Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/f65610-59f6-4ad6-a9d8-1470ac364dd2/1/DkVQImbCsVleHHHZYb53DPQtA2U.roa
File: DkVQImbCsVleHHHZYb53DPQtA2U.roa (raw, json)
Hash identifier: Mqp2wARLK9ercD1+lXxlReMPN7jDlfCCEgEdsZzLKng=
Subject key identifier: 0E:45:50:22:66:C2:B1:59:5E:1C:71:D9:61:BE:77:0C:F4:2D:03:65
Certificate issuer: /CN=979f5ca8c33f134c3c157d48b9c2ae4e91b630bf
Certificate serial: 019420680B8E0C3D8F4B4512708DEE6567B4
Authority key identifier: 97:9F:5C:A8:C3:3F:13:4C:3C:15:7D:48:B9:C2:AE:4E:91:B6:30:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l59cqMM_E0w8FX1IucKuTpG2ML8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/f65610-59f6-4ad6-a9d8-1470ac364dd2/1/DkVQImbCsVleHHHZYb53DPQtA2U.roa
Signing time: Wed 01 Jan 2025 05:47:57 +0000
ROA not before: Wed 01 Jan 2025 05:47:57 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50028
IP address blocks: 188.93.197.0/24 maxlen: 24
2a0f:d300::/48 maxlen: 48
2a0f:d301::/48 maxlen: 48
Validation: Failed, certificate revoked on Sat 08 Feb 2025 17:46:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:0b:8e:0c:3d:8f:4b:45:12:70:8d:ee:65:67:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=979f5ca8c33f134c3c157d48b9c2ae4e91b630bf
Validity
Not Before: Jan 1 05:47:57 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0e45502266c2b1595e1c71d961be770cf42d0365
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:07:28:2e:cf:13:e5:24:33:88:69:da:3d:e7:
9b:8e:d1:51:81:14:9a:68:9d:97:b9:ad:f8:ab:9a:
80:22:48:b1:fa:a3:9f:3b:bf:e2:a0:6d:72:c5:43:
20:bd:b1:ad:03:6e:e5:f4:3d:aa:77:5b:38:db:bb:
e7:cf:bb:d2:33:3d:61:07:38:de:60:55:66:b8:68:
4a:21:47:ba:57:7f:65:76:14:c6:15:ba:cc:ad:97:
bf:fc:79:fc:12:32:a9:bb:cb:82:62:cf:08:0d:d5:
ed:db:20:fd:f0:c4:22:07:e6:04:ea:3f:58:ff:0e:
98:cd:5e:ed:fd:85:90:d3:3b:ac:18:d3:42:dc:a7:
ed:04:9b:bc:8f:5a:da:93:58:8a:94:d4:27:e1:52:
8b:6e:b0:10:cc:5f:66:8d:85:38:00:ca:10:0a:d9:
40:81:8c:59:5e:f0:33:46:3c:88:dc:9f:c6:55:24:
22:74:3d:9f:5b:a7:74:01:9c:bb:aa:91:10:0e:77:
26:d6:46:a3:ee:0f:05:75:1e:6f:d6:42:0c:96:a5:
f6:8a:cf:c1:fc:ac:a2:fc:28:80:d9:f3:06:8a:5a:
1d:82:ab:e1:2a:ff:d7:ae:1c:06:be:47:ce:f7:3d:
27:f3:0a:bd:f9:1e:82:0f:09:7d:a8:47:c6:c7:ae:
f9:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:45:50:22:66:C2:B1:59:5E:1C:71:D9:61:BE:77:0C:F4:2D:03:65
X509v3 Authority Key Identifier:
keyid:97:9F:5C:A8:C3:3F:13:4C:3C:15:7D:48:B9:C2:AE:4E:91:B6:30:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l59cqMM_E0w8FX1IucKuTpG2ML8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/f65610-59f6-4ad6-a9d8-1470ac364dd2/1/DkVQImbCsVleHHHZYb53DPQtA2U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/f65610-59f6-4ad6-a9d8-1470ac364dd2/1/l59cqMM_E0w8FX1IucKuTpG2ML8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.93.197.0/24
