Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/04e8b2-c76f-4629-95ad-a7d945af14e5/1/DD6xfGeqNdgpxZivW7PeOsFiyRI.roa
File: DD6xfGeqNdgpxZivW7PeOsFiyRI.roa (raw, json)
Hash identifier: BUKB5HrLx5mg78I2ChlxsrbQ6WT+jD/RB6Th9mIVapc=
Subject key identifier: 0C:3E:B1:7C:67:AA:35:D8:29:C5:98:AF:5B:B3:DE:3A:C1:62:C9:12
Certificate issuer: /CN=53e3aedd91be82451342dcd1c9828345db661a5f
Certificate serial: 019377E7573DEE99232D1B19F34797B00344
Authority key identifier: 53:E3:AE:DD:91:BE:82:45:13:42:DC:D1:C9:82:83:45:DB:66:1A:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U-Ou3ZG-gkUTQtzRyYKDRdtmGl8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/04e8b2-c76f-4629-95ad-a7d945af14e5/1/DD6xfGeqNdgpxZivW7PeOsFiyRI.roa
Signing time: Fri 29 Nov 2024 12:31:09 +0000
ROA not before: Fri 29 Nov 2024 12:31:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43668
IP address blocks: 91.197.184.0/22 maxlen: 22
185.225.196.0/24 maxlen: 24
194.116.141.0/24 maxlen: 24
2001:67c:15d8::/48 maxlen: 48
2a0d:5d00::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 02 Jan 2025 11:49:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:77:e7:57:3d:ee:99:23:2d:1b:19:f3:47:97:b0:03:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=53e3aedd91be82451342dcd1c9828345db661a5f
Validity
Not Before: Nov 29 12:31:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0c3eb17c67aa35d829c598af5bb3de3ac162c912
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:4a:5a:e2:99:16:ea:17:73:3d:c3:63:93:75:
aa:f6:d8:a5:88:e4:02:93:0b:00:1f:af:82:dd:8a:
d5:85:ed:c9:b8:55:49:76:25:ca:86:45:e6:3d:8e:
28:03:01:d7:bc:98:ed:64:82:b9:8e:7c:01:6b:3c:
cd:4e:fe:ca:33:21:ea:c4:a3:a1:8a:8e:be:07:36:
75:b2:13:27:c6:a7:70:53:d2:d3:44:31:95:43:c9:
e8:52:9f:21:28:55:cf:71:f3:07:81:c5:42:87:a0:
12:f4:ed:13:a2:9b:b0:af:10:39:da:16:e6:87:d5:
27:e9:da:17:0c:b9:c9:e6:bd:55:c0:0d:26:46:0e:
d0:7b:2c:e1:52:3d:eb:32:53:90:be:0c:61:8a:63:
2f:11:df:6d:f2:ce:a1:e4:36:bb:43:6c:b1:34:a5:
a1:9e:66:9c:a7:75:37:a7:ff:34:41:ad:8a:7f:9c:
88:3b:a0:3a:1b:cf:20:c4:94:99:d8:f6:2d:66:d3:
31:06:40:0d:81:ad:c9:d5:14:39:b8:74:92:a6:c8:
72:9e:26:fc:fb:cc:69:da:0e:b5:8d:9d:83:7c:f7:
04:ce:e8:83:8f:15:0f:43:b8:20:4b:2c:96:c3:57:
67:3b:f0:fb:d3:7e:38:63:c7:9d:a7:b9:79:87:69:
fa:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:3E:B1:7C:67:AA:35:D8:29:C5:98:AF:5B:B3:DE:3A:C1:62:C9:12
X509v3 Authority Key Identifier:
keyid:53:E3:AE:DD:91:BE:82:45:13:42:DC:D1:C9:82:83:45:DB:66:1A:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U-Ou3ZG-gkUTQtzRyYKDRdtmGl8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/04e8b2-c76f-4629-95ad-a7d945af14e5/1/DD6xfGeqNdgpxZivW7PeOsFiyRI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/04e8b2-c76f-4629-95ad-a7d945af14e5/1/U-Ou3ZG-gkUTQtzRyYKDRdtmGl8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.197.184.0/22
