Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/895502-4e14-4963-a305-3b6b0a5555ef/1/cdljTQEPOI55fNOwNB_9aNVQg28.roa
File: cdljTQEPOI55fNOwNB_9aNVQg28.roa (raw, json)
Hash identifier: MKF3aH4xMAZH9J02wl9EP5L+zA6/NHVDpi1RAyQNWUE=
Subject key identifier: 71:D9:63:4D:01:0F:38:8E:79:7C:D3:B0:34:1F:FD:68:D5:50:83:6F
Certificate issuer: /CN=a040f968fa52e6cb2fe657109700fa074c190b85
Certificate serial: 019386DB860CC75FE338E5D1B1D160EB8795
Authority key identifier: A0:40:F9:68:FA:52:E6:CB:2F:E6:57:10:97:00:FA:07:4C:19:0B:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oED5aPpS5ssv5lcQlwD6B0wZC4U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/895502-4e14-4963-a305-3b6b0a5555ef/1/cdljTQEPOI55fNOwNB_9aNVQg28.roa
Signing time: Mon 02 Dec 2024 10:12:33 +0000
ROA not before: Mon 02 Dec 2024 10:12:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62352
IP address blocks: 86.105.199.0/24 maxlen: 24
93.117.174.0/24 maxlen: 24
109.205.140.0/23 maxlen: 23
109.205.140.0/24 maxlen: 24
109.205.141.0/24 maxlen: 24
109.205.142.0/23 maxlen: 23
109.205.142.0/24 maxlen: 24
109.205.143.0/24 maxlen: 24
176.126.173.0/24 maxlen: 24
185.39.40.0/22 maxlen: 22
185.39.40.0/24 maxlen: 24
185.39.41.0/24 maxlen: 24
185.39.42.0/24 maxlen: 24
185.39.43.0/24 maxlen: 24
188.241.65.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 05:49:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:86:db:86:0c:c7:5f:e3:38:e5:d1:b1:d1:60:eb:87:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a040f968fa52e6cb2fe657109700fa074c190b85
Validity
Not Before: Dec 2 10:12:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=71d9634d010f388e797cd3b0341ffd68d550836f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:46:5a:8c:53:c4:c5:7d:39:88:37:56:77:5b:
3c:85:ae:05:94:24:c4:a7:a4:63:d0:02:fb:2d:a9:
fb:e7:b5:5a:e2:06:2f:dc:f7:a0:c3:78:c9:34:d1:
47:27:71:da:30:23:2d:44:29:5c:85:8b:bb:60:27:
47:08:ab:c8:42:a8:45:f5:2d:cf:44:ef:2e:8e:c6:
55:b1:98:50:38:6a:39:b7:94:c4:fa:99:19:ce:da:
bf:57:4a:67:2b:91:90:f3:50:fe:df:ed:59:ec:36:
40:9b:59:09:5e:c1:da:6d:91:94:3a:7b:49:aa:d3:
10:1b:8c:8b:ed:1a:55:3f:b3:11:b1:58:74:6a:6e:
af:c9:b8:e3:35:80:49:fd:90:e5:88:b7:eb:fd:90:
b6:78:c7:8b:aa:6b:fd:46:32:5c:2d:d2:a2:e8:30:
44:6c:fb:8c:e1:22:80:b7:d5:f3:d4:c9:40:c7:12:
71:bb:f3:bc:55:57:71:6a:9a:c3:e8:03:05:b5:53:
f9:a3:17:47:c1:0a:8f:3f:97:b6:62:8c:c3:06:d1:
02:7b:39:e8:51:61:84:1c:6c:ae:ea:b3:a3:22:31:
ff:49:5f:5e:f6:88:71:b3:2d:b7:3c:03:c2:a7:1f:
e9:ed:48:5d:6b:16:05:8c:db:0d:48:9e:2d:06:b8:
1f:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:D9:63:4D:01:0F:38:8E:79:7C:D3:B0:34:1F:FD:68:D5:50:83:6F
X509v3 Authority Key Identifier:
keyid:A0:40:F9:68:FA:52:E6:CB:2F:E6:57:10:97:00:FA:07:4C:19:0B:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oED5aPpS5ssv5lcQlwD6B0wZC4U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/895502-4e14-4963-a305-3b6b0a5555ef/1/cdljTQEPOI55fNOwNB_9aNVQg28.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/895502-4e14-4963-a305-3b6b0a5555ef/1/oED5aPpS5ssv5lcQlwD6B0wZC4U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.105.199.0/24
