Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dBV8TG2stw1pp-ca8amzmLTzfoY.roa
File: dBV8TG2stw1pp-ca8amzmLTzfoY.roa (raw, json)
Hash identifier: zyL4onkW+Nyn/sJoJdBA+zwgOy4HbhLktTX627z+PHU=
Subject key identifier: 74:15:7C:4C:6D:AC:B7:0D:69:A7:E7:1A:F1:A9:B3:98:B4:F3:7E:86
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 018CCA2A146E6D8ACD667FDBC0AAB88FC91C
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dBV8TG2stw1pp-ca8amzmLTzfoY.roa
Signing time: Tue 02 Jan 2024 12:33:24 +0000
ROA not before: Tue 02 Jan 2024 12:33:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56592
IP address blocks: 31.148.8.0/22 maxlen: 24
95.47.190.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 03 Oct 2024 07:50:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:14:6e:6d:8a:cd:66:7f:db:c0:aa:b8:8f:c9:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 12:33:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=74157c4c6dacb70d69a7e71af1a9b398b4f37e86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:15:1f:de:99:1f:23:77:c0:96:29:f2:94:cf:
d1:e5:07:fd:a1:0f:55:08:9e:17:cb:85:da:30:a5:
87:84:37:16:98:3f:22:21:c6:62:b1:84:a7:44:6d:
18:cd:ea:08:f5:d3:b7:91:f5:7c:58:68:06:64:ca:
01:81:3a:70:11:61:78:b3:d1:ab:cd:78:83:ec:20:
cf:5f:bb:b3:87:e8:cb:d7:e4:00:07:47:56:d4:03:
f9:5e:43:dc:cb:55:5c:bf:6e:bc:b0:51:dd:16:05:
f9:d9:21:20:eb:a5:b1:4a:00:23:32:d0:f6:92:0b:
f4:be:7b:61:60:4c:57:55:f6:5b:c4:db:74:52:88:
e3:13:1b:5c:9a:de:2a:87:c1:ea:e2:38:6a:35:f1:
f9:01:00:fd:aa:1f:fc:5e:03:92:f5:9f:37:83:15:
e1:c6:30:a4:55:ec:75:90:3e:f4:ca:b0:19:24:8b:
bc:03:62:eb:fa:31:8d:32:25:a9:5f:65:19:aa:2a:
87:58:87:5d:d9:dc:17:f0:3a:be:36:67:25:89:51:
8e:f7:86:d7:ac:ff:ef:d1:61:58:f5:32:19:7e:5f:
8d:f4:ba:fe:ba:a4:4c:31:61:b6:9e:f7:f5:9a:d0:
9d:39:3f:75:15:1f:69:b2:8b:1a:91:ce:cf:f3:75:
1d:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:15:7C:4C:6D:AC:B7:0D:69:A7:E7:1A:F1:A9:B3:98:B4:F3:7E:86
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dBV8TG2stw1pp-ca8amzmLTzfoY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.148.8.0/22
95.47.190.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:a7:d5:67:52:44:4c:c5:47:61:da:49:4a:c9:bb:c8:b9:8d:
dd:7f:1a:95:b9:80:c4:ff:68:f3:9a:46:eb:37:b3:05:8a:89:
cc:03:cf:1a:88:e9:78:b4:5f:17:06:2b:88:3e:6c:90:5e:81:
2d:95:b5:87:ef:f4:40:05:0e:f2:0c:89:a3:f6:84:d4:55:d2:
32:58:8e:f8:39:c0:df:a3:6c:18:3d:dd:c7:b9:37:d9:a3:3d:
94:c6:f2:37:9d:71:94:da:4b:f4:05:11:e4:7e:97:1a:15:93:
e3:fa:4a:1a:da:70:5b:13:da:00:85:8a:f8:6e:5a:23:47:f4:
55:71:9b:ae:0d:cf:4d:17:3a:06:5c:66:ba:bd:32:ce:87:38:
3a:1a:f0:3b:12:ee:25:3c:f5:b2:71:74:5a:96:f4:58:d7:42:
c3:7e:3c:34:1b:93:c9:4d:85:67:6f:a6:33:5d:d3:25:2e:b3:
c8:96:46:70:87:d5:63:27:da:17:9e:49:f9:a0:6c:26:b3:af:
f2:9b:90:14:c3:bb:de:40:c4:a4:e0:a3:71:a1:58:0b:29:dd:
e8:f1:02:0a:3a:8e:e6:fd:92:d0:a6:b6:19:52:97:48:fc:9e:
17:d1:27:89:3b:ea:07:38:52:53:27:5c:8a:78:51:6a:53:b9:
31:10:ea:67
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzKKhRubYrNZn/bwKq4j8kcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjQwMTAyMTIzMzI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDE1N2M0YzZkYWNiNzBkNjlhN2U3MWFmMWE5YjM5OGI0ZjM3ZTg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhhUf3pkfI3fAlinylM/R5Qf9oQ9V
CJ4Xy4XaMKWHhDcWmD8iIcZisYSnRG0YzeoI9dO3kfV8WGgGZMoBgTpwEWF4s9Gr
zXiD7CDPX7uzh+jL1+QAB0dW1AP5XkPcy1Vcv268sFHdFgX52SEg66WxSgAjMtD2
kgv0vnthYExXVfZbxNt0UojjExtcmt4qh8Hq4jhqNfH5AQD9qh/8XgOS9Z83gxXh
xjCkVex1kD70yrAZJIu8A2Lr+jGNMiWpX2UZqiqHWIdd2dwX8Dq+NmcliVGO94bX
rP/v0WFY9TIZfl+N9Lr+uqRMMWG2nvf1mtCdOT91FR9psosakc7P83UdTQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHQVfExtrLcNaafnGvGps5i0836GMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvZEJWOFRHMnN0dzFwcC1jYThhbXptTFR6Zm9ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCH5QIAwQA
Xy++MA0GCSqGSIb3DQEBCwUAA4IBAQA8p9VnUkRMxUdh2klKybvIuY3dfxqVuYDE
/2jzmkbrN7MFionMA88aiOl4tF8XBiuIPmyQXoEtlbWH7/RABQ7yDImj9oTUVdIy
WI74OcDfo2wYPd3HuTfZoz2UxvI3nXGU2kv0BRHkfpcaFZPj+koa2nBbE9oAhYr4
blojR/RVcZuuDc9NFzoGXGa6vTLOhzg6GvA7Eu4lPPWycXRalvRY10LDfjw0G5PJ
TYVnb6YzXdMlLrPIlkZwh9VjJ9oXnkn5oGwms6/ym5AUw7veQMSk4KNxoVgLKd3o
8QIKOo7m/ZLQprYZUpdI/J4X0SeJO+oHOFJTJ1yKeFFqU7kxEOpn
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:44:12 2025 by rpki-client