IPv6:
2a0f:d300::/48
2a0f:d301::/48
Signature Algorithm: sha256WithRSAEncryption
13:33:5f:8b:3f:9c:3d:5f:4a:59:e8:31:5e:0e:85:3e:4a:f1:
78:0a:42:bb:9f:4f:4e:e1:12:c9:bd:ff:c4:25:86:a0:55:84:
9a:2c:08:f5:81:b6:a3:a1:f3:90:66:ad:ba:5f:e7:cf:a7:e4:
e7:a8:e1:45:1d:b6:83:44:c4:a8:7d:ad:75:63:ae:82:90:fd:
cd:11:41:a5:a5:23:bf:11:e9:8f:41:9a:1f:c9:b0:59:c7:2a:
8a:8f:6a:71:2c:51:b3:e2:d2:b6:ac:73:eb:2f:62:4d:ee:05:
13:98:49:3b:d7:b1:74:80:71:12:ae:69:6e:e9:bf:0c:6a:8f:
57:b5:47:c0:9b:ff:f5:57:ac:c7:a8:3e:54:92:07:a1:ef:c4:
6a:ea:ce:54:c9:ba:20:ce:d0:4d:3b:82:81:3f:8c:b4:ff:39:
47:7d:93:45:77:21:7d:bc:21:32:27:5a:a5:a4:00:dc:dd:f6:
49:ba:a0:fa:4f:22:09:92:59:47:43:f9:e9:00:fc:a8:da:6f:
49:e3:60:3c:b9:ed:fa:c0:4e:c6:1d:9f:76:ff:1b:51:2a:68:
58:c2:b1:55:e8:48:c2:ac:6c:ea:ed:71:81:16:cd:a6:c0:8d:
60:72:c1:95:fc:15:e4:09:66:df:4a:9b:00:df:12:6d:2b:49:
f3:e6:f3:b2
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZQgaAuODD2PS0UScI3uZWe0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3OWY1Y2E4YzMzZjEzNGMzYzE1N2Q0OGI5YzJhZTRlOTFi
NjMwYmYwHhcNMjUwMTAxMDU0NzU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZTQ1NTAyMjY2YzJiMTU5NWUxYzcxZDk2MWJlNzcwY2Y0MmQwMzY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqAcoLs8T5SQziGnaPeebjtFRgRSa
aJ2Xua34q5qAIkix+qOfO7/ioG1yxUMgvbGtA27l9D2qd1s427vnz7vSMz1hBzje
YFVmuGhKIUe6V39ldhTGFbrMrZe//Hn8EjKpu8uCYs8IDdXt2yD98MQiB+YE6j9Y
/w6YzV7t/YWQ0zusGNNC3KftBJu8j1rak1iKlNQn4VKLbrAQzF9mjYU4AMoQCtlA
gYxZXvAzRjyI3J/GVSQidD2fW6d0AZy7qpEQDncm1kaj7g8FdR5v1kIMlqX2is/B
/Kyi/CiA2fMGilodgqvhKv/XrhwGvkfO9z0n8wq9+R6CDwl9qEfGx6751QIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFA5FUCJmwrFZXhxx2WG+dwz0LQNlMB8GA1UdIwQY
MBaAFJefXKjDPxNMPBV9SLnCrk6RtjC/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDU5Y3FNTV9FMHc4RlgxSXVjS3VUcEcyTUw4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy9mNjU2MTAtNTlmNi00YWQ2LWE5ZDgt
MTQ3MGFjMzY0ZGQyLzEvRGtWUUltYkNzVmxlSEhIWlliNTNEUFF0QTJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy9mNjU2MTAtNTlmNi00YWQ2LWE5ZDgtMTQ3MGFjMzY0ZGQy
LzEvbDU5Y3FNTV9FMHc4RlgxSXVjS3VUcEcyTUw4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAMBAIAATAGAwQAvF3FMBgE
AgACMBIDBwAqD9MAAAADBwAqD9MBAAAwDQYJKoZIhvcNAQELBQADggEBABMzX4s/
nD1fSlnoMV4OhT5K8XgKQrufT07hEsm9/8QlhqBVhJosCPWBtqOh85Bmrbpf58+n
5Oeo4UUdtoNExKh9rXVjroKQ/c0RQaWlI78R6Y9Bmh/JsFnHKoqPanEsUbPi0ras
c+svYk3uBROYSTvXsXSAcRKuaW7pvwxqj1e1R8Cb//VXrMeoPlSSB6HvxGrqzlTJ
uiDO0E07goE/jLT/OUd9k0V3IX28ITInWqWkANzd9km6oPpPIgmSWUdD+ekA/Kja
b0njYDy57frATsYdn3b/G1EqaFjCsVXoSMKsbOrtcYEWzabAjWBywZX8FeQJZt9K
mwDfEm0rSfPm87I=
-----END CERTIFICATE-----
Generated at Sat Apr 19 17:22:37 2025 by rpki-client