Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/0205f2-df2a-41d6-bc2d-72827fe6d7af/1/2qkFdp91Sv8wLWijdIb8Ja0gHlM.roa
File: 2qkFdp91Sv8wLWijdIb8Ja0gHlM.roa (raw, json)
Hash identifier: dFpL/5bJ4ValKb90pPiXN6OHbMPIJdS7f6GNylbW+Gw=
Subject key identifier: DA:A9:05:76:9F:75:4A:FF:30:2D:68:A3:74:86:FC:25:AD:20:1E:53
Certificate issuer: /CN=7e058377510a3a9245ce72cbe88e0efa19719204
Certificate serial: 01938BE08ECE13B62780DB12F43A2DEFA34B
Authority key identifier: 7E:05:83:77:51:0A:3A:92:45:CE:72:CB:E8:8E:0E:FA:19:71:92:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fgWDd1EKOpJFznLL6I4O-hlxkgQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/0205f2-df2a-41d6-bc2d-72827fe6d7af/1/2qkFdp91Sv8wLWijdIb8Ja0gHlM.roa
Signing time: Tue 03 Dec 2024 09:36:09 +0000
ROA not before: Tue 03 Dec 2024 09:36:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42468
IP address blocks: 185.83.208.0/24 maxlen: 24
185.83.209.0/24 maxlen: 24
185.83.210.0/24 maxlen: 24
185.83.211.0/24 maxlen: 24
2a03:6da0::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 02 Jan 2025 09:49:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:8b:e0:8e:ce:13:b6:27:80:db:12:f4:3a:2d:ef:a3:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7e058377510a3a9245ce72cbe88e0efa19719204
Validity
Not Before: Dec 3 09:36:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=daa905769f754aff302d68a37486fc25ad201e53
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:45:45:cb:9b:5d:2b:a3:82:01:1f:19:66:9a:
ac:6f:b2:22:90:a0:63:89:51:85:a5:91:f3:14:87:
89:2d:62:dc:4b:b9:6d:2e:b1:ff:29:46:5a:4d:58:
03:7c:f9:2e:e6:2a:52:56:37:29:10:ed:65:b4:03:
d8:67:ef:60:b8:19:00:85:83:1a:53:eb:0e:1a:a1:
1f:0e:7a:68:c6:b1:c7:a6:ca:a4:ec:0d:e3:d3:67:
ec:86:84:33:23:91:cb:9e:f5:61:0a:e3:14:01:df:
56:e6:85:09:5f:75:a5:e0:74:fb:c0:c6:8a:6f:7d:
25:c7:4b:a5:d9:3d:49:27:c5:4d:e2:b6:1f:c9:97:
01:d8:06:dd:70:a9:f4:d6:28:32:c9:1d:32:21:08:
8f:17:a0:8f:41:04:48:fe:72:fb:41:f4:c2:89:da:
22:a4:f5:46:5f:fa:a1:c4:e5:23:fb:0a:a9:51:1d:
c4:96:22:af:68:c5:f9:c5:ba:8e:e2:f4:c2:37:87:
7e:27:08:de:8a:b4:22:e2:27:b5:91:20:0c:65:17:
a6:c7:86:7c:5f:f0:d0:e1:9d:ed:ef:77:b5:49:5c:
90:7a:14:4b:ca:31:07:67:df:0c:7f:b1:bf:96:8c:
26:14:5b:d8:3f:b9:59:1e:97:9a:99:b9:5d:9d:19:
65:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:A9:05:76:9F:75:4A:FF:30:2D:68:A3:74:86:FC:25:AD:20:1E:53
X509v3 Authority Key Identifier:
keyid:7E:05:83:77:51:0A:3A:92:45:CE:72:CB:E8:8E:0E:FA:19:71:92:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fgWDd1EKOpJFznLL6I4O-hlxkgQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/0205f2-df2a-41d6-bc2d-72827fe6d7af/1/2qkFdp91Sv8wLWijdIb8Ja0gHlM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/0205f2-df2a-41d6-bc2d-72827fe6d7af/1/fgWDd1EKOpJFznLL6I4O-hlxkgQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.83.208.0/22