93.117.174.0/24
109.205.140.0/22
176.126.173.0/24
185.39.40.0/22
188.241.65.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:cc:c8:47:de:4b:cc:3b:f1:81:29:f2:d8:66:a0:88:1e:e9:
21:54:b0:14:c7:19:cb:11:20:06:33:8d:6f:db:e6:3e:eb:fd:
98:cc:be:a8:34:0d:a8:fc:e1:a6:ac:23:7a:7b:2e:7e:a0:df:
0c:1b:1c:5b:17:3f:14:fe:03:23:61:82:b8:7b:b5:ce:88:a7:
be:2e:f9:31:59:17:39:04:54:f2:36:e3:a2:62:1a:ca:bf:d1:
03:4d:54:37:cc:c7:c4:bf:53:9d:bb:8f:84:b3:ad:89:8b:d0:
8c:a0:36:10:54:11:7e:81:a0:a1:24:24:9d:15:1c:13:c3:38:
06:3f:35:90:4f:62:70:7a:eb:b3:55:8e:29:7b:00:d1:7c:22:
fc:e6:8a:5d:ec:59:2c:0a:6a:54:9b:ba:5d:99:1c:c3:5c:a3:
34:af:4b:44:9c:1e:32:8a:a1:5a:97:70:cf:86:de:db:c3:57:
96:9c:3d:78:36:a9:ca:ac:bf:f5:06:bb:3c:6e:2e:46:22:c6:
72:5b:bd:50:04:0a:7f:e7:9f:2a:d5:fc:26:bb:23:d9:ee:61:
d9:b3:d0:14:bf:68:8d:ce:e8:7c:47:93:a3:0e:3a:38:33:0e:
23:fe:d9:a3:c9:d8:60:d5:cd:17:cc:bd:5f:57:70:20:65:b6:
c0:25:1a:3e
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZOG24YMx1/jOOXRsdFg64eVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwNDBmOTY4ZmE1MmU2Y2IyZmU2NTcxMDk3MDBmYTA3NGMx
OTBiODUwHhcNMjQxMjAyMTAxMjMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MWQ5NjM0ZDAxMGYzODhlNzk3Y2QzYjAzNDFmZmQ2OGQ1NTA4MzZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnEZajFPExX05iDdWd1s8ha4FlCTE
p6Rj0AL7Lan757Va4gYv3Pegw3jJNNFHJ3HaMCMtRClchYu7YCdHCKvIQqhF9S3P
RO8ujsZVsZhQOGo5t5TE+pkZztq/V0pnK5GQ81D+3+1Z7DZAm1kJXsHabZGUOntJ
qtMQG4yL7RpVP7MRsVh0am6vybjjNYBJ/ZDliLfr/ZC2eMeLqmv9RjJcLdKi6DBE
bPuM4SKAt9Xz1MlAxxJxu/O8VVdxaprD6AMFtVP5oxdHwQqPP5e2YozDBtECezno
UWGEHGyu6rOjIjH/SV9e9ohxsy23PAPCpx/p7UhdaxYFjNsNSJ4tBrgfKwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFHHZY00BDziOeXzTsDQf/WjVUINvMB8GA1UdIwQY
MBaAFKBA+Wj6UubLL+ZXEJcA+gdMGQuFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0VENWFQcFM1c3N2NWxjUWx3RDZCMHdaQzRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC84OTU1MDItNGUxNC00OTYzLWEzMDUt
M2I2YjBhNTU1NWVmLzEvY2RsalRRRVBPSTU1Zk5Pd05CXzlhTlZRZzI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC84OTU1MDItNGUxNC00OTYzLWEzMDUtM2I2YjBhNTU1NWVm
LzEvb0VENWFQcFM1c3N2NWxjUWx3RDZCMHdaQzRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAVmnHAwQA
XXWuAwQCbc2MAwQAsH6tAwQCuScoAwQAvPFBMA0GCSqGSIb3DQEBCwUAA4IBAQAO
zMhH3kvMO/GBKfLYZqCIHukhVLAUxxnLESAGM41v2+Y+6/2YzL6oNA2o/OGmrCN6
ey5+oN8MGxxbFz8U/gMjYYK4e7XOiKe+LvkxWRc5BFTyNuOiYhrKv9EDTVQ3zMfE
v1Odu4+Es62Ji9CMoDYQVBF+gaChJCSdFRwTwzgGPzWQT2JweuuzVY4pewDRfCL8
5opd7FksCmpUm7pdmRzDXKM0r0tEnB4yiqFal3DPht7bw1eWnD14NqnKrL/1Brs8
bi5GIsZyW71QBAp/558q1fwmuyPZ7mHZs9AUv2iNzuh8R5OjDjo4Mw4j/tmjydhg
1c0XzL1fV3AgZbbAJRo+
-----END CERTIFICATE-----
Generated at Sun Apr 13 06:53:26 2025 by rpki-client