Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/955a40-9d94-4f82-88e5-69c6298415f8/1/D6zQdbFIeCXRKhzZJuG-P8Xwggk.roa
File: D6zQdbFIeCXRKhzZJuG-P8Xwggk.roa (raw, json)
Hash identifier: qsqpRFCN3PADhlcj0MZ984amQ2rZAcH+dJpbwsdpBwA=
Subject key identifier: 0F:AC:D0:75:B1:48:78:25:D1:2A:1C:D9:26:E1:BE:3F:C5:F0:82:09
Certificate issuer: /CN=42e90c9d1009b32c1945b6f8e6589483c5ea4743
Certificate serial: 018D5E7CE452CD8E0BD32D16D962E6301194
Authority key identifier: 42:E9:0C:9D:10:09:B3:2C:19:45:B6:F8:E6:58:94:83:C5:EA:47:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QukMnRAJsywZRbb45liUg8XqR0M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/955a40-9d94-4f82-88e5-69c6298415f8/1/D6zQdbFIeCXRKhzZJuG-P8Xwggk.roa
Signing time: Wed 31 Jan 2024 07:47:39 +0000
ROA not before: Wed 31 Jan 2024 07:47:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 28771
IP address blocks: 92.118.216.0/24 maxlen: 24
92.118.217.0/24 maxlen: 24
92.118.218.0/24 maxlen: 24
92.118.219.0/24 maxlen: 24
185.188.19.0/24 maxlen: 24
193.32.28.0/23 maxlen: 23
193.43.158.0/24 maxlen: 24
217.61.241.0/24 maxlen: 24
2001:67c:2b04::/48 maxlen: 48
2a09:d7c0::/30 maxlen: 30
2a09:d7c4::/30 maxlen: 30
Validation: Failed, certificate revoked on Wed 01 Jan 2025 03:48:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:5e:7c:e4:52:cd:8e:0b:d3:2d:16:d9:62:e6:30:11:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=42e90c9d1009b32c1945b6f8e6589483c5ea4743
Validity
Not Before: Jan 31 07:47:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0facd075b1487825d12a1cd926e1be3fc5f08209
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:1e:a2:45:2e:db:af:41:60:54:21:ec:34:3c:
d3:17:8d:40:8f:df:99:d9:b6:ad:2b:b7:6d:3d:d7:
ab:a9:d5:33:2a:d9:d5:de:8f:8a:ae:06:10:92:f1:
f0:a7:bd:42:68:0c:1f:ba:b6:b3:42:6c:c2:0d:38:
e8:8c:ce:40:30:ad:17:23:f8:96:e4:4f:d7:ef:50:
74:d8:77:b8:4a:53:68:c4:67:d6:46:28:5e:a9:ab:
ae:a9:0f:03:06:a0:cc:08:24:a5:6c:e3:0b:b7:2c:
59:24:12:93:3b:fb:d0:53:2d:82:1e:2e:3c:49:70:
1e:04:ad:1b:5c:e2:25:76:33:b7:59:73:a0:cd:78:
62:78:26:da:80:66:f9:d4:47:c1:ab:e2:16:25:d3:
47:0f:b1:fa:a8:75:1c:fe:c2:1f:49:7f:17:ad:3f:
b0:47:e6:63:b0:00:7c:67:d6:20:47:f9:6e:99:1b:
d4:36:5c:71:f8:b6:71:72:a2:40:7a:f1:b0:7c:e2:
b8:4e:93:30:7d:ad:b7:03:dd:b1:3c:ac:f2:8b:b2:
29:4d:8e:73:c8:0f:ab:e3:e2:81:f3:fb:a1:a5:38:
c0:01:50:b1:19:62:25:75:27:f4:9b:ac:40:06:99:
6a:fb:f3:cc:5a:5c:ea:78:bf:62:c4:e0:7e:3e:41:
e3:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:AC:D0:75:B1:48:78:25:D1:2A:1C:D9:26:E1:BE:3F:C5:F0:82:09
X509v3 Authority Key Identifier:
keyid:42:E9:0C:9D:10:09:B3:2C:19:45:B6:F8:E6:58:94:83:C5:EA:47:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QukMnRAJsywZRbb45liUg8XqR0M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/955a40-9d94-4f82-88e5-69c6298415f8/1/D6zQdbFIeCXRKhzZJuG-P8Xwggk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/955a40-9d94-4f82-88e5-69c6298415f8/1/QukMnRAJsywZRbb45liUg8XqR0M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.118.216.0/22
