Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/99286a-45b3-4cee-8db5-937081a9cefa/1/Dr4KrsmSdl1Q_MOPLF3tD3Wljco.roa
File: Dr4KrsmSdl1Q_MOPLF3tD3Wljco.roa (raw, json)
Hash identifier: Jyc8bHHpSXgyvXANcmD1F5pFSoC+AApcaKTXO5R99qI=
Subject key identifier: 0E:BE:0A:AE:C9:92:76:5D:50:FC:C3:8F:2C:5D:ED:0F:75:A5:8D:CA
Certificate issuer: /CN=60635e04c34c2f781ee980a1651ff66e5132bc44
Certificate serial: 018CC2DB08E2A4D4A01408FFD00D62DA6512
Authority key identifier: 60:63:5E:04:C3:4C:2F:78:1E:E9:80:A1:65:1F:F6:6E:51:32:BC:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGNeBMNML3ge6YChZR_2blEyvEQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/99286a-45b3-4cee-8db5-937081a9cefa/1/Dr4KrsmSdl1Q_MOPLF3tD3Wljco.roa
Signing time: Mon 01 Jan 2024 02:29:43 +0000
ROA not before: Mon 01 Jan 2024 02:29:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49788
IP address blocks: 185.57.252.0/22 maxlen: 22
84.243.128.0/18 maxlen: 24
2a02:6060::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 02 Jan 2025 07:49:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:08:e2:a4:d4:a0:14:08:ff:d0:0d:62:da:65:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60635e04c34c2f781ee980a1651ff66e5132bc44
Validity
Not Before: Jan 1 02:29:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0ebe0aaec992765d50fcc38f2c5ded0f75a58dca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:00:ae:18:4b:b6:0e:bb:08:13:93:63:d2:c5:
9e:96:ea:1b:f8:70:b2:d3:e8:1c:62:98:98:94:88:
cf:6b:ef:f8:80:df:f5:06:0e:e0:6f:b6:d4:9c:4d:
0a:74:26:1d:42:82:49:05:a2:d4:4a:a9:c6:d1:c7:
30:e2:4a:12:4b:81:90:51:01:62:e7:9d:30:40:55:
43:57:11:96:56:86:e0:6a:22:2b:4f:ac:57:9e:60:
8c:ac:9f:46:f1:34:75:e0:a7:76:9a:c0:d0:cf:05:
3c:a8:ba:0a:da:61:8f:a3:c4:98:e4:98:03:31:1b:
0a:36:34:83:4a:dd:f3:5d:f2:91:6b:2f:19:6d:1b:
b2:85:05:03:c5:f4:5a:a3:98:e5:f9:1a:af:14:e6:
e0:76:c9:a0:2a:18:a6:4f:fe:3e:6b:f8:46:43:52:
09:2b:cb:eb:38:0d:91:0d:ed:21:af:74:6b:d5:87:
0e:be:ec:fb:fe:c7:c8:40:8a:1a:5f:80:a2:8c:46:
98:2f:05:c6:ae:4d:8b:91:33:92:c9:70:e5:a8:3c:
8f:85:c0:83:9d:f3:d2:c7:d6:e4:28:06:9a:00:c8:
52:5b:f7:68:86:23:19:9d:1f:d8:6d:bd:42:fd:ce:
7f:06:ea:dd:fc:7c:82:af:14:4b:79:dc:46:4d:54:
ba:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:BE:0A:AE:C9:92:76:5D:50:FC:C3:8F:2C:5D:ED:0F:75:A5:8D:CA
X509v3 Authority Key Identifier:
keyid:60:63:5E:04:C3:4C:2F:78:1E:E9:80:A1:65:1F:F6:6E:51:32:BC:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGNeBMNML3ge6YChZR_2blEyvEQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/99286a-45b3-4cee-8db5-937081a9cefa/1/Dr4KrsmSdl1Q_MOPLF3tD3Wljco.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/99286a-45b3-4cee-8db5-937081a9cefa/1/YGNeBMNML3ge6YChZR_2blEyvEQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.243.128.0/18
