Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/DpeCognEzmGZTZ2i0FR3DMsN_R8.roa
File: DpeCognEzmGZTZ2i0FR3DMsN_R8.roa (raw, json)
Hash identifier: P62LNTkRims9rQTtlqGMtiSSHVjOLi4KD7r4sZQ6c8U=
Subject key identifier: 0E:97:82:A2:09:C4:CE:61:99:4D:9D:A2:D0:54:77:0C:CB:0D:FD:1F
Certificate issuer: /CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Certificate serial: 01917622E271639C7613AF959E8AF5753A8D
Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/DpeCognEzmGZTZ2i0FR3DMsN_R8.roa
Signing time: Wed 21 Aug 2024 18:11:23 +0000
ROA not before: Wed 21 Aug 2024 18:11:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34665
IP address blocks: 31.40.202.0/24 maxlen: 24
45.91.239.0/24 maxlen: 24
45.95.31.0/24 maxlen: 24
45.128.128.0/24 maxlen: 24
78.142.239.0/24 maxlen: 24
84.252.70.0/23 maxlen: 23
85.208.84.0/24 maxlen: 24
193.187.104.0/24 maxlen: 24
193.187.107.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 09:48:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:76:22:e2:71:63:9c:76:13:af:95:9e:8a:f5:75:3a:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Validity
Not Before: Aug 21 18:11:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0e9782a209c4ce61994d9da2d054770ccb0dfd1f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:fb:d6:4a:87:24:de:74:a5:76:1d:ca:27:ab:
a5:94:d6:03:b8:3e:7f:8d:69:1b:a1:2f:47:f2:5a:
1a:48:28:1f:f1:98:3f:09:b6:17:5b:54:04:ca:5a:
04:bc:b7:1c:57:0e:69:29:65:08:29:61:cb:bf:f9:
12:53:99:18:9a:6f:e9:1f:8c:29:31:df:b1:4a:47:
8d:98:c9:f8:30:b4:31:fb:f8:28:c1:eb:52:02:7a:
93:63:2c:ab:e5:a3:64:cb:71:8d:e7:0c:ce:c2:a6:
0e:e0:17:37:ce:c4:de:95:65:d9:a0:fb:87:2d:c3:
46:05:fe:a0:05:c9:22:ba:81:99:98:18:fb:5a:0a:
c4:68:38:0e:b4:3e:68:df:a4:10:57:75:3e:d9:22:
4e:cb:eb:be:db:8f:6a:63:12:41:0d:a6:46:6c:96:
9c:39:1b:ec:dc:3a:ab:04:07:dd:30:2d:66:22:54:
84:7e:d5:89:35:0e:7a:fa:25:ad:c6:a3:41:3a:7c:
6e:90:a9:11:14:03:e6:55:6b:ee:99:16:c7:93:98:
ca:ca:b2:9b:38:c7:f6:4a:77:5a:1b:84:0e:51:2c:
c9:e1:a1:58:87:34:7a:9f:5b:0c:c7:e3:a5:2e:d6:
06:ac:b5:21:66:98:da:b2:ee:e3:fe:f2:40:e6:74:
ac:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:97:82:A2:09:C4:CE:61:99:4D:9D:A2:D0:54:77:0C:CB:0D:FD:1F
X509v3 Authority Key Identifier:
keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/DpeCognEzmGZTZ2i0FR3DMsN_R8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.40.202.0/24
45.91.239.0/24
45.95.31.0/24
45.128.128.0/24
