Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/14821a-2119-4771-8c76-387706c2a849/1/dVRCa-IaMp1OpD0MM7uhF_IbJJc.roa
File: dVRCa-IaMp1OpD0MM7uhF_IbJJc.roa (raw, json)
Hash identifier: B3n7NtabcUQUkcIso1jCRLpgbYjJM/F+3cpSnwTee3Y=
Subject key identifier: 75:54:42:6B:E2:1A:32:9D:4E:A4:3D:0C:33:BB:A1:17:F2:1B:24:97
Certificate issuer: /CN=13ef32d8bf153c04c6393be24f063243f7e8a7e2
Certificate serial: 018CC5DC9307F48CFBCE306753B5E1D5EECD
Authority key identifier: 13:EF:32:D8:BF:15:3C:04:C6:39:3B:E2:4F:06:32:43:F7:E8:A7:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/E-8y2L8VPATGOTviTwYyQ_fop-I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/14821a-2119-4771-8c76-387706c2a849/1/dVRCa-IaMp1OpD0MM7uhF_IbJJc.roa
Signing time: Mon 01 Jan 2024 16:30:16 +0000
ROA not before: Mon 01 Jan 2024 16:30:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204315
IP address blocks: 185.253.148.0/24 maxlen: 24
185.253.148.0/22 maxlen: 22
185.253.149.0/24 maxlen: 24
2a0c:3d40::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 01 Jan 2025 03:47:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:93:07:f4:8c:fb:ce:30:67:53:b5:e1:d5:ee:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=13ef32d8bf153c04c6393be24f063243f7e8a7e2
Validity
Not Before: Jan 1 16:30:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7554426be21a329d4ea43d0c33bba117f21b2497
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:40:bc:cf:c3:85:2b:db:39:2f:f0:87:c7:bc:
af:19:0a:e4:82:a1:19:b6:2a:e4:4d:a2:02:de:8c:
82:bf:1d:1d:33:50:5b:fb:c2:bb:1f:b9:01:35:6f:
2b:cf:df:2f:d2:3b:41:17:3e:6a:37:69:35:b7:5f:
e1:89:52:9d:5c:54:83:c6:4e:22:12:01:c2:18:54:
62:35:fb:a6:3d:3a:65:5e:e2:1f:23:04:f1:29:41:
1d:76:72:8f:75:7a:52:ce:e7:0a:3c:ec:e7:29:e4:
38:b4:5a:e8:84:9f:53:45:6c:0b:17:82:1e:12:45:
e5:41:ff:81:cd:7f:d0:d4:48:29:99:c8:1d:85:12:
7b:ae:e0:0d:64:b9:b6:f6:4a:51:8e:7f:35:53:d4:
1d:c7:26:9f:dc:e0:1a:ad:5d:a8:15:71:35:2f:06:
58:34:a1:47:d6:c8:fd:0d:a5:d6:f8:7b:87:8c:16:
30:8e:64:db:47:75:e7:db:37:e0:ce:06:dd:dc:03:
11:54:45:a5:9c:5b:e5:98:20:01:75:54:42:7e:93:
17:2e:05:e6:94:d7:8c:38:85:29:4f:40:e3:17:ca:
b4:b9:1f:ad:7c:f1:50:3a:a2:a7:2b:08:9c:09:67:
3d:ca:98:e4:68:6b:ca:61:dc:2a:1e:97:29:8d:e2:
96:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:54:42:6B:E2:1A:32:9D:4E:A4:3D:0C:33:BB:A1:17:F2:1B:24:97
X509v3 Authority Key Identifier:
keyid:13:EF:32:D8:BF:15:3C:04:C6:39:3B:E2:4F:06:32:43:F7:E8:A7:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/E-8y2L8VPATGOTviTwYyQ_fop-I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/14821a-2119-4771-8c76-387706c2a849/1/dVRCa-IaMp1OpD0MM7uhF_IbJJc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/14821a-2119-4771-8c76-387706c2a849/1/E-8y2L8VPATGOTviTwYyQ_fop-I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.253.148.0/22
