Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/94ac17-f9dd-49f6-a88a-208dc068d53c/1/8qD57pTGe2OnvOo355_L5DqAY2I.roa
File: 8qD57pTGe2OnvOo355_L5DqAY2I.roa (raw, json)
Hash identifier: 8NCDrgl0Su+nxqlocHkKHJvmN4bXLP71GRHtyo37MS8=
Subject key identifier: F2:A0:F9:EE:94:C6:7B:63:A7:BC:EA:37:E7:9F:CB:E4:3A:80:63:62
Certificate issuer: /CN=dd2a695c41221dd8eddcfc5c4b5cc0b789cb953b
Certificate serial: 01900B9B227FBCFB1FD61E4520AE81A35506
Authority key identifier: DD:2A:69:5C:41:22:1D:D8:ED:DC:FC:5C:4B:5C:C0:B7:89:CB:95:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3SppXEEiHdjt3PxcS1zAt4nLlTs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/94ac17-f9dd-49f6-a88a-208dc068d53c/1/8qD57pTGe2OnvOo355_L5DqAY2I.roa
Signing time: Wed 12 Jun 2024 08:40:34 +0000
ROA not before: Wed 12 Jun 2024 08:40:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39090
IP address blocks: 45.11.204.0/22 maxlen: 22
84.39.64.0/19 maxlen: 19
185.116.17.0/24 maxlen: 24
185.116.19.0/24 maxlen: 24
2a02:d180::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 02 Jan 2025 09:49:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:0b:9b:22:7f:bc:fb:1f:d6:1e:45:20:ae:81:a3:55:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dd2a695c41221dd8eddcfc5c4b5cc0b789cb953b
Validity
Not Before: Jun 12 08:40:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f2a0f9ee94c67b63a7bcea37e79fcbe43a806362
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:8b:2f:4e:3a:7b:d6:01:88:f1:46:e1:8c:c4:
ae:2e:a3:1f:c6:39:02:87:26:01:d3:c7:2d:34:52:
3b:23:91:3c:a5:98:1b:8f:e2:d0:19:52:d8:d5:d3:
a8:f0:ae:19:a7:03:20:ef:37:a6:50:6a:e1:c4:9a:
48:00:c2:b5:eb:23:fb:7e:0a:70:02:6d:c3:c4:b6:
b5:b3:a3:46:0f:0e:8b:cf:d2:9c:a6:79:8b:d4:90:
12:49:5e:83:89:5b:a8:d7:68:c5:a3:87:ab:a1:6d:
7d:5c:11:ce:d1:98:28:50:aa:b8:3f:9e:23:53:bf:
87:3c:85:b3:b3:27:e7:07:6a:b8:9f:3a:da:3b:c4:
95:40:f3:78:0f:8f:06:ac:30:20:45:d0:a2:59:9d:
92:b3:4d:5d:44:56:ea:a0:9e:c4:f8:7b:59:37:69:
62:04:2e:9f:e9:e1:30:f5:ce:e6:2b:5a:c0:80:1a:
0f:53:97:88:5d:4b:77:be:5a:92:f7:7c:f6:2d:0c:
7d:ee:2c:b1:bf:97:75:62:43:ee:3a:67:cb:65:bd:
d4:45:7d:7e:5d:e6:ab:71:c5:13:f1:e6:6c:ce:d4:
55:7b:e7:16:ce:0c:db:ad:11:1f:c3:9d:09:04:e7:
b9:a0:c0:36:9e:23:30:10:78:be:a8:09:4b:3c:fe:
ee:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:A0:F9:EE:94:C6:7B:63:A7:BC:EA:37:E7:9F:CB:E4:3A:80:63:62
X509v3 Authority Key Identifier:
keyid:DD:2A:69:5C:41:22:1D:D8:ED:DC:FC:5C:4B:5C:C0:B7:89:CB:95:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3SppXEEiHdjt3PxcS1zAt4nLlTs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/94ac17-f9dd-49f6-a88a-208dc068d53c/1/8qD57pTGe2OnvOo355_L5DqAY2I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/94ac17-f9dd-49f6-a88a-208dc068d53c/1/3SppXEEiHdjt3PxcS1zAt4nLlTs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.11.204.0/22
