Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/c96349-0a22-4247-9943-a3fc196aabb3/1/DENJM6QuSS-5vn1jLI27pgHo-as.roa
File: DENJM6QuSS-5vn1jLI27pgHo-as.roa (raw, json)
Hash identifier: DT6XsNINvQrMRTEyErcC/sERrE2ujNFHXet79PU7wWg=
Subject key identifier: 0C:43:49:33:A4:2E:49:2F:B9:BE:7D:63:2C:8D:BB:A6:01:E8:F9:AB
Certificate issuer: /CN=ac9092bbc2cacae247774f62b0fdbdc44a974cf2
Certificate serial: 018CC94D54E448B72D854CBB70279F91EF03
Authority key identifier: AC:90:92:BB:C2:CA:CA:E2:47:77:4F:62:B0:FD:BD:C4:4A:97:4C:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rJCSu8LKyuJHd09isP29xEqXTPI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/c96349-0a22-4247-9943-a3fc196aabb3/1/DENJM6QuSS-5vn1jLI27pgHo-as.roa
Signing time: Tue 02 Jan 2024 08:32:17 +0000
ROA not before: Tue 02 Jan 2024 08:32:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205800
IP address blocks: 185.206.125.0/24 maxlen: 24
185.206.124.0/24 maxlen: 24
185.206.126.0/24 maxlen: 24
185.206.127.0/24 maxlen: 24
2a0b:d3c0::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 01 Jan 2025 15:48:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4d:54:e4:48:b7:2d:85:4c:bb:70:27:9f:91:ef:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ac9092bbc2cacae247774f62b0fdbdc44a974cf2
Validity
Not Before: Jan 2 08:32:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0c434933a42e492fb9be7d632c8dbba601e8f9ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:9c:b7:94:68:fc:55:cb:2e:b7:40:33:66:82:
94:d6:bd:a5:52:b7:f0:d8:fa:2a:57:3f:82:81:58:
0b:47:60:8e:90:12:99:5b:43:66:c0:6c:4e:6f:1e:
fd:6d:8a:01:65:b4:0e:82:b3:c7:3f:57:a1:eb:d2:
6b:27:35:5b:52:33:f2:0b:92:5f:74:ad:7c:22:fc:
aa:dd:ca:92:18:cb:9f:81:d9:e9:fc:1a:b0:80:c0:
54:4f:f4:e5:f9:d7:61:e1:b4:21:27:14:97:d0:7e:
4c:88:c5:01:cf:3a:d1:4d:a3:bb:e1:15:9d:70:00:
8e:89:e6:4b:d2:2e:dc:b0:f6:b4:2b:30:a6:6e:96:
c9:a3:a3:88:34:cc:bc:7d:8d:db:40:c7:04:b3:bf:
ca:49:8b:ee:80:7e:c9:0d:d5:86:fa:4a:b1:0e:31:
6f:d4:c4:9c:d2:53:45:f1:60:04:9b:fd:b3:c6:49:
59:68:36:5b:98:b7:f4:95:d5:0f:78:70:b2:37:a0:
05:66:11:4d:e3:c6:cf:18:ad:63:87:5b:fc:77:e3:
2c:59:ad:57:ea:55:e7:d8:75:d0:9a:ef:3a:c8:d0:
1f:68:05:f5:cd:14:e4:9e:f8:21:ac:1b:5c:d1:93:
b0:2f:30:45:1a:ee:66:88:3d:fe:da:cd:05:08:5c:
ff:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:43:49:33:A4:2E:49:2F:B9:BE:7D:63:2C:8D:BB:A6:01:E8:F9:AB
X509v3 Authority Key Identifier:
keyid:AC:90:92:BB:C2:CA:CA:E2:47:77:4F:62:B0:FD:BD:C4:4A:97:4C:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rJCSu8LKyuJHd09isP29xEqXTPI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/c96349-0a22-4247-9943-a3fc196aabb3/1/DENJM6QuSS-5vn1jLI27pgHo-as.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/c96349-0a22-4247-9943-a3fc196aabb3/1/rJCSu8LKyuJHd09isP29xEqXTPI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.206.124.0/22
