Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/f9a8ec-f582-475c-8cc9-d5c8635bec88/1/DCvK7cK3i1VwvxNTni35HB3Tz9I.roa
File: DCvK7cK3i1VwvxNTni35HB3Tz9I.roa (raw, json)
Hash identifier: vcxixlNoGeDLSyJA1P34bMEzED8HYhFNXvnbxHgMn1s=
Subject key identifier: 0C:2B:CA:ED:C2:B7:8B:55:70:BF:13:53:9E:2D:F9:1C:1D:D3:CF:D2
Certificate issuer: /CN=bd6aa7362d36792cbcfa83609b5d75cc965f3faf
Certificate serial: 01909B9558345213A9A6E4CDCE2159B902A3
Authority key identifier: BD:6A:A7:36:2D:36:79:2C:BC:FA:83:60:9B:5D:75:CC:96:5F:3F:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vWqnNi02eSy8-oNgm111zJZfP68.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/f9a8ec-f582-475c-8cc9-d5c8635bec88/1/DCvK7cK3i1VwvxNTni35HB3Tz9I.roa
Signing time: Wed 10 Jul 2024 07:39:34 +0000
ROA not before: Wed 10 Jul 2024 07:39:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208669
IP address blocks: 85.202.92.0/24 maxlen: 24
85.202.93.0/24 maxlen: 24
2a10:1900::/32 maxlen: 32
2a10:1901::/32 maxlen: 32
2a10:1902::/32 maxlen: 32
2a10:1903::/32 maxlen: 32
2a10:1904::/32 maxlen: 32
2a10:1905::/32 maxlen: 32
2a10:1906::/32 maxlen: 32
2a10:1907::/32 maxlen: 32
Validation: Failed, certificate revoked on Sat 31 Aug 2024 20:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:9b:95:58:34:52:13:a9:a6:e4:cd:ce:21:59:b9:02:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bd6aa7362d36792cbcfa83609b5d75cc965f3faf
Validity
Not Before: Jul 10 07:39:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0c2bcaedc2b78b5570bf13539e2df91c1dd3cfd2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:b3:32:be:50:85:ee:69:3b:5e:c1:14:96:75:
c1:90:2d:2e:0e:dd:aa:25:68:60:02:2c:78:e9:8f:
f4:33:1c:6b:69:89:db:8d:a4:9a:f4:54:83:88:4c:
48:6f:c6:a4:23:d1:bd:4b:c4:10:91:87:0a:d5:9b:
bc:5d:e0:20:ca:d2:01:5c:59:e2:ce:19:24:b4:ab:
a0:36:4a:f6:7e:8c:22:20:0e:bf:cd:06:19:de:72:
cf:53:89:d8:11:5a:51:d5:5e:44:94:c0:a5:06:91:
c9:35:91:dd:0f:a8:39:7d:03:c6:00:a1:89:0d:08:
3b:ec:97:00:37:18:a9:e9:fa:ed:83:1f:c0:eb:ec:
ef:c5:4b:10:43:22:dd:50:dc:2e:99:26:9a:78:80:
1e:e0:2a:05:0c:d5:4e:91:a2:f5:0f:5a:7a:b6:00:
c0:32:6f:5a:da:f8:d8:a1:8a:36:1d:b6:f1:22:0b:
67:76:b5:14:6e:4e:51:08:72:c9:53:74:51:70:ed:
43:45:08:85:fa:f2:a3:43:72:f1:10:a9:33:33:bf:
17:26:f0:a1:4d:99:fa:db:fe:38:82:65:8e:2c:3d:
1f:a6:4f:2c:a9:80:50:a5:8f:16:10:90:9c:1f:42:
a9:3e:45:a9:11:76:e8:b4:4a:80:17:58:f6:4c:91:
e6:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:2B:CA:ED:C2:B7:8B:55:70:BF:13:53:9E:2D:F9:1C:1D:D3:CF:D2
X509v3 Authority Key Identifier:
keyid:BD:6A:A7:36:2D:36:79:2C:BC:FA:83:60:9B:5D:75:CC:96:5F:3F:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vWqnNi02eSy8-oNgm111zJZfP68.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/f9a8ec-f582-475c-8cc9-d5c8635bec88/1/DCvK7cK3i1VwvxNTni35HB3Tz9I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/f9a8ec-f582-475c-8cc9-d5c8635bec88/1/vWqnNi02eSy8-oNgm111zJZfP68.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.202.92.0/23