84.39.64.0/19
185.116.17.0/24
185.116.19.0/24
IPv6:
2a02:d180::/29
Signature Algorithm: sha256WithRSAEncryption
0a:6e:fa:4b:07:b5:e2:a9:ab:68:23:38:1d:a4:b3:a9:c3:40:
20:66:ac:62:f7:1c:fd:49:21:2f:c4:f0:7d:a8:4f:7b:dc:5f:
7e:f7:1e:dd:d2:fb:4d:5e:8a:d8:ca:10:12:e9:30:36:50:10:
5a:fa:4f:6a:4c:5a:57:2f:54:ae:85:c4:2e:82:e0:c9:d3:ce:
e9:a6:a3:81:e0:a6:dd:37:3d:d0:46:ad:89:72:a7:f7:93:82:
48:3d:c1:02:ae:15:d4:1d:52:9c:d5:2e:af:aa:56:1b:f2:3e:
63:5a:5c:b9:4b:3b:91:94:e8:0a:df:ba:c6:23:38:eb:12:d0:
c9:4e:24:8e:ed:68:19:d8:ae:f9:6d:a6:c6:ef:20:81:49:e8:
84:ec:76:ca:0d:ea:83:46:76:b1:e9:be:0f:d9:cc:11:71:23:
03:17:dc:ca:75:62:ce:a6:e8:89:ad:4e:22:7c:cd:16:63:17:
66:80:d6:d7:a5:41:37:36:47:0f:c8:55:90:e0:f2:ef:11:2e:
08:64:9e:f9:f9:8a:ff:a6:47:db:a5:c4:c6:00:bd:91:56:41:
68:82:7b:76:08:49:53:7b:7b:2b:48:39:6b:5b:2a:db:ec:d5:
06:ad:1e:9e:16:3c:2d:bc:e9:9f:1d:b9:4b:aa:8b:34:00:b2:
eb:b6:11:85
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZALmyJ/vPsf1h5FIK6Bo1UGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkMmE2OTVjNDEyMjFkZDhlZGRjZmM1YzRiNWNjMGI3ODlj
Yjk1M2IwHhcNMjQwNjEyMDg0MDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMmEwZjllZTk0YzY3YjYzYTdiY2VhMzdlNzlmY2JlNDNhODA2MzYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwIsvTjp71gGI8UbhjMSuLqMfxjkC
hyYB08ctNFI7I5E8pZgbj+LQGVLY1dOo8K4ZpwMg7zemUGrhxJpIAMK16yP7fgpw
Am3DxLa1s6NGDw6Lz9KcpnmL1JASSV6DiVuo12jFo4eroW19XBHO0ZgoUKq4P54j
U7+HPIWzsyfnB2q4nzraO8SVQPN4D48GrDAgRdCiWZ2Ss01dRFbqoJ7E+HtZN2li
BC6f6eEw9c7mK1rAgBoPU5eIXUt3vlqS93z2LQx97iyxv5d1YkPuOmfLZb3URX1+
XearccUT8eZsztRVe+cWzgzbrREfw50JBOe5oMA2niMwEHi+qAlLPP7ubwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFPKg+e6Uxntjp7zqN+efy+Q6gGNiMB8GA1UdIwQY
MBaAFN0qaVxBIh3Y7dz8XEtcwLeJy5U7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1NwcFhFRWlIZGp0M1B4Y1MxekF0NG5MbFRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC85NGFjMTctZjlkZC00OWY2LWE4OGEt
MjA4ZGMwNjhkNTNjLzEvOHFENTdwVEdlMk9udk9vMzU1X0w1RHFBWTJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC85NGFjMTctZjlkZC00OWY2LWE4OGEtMjA4ZGMwNjhkNTNj
LzEvM1NwcFhFRWlIZGp0M1B4Y1MxekF0NG5MbFRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQCLQvMAwQF
VCdAAwQAuXQRAwQAuXQTMA0EAgACMAcDBQMqAtGAMA0GCSqGSIb3DQEBCwUAA4IB
AQAKbvpLB7XiqatoIzgdpLOpw0AgZqxi9xz9SSEvxPB9qE973F9+9x7d0vtNXorY
yhAS6TA2UBBa+k9qTFpXL1SuhcQuguDJ087ppqOB4KbdNz3QRq2Jcqf3k4JIPcEC
rhXUHVKc1S6vqlYb8j5jWly5SzuRlOgK37rGIzjrEtDJTiSO7WgZ2K75babG7yCB
SeiE7HbKDeqDRnax6b4P2cwRcSMDF9zKdWLOpuiJrU4ifM0WYxdmgNbXpUE3NkcP
yFWQ4PLvES4IZJ75+Yr/pkfbpcTGAL2RVkFognt2CElTe3srSDlrWyrb7NUGrR6e
FjwtvOmfHblLqos0ALLrthGF
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:33:36 2025 by rpki-client