp
zag/FVpr5gwA4EShgElJySGPoYTRgj1LuEeRIwKq7vQU6M2rkj8FU4wEDQUvNhlo
0jOfGUJg5OMTOCUyuvTm7ZUQpgvtIYRTCbDH1KLANQVYJPB4BD7aQ6psbNqO6YwA
BEUOuAkYmjAtAjqkm3EMtUTS+gQyDHYWOHW20DYUUmx2Fchg/w45R9yriId/nzBs
gZdNTMEcyS/ZNTuTzx7yntlEUZYfkqT0hfBx32e0wD8rf4jqS5aZTHeSFzf+LZK1
6aHc4nEr7Vuh2iOA41Im6qUv0Q/G7Tst3SdIQhus5OQfSOy5O61CQHX2XwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFGw5qbkGJ/QbgyxK35ZN0bKU6nYrMB8GA1UdIwQY
MBaAFH35BKsUBmx6n+YaUh1UkqDlKWXKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmZrRXF4UUdiSHFmNWhwU0hWU1NvT1VwWmNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS81M2ZiMzQtMjVkYi00Njg0LTk4NGYt
M2I0NDVmMjlmNWI3LzEvYkRtcHVRWW45QnVETEVyZmxrM1JzcFRxZGlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS81M2ZiMzQtMjVkYi00Njg0LTk4NGYtM2I0NDVmMjlmNWI3
LzEvZmZrRXF4UUdiSHFmNWhwU0hWU1NvT1VwWmNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQAeX8kAwQC
uflkAwQBwqQAMA8EAgACMAkDBwAqFDIAKhQwDQYJKoZIhvcNAQELBQADggEBAGNy
lq2Vmjwmb5OMnind99N8ygrRpFcCL8B6FnX5tJtUCdQYcssQ+Aq7qspKxsTkXAWs
6pmL0uXOMZnPAy78c9MtADYwIy4yaI1dkMB0fLDhqYy3Xy49X6gw6jxfkDaygf55
Z0ORMkIXSkyem5HsNpxJzE2ZSU2E/2tVJ2kbwTa/2QjP3DtyaHYZQlye2OpIVliT
la2i5299ZyOT3JFX89eG8usfNuWVsC/Pn0R1iueaH2Lo0q7SBeq12uYsMPnHCaK6
8QQnDgf6GW4ZjIZV8rXU9jJ2uX7Jsj1YFm6XBJu2okoaYKIgU9MFXlmo+nRbB/w6
y+6py4x8/L3fQjX+9rE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:52 2024 by rpki-client on console-fra.rpki-client.org