IPv6:
2a10:1900::/29
Signature Algorithm: sha256WithRSAEncryption
63:b0:70:7f:35:2e:c2:bd:7b:5c:4f:03:56:fd:92:b1:13:9f:
2f:f2:e2:16:4f:ef:0f:8b:d3:a9:9d:41:6b:10:b5:f0:0a:9e:
3b:48:29:78:53:19:80:b9:45:6b:e4:51:7a:1f:c9:cb:c3:1d:
c8:94:28:96:35:b2:40:a4:72:93:24:de:ee:50:b0:62:f3:1d:
17:8c:62:91:04:79:9d:11:7b:4d:89:f3:f0:ef:04:71:13:c9:
ac:ce:24:20:94:7c:ef:d8:6f:78:ff:ee:d9:93:2c:f5:f8:f2:
a6:73:72:20:16:d7:88:67:d6:db:74:16:01:a2:0a:03:b0:25:
1c:1a:d8:06:d9:8f:f0:6e:f7:22:39:19:50:cd:55:a0:2f:43:
e7:62:10:77:8c:b4:49:a8:33:f0:a8:80:83:58:c9:4f:8a:0c:
70:78:2c:38:cc:12:78:22:f5:59:d7:36:96:13:2a:56:12:7f:
73:a5:5b:7e:f1:0e:11:a5:81:75:7b:5e:cc:7c:2e:57:2f:db:
cb:86:97:3d:9b:f9:f2:c2:eb:89:92:b2:60:11:a8:a0:ad:7f:
88:aa:b7:42:76:8b:e7:7c:62:76:6c:4d:18:29:8a:5a:31:99:
53:4f:07:d5:67:17:9f:9f:0e:72:3c:52:6b:a5:9f:90:04:35:
c8:79:09:4d
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZCblVg0UhOppuTNziFZuQKjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkNmFhNzM2MmQzNjc5MmNiY2ZhODM2MDliNWQ3NWNjOTY1
ZjNmYWYwHhcNMjQwNzEwMDczOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzJiY2FlZGMyYjc4YjU1NzBiZjEzNTM5ZTJkZjkxYzFkZDNjZmQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoLMyvlCF7mk7XsEUlnXBkC0uDt2q
JWhgAix46Y/0MxxraYnbjaSa9FSDiExIb8akI9G9S8QQkYcK1Zu8XeAgytIBXFni
zhkktKugNkr2fowiIA6/zQYZ3nLPU4nYEVpR1V5ElMClBpHJNZHdD6g5fQPGAKGJ
DQg77JcANxip6frtgx/A6+zvxUsQQyLdUNwumSaaeIAe4CoFDNVOkaL1D1p6tgDA
Mm9a2vjYoYo2HbbxIgtndrUUbk5RCHLJU3RRcO1DRQiF+vKjQ3LxEKkzM78XJvCh
TZn62/44gmWOLD0fpk8sqYBQpY8WEJCcH0KpPkWpEXbotEqAF1j2TJHmeQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFAwryu3Ct4tVcL8TU54t+Rwd08/SMB8GA1UdIwQY
MBaAFL1qpzYtNnksvPqDYJtddcyWXz+vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdldxbk5pMDJlU3k4LW9OZ20xMTF6SlpmUDY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9mOWE4ZWMtZjU4Mi00NzVjLThjYzkt
ZDVjODYzNWJlYzg4LzEvREN2SzdjSzNpMVZ3dnhOVG5pMzVIQjNUejlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9mOWE4ZWMtZjU4Mi00NzVjLThjYzktZDVjODYzNWJlYzg4
LzEvdldxbk5pMDJlU3k4LW9OZ20xMTF6SlpmUDY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBVcpcMA0E
AgACMAcDBQMqEBkAMA0GCSqGSIb3DQEBCwUAA4IBAQBjsHB/NS7CvXtcTwNW/ZKx
E58v8uIWT+8Pi9OpnUFrELXwCp47SCl4UxmAuUVr5FF6H8nLwx3IlCiWNbJApHKT
JN7uULBi8x0XjGKRBHmdEXtNifPw7wRxE8msziQglHzv2G94/+7Zkyz1+PKmc3Ig
FteIZ9bbdBYBogoDsCUcGtgG2Y/wbvciORlQzVWgL0PnYhB3jLRJqDPwqICDWMlP
igxweCw4zBJ4IvVZ1zaWEypWEn9zpVt+8Q4RpYF1e17MfC5XL9vLhpc9m/nywuuJ
krJgEaigrX+IqrdCdovnfGJ2bE0YKYpaMZlTTwfVZxefnw5yPFJrpZ+QBDXIeQlN
-----END CERTIFICATE-----
Generated at Tue Apr 22 02:35:56 2025 by rpki-client