Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/107456-df53-424d-9320-933bfa592b1d/1/dxyE8MnXrfAR6GA33H1AogaKtkM.roa
File: dxyE8MnXrfAR6GA33H1AogaKtkM.roa (raw, json)
Hash identifier: hF/HdYI7bmRXVjhB9V7ToyLRU5vVytYIi+mIZCEdvMU=
Subject key identifier: 77:1C:84:F0:C9:D7:AD:F0:11:E8:60:37:DC:7D:40:A2:06:8A:B6:43
Certificate issuer: /CN=1e95a069669ed5a766eee8ebdc32e39fb148410b
Certificate serial: 0190BB180E723C5CD4F2D965EE599B100387
Authority key identifier: 1E:95:A0:69:66:9E:D5:A7:66:EE:E8:EB:DC:32:E3:9F:B1:48:41:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HpWgaWae1adm7ujr3DLjn7FIQQs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/107456-df53-424d-9320-933bfa592b1d/1/dxyE8MnXrfAR6GA33H1AogaKtkM.roa
Signing time: Tue 16 Jul 2024 10:30:34 +0000
ROA not before: Tue 16 Jul 2024 10:30:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44125
IP address blocks: 185.149.196.0/24 maxlen: 24
185.149.197.0/24 maxlen: 24
185.149.198.0/24 maxlen: 24
185.149.199.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 07:49:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:bb:18:0e:72:3c:5c:d4:f2:d9:65:ee:59:9b:10:03:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e95a069669ed5a766eee8ebdc32e39fb148410b
Validity
Not Before: Jul 16 10:30:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=771c84f0c9d7adf011e86037dc7d40a2068ab643
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:cb:61:66:d6:65:2e:df:5f:b6:b4:53:78:b9:
95:43:a0:78:54:dc:d5:a5:14:fc:6e:93:e8:27:35:
5f:29:1d:0d:ef:d7:ee:a6:52:57:5b:ec:3a:cf:b3:
eb:d2:be:2e:aa:c6:17:a9:bf:1a:dc:03:09:a6:04:
57:24:aa:ce:34:36:38:cd:cd:69:9c:37:8f:1c:cd:
dc:e0:31:2a:1e:f7:1d:0e:39:9c:47:77:ec:be:51:
89:31:93:62:2e:18:d2:7f:da:3e:e1:cf:9e:85:32:
a0:57:34:e4:c5:e5:55:ad:0e:e1:54:22:f8:46:28:
8d:28:42:c2:9e:d1:9e:2c:4f:23:38:da:d5:6f:0a:
7a:e2:62:18:e9:8f:3c:50:37:1d:98:dd:5e:3e:32:
f6:e3:7d:4b:26:3b:3f:ad:5b:25:7b:0b:bc:ae:66:
79:34:82:7e:5d:9a:eb:86:cd:5a:0c:27:6f:7b:97:
34:68:91:64:65:c4:6f:27:4d:0d:14:f0:5c:e8:3b:
ef:5b:60:46:4b:43:0b:6f:39:2d:d5:88:97:97:d8:
75:f1:09:24:61:32:e2:66:42:71:59:08:ba:be:bb:
26:92:83:9c:14:86:f5:4d:23:87:39:69:71:3c:b4:
50:b0:82:4e:d8:c6:b3:3b:d6:28:23:e0:d2:3e:5f:
fc:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:1C:84:F0:C9:D7:AD:F0:11:E8:60:37:DC:7D:40:A2:06:8A:B6:43
X509v3 Authority Key Identifier:
keyid:1E:95:A0:69:66:9E:D5:A7:66:EE:E8:EB:DC:32:E3:9F:B1:48:41:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HpWgaWae1adm7ujr3DLjn7FIQQs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/107456-df53-424d-9320-933bfa592b1d/1/dxyE8MnXrfAR6GA33H1AogaKtkM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/107456-df53-424d-9320-933bfa592b1d/1/HpWgaWae1adm7ujr3DLjn7FIQQs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.149.196.0/22
