Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/c57b75-10a7-4723-94ea-e857477a7008/1/DERKl7Uj5te0OHgglTER-FWfA-s.roa
File: DERKl7Uj5te0OHgglTER-FWfA-s.roa (raw, json)
Hash identifier: cuTtyIeIzoarm0DZ5qkrV3t6rH6hyR6yw0xnPOGo7Rc=
Subject key identifier: 0C:44:4A:97:B5:23:E6:D7:B4:38:78:20:95:31:11:F8:55:9F:03:EB
Certificate issuer: /CN=467350d5975a272a88bfb8810af45981cd55935a
Certificate serial: 018CC726B4933214D3BF23828C78989B1CD4
Authority key identifier: 46:73:50:D5:97:5A:27:2A:88:BF:B8:81:0A:F4:59:81:CD:55:93:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RnNQ1ZdaJyqIv7iBCvRZgc1Vk1o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/c57b75-10a7-4723-94ea-e857477a7008/1/DERKl7Uj5te0OHgglTER-FWfA-s.roa
Signing time: Mon 01 Jan 2024 22:30:51 +0000
ROA not before: Mon 01 Jan 2024 22:30:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12590
IP address blocks: 185.118.222.0/24 maxlen: 24
185.118.221.0/24 maxlen: 24
185.118.220.0/24 maxlen: 24
185.118.223.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 07:48:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:26:b4:93:32:14:d3:bf:23:82:8c:78:98:9b:1c:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=467350d5975a272a88bfb8810af45981cd55935a
Validity
Not Before: Jan 1 22:30:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0c444a97b523e6d7b4387820953111f8559f03eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:f3:ae:91:18:1d:f6:67:ea:04:41:7c:89:5f:
93:3d:d3:e9:d1:c6:7c:ec:29:27:50:22:55:50:02:
dd:35:b4:12:fe:ee:ac:b0:e8:c2:b4:08:65:9c:4c:
ea:88:e4:92:25:b4:a9:6f:f4:3e:dd:88:96:72:28:
69:71:aa:68:fc:8c:fe:b5:3b:8f:05:b6:b1:35:64:
2c:59:bd:83:82:b2:26:90:80:ee:6d:ef:40:54:38:
79:37:f7:19:30:ed:5f:4e:d3:49:bc:86:bd:c6:bb:
1e:79:77:c2:13:6b:0b:c7:05:90:27:15:32:13:73:
9e:e4:29:78:e7:40:07:c7:36:5f:ba:32:e8:9d:b6:
3a:84:46:36:da:de:9f:fa:a7:74:6f:7b:8e:39:7e:
99:31:8c:89:18:e6:c8:b0:2a:cd:6c:4a:a6:00:06:
55:37:78:47:14:b5:49:ab:f1:ec:d1:c0:31:7c:f3:
c1:75:8c:b9:dd:67:ac:dc:70:3e:bd:21:08:12:3a:
3f:da:87:42:07:75:1c:8a:f9:6a:e4:2b:85:fa:92:
58:7d:aa:ab:fe:f2:b2:54:a2:07:b1:ce:bf:5c:c2:
fb:a8:d1:c3:a5:13:d2:61:a9:eb:fa:4c:2f:9e:cd:
f5:d4:24:16:2f:d6:89:76:c4:0f:14:7e:1b:1c:1c:
5d:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:44:4A:97:B5:23:E6:D7:B4:38:78:20:95:31:11:F8:55:9F:03:EB
X509v3 Authority Key Identifier:
keyid:46:73:50:D5:97:5A:27:2A:88:BF:B8:81:0A:F4:59:81:CD:55:93:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RnNQ1ZdaJyqIv7iBCvRZgc1Vk1o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/c57b75-10a7-4723-94ea-e857477a7008/1/DERKl7Uj5te0OHgglTER-FWfA-s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/c57b75-10a7-4723-94ea-e857477a7008/1/RnNQ1ZdaJyqIv7iBCvRZgc1Vk1o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.118.220.0/22
