Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/48afe0-5a18-4d99-91b6-8073dce09628/1/DaBx2OISvzVqEjxYQtvun-4Dcyc.roa
File: DaBx2OISvzVqEjxYQtvun-4Dcyc.roa (raw, json)
Hash identifier: iSiszojjLCsRrPygnyDL21EOZwiO1gvDLYjX6r9QSBA=
Subject key identifier: 0D:A0:71:D8:E2:12:BF:35:6A:12:3C:58:42:DB:EE:9F:EE:03:73:27
Certificate issuer: /CN=4ac2bc0e3e59332f4be2c58ff25a1861f5fde819
Certificate serial: 01903027E1BBCA120A7F5DFB9FB124A511B0
Authority key identifier: 4A:C2:BC:0E:3E:59:33:2F:4B:E2:C5:8F:F2:5A:18:61:F5:FD:E8:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SsK8Dj5ZMy9L4sWP8loYYfX96Bk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/48afe0-5a18-4d99-91b6-8073dce09628/1/DaBx2OISvzVqEjxYQtvun-4Dcyc.roa
Signing time: Wed 19 Jun 2024 11:00:38 +0000
ROA not before: Wed 19 Jun 2024 11:00:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8821
IP address blocks: 62.171.0.0/17 maxlen: 17
77.245.176.0/20 maxlen: 20
82.136.64.0/18 maxlen: 18
151.248.128.0/17 maxlen: 17
158.181.96.0/19 maxlen: 19
185.42.244.0/22 maxlen: 22
185.244.112.0/22 maxlen: 22
212.4.64.0/19 maxlen: 19
2a01:760::/29 maxlen: 29
2a01:8b80::/29 maxlen: 29
2a01:8b80::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 15 Oct 2024 19:04:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:30:27:e1:bb:ca:12:0a:7f:5d:fb:9f:b1:24:a5:11:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4ac2bc0e3e59332f4be2c58ff25a1861f5fde819
Validity
Not Before: Jun 19 11:00:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0da071d8e212bf356a123c5842dbee9fee037327
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:95:9f:3d:2c:da:43:c9:fc:05:68:3b:47:ba:
0f:6b:3e:f4:37:0f:31:77:af:20:de:40:2f:ee:a2:
76:4d:6d:91:76:b3:e6:73:04:d5:c4:82:86:5e:8c:
2c:6e:70:ab:05:8c:29:c3:fe:c7:91:80:e9:be:ad:
78:d0:40:e1:83:cb:ae:46:30:26:fa:04:8c:1e:bd:
cb:ab:98:9b:ef:f3:8f:4e:b2:85:a6:fb:fc:cd:1e:
c1:cf:04:9d:e2:92:25:84:eb:3b:a6:df:12:11:7b:
27:e0:a1:37:0e:f9:7b:56:87:6f:26:72:7e:59:35:
81:f5:30:a2:73:0a:de:93:63:cc:36:85:ee:9b:8c:
45:f6:f8:d7:22:bd:b8:4e:58:61:5c:a8:8e:0f:73:
67:d9:0f:d8:12:93:85:74:95:e1:6d:59:2d:59:68:
00:db:e2:39:80:c9:79:50:a8:f0:24:9d:b9:d8:5f:
a8:f0:2e:dd:fd:95:bd:66:0b:9e:06:be:56:91:a6:
5a:fd:48:2f:4b:40:d9:88:e6:eb:77:9d:51:b7:e5:
7d:96:02:1e:eb:3f:a0:6f:92:07:ce:a1:6d:a4:75:
a6:b8:27:09:df:9e:ce:21:d8:cc:c3:ac:f6:34:3f:
47:52:36:b4:b5:e6:98:4b:81:7f:18:ed:97:0a:a4:
90:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:A0:71:D8:E2:12:BF:35:6A:12:3C:58:42:DB:EE:9F:EE:03:73:27
X509v3 Authority Key Identifier:
keyid:4A:C2:BC:0E:3E:59:33:2F:4B:E2:C5:8F:F2:5A:18:61:F5:FD:E8:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SsK8Dj5ZMy9L4sWP8loYYfX96Bk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/48afe0-5a18-4d99-91b6-8073dce09628/1/DaBx2OISvzVqEjxYQtvun-4Dcyc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/48afe0-5a18-4d99-91b6-8073dce09628/1/SsK8Dj5ZMy9L4sWP8loYYfX96Bk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.171.0.0/17