185.225.196.0/24
194.116.141.0/24
IPv6:
2001:67c:15d8::/48
2a0d:5d00::/29
Signature Algorithm: sha256WithRSAEncryption
38:d9:e6:92:3b:a4:fa:8f:89:d5:0b:f6:c0:34:6a:01:e8:6d:
8e:15:5a:09:f9:f5:1d:4b:05:29:3a:b5:a5:73:b4:d4:ba:19:
ea:3a:7f:14:07:e5:b9:b1:63:2e:8c:90:cb:9f:04:7b:c0:e4:
15:86:43:4b:79:c9:9c:3f:5b:95:f1:31:ed:cf:4e:0b:12:8d:
03:d0:9d:03:8c:9b:2d:24:f8:f1:9f:67:e7:ab:95:d9:8d:bb:
21:6c:af:82:21:89:91:50:9c:ea:e9:29:13:43:d4:20:66:39:
2f:d6:4d:34:ea:92:9a:48:93:e1:92:2b:b6:f0:ca:b3:d2:76:
97:c3:83:b6:db:25:fd:4b:ab:af:9c:f5:38:98:ce:8c:cb:47:
4c:f8:01:1b:0e:d8:2e:2a:5c:2a:55:e2:4d:21:fd:b9:e5:01:
8d:f3:83:72:c8:d8:6d:7b:f5:50:3c:4a:17:90:12:96:1a:30:
58:0e:d3:b0:e3:50:ff:4f:a6:4c:b8:e7:40:21:31:5b:1e:be:
c8:46:be:b1:37:15:43:99:a1:7e:5f:33:33:88:a2:ea:c9:2b:
4e:8b:51:60:18:75:44:15:c2:03:80:5b:3c:03:ff:56:3f:1e:
22:c7:77:03:f4:01:c5:37:1d:ee:57:0a:f8:0e:e3:c4:f4:0e:
09:dc:ff:7b
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZN351c97pkjLRsZ80eXsANEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzZTNhZWRkOTFiZTgyNDUxMzQyZGNkMWM5ODI4MzQ1ZGI2
NjFhNWYwHhcNMjQxMTI5MTIzMTA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzNlYjE3YzY3YWEzNWQ4MjljNTk4YWY1YmIzZGUzYWMxNjJjOTEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoUpa4pkW6hdzPcNjk3Wq9tiliOQC
kwsAH6+C3YrVhe3JuFVJdiXKhkXmPY4oAwHXvJjtZIK5jnwBazzNTv7KMyHqxKOh
io6+BzZ1shMnxqdwU9LTRDGVQ8noUp8hKFXPcfMHgcVCh6AS9O0TopuwrxA52hbm
h9Un6doXDLnJ5r1VwA0mRg7QeyzhUj3rMlOQvgxhimMvEd9t8s6h5Da7Q2yxNKWh
nmacp3U3p/80Qa2Kf5yIO6A6G88gxJSZ2PYtZtMxBkANga3J1RQ5uHSSpshynib8
+8xp2g61jZ2DfPcEzuiDjxUPQ7ggSyyWw1dnO/D70344Y8edp7l5h2n6cQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFAw+sXxnqjXYKcWYr1uz3jrBYskSMB8GA1UdIwQY
MBaAFFPjrt2RvoJFE0Lc0cmCg0XbZhpfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVS1PdTNaRy1na1VUUXR6UnlZS0RSZHRtR2w4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS8wNGU4YjItYzc2Zi00NjI5LTk1YWQt
YTdkOTQ1YWYxNGU1LzEvREQ2eGZHZXFOZGdweFppdlc3UGVPc0ZpeVJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS8wNGU4YjItYzc2Zi00NjI5LTk1YWQtYTdkOTQ1YWYxNGU1
LzEvVS1PdTNaRy1na1VUUXR6UnlZS0RSZHRtR2w4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAYBAIAATASAwQCW8W4AwQA
ueHEAwQAwnSNMBYEAgACMBADBwAgAQZ8FdgDBQMqDV0AMA0GCSqGSIb3DQEBCwUA
A4IBAQA42eaSO6T6j4nVC/bANGoB6G2OFVoJ+fUdSwUpOrWlc7TUuhnqOn8UB+W5
sWMujJDLnwR7wOQVhkNLecmcP1uV8THtz04LEo0D0J0DjJstJPjxn2fnq5XZjbsh
bK+CIYmRUJzq6SkTQ9QgZjkv1k006pKaSJPhkiu28Mqz0naXw4O22yX9S6uvnPU4
mM6My0dM+AEbDtguKlwqVeJNIf255QGN84NyyNhte/VQPEoXkBKWGjBYDtOw41D/
T6ZMuOdAITFbHr7IRr6xNxVDmaF+XzMziKLqyStOi1FgGHVEFcIDgFs8A/9WPx4i
x3cD9AHFNx3uVwr4DuPE9A4J3P97
-----END CERTIFICATE-----
Generated at Mon Apr 21 01:57:59 2025 by rpki-client