Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/6db427-f7dc-4ea9-ae95-41490872fc4e/1/DAponeH1nSDCgMv8mFYmPPiDVCk.roa
File: DAponeH1nSDCgMv8mFYmPPiDVCk.roa (raw, json)
Hash identifier: rvnX5uVhE6VEfZv5lr6FAL8x33JGnuExEwjDIUKTD+8=
Subject key identifier: 0C:0A:68:9D:E1:F5:9D:20:C2:80:CB:FC:98:56:26:3C:F8:83:54:29
Certificate issuer: /CN=0969a2a39635b797476f1f1633ae8f27bf33b533
Certificate serial: 01924391E950F4311330796A3A96D3622FC0
Authority key identifier: 09:69:A2:A3:96:35:B7:97:47:6F:1F:16:33:AE:8F:27:BF:33:B5:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CWmio5Y1t5dHbx8WM66PJ78ztTM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/6db427-f7dc-4ea9-ae95-41490872fc4e/1/DAponeH1nSDCgMv8mFYmPPiDVCk.roa
Signing time: Mon 30 Sep 2024 15:34:48 +0000
ROA not before: Mon 30 Sep 2024 15:34:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207709
IP address blocks: 2.56.152.0/24 maxlen: 24
2.56.153.0/24 maxlen: 24
2.56.154.0/24 maxlen: 24
2.56.155.0/24 maxlen: 24
146.19.57.0/24 maxlen: 24
185.242.160.0/24 maxlen: 24
185.242.161.0/24 maxlen: 24
185.242.162.0/24 maxlen: 24
185.242.163.0/24 maxlen: 24
195.85.216.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 06 Nov 2024 19:59:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:43:91:e9:50:f4:31:13:30:79:6a:3a:96:d3:62:2f:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0969a2a39635b797476f1f1633ae8f27bf33b533
Validity
Not Before: Sep 30 15:34:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0c0a689de1f59d20c280cbfc9856263cf8835429
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fb:85:5a:14:ff:24:bf:36:e3:c7:9c:4d:03:2d:
04:6e:b3:a1:61:e4:83:27:66:77:c3:fa:c2:13:4d:
8d:97:0c:21:ac:02:e4:87:74:fc:4a:d4:03:9b:7b:
9e:51:b3:18:00:22:1b:67:ad:57:26:90:eb:33:26:
d6:69:f0:32:3b:98:cc:e1:9c:a7:c3:98:ba:d4:22:
6e:3a:26:37:3b:57:32:5f:fe:f4:d2:81:f8:71:83:
80:b4:66:88:93:46:35:b3:72:b6:f8:be:ea:9b:fc:
70:56:b6:64:bd:38:96:e0:3e:87:5e:03:3e:35:e0:
0b:73:26:a1:7f:dc:43:a3:9e:69:66:04:fb:46:f9:
a5:6d:17:35:14:92:fd:9a:8d:34:53:2c:c9:e1:55:
8c:b6:fc:af:7a:07:a7:c2:82:e0:9a:63:53:1b:f5:
b4:14:ba:0b:30:3b:c2:25:7e:20:f8:2b:2e:62:d8:
5a:ec:b9:0d:c6:6b:59:8c:62:04:d2:16:74:70:a3:
36:89:36:4e:8c:64:9b:83:2a:1c:af:16:f1:f5:29:
e3:8d:23:3e:8e:05:28:44:64:5b:81:6c:0e:69:f0:
33:db:82:a2:ca:15:cf:14:62:27:f0:1b:0a:e1:80:
fe:72:27:45:d6:da:b5:1d:4f:b4:b5:99:2c:07:78:
ae:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:0A:68:9D:E1:F5:9D:20:C2:80:CB:FC:98:56:26:3C:F8:83:54:29
X509v3 Authority Key Identifier:
keyid:09:69:A2:A3:96:35:B7:97:47:6F:1F:16:33:AE:8F:27:BF:33:B5:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CWmio5Y1t5dHbx8WM66PJ78ztTM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/6db427-f7dc-4ea9-ae95-41490872fc4e/1/DAponeH1nSDCgMv8mFYmPPiDVCk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/6db427-f7dc-4ea9-ae95-41490872fc4e/1/CWmio5Y1t5dHbx8WM66PJ78ztTM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.152.0/22