185.188.19.0/24
193.32.28.0/23
193.43.158.0/24
217.61.241.0/24
IPv6:
2001:67c:2b04::/48
2a09:d7c0::/29
Signature Algorithm: sha256WithRSAEncryption
79:34:70:66:74:9c:73:71:df:cd:5a:30:a8:4f:73:31:b4:c1:
2c:5f:dd:42:21:2b:7a:03:5b:a7:86:1f:fe:22:78:94:3f:d3:
e0:a2:ae:0e:a0:fc:25:af:9f:ea:43:10:4b:98:83:22:38:56:
49:58:c3:ed:5d:d4:ad:a1:ea:97:eb:b0:91:4c:6c:82:f0:03:
1d:48:e0:9a:87:49:52:bf:35:93:b9:4a:cc:fa:29:cb:0a:1d:
71:20:ce:fa:7d:bd:a4:44:7d:47:7d:e2:04:c9:57:69:15:e0:
69:c6:de:89:bf:82:ff:72:7e:10:0e:f4:69:6d:d7:76:92:5b:
80:cb:3f:37:2c:3f:e2:fb:ef:cf:2a:20:47:00:08:78:3d:c8:
f5:d9:56:36:fd:84:9d:3e:50:31:89:d2:5d:e4:9a:40:97:d1:
79:03:96:3b:bd:35:e9:26:49:fe:84:35:06:be:01:31:ae:44:
cf:d6:47:ea:eb:17:9d:f5:28:4b:9c:05:d9:2a:49:79:32:08:
6c:7e:88:25:ff:20:1d:a1:0f:dc:fe:54:a9:43:51:15:60:86:
f5:15:f8:da:30:bb:64:54:4f:98:e0:49:b5:54:ce:de:65:7a:
40:c5:d6:52:e7:72:ff:96:6d:b2:d4:ed:af:05:b1:5c:45:6c:
30:cc:b8:37
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAY1efORSzY4L0y0W2WLmMBGUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyZTkwYzlkMTAwOWIzMmMxOTQ1YjZmOGU2NTg5NDgzYzVl
YTQ3NDMwHhcNMjQwMTMxMDc0NzM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZmFjZDA3NWIxNDg3ODI1ZDEyYTFjZDkyNmUxYmUzZmM1ZjA4MjA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgB6iRS7br0FgVCHsNDzTF41Aj9+Z
2batK7dtPderqdUzKtnV3o+KrgYQkvHwp71CaAwfurazQmzCDTjojM5AMK0XI/iW
5E/X71B02He4SlNoxGfWRiheqauuqQ8DBqDMCCSlbOMLtyxZJBKTO/vQUy2CHi48
SXAeBK0bXOIldjO3WXOgzXhieCbagGb51EfBq+IWJdNHD7H6qHUc/sIfSX8XrT+w
R+ZjsAB8Z9YgR/lumRvUNlxx+LZxcqJAevGwfOK4TpMwfa23A92xPKzyi7IpTY5z
yA+r4+KB8/uhpTjAAVCxGWIldSf0m6xABplq+/PMWlzqeL9ixOB+PkHjbwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFA+s0HWxSHgl0Soc2Sbhvj/F8IIJMB8GA1UdIwQY
MBaAFELpDJ0QCbMsGUW2+OZYlIPF6kdDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXVrTW5SQUpzeXdaUmJiNDVsaVVnOFhxUjBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC85NTVhNDAtOWQ5NC00ZjgyLTg4ZTUt
NjljNjI5ODQxNWY4LzEvRDZ6UWRiRkllQ1hSS2h6Wkp1Ry1QOFh3Z2drLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC85NTVhNDAtOWQ5NC00ZjgyLTg4ZTUtNjljNjI5ODQxNWY4
LzEvUXVrTW5SQUpzeXdaUmJiNDVsaVVnOFhxUjBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjAkBAIAATAeAwQCXHbYAwQA
ubwTAwQBwSAcAwQAwSueAwQA2T3xMBYEAgACMBADBwAgAQZ8KwQDBQMqCdfAMA0G
CSqGSIb3DQEBCwUAA4IBAQB5NHBmdJxzcd/NWjCoT3MxtMEsX91CISt6A1unhh/+
IniUP9Pgoq4OoPwlr5/qQxBLmIMiOFZJWMPtXdStoeqX67CRTGyC8AMdSOCah0lS
vzWTuUrM+inLCh1xIM76fb2kRH1HfeIEyVdpFeBpxt6Jv4L/cn4QDvRpbdd2kluA
yz83LD/i++/PKiBHAAh4Pcj12VY2/YSdPlAxidJd5JpAl9F5A5Y7vTXpJkn+hDUG
vgExrkTP1kfq6xed9ShLnAXZKkl5Mghsfogl/yAdoQ/c/lSpQ1EVYIb1FfjaMLtk
VE+Y4Em1VM7eZXpAxdZS53L/lm2y1O2vBbFcRWwwzLg3
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:09:27 2025 by rpki-client