IPv6:
2a03:6da0::/32
Signature Algorithm: sha256WithRSAEncryption
ad:48:ec:16:c9:62:2c:e5:d6:0a:69:86:4b:dd:37:ca:4c:bc:
06:cc:51:be:c3:5e:63:f4:bc:ef:30:84:0c:4f:24:a5:19:40:
ff:03:65:1b:70:38:16:16:1c:df:2c:ac:f9:80:55:8f:b7:a2:
b6:fa:b3:1a:15:92:20:7a:7d:77:29:b2:f2:86:8f:99:97:2c:
23:6d:27:a0:aa:64:10:a8:a1:71:79:91:a4:c6:19:c3:e3:9b:
b5:fa:10:7e:41:0d:03:a1:e6:af:12:95:5d:8f:fc:59:e1:97:
09:2f:9c:8f:6b:e3:bc:33:2e:87:ef:c8:4c:27:42:f2:4a:f6:
47:4f:f7:2a:f2:ad:ca:f9:1e:f9:69:f3:2d:d5:d3:b9:f6:e5:
c8:01:f3:a9:c2:68:3a:e7:f9:bb:41:38:1b:ff:42:22:79:d3:
78:90:6c:e0:96:07:72:f0:f8:d5:c7:b5:65:b6:4f:2d:70:74:
6a:27:dc:d5:74:04:45:62:4f:12:9f:a7:fa:af:d1:1a:ec:22:
f7:63:d8:26:67:d6:e5:77:e3:d4:15:e3:f2:85:34:38:29:cd:
8b:ee:29:42:54:fb:a1:5f:fb:6f:0f:02:d1:49:16:71:d0:62:
ef:2e:b4:a1:14:0b:9f:00:97:02:51:f9:32:b1:a5:12:33:fa:
26:cf:b0:a4
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZOL4I7OE7YngNsS9Dot76NLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlMDU4Mzc3NTEwYTNhOTI0NWNlNzJjYmU4OGUwZWZhMTk3
MTkyMDQwHhcNMjQxMjAzMDkzNjA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYWE5MDU3NjlmNzU0YWZmMzAyZDY4YTM3NDg2ZmMyNWFkMjAxZTUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjEVFy5tdK6OCAR8ZZpqsb7IikKBj
iVGFpZHzFIeJLWLcS7ltLrH/KUZaTVgDfPku5ipSVjcpEO1ltAPYZ+9guBkAhYMa
U+sOGqEfDnpoxrHHpsqk7A3j02fshoQzI5HLnvVhCuMUAd9W5oUJX3Wl4HT7wMaK
b30lx0ul2T1JJ8VN4rYfyZcB2AbdcKn01igyyR0yIQiPF6CPQQRI/nL7QfTCidoi
pPVGX/qhxOUj+wqpUR3EliKvaMX5xbqO4vTCN4d+JwjeirQi4ie1kSAMZRemx4Z8
X/DQ4Z3t73e1SVyQehRLyjEHZ98Mf7G/lowmFFvYP7lZHpeambldnRlleQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNqpBXafdUr/MC1oo3SG/CWtIB5TMB8GA1UdIwQY
MBaAFH4Fg3dRCjqSRc5yy+iODvoZcZIEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmdXRGQxRUtPcEpGem5MTDZJNE8taGx4a2dRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi8wMjA1ZjItZGYyYS00MWQ2LWJjMmQt
NzI4MjdmZTZkN2FmLzEvMnFrRmRwOTFTdjh3TFdpamRJYjhKYTBnSGxNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi8wMjA1ZjItZGYyYS00MWQ2LWJjMmQtNzI4MjdmZTZkN2Fm
LzEvZmdXRGQxRUtPcEpGem5MTDZJNE8taGx4a2dRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuVPQMA0E
AgACMAcDBQAqA22gMA0GCSqGSIb3DQEBCwUAA4IBAQCtSOwWyWIs5dYKaYZL3TfK
TLwGzFG+w15j9LzvMIQMTySlGUD/A2UbcDgWFhzfLKz5gFWPt6K2+rMaFZIgen13
KbLyho+ZlywjbSegqmQQqKFxeZGkxhnD45u1+hB+QQ0DoeavEpVdj/xZ4ZcJL5yP
a+O8My6H78hMJ0LySvZHT/cq8q3K+R75afMt1dO59uXIAfOpwmg65/m7QTgb/0Ii
edN4kGzglgdy8PjVx7Vltk8tcHRqJ9zVdARFYk8Sn6f6r9Ea7CL3Y9gmZ9bld+PU
FePyhTQ4Kc2L7ilCVPuhX/tvDwLRSRZx0GLvLrShFAufAJcCUfkysaUSM/omz7Ck
-----END CERTIFICATE-----
Generated at Thu Apr 17 22:29:03 2025 by rpki-client