Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/a0c444-9796-4f06-83f2-aa788a420aec/1/DFOL60hfOLCe7zdhwp1QE4XYmfE.roa
File: DFOL60hfOLCe7zdhwp1QE4XYmfE.roa (raw, json)
Hash identifier: ZFVdHhwZ593V+EefhneiN+S+izIzozZUUAvQVcZGMN0=
Subject key identifier: 0C:53:8B:EB:48:5F:38:B0:9E:EF:37:61:C2:9D:50:13:85:D8:99:F1
Certificate issuer: /CN=a74c6706e3fbebdff146a8a14ec2a3284a92ba62
Certificate serial: 01900134ADBF2E756B273973FFDF11CEE44B
Authority key identifier: A7:4C:67:06:E3:FB:EB:DF:F1:46:A8:A1:4E:C2:A3:28:4A:92:BA:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p0xnBuP769_xRqihTsKjKEqSumI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/a0c444-9796-4f06-83f2-aa788a420aec/1/DFOL60hfOLCe7zdhwp1QE4XYmfE.roa
Signing time: Mon 10 Jun 2024 08:12:27 +0000
ROA not before: Mon 10 Jun 2024 08:12:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198949
IP address blocks: 80.86.192.0/24 maxlen: 24
80.86.193.0/24 maxlen: 24
81.221.250.0/24 maxlen: 24
81.221.252.0/24 maxlen: 24
81.221.254.0/24 maxlen: 24
194.191.16.0/24 maxlen: 24
194.191.17.0/24 maxlen: 24
194.191.18.0/24 maxlen: 24
194.191.19.0/24 maxlen: 24
194.191.20.0/24 maxlen: 24
194.191.24.0/24 maxlen: 24
194.191.25.0/24 maxlen: 24
194.191.26.0/24 maxlen: 24
194.191.28.0/24 maxlen: 24
194.191.29.0/24 maxlen: 24
194.191.30.0/24 maxlen: 24
195.48.221.0/24 maxlen: 24
195.49.16.0/24 maxlen: 24
2a01:2a8:2001::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 05:48:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:01:34:ad:bf:2e:75:6b:27:39:73:ff:df:11:ce:e4:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a74c6706e3fbebdff146a8a14ec2a3284a92ba62
Validity
Not Before: Jun 10 08:12:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0c538beb485f38b09eef3761c29d501385d899f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:72:ea:43:c7:00:3d:16:83:55:e7:02:c6:48:
97:3c:27:9a:bd:58:5f:1c:cd:b5:95:45:db:3c:cd:
d9:d0:9d:9c:ad:bc:d9:c5:3c:4a:2b:7d:5c:46:fb:
04:76:1c:30:2e:c3:ec:48:78:7e:f6:e1:f7:65:01:
66:7f:de:8b:dc:84:b3:34:0e:d3:55:8a:03:7e:7b:
77:d7:24:da:df:09:d9:1b:7f:e1:5c:a8:a0:12:ba:
32:0d:76:11:c4:10:ff:3a:d2:52:e0:d9:a0:c1:06:
80:cf:c2:23:4c:ac:77:64:fc:0e:34:b2:10:72:76:
4f:02:87:3b:3b:fa:60:97:99:e1:90:23:79:32:63:
dc:87:23:94:9b:65:8e:3a:2b:b9:89:d7:39:3c:c4:
ec:0f:f2:e8:97:d3:fe:ad:1f:cf:64:6a:6b:b6:56:
f3:b1:ff:d1:aa:68:e2:89:7c:2e:b6:6c:cf:52:d1:
53:58:7c:65:f3:17:14:73:4b:01:db:e9:44:8a:8f:
13:13:42:28:ba:be:75:bd:46:b0:b0:17:c7:e6:cd:
ab:8d:d5:42:ef:2b:fa:f5:4d:1d:de:22:43:19:a1:
2c:f0:e3:46:49:ca:76:9d:27:3b:f1:c8:64:c9:30:
90:90:c2:0e:dd:e6:44:d1:28:09:52:51:50:80:36:
08:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:53:8B:EB:48:5F:38:B0:9E:EF:37:61:C2:9D:50:13:85:D8:99:F1
X509v3 Authority Key Identifier:
keyid:A7:4C:67:06:E3:FB:EB:DF:F1:46:A8:A1:4E:C2:A3:28:4A:92:BA:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p0xnBuP769_xRqihTsKjKEqSumI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/a0c444-9796-4f06-83f2-aa788a420aec/1/DFOL60hfOLCe7zdhwp1QE4XYmfE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/a0c444-9796-4f06-83f2-aa788a420aec/1/p0xnBuP769_xRqihTsKjKEqSumI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.86.192.0/23