Signature Algorithm: sha256WithRSAEncryption
a2:a1:cb:8d:ee:bd:0e:b7:bc:bc:58:18:46:0e:e8:e1:b7:a7:
34:52:63:cb:9f:bf:72:66:01:d6:ea:26:01:d2:a3:79:82:1e:
b3:df:96:43:7d:d3:01:43:a4:84:ed:ba:f0:b1:ad:5f:08:b7:
29:3a:9f:77:2c:89:53:b2:ba:21:3f:f2:c6:7c:6a:85:95:55:
ef:de:db:fa:ce:02:c8:61:9f:01:39:02:7c:5d:5c:df:3a:ff:
6e:e6:b5:e2:05:20:5e:a0:6d:a8:4e:0f:c1:c3:47:d0:27:d9:
83:b5:34:75:aa:31:f4:ee:70:0f:03:f9:ab:b1:a0:18:66:87:
90:27:b0:7e:13:c7:42:51:c9:0e:d3:c9:5e:27:a7:c3:74:4d:
33:39:35:f6:62:9b:ac:59:93:35:7b:51:70:cd:79:b4:e7:84:
57:8e:46:85:68:d3:e0:8a:6c:98:27:84:74:c5:23:57:1e:43:
f4:f0:0f:35:42:67:d9:78:df:0b:a0:5b:4d:53:d9:bf:b1:8d:
47:4d:3a:7f:81:0b:8d:71:e6:d9:4a:5d:89:0e:43:35:9b:59:
83:82:4e:86:42:8b:1c:e4:ae:82:26:4a:8a:13:43:11:5f:44:
81:b7:83:c0:5f:ba:4e:01:de:93:38:12:7f:12:2d:23:25:5f:
f9:c5:9c:66
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZC7GA5yPFzU8tll7lmbEAOHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlOTVhMDY5NjY5ZWQ1YTc2NmVlZThlYmRjMzJlMzlmYjE0
ODQxMGIwHhcNMjQwNzE2MTAzMDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NzFjODRmMGM5ZDdhZGYwMTFlODYwMzdkYzdkNDBhMjA2OGFiNjQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjMthZtZlLt9ftrRTeLmVQ6B4VNzV
pRT8bpPoJzVfKR0N79fuplJXW+w6z7Pr0r4uqsYXqb8a3AMJpgRXJKrONDY4zc1p
nDePHM3c4DEqHvcdDjmcR3fsvlGJMZNiLhjSf9o+4c+ehTKgVzTkxeVVrQ7hVCL4
RiiNKELCntGeLE8jONrVbwp64mIY6Y88UDcdmN1ePjL2431LJjs/rVslewu8rmZ5
NIJ+XZrrhs1aDCdve5c0aJFkZcRvJ00NFPBc6DvvW2BGS0MLbzkt1YiXl9h18Qkk
YTLiZkJxWQi6vrsmkoOcFIb1TSOHOWlxPLRQsIJO2MazO9YoI+DSPl/8sQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHcchPDJ163wEehgN9x9QKIGirZDMB8GA1UdIwQY
MBaAFB6VoGlmntWnZu7o69wy45+xSEELMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHBXZ2FXYWUxYWRtN3VqcjNETGpuN0ZJUVFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8xMDc0NTYtZGY1My00MjRkLTkzMjAt
OTMzYmZhNTkyYjFkLzEvZHh5RThNblhyZkFSNkdBMzNIMUFvZ2FLdGtNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8xMDc0NTYtZGY1My00MjRkLTkzMjAtOTMzYmZhNTkyYjFk
LzEvSHBXZ2FXYWUxYWRtN3VqcjNETGpuN0ZJUVFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuZXEMA0G
CSqGSIb3DQEBCwUAA4IBAQCiocuN7r0Ot7y8WBhGDujht6c0UmPLn79yZgHW6iYB
0qN5gh6z35ZDfdMBQ6SE7brwsa1fCLcpOp93LIlTsrohP/LGfGqFlVXv3tv6zgLI
YZ8BOQJ8XVzfOv9u5rXiBSBeoG2oTg/Bw0fQJ9mDtTR1qjH07nAPA/mrsaAYZoeQ
J7B+E8dCUckO08leJ6fDdE0zOTX2YpusWZM1e1FwzXm054RXjkaFaNPgimyYJ4R0
xSNXHkP08A81QmfZeN8LoFtNU9m/sY1HTTp/gQuNcebZSl2JDkM1m1mDgk6GQosc
5K6CJkqKE0MRX0SBt4PAX7pOAd6TOBJ/Ei0jJV/5xZxm
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:21:17 2025 by rpki-client