Signature Algorithm: sha256WithRSAEncryption
72:d9:8c:04:d7:c2:3f:78:18:e4:dd:88:9a:19:6d:ff:c3:da:
2f:5a:97:ad:94:15:07:0d:74:a8:2f:36:d4:e1:80:23:5a:8b:
5d:f1:71:a3:55:0c:94:3d:15:25:c0:5b:95:32:fd:90:ed:c1:
5f:d8:a4:93:1e:06:d5:ed:0a:b2:94:3a:07:9e:42:9e:6c:eb:
d5:49:5d:aa:d0:51:54:4d:2a:6a:59:ef:75:88:9c:fe:68:a1:
91:70:a8:1c:09:ca:09:16:fb:fb:77:27:51:df:c8:be:f3:3e:
97:5d:36:7e:51:6a:78:52:10:33:e9:8c:c9:60:54:2b:14:bb:
33:28:4b:7a:bf:78:8e:73:0c:36:58:b0:e6:e7:cd:9c:f7:fe:
39:05:95:b7:26:0c:1a:4b:70:82:e9:16:43:9c:0a:68:69:39:
5a:1f:f3:1d:e6:6a:c8:d0:98:58:d5:66:e1:cd:0c:34:f3:3a:
a7:a7:1e:37:bd:f7:49:90:c8:03:5f:a8:ab:e9:f2:95:38:1b:
29:37:8d:30:09:8e:e4:d6:ba:93:86:b8:ea:95:d2:ca:eb:3e:
6a:82:39:bb:e7:95:86:58:ed:ce:cb:3b:81:41:37:ae:ab:0f:
5d:1a:41:a0:99:7d:39:c4:ac:e3:7d:2f:7f:3d:a5:28:bf:10:
cd:a6:c6:2d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHJrSTMhTTvyOCjHiYmxzUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2NzM1MGQ1OTc1YTI3MmE4OGJmYjg4MTBhZjQ1OTgxY2Q1
NTkzNWEwHhcNMjQwMTAxMjIzMDUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzQ0NGE5N2I1MjNlNmQ3YjQzODc4MjA5NTMxMTFmODU1OWYwM2ViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoPOukRgd9mfqBEF8iV+TPdPp0cZ8
7CknUCJVUALdNbQS/u6ssOjCtAhlnEzqiOSSJbSpb/Q+3YiWcihpcapo/Iz+tTuP
BbaxNWQsWb2DgrImkIDube9AVDh5N/cZMO1fTtNJvIa9xrseeXfCE2sLxwWQJxUy
E3Oe5Cl450AHxzZfujLonbY6hEY22t6f+qd0b3uOOX6ZMYyJGObIsCrNbEqmAAZV
N3hHFLVJq/Hs0cAxfPPBdYy53Wes3HA+vSEIEjo/2odCB3Ucivlq5CuF+pJYfaqr
/vKyVKIHsc6/XML7qNHDpRPSYanr+kwvns311CQWL9aJdsQPFH4bHBxdGQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAxESpe1I+bXtDh4IJUxEfhVnwPrMB8GA1UdIwQY
MBaAFEZzUNWXWicqiL+4gQr0WYHNVZNaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUm5OUTFaZGFKeXFJdjdpQkN2UlpnYzFWazFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi9jNTdiNzUtMTBhNy00NzIzLTk0ZWEt
ZTg1NzQ3N2E3MDA4LzEvREVSS2w3VWo1dGUwT0hnZ2xURVItRldmQS1zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi9jNTdiNzUtMTBhNy00NzIzLTk0ZWEtZTg1NzQ3N2E3MDA4
LzEvUm5OUTFaZGFKeXFJdjdpQkN2UlpnYzFWazFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuXbcMA0G
CSqGSIb3DQEBCwUAA4IBAQBy2YwE18I/eBjk3YiaGW3/w9ovWpetlBUHDXSoLzbU
4YAjWotd8XGjVQyUPRUlwFuVMv2Q7cFf2KSTHgbV7QqylDoHnkKebOvVSV2q0FFU
TSpqWe91iJz+aKGRcKgcCcoJFvv7dydR38i+8z6XXTZ+UWp4UhAz6YzJYFQrFLsz
KEt6v3iOcww2WLDm582c9/45BZW3JgwaS3CC6RZDnApoaTlaH/Md5mrI0JhY1Wbh
zQw08zqnpx43vfdJkMgDX6ir6fKVOBspN40wCY7k1rqThrjqldLK6z5qgjm755WG
WO3OyzuBQTeuqw9dGkGgmX05xKzjfS9/PaUovxDNpsYt
-----END CERTIFICATE-----
Generated at Thu Apr 17 23:53:56 2025 by rpki-client