IPv6:
2a0c:3d40::/32
Signature Algorithm: sha256WithRSAEncryption
70:a3:f3:70:15:48:47:ac:52:72:29:34:7d:84:38:83:62:6f:
89:fa:63:49:69:2d:e1:c2:92:07:c4:88:8d:d0:cc:30:66:e6:
dd:15:6b:30:ba:72:f9:34:88:7a:de:5d:fe:d6:d3:02:04:41:
f2:32:42:f2:d9:d1:dd:10:07:5f:50:88:29:07:8e:7c:dd:c2:
db:e5:f7:a6:96:9f:13:e0:68:1a:1d:8d:84:ac:b3:e4:dc:b7:
b6:67:03:0a:09:ac:01:f7:bd:72:14:a2:71:16:7e:99:30:52:
0b:4b:dd:5c:17:af:ab:f8:e8:ff:52:de:8a:80:02:b4:ce:0b:
c4:da:2b:e8:cb:99:30:a5:96:1c:56:3a:1f:17:d2:ff:78:7d:
ff:00:f2:ca:b2:25:f6:5f:c1:d8:e1:a1:68:1e:1d:ee:bf:6f:
10:e5:f5:05:66:27:9d:3b:37:65:a3:28:82:d0:77:00:32:44:
4c:33:70:57:2c:3a:89:49:88:81:0d:4b:ab:bd:de:f9:73:20:
c5:b3:cb:d1:75:08:a7:51:e0:b0:61:fb:e5:29:c0:72:53:76:
94:89:e3:9f:42:60:87:77:d5:4a:0a:c6:9e:7e:62:97:9d:31:
87:74:78:f5:58:75:fc:cc:44:3d:e9:57:6a:84:df:91:0f:1c:
48:19:00:31
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzF3JMH9Iz7zjBnU7Xh1e7NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzZWYzMmQ4YmYxNTNjMDRjNjM5M2JlMjRmMDYzMjQzZjdl
OGE3ZTIwHhcNMjQwMTAxMTYzMDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTU0NDI2YmUyMWEzMjlkNGVhNDNkMGMzM2JiYTExN2YyMWIyNDk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkEC8z8OFK9s5L/CHx7yvGQrkgqEZ
tirkTaIC3oyCvx0dM1Bb+8K7H7kBNW8rz98v0jtBFz5qN2k1t1/hiVKdXFSDxk4i
EgHCGFRiNfumPTplXuIfIwTxKUEddnKPdXpSzucKPOznKeQ4tFrohJ9TRWwLF4Ie
EkXlQf+BzX/Q1EgpmcgdhRJ7ruANZLm29kpRjn81U9Qdxyaf3OAarV2oFXE1LwZY
NKFH1sj9DaXW+HuHjBYwjmTbR3Xn2zfgzgbd3AMRVEWlnFvlmCABdVRCfpMXLgXm
lNeMOIUpT0DjF8q0uR+tfPFQOqKnKwicCWc9ypjkaGvKYdwqHpcpjeKWpwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFHVUQmviGjKdTqQ9DDO7oRfyGySXMB8GA1UdIwQY
MBaAFBPvMti/FTwExjk74k8GMkP36KfiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRS04eTJMOFZQQVRHT1R2aVR3WXlRX2ZvcC1JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8xNDgyMWEtMjExOS00NzcxLThjNzYt
Mzg3NzA2YzJhODQ5LzEvZFZSQ2EtSWFNcDFPcEQwTU03dWhGX0liSkpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8xNDgyMWEtMjExOS00NzcxLThjNzYtMzg3NzA2YzJhODQ5
LzEvRS04eTJMOFZQQVRHT1R2aVR3WXlRX2ZvcC1JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuf2UMA0E
AgACMAcDBQAqDD1AMA0GCSqGSIb3DQEBCwUAA4IBAQBwo/NwFUhHrFJyKTR9hDiD
Ym+J+mNJaS3hwpIHxIiN0MwwZubdFWswunL5NIh63l3+1tMCBEHyMkLy2dHdEAdf
UIgpB4583cLb5femlp8T4GgaHY2ErLPk3Le2ZwMKCawB971yFKJxFn6ZMFILS91c
F6+r+Oj/Ut6KgAK0zgvE2ivoy5kwpZYcVjofF9L/eH3/APLKsiX2X8HY4aFoHh3u
v28Q5fUFZiedOzdloyiC0HcAMkRMM3BXLDqJSYiBDUurvd75cyDFs8vRdQinUeCw
YfvlKcByU3aUieOfQmCHd9VKCsaefmKXnTGHdHj1WHX8zEQ96VdqhN+RDxxIGQAx
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:41:15 2025 by rpki-client