77.245.176.0/20
82.136.64.0/18
151.248.128.0/17
158.181.96.0/19
185.42.244.0/22
185.244.112.0/22
212.4.64.0/19
IPv6:
2a01:760::/29
2a01:8b80::/29
Signature Algorithm: sha256WithRSAEncryption
72:a0:ad:9b:20:12:ab:60:7e:ef:c7:72:b9:02:49:0f:ef:45:
53:83:fb:f9:06:ca:1e:84:54:a4:a6:45:1a:82:99:68:be:bb:
5d:99:00:5d:c2:e5:76:1a:84:fc:2d:6d:13:45:0c:1f:65:ec:
8f:96:02:ae:93:2f:93:88:ba:1b:a1:69:78:c8:ba:a5:27:cd:
a2:de:7c:10:63:34:ba:a0:cc:48:aa:89:e0:2e:52:4a:2f:75:
42:0f:36:00:58:d9:fb:af:3e:36:4a:d9:6c:42:54:cc:49:23:
58:01:74:43:5b:62:d9:a1:e4:9d:f7:4f:55:f4:a2:ab:93:33:
f1:11:02:83:62:e1:11:ef:85:11:a7:a0:b1:f7:61:c9:40:5e:
93:08:f0:89:35:d8:f6:9c:8a:71:7a:83:9d:53:de:99:f8:b7:
56:10:0a:30:d2:b9:61:9c:41:47:23:a3:e5:b4:5c:5b:0b:48:
4b:bf:9d:6f:27:64:d8:3f:d3:f9:83:b6:9f:20:f2:f8:2a:2f:
34:dc:26:72:b3:cc:8d:7b:71:63:0b:ae:9a:9d:2a:56:eb:01:
d6:f0:a7:1d:e1:8f:15:d4:b8:e7:fb:e5:c6:3c:0a:ff:ee:36:
99:69:10:f7:d7:4c:78:a2:77:08:9b:0c:80:9a:8d:e9:b3:eb:
be:16:84:53
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAZAwJ+G7yhIKf137n7EkpRGwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhYzJiYzBlM2U1OTMzMmY0YmUyYzU4ZmYyNWExODYxZjVm
ZGU4MTkwHhcNMjQwNjE5MTEwMDM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZGEwNzFkOGUyMTJiZjM1NmExMjNjNTg0MmRiZWU5ZmVlMDM3MzI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnJWfPSzaQ8n8BWg7R7oPaz70Nw8x
d68g3kAv7qJ2TW2RdrPmcwTVxIKGXowsbnCrBYwpw/7HkYDpvq140EDhg8uuRjAm
+gSMHr3Lq5ib7/OPTrKFpvv8zR7BzwSd4pIlhOs7pt8SEXsn4KE3Dvl7VodvJnJ+
WTWB9TCicwrek2PMNoXum4xF9vjXIr24TlhhXKiOD3Nn2Q/YEpOFdJXhbVktWWgA
2+I5gMl5UKjwJJ252F+o8C7d/ZW9ZgueBr5WkaZa/UgvS0DZiObrd51Rt+V9lgIe
6z+gb5IHzqFtpHWmuCcJ357OIdjMw6z2ND9HUja0teaYS4F/GO2XCqSQsQIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFA2gcdjiEr81ahI8WELb7p/uA3MnMB8GA1UdIwQY
MBaAFErCvA4+WTMvS+LFj/JaGGH1/egZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU3NLOERqNVpNeTlMNHNXUDhsb1lZZlg5NkJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC80OGFmZTAtNWExOC00ZDk5LTkxYjYt
ODA3M2RjZTA5NjI4LzEvRGFCeDJPSVN2elZxRWp4WVF0dnVuLTREY3ljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC80OGFmZTAtNWExOC00ZDk5LTkxYjYtODA3M2RjZTA5NjI4
LzEvU3NLOERqNVpNeTlMNHNXUDhsb1lZZlg5NkJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjA2BAIAATAwAwQHPqsAAwQE
TfWwAwQGUohAAwQHl/iAAwQFnrVgAwQCuSr0AwQCufRwAwQF1ARAMBQEAgACMA4D
BQMqAQdgAwUDKgGLgDANBgkqhkiG9w0BAQsFAAOCAQEAcqCtmyASq2B+78dyuQJJ
D+9FU4P7+QbKHoRUpKZFGoKZaL67XZkAXcLldhqE/C1tE0UMH2Xsj5YCrpMvk4i6
G6FpeMi6pSfNot58EGM0uqDMSKqJ4C5SSi91Qg82AFjZ+68+NkrZbEJUzEkjWAF0
Q1ti2aHknfdPVfSiq5Mz8RECg2LhEe+FEaegsfdhyUBekwjwiTXY9pyKcXqDnVPe
mfi3VhAKMNK5YZxBRyOj5bRcWwtIS7+dbydk2D/T+YO2nyDy+CovNNwmcrPMjXtx
Ywuump0qVusB1vCnHeGPFdS45/vlxjwK/+42mWkQ99dMeKJ3CJsMgJqN6bPrvhaE
Uw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:11:47 2025 by rpki-client