185.57.252.0/22
IPv6:
2a02:6060::/32
Signature Algorithm: sha256WithRSAEncryption
46:e2:8d:5d:65:9e:21:63:6d:ac:28:3b:07:ab:8b:17:09:fc:
a0:81:f9:e1:fb:e7:9d:ba:4e:4a:cd:80:77:d8:71:d3:f2:4d:
86:a2:6f:a1:1f:6e:71:53:b7:b1:6d:4a:44:6a:b0:33:06:4e:
4e:3e:4d:77:cd:76:85:1f:24:80:83:d2:a8:8b:a6:2d:22:b0:
70:4b:d8:6d:d7:13:66:86:7f:76:87:71:f7:36:ac:92:4e:23:
b3:60:59:3d:5f:99:00:82:2c:15:7c:1c:2f:47:42:00:0e:f5:
fd:3d:1f:60:75:8b:77:12:5e:b4:be:bc:ff:e2:10:60:16:19:
60:e1:d1:6b:49:fc:47:da:08:32:91:0a:ad:bb:d6:74:fe:5a:
d6:e7:40:10:b7:59:36:c8:ba:db:76:14:3e:82:3f:58:54:ad:
c9:42:5c:21:7d:a3:c8:59:bc:74:ea:58:bc:06:cc:e7:d7:d3:
f7:1e:a1:d4:cb:85:28:23:83:d3:95:dd:7f:54:4e:21:7a:c4:
7d:89:d1:d7:7b:68:5e:62:ff:82:06:7e:fb:c4:8e:2b:fe:5c:
9a:6d:bf:80:61:b7:18:f2:a1:c3:18:9f:39:2c:7c:db:b2:6d:
72:bd:c6:1f:8c:44:86:39:8d:2b:8d:9a:f2:ab:9a:79:4c:d1:
64:2f:4c:67
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzC2wjipNSgFAj/0A1i2mUSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjM1ZTA0YzM0YzJmNzgxZWU5ODBhMTY1MWZmNjZlNTEz
MmJjNDQwHhcNMjQwMTAxMDIyOTQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZWJlMGFhZWM5OTI3NjVkNTBmY2MzOGYyYzVkZWQwZjc1YTU4ZGNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlACuGEu2DrsIE5Nj0sWeluob+HCy
0+gcYpiYlIjPa+/4gN/1Bg7gb7bUnE0KdCYdQoJJBaLUSqnG0ccw4koSS4GQUQFi
550wQFVDVxGWVobgaiIrT6xXnmCMrJ9G8TR14Kd2msDQzwU8qLoK2mGPo8SY5JgD
MRsKNjSDSt3zXfKRay8ZbRuyhQUDxfRao5jl+RqvFObgdsmgKhimT/4+a/hGQ1IJ
K8vrOA2RDe0hr3Rr1YcOvuz7/sfIQIoaX4CijEaYLwXGrk2LkTOSyXDlqDyPhcCD
nfPSx9bkKAaaAMhSW/dohiMZnR/Ybb1C/c5/Burd/HyCrxRLedxGTVS6BQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFA6+Cq7JknZdUPzDjyxd7Q91pY3KMB8GA1UdIwQY
MBaAFGBjXgTDTC94HumAoWUf9m5RMrxEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdOZUJNTk1MM2dlNllDaFpSXzJibEV5dkVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS85OTI4NmEtNDViMy00Y2VlLThkYjUt
OTM3MDgxYTljZWZhLzEvRHI0S3JzbVNkbDFRX01PUExGM3REM1dsamNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS85OTI4NmEtNDViMy00Y2VlLThkYjUtOTM3MDgxYTljZWZh
LzEvWUdOZUJNTk1MM2dlNllDaFpSXzJibEV5dkVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQGVPOAAwQC
uTn8MA0EAgACMAcDBQAqAmBgMA0GCSqGSIb3DQEBCwUAA4IBAQBG4o1dZZ4hY22s
KDsHq4sXCfyggfnh++eduk5KzYB32HHT8k2Gom+hH25xU7exbUpEarAzBk5OPk13
zXaFHySAg9Koi6YtIrBwS9ht1xNmhn92h3H3NqySTiOzYFk9X5kAgiwVfBwvR0IA
DvX9PR9gdYt3El60vrz/4hBgFhlg4dFrSfxH2ggykQqtu9Z0/lrW50AQt1k2yLrb
dhQ+gj9YVK3JQlwhfaPIWbx06li8Bszn19P3HqHUy4UoI4PTld1/VE4hesR9idHX
e2heYv+CBn77xI4r/lyabb+AYbcY8qHDGJ85LHzbsm1yvcYfjESGOY0rjZryq5p5
TNFkL0xn
-----END CERTIFICATE-----
Generated at Sat Apr 19 05:37:07 2025 by rpki-client