IPv6:
2a0b:d3c0::/32
Signature Algorithm: sha256WithRSAEncryption
8d:71:62:3b:6a:ef:a5:a1:8c:f9:75:63:85:11:54:75:be:06:
68:35:e8:c5:90:f1:cc:92:fe:2a:ab:a6:f7:26:e0:d7:19:b7:
f6:14:e5:b6:09:fb:b0:ac:b1:fc:aa:0f:c2:97:da:36:6b:f9:
d9:99:fb:e2:c4:38:12:23:33:3a:30:1a:ff:c8:98:63:b9:01:
09:d0:b6:92:29:b7:dc:1d:b6:0c:1d:dd:65:d7:89:38:4c:93:
0a:9d:ee:b7:61:5a:45:8e:85:ea:08:a6:5a:7e:2e:4d:17:c6:
b3:63:7a:96:ab:5f:62:01:60:fe:7b:e1:28:34:1f:ee:c8:c0:
7d:f3:a6:56:5b:a8:7a:34:3b:9a:59:bb:2a:c8:42:72:e9:92:
14:f4:c7:81:3a:fe:d0:94:24:f8:88:3d:36:35:f1:a2:23:f6:
35:c2:98:f7:75:89:d7:c6:b7:81:1c:f7:6e:e7:84:a4:fa:45:
0e:46:30:ca:2e:59:31:4c:e3:a4:48:45:ba:0c:e6:78:b7:6c:
99:4c:b9:de:4e:f0:6d:ad:80:90:df:95:8e:31:1b:96:0a:25:
92:9c:f3:61:82:38:c9:7b:eb:e9:34:08:a8:e5:51:08:37:84:
df:8d:4e:25:f2:9c:66:e8:6a:0c:65:9e:dd:5a:70:1e:7a:b1:
d1:e6:3a:bc
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzJTVTkSLcthUy7cCefke8DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjOTA5MmJiYzJjYWNhZTI0Nzc3NGY2MmIwZmRiZGM0NGE5
NzRjZjIwHhcNMjQwMTAyMDgzMjE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzQzNDkzM2E0MmU0OTJmYjliZTdkNjMyYzhkYmJhNjAxZThmOWFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj5y3lGj8Vcsut0AzZoKU1r2lUrfw
2PoqVz+CgVgLR2COkBKZW0NmwGxObx79bYoBZbQOgrPHP1eh69JrJzVbUjPyC5Jf
dK18Ivyq3cqSGMufgdnp/BqwgMBUT/Tl+ddh4bQhJxSX0H5MiMUBzzrRTaO74RWd
cACOieZL0i7csPa0KzCmbpbJo6OINMy8fY3bQMcEs7/KSYvugH7JDdWG+kqxDjFv
1MSc0lNF8WAEm/2zxklZaDZbmLf0ldUPeHCyN6AFZhFN48bPGK1jh1v8d+MsWa1X
6lXn2HXQmu86yNAfaAX1zRTknvghrBtc0ZOwLzBFGu5miD3+2s0FCFz/+QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFAxDSTOkLkkvub59YyyNu6YB6PmrMB8GA1UdIwQY
MBaAFKyQkrvCysriR3dPYrD9vcRKl0zyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvckpDU3U4TEt5dUpIZDA5aXNQMjl4RXFYVFBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC9jOTYzNDktMGEyMi00MjQ3LTk5NDMt
YTNmYzE5NmFhYmIzLzEvREVOSk02UXVTUy01dm4xakxJMjdwZ0hvLWFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC9jOTYzNDktMGEyMi00MjQ3LTk5NDMtYTNmYzE5NmFhYmIz
LzEvckpDU3U4TEt5dUpIZDA5aXNQMjl4RXFYVFBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuc58MA0E
AgACMAcDBQAqC9PAMA0GCSqGSIb3DQEBCwUAA4IBAQCNcWI7au+loYz5dWOFEVR1
vgZoNejFkPHMkv4qq6b3JuDXGbf2FOW2CfuwrLH8qg/Cl9o2a/nZmfvixDgSIzM6
MBr/yJhjuQEJ0LaSKbfcHbYMHd1l14k4TJMKne63YVpFjoXqCKZafi5NF8azY3qW
q19iAWD+e+EoNB/uyMB986ZWW6h6NDuaWbsqyEJy6ZIU9MeBOv7QlCT4iD02NfGi
I/Y1wpj3dYnXxreBHPdu54Sk+kUORjDKLlkxTOOkSEW6DOZ4t2yZTLneTvBtrYCQ
35WOMRuWCiWSnPNhgjjJe+vpNAio5VEIN4TfjU4l8pxm6GoMZZ7dWnAeerHR5jq8
-----END CERTIFICATE-----
Generated at Mon Apr 14 21:53:45 2025 by rpki-client