Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/bf58c5-f3e2-41ac-a216-4a67e4d056ab/1/DACGb_fpIozVEDd41fNqV-CV6Iw.roa
File: DACGb_fpIozVEDd41fNqV-CV6Iw.roa (raw, json)
Hash identifier: g54LJAKY11IAD9qRRf2heohpGPNwegKh40ZEXomEZQs=
Subject key identifier: 0C:00:86:6F:F7:E9:22:8C:D5:10:37:78:D5:F3:6A:57:E0:95:E8:8C
Certificate issuer: /CN=2ba7088e39e7ad8817b7d10ea2a5b8a098a47a0b
Certificate serial: 018F9525AA101F04A453600A0C1F24348C9F
Authority key identifier: 2B:A7:08:8E:39:E7:AD:88:17:B7:D1:0E:A2:A5:B8:A0:98:A4:7A:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/K6cIjjnnrYgXt9EOoqW4oJikegs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/bf58c5-f3e2-41ac-a216-4a67e4d056ab/1/DACGb_fpIozVEDd41fNqV-CV6Iw.roa
Signing time: Mon 20 May 2024 08:37:04 +0000
ROA not before: Mon 20 May 2024 08:37:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202113
IP address blocks: 185.52.244.0/22 maxlen: 24
185.52.244.0/24 maxlen: 24
185.52.247.0/24 maxlen: 24
2a04:c9c0::/29 maxlen: 29
2a04:c9c7::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 20 May 2024 09:59:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:95:25:aa:10:1f:04:a4:53:60:0a:0c:1f:24:34:8c:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ba7088e39e7ad8817b7d10ea2a5b8a098a47a0b
Validity
Not Before: May 20 08:37:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0c00866ff7e9228cd5103778d5f36a57e095e88c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:11:ae:4c:f6:be:a5:4f:52:1d:d5:d4:40:f0:
4e:34:17:9c:33:84:9b:99:26:42:6d:65:cb:69:68:
39:f6:ed:45:6b:99:c3:a0:5f:32:62:e8:06:09:bc:
a7:05:ea:72:c7:ff:a6:c6:eb:e2:15:3d:97:36:80:
44:da:f7:fb:6a:5f:ba:67:28:48:73:2b:d4:34:7c:
52:3d:47:07:7c:f4:f9:3b:c0:a9:7a:65:0b:da:b1:
59:8a:7d:f7:2d:39:9a:93:0c:94:8c:2f:6f:22:b3:
26:bd:f5:99:40:92:72:fb:b8:5a:4d:44:52:d5:f3:
b2:d6:2f:bd:6c:14:88:82:af:01:64:5b:11:19:1c:
e4:72:7e:3b:47:c8:6c:a2:57:04:83:b6:2a:bb:8e:
54:03:ec:08:37:31:57:14:c4:22:22:94:f7:85:86:
4b:59:67:df:98:14:6a:aa:27:6d:65:9a:07:98:a2:
b0:44:a3:00:1a:fd:8a:72:3f:f3:c3:9c:74:c3:4d:
41:83:63:1e:d4:d1:e3:80:17:fe:e9:2e:98:7e:2e:
ab:52:bb:d6:00:6e:56:05:02:eb:e3:2f:62:50:78:
7d:df:5e:69:2e:b0:0a:6d:f9:aa:00:82:5d:20:cd:
9a:fb:64:8c:1a:0c:5d:4c:4d:59:df:fc:fa:cf:7f:
e6:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:00:86:6F:F7:E9:22:8C:D5:10:37:78:D5:F3:6A:57:E0:95:E8:8C
X509v3 Authority Key Identifier:
keyid:2B:A7:08:8E:39:E7:AD:88:17:B7:D1:0E:A2:A5:B8:A0:98:A4:7A:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K6cIjjnnrYgXt9EOoqW4oJikegs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/bf58c5-f3e2-41ac-a216-4a67e4d056ab/1/DACGb_fpIozVEDd41fNqV-CV6Iw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/bf58c5-f3e2-41ac-a216-4a67e4d056ab/1/K6cIjjnnrYgXt9EOoqW4oJikegs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.52.244.0/22