78.142.239.0/24
84.252.70.0/23
85.208.84.0/24
193.187.104.0/24
193.187.107.0/24
Signature Algorithm: sha256WithRSAEncryption
00:c3:f0:41:d4:83:73:29:e0:d0:d3:2a:54:98:ed:06:b1:16:
e5:11:21:56:13:f3:d7:61:b7:35:0b:af:0f:cc:7e:a4:a1:b7:
b8:99:22:d3:f5:6e:c4:cd:9e:04:d8:4c:84:15:dc:1f:15:30:
9d:56:ea:2a:6a:9a:02:74:46:d3:bd:98:52:ee:46:55:84:db:
c0:24:c9:72:50:b1:af:3e:62:ae:36:85:c8:5d:32:76:19:c1:
32:0b:a4:97:e5:1e:70:a1:c8:58:9b:87:0e:44:50:e9:aa:da:
78:7e:6c:f8:6a:8d:9b:a8:c0:03:10:c4:4d:bd:31:5f:2d:da:
66:f0:61:35:3b:20:65:34:a3:68:b6:7b:64:8f:dc:2e:2f:8d:
36:46:ef:cb:ec:cf:82:82:a8:39:a0:b5:a9:dd:61:5f:ee:c3:
23:fa:59:b8:90:52:7b:2b:80:ba:42:a0:77:b5:4e:eb:ce:d0:
38:cc:94:59:3f:84:4c:da:e1:d9:a0:a0:a8:46:e8:0e:96:50:
dc:29:64:90:75:72:ae:95:4e:3c:38:c6:f5:39:0b:2f:a3:01:
23:36:ad:01:35:53:23:fa:60:77:71:50:f5:44:28:f1:b4:63:
8d:36:0e:33:77:7d:7a:4e:38:67:c2:eb:90:f3:7c:05:e8:70:
35:b3:94:0d
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZF2IuJxY5x2E6+Vnor1dTqNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4
ZmNjNGMwHhcNMjQwODIxMTgxMTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZTk3ODJhMjA5YzRjZTYxOTk0ZDlkYTJkMDU0NzcwY2NiMGRmZDFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0fvWSock3nSldh3KJ6ullNYDuD5/
jWkboS9H8loaSCgf8Zg/CbYXW1QEyloEvLccVw5pKWUIKWHLv/kSU5kYmm/pH4wp
Md+xSkeNmMn4MLQx+/gowetSAnqTYyyr5aNky3GN5wzOwqYO4Bc3zsTelWXZoPuH
LcNGBf6gBckiuoGZmBj7WgrEaDgOtD5o36QQV3U+2SJOy+u+249qYxJBDaZGbJac
ORvs3DqrBAfdMC1mIlSEftWJNQ56+iWtxqNBOnxukKkRFAPmVWvumRbHk5jKyrKb
OMf2SndaG4QOUSzJ4aFYhzR6n1sMx+OlLtYGrLUhZpjasu7j/vJA5nSsQwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFA6XgqIJxM5hmU2dotBUdwzLDf0fMB8GA1UdIwQY
MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt
MjM5ZDJmZTM5OGIxLzEvRHBlQ29nbkV6bUdaVFoyaTBGUjNETXNOX1I4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx
LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQAHyjKAwQA
LVvvAwQALV8fAwQALYCAAwQATo7vAwQBVPxGAwQAVdBUAwQAwbtoAwQAwbtrMA0G
CSqGSIb3DQEBCwUAA4IBAQAAw/BB1INzKeDQ0ypUmO0GsRblESFWE/PXYbc1C68P
zH6kobe4mSLT9W7EzZ4E2EyEFdwfFTCdVuoqapoCdEbTvZhS7kZVhNvAJMlyULGv
PmKuNoXIXTJ2GcEyC6SX5R5wochYm4cORFDpqtp4fmz4ao2bqMADEMRNvTFfLdpm
8GE1OyBlNKNotntkj9wuL402Ru/L7M+Cgqg5oLWp3WFf7sMj+lm4kFJ7K4C6QqB3
tU7rztA4zJRZP4RM2uHZoKCoRugOllDcKWSQdXKulU48OMb1OQsvowEjNq0BNVMj
+mB3cVD1RCjxtGONNg4zd316TjhnwuuQ83wF6HA1s5QN
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:30:38 2025 by rpki-client