146.19.57.0/24
185.242.160.0/22
195.85.216.0/24
Signature Algorithm: sha256WithRSAEncryption
27:41:92:b7:4e:cd:d6:f5:af:72:3f:ab:f6:7f:b3:64:19:58:
bc:8a:fc:37:73:71:24:fd:c2:98:a6:2c:6a:ef:08:46:4c:c5:
2a:0d:f2:19:aa:15:2a:85:68:84:71:c2:8f:9d:97:a4:1a:d8:
fa:01:2c:c4:c5:5d:07:42:e8:84:f6:0a:01:a5:d8:8a:5c:c3:
97:83:14:db:de:e4:bb:f5:e3:31:e5:d5:f5:c8:69:60:94:39:
dc:36:20:05:eb:0c:fd:b9:35:07:d6:92:e1:a5:e2:01:a0:98:
58:a6:25:8c:92:33:48:b3:22:28:54:57:e9:1b:0e:63:8d:bd:
6a:cd:1d:13:6a:78:db:af:ab:54:1e:04:01:65:15:fb:f4:dc:
21:be:dd:15:c2:64:a3:d8:d3:50:0b:94:c5:52:5c:dd:19:b8:
87:19:16:b0:6b:bf:59:a6:9b:5c:eb:dd:97:36:8d:e0:d1:ce:
21:f6:f9:68:52:2c:db:1c:d7:3b:9f:11:78:22:04:52:47:84:
bc:67:14:46:e3:cb:17:f7:12:c0:19:8a:2a:7e:e6:4b:ad:6a:
3a:e2:6d:84:03:c3:86:0c:53:ad:6f:fe:08:60:13:6c:6d:4a:
1c:83:a9:bf:e4:8a:d4:6d:74:5a:7b:ee:2a:54:a2:74:c8:a4:
0f:1a:f3:07
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZJDkelQ9DETMHlqOpbTYi/AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5NjlhMmEzOTYzNWI3OTc0NzZmMWYxNjMzYWU4ZjI3YmYz
M2I1MzMwHhcNMjQwOTMwMTUzNDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzBhNjg5ZGUxZjU5ZDIwYzI4MGNiZmM5ODU2MjYzY2Y4ODM1NDI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+4VaFP8kvzbjx5xNAy0EbrOhYeSD
J2Z3w/rCE02NlwwhrALkh3T8StQDm3ueUbMYACIbZ61XJpDrMybWafAyO5jM4Zyn
w5i61CJuOiY3O1cyX/700oH4cYOAtGaIk0Y1s3K2+L7qm/xwVrZkvTiW4D6HXgM+
NeALcyahf9xDo55pZgT7RvmlbRc1FJL9mo00UyzJ4VWMtvyvegenwoLgmmNTG/W0
FLoLMDvCJX4g+CsuYtha7LkNxmtZjGIE0hZ0cKM2iTZOjGSbgyocrxbx9SnjjSM+
jgUoRGRbgWwOafAz24KiyhXPFGIn8BsK4YD+cidF1tq1HU+0tZksB3iuOQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFAwKaJ3h9Z0gwoDL/JhWJjz4g1QpMB8GA1UdIwQY
MBaAFAlpoqOWNbeXR28fFjOujye/M7UzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1dtaW81WTF0NWRIYng4V002NlBKNzh6dFRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC82ZGI0MjctZjdkYy00ZWE5LWFlOTUt
NDE0OTA4NzJmYzRlLzEvREFwb25lSDFuU0RDZ012OG1GWW1QUGlEVkNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC82ZGI0MjctZjdkYy00ZWE5LWFlOTUtNDE0OTA4NzJmYzRl
LzEvQ1dtaW81WTF0NWRIYng4V002NlBKNzh6dFRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCAjiYAwQA
khM5AwQCufKgAwQAw1XYMA0GCSqGSIb3DQEBCwUAA4IBAQAnQZK3Ts3W9a9yP6v2
f7NkGVi8ivw3c3Ek/cKYpixq7whGTMUqDfIZqhUqhWiEccKPnZekGtj6ASzExV0H
QuiE9goBpdiKXMOXgxTb3uS79eMx5dX1yGlglDncNiAF6wz9uTUH1pLhpeIBoJhY
piWMkjNIsyIoVFfpGw5jjb1qzR0Tanjbr6tUHgQBZRX79Nwhvt0VwmSj2NNQC5TF
UlzdGbiHGRawa79Zpptc692XNo3g0c4h9vloUizbHNc7nxF4IgRSR4S8ZxRG48sX
9xLAGYoqfuZLrWo64m2EA8OGDFOtb/4IYBNsbUocg6m/5IrUbXRae+4qVKJ0yKQP
GvMH
-----END CERTIFICATE-----
Generated at Wed Nov 6 22:55:50 2024 by rpki-client on console-fra.rpki-client.org