IPv6:
2a04:c9c0::/29
Signature Algorithm: sha256WithRSAEncryption
04:cf:c6:b3:bb:ca:eb:f7:0a:4c:19:39:58:fb:23:34:d2:7f:
a2:35:0a:09:da:6d:d2:ce:8e:0a:22:d0:a9:33:ce:ea:0b:a9:
1b:5a:da:a7:9f:46:27:b4:a5:ba:4b:7e:1a:33:5b:16:b9:0e:
87:cf:b7:69:92:b9:dd:e4:23:bf:66:18:8f:65:d3:cd:a7:15:
07:03:51:c1:98:0c:9a:62:9c:dd:c0:50:49:27:03:1f:b4:82:
6f:e8:0b:1d:e4:f8:52:6f:89:cf:1c:bb:bf:18:cc:0e:f8:fe:
da:9f:9a:b7:19:73:f6:87:f6:c4:bd:62:c8:ca:05:c9:b3:da:
2c:d7:79:87:61:5d:b7:1a:4c:36:37:ca:22:db:ff:68:77:f7:
da:83:a0:72:17:0a:c3:b8:23:f3:de:74:6e:53:60:5b:65:36:
f3:16:7c:bf:04:e8:4a:ec:61:c4:b4:e0:62:84:98:1d:02:e1:
9c:63:3b:a4:53:e7:4b:eb:b2:1d:1e:e5:69:cf:89:29:ed:4d:
22:ff:4a:41:8c:12:e5:ef:2e:b9:17:87:a7:38:af:0b:1b:3b:
7f:8d:b4:07:59:7d:89:ff:09:86:77:2b:23:3f:8d:e7:cc:96:
b4:0b:82:e1:38:c2:c7:58:18:12:2d:c3:2c:b1:93:dc:cc:16:
c6:4c:5f:20
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY+VJaoQHwSkU2AKDB8kNIyfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiYTcwODhlMzllN2FkODgxN2I3ZDEwZWEyYTViOGEwOThh
NDdhMGIwHhcNMjQwNTIwMDgzNzA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzAwODY2ZmY3ZTkyMjhjZDUxMDM3NzhkNWYzNmE1N2UwOTVlODhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1BGuTPa+pU9SHdXUQPBONBecM4Sb
mSZCbWXLaWg59u1Fa5nDoF8yYugGCbynBepyx/+mxuviFT2XNoBE2vf7al+6ZyhI
cyvUNHxSPUcHfPT5O8CpemUL2rFZin33LTmakwyUjC9vIrMmvfWZQJJy+7haTURS
1fOy1i+9bBSIgq8BZFsRGRzkcn47R8hsolcEg7Yqu45UA+wINzFXFMQiIpT3hYZL
WWffmBRqqidtZZoHmKKwRKMAGv2Kcj/zw5x0w01Bg2Me1NHjgBf+6S6Yfi6rUrvW
AG5WBQLr4y9iUHh9315pLrAKbfmqAIJdIM2a+2SMGgxdTE1Z3/z6z3/mpQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFAwAhm/36SKM1RA3eNXzalfgleiMMB8GA1UdIwQY
MBaAFCunCI45562IF7fRDqKluKCYpHoLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSzZjSWpqbm5yWWdYdDlFT29xVzRvSmlrZWdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi9iZjU4YzUtZjNlMi00MWFjLWEyMTYt
NGE2N2U0ZDA1NmFiLzEvREFDR2JfZnBJb3pWRURkNDFmTnFWLUNWNkl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi9iZjU4YzUtZjNlMi00MWFjLWEyMTYtNGE2N2U0ZDA1NmFi
LzEvSzZjSWpqbm5yWWdYdDlFT29xVzRvSmlrZWdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuTT0MA0E
AgACMAcDBQMqBMnAMA0GCSqGSIb3DQEBCwUAA4IBAQAEz8azu8rr9wpMGTlY+yM0
0n+iNQoJ2m3Szo4KItCpM87qC6kbWtqnn0YntKW6S34aM1sWuQ6Hz7dpkrnd5CO/
ZhiPZdPNpxUHA1HBmAyaYpzdwFBJJwMftIJv6Asd5PhSb4nPHLu/GMwO+P7an5q3
GXP2h/bEvWLIygXJs9os13mHYV23Gkw2N8oi2/9od/fag6ByFwrDuCPz3nRuU2Bb
ZTbzFny/BOhK7GHEtOBihJgdAuGcYzukU+dL67IdHuVpz4kp7U0i/0pBjBLl7y65
F4enOK8LGzt/jbQHWX2J/wmGdysjP43nzJa0C4LhOMLHWBgSLcMssZPczBbGTF8g
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:57:28 2025 by rpki-client