81.221.250.0/24
81.221.252.0/24
81.221.254.0/24
194.191.16.0-194.191.20.255
194.191.24.0-194.191.26.255
194.191.28.0-194.191.30.255
195.48.221.0/24
195.49.16.0/24
IPv6:
2a01:2a8:2001::/48
Signature Algorithm: sha256WithRSAEncryption
51:66:7c:0f:e6:81:35:b8:0f:bb:b0:f8:c3:03:72:91:46:f8:
a7:09:2c:48:2f:1c:af:dc:ef:c4:8e:de:f9:53:3d:8f:c1:7a:
40:c1:04:a0:36:2d:e4:31:ad:85:03:af:b6:4d:14:d6:34:d3:
d8:66:54:94:70:12:b6:4c:ac:56:46:96:f2:ac:be:80:25:fc:
57:4f:73:54:a6:d7:92:71:a5:02:35:df:93:2f:61:cd:31:e7:
71:79:6b:69:d3:97:a7:dc:ac:ad:0f:5c:39:8c:15:e0:5c:ac:
28:4f:db:1d:41:4b:09:50:2b:38:27:96:98:88:49:1d:31:19:
86:fa:d6:f1:3e:e6:e7:4e:c5:b7:85:22:99:05:0e:4d:08:29:
48:27:73:ee:63:a6:a5:80:28:e5:3e:5f:78:14:fc:47:9b:31:
4e:99:2b:20:c4:d7:a1:4e:45:33:01:7b:b2:07:02:b4:bd:b1:
a1:30:63:0a:f9:ee:8c:ee:3b:b4:bb:29:dc:3f:dc:19:06:9c:
83:50:2f:3d:e3:a0:03:d5:52:46:8f:15:d1:b1:73:0c:c0:cb:
17:ad:5f:c0:38:0a:a1:02:b5:4c:02:e0:b9:40:a6:91:7a:f3:
6f:44:ba:45:65:fa:8f:ec:aa:2c:54:26:9d:a5:7c:71:e1:ae:
7b:cf:4d:0e
-----BEGIN CERTIFICATE-----
MIIFVjCCBD6gAwIBAgISAZABNK2/LnVrJzlz/98RzuRLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3NGM2NzA2ZTNmYmViZGZmMTQ2YThhMTRlYzJhMzI4NGE5
MmJhNjIwHhcNMjQwNjEwMDgxMjI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzUzOGJlYjQ4NWYzOGIwOWVlZjM3NjFjMjlkNTAxMzg1ZDg5OWYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuHLqQ8cAPRaDVecCxkiXPCeavVhf
HM21lUXbPM3Z0J2crbzZxTxKK31cRvsEdhwwLsPsSHh+9uH3ZQFmf96L3ISzNA7T
VYoDfnt31yTa3wnZG3/hXKigEroyDXYRxBD/OtJS4NmgwQaAz8IjTKx3ZPwONLIQ
cnZPAoc7O/pgl5nhkCN5MmPchyOUm2WOOiu5idc5PMTsD/Lol9P+rR/PZGprtlbz
sf/RqmjiiXwutmzPUtFTWHxl8xcUc0sB2+lEio8TE0Iour51vUawsBfH5s2rjdVC
7yv69U0d3iJDGaEs8ONGScp2nSc78chkyTCQkMIO3eZE0SgJUlFQgDYIfwIDAQAB
o4ICYjCCAl4wHQYDVR0OBBYEFAxTi+tIXziwnu83YcKdUBOF2JnxMB8GA1UdIwQY
MBaAFKdMZwbj++vf8UaooU7CoyhKkrpiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcDB4bkJ1UDc2OV94UnFpaFRzS2pLRXFTdW1JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi9hMGM0NDQtOTc5Ni00ZjA2LTgzZjIt
YWE3ODhhNDIwYWVjLzEvREZPTDYwaGZPTENlN3pkaHdwMVFFNFhZbWZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi9hMGM0NDQtOTc5Ni00ZjA2LTgzZjItYWE3ODhhNDIwYWVj
LzEvcDB4bkJ1UDc2OV94UnFpaFRzS2pLRXFTdW1JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHgGCCsGAQUFBwEHAQH/BGkwZzBUBAIAATBOAwQBUFbAAwQA
Ud36AwQAUd38AwQAUd3+MAwDBATCvxADBADCvxQwDAMEA8K/GAMEAMK/GjAMAwQC
wr8cAwQAwr8eAwQAwzDdAwQAwzEQMA8EAgACMAkDBwAqAQKoIAEwDQYJKoZIhvcN
AQELBQADggEBAFFmfA/mgTW4D7uw+MMDcpFG+KcJLEgvHK/c78SO3vlTPY/BekDB
BKA2LeQxrYUDr7ZNFNY009hmVJRwErZMrFZGlvKsvoAl/FdPc1Sm15JxpQI135Mv
Yc0x53F5a2nTl6fcrK0PXDmMFeBcrChP2x1BSwlQKzgnlpiISR0xGYb61vE+5udO
xbeFIpkFDk0IKUgnc+5jpqWAKOU+X3gU/EebMU6ZKyDE16FORTMBe7IHArS9saEw
Ywr57ozuO7S7Kdw/3BkGnINQLz3joAPVUkaPFdGxcwzAyxetX8A4CqECtUwC4LlA
ppF6829EukVl+o/sqixUJp2lfHHhrnvPTQ4=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:55:28 2025 by rpki-client