Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/DKn9P-lr8RwqIdgPS2-h-fCGNJk.roa
File: DKn9P-lr8RwqIdgPS2-h-fCGNJk.roa (raw, json)
Hash identifier: 8Pi/ixAKVlH1/owhQz3JIUZPJH5XVEp5Z02+VbmscTo=
Subject key identifier: 0C:A9:FD:3F:E9:6B:F1:1C:2A:21:D8:0F:4B:6F:A1:F9:F0:86:34:99
Certificate issuer: /CN=746365355b665564a210c358c68a0117b7fbeb9a
Certificate serial: 0190BF5D3443F6F6611A19DD6D46A1A7948F
Authority key identifier: 74:63:65:35:5B:66:55:64:A2:10:C3:58:C6:8A:01:17:B7:FB:EB:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dGNlNVtmVWSiEMNYxooBF7f765o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/DKn9P-lr8RwqIdgPS2-h-fCGNJk.roa
Signing time: Wed 17 Jul 2024 06:24:34 +0000
ROA not before: Wed 17 Jul 2024 06:24:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199152
IP address blocks: 185.120.56.0/24 maxlen: 24
185.120.57.0/24 maxlen: 24
185.120.58.0/24 maxlen: 24
212.22.64.0/24 maxlen: 24
212.22.75.0/24 maxlen: 24
212.22.77.0/24 maxlen: 24
2a06:c3c0:1::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 21:48:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:bf:5d:34:43:f6:f6:61:1a:19:dd:6d:46:a1:a7:94:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=746365355b665564a210c358c68a0117b7fbeb9a
Validity
Not Before: Jul 17 06:24:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0ca9fd3fe96bf11c2a21d80f4b6fa1f9f0863499
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:8a:5c:dc:5e:f8:2e:1a:dd:7a:98:8a:3b:72:
93:43:80:7d:be:6d:86:43:23:ef:ec:3c:10:06:82:
ea:16:5e:2b:c9:80:b5:72:8d:2a:99:af:54:15:d4:
d9:7c:29:c3:8c:bb:d8:82:7c:0d:87:de:06:24:ba:
65:73:f1:09:2a:c2:d6:2c:b2:92:78:79:8b:f5:00:
aa:be:3f:52:93:b4:7f:4b:d9:c5:27:63:56:89:a2:
a7:7e:b6:b7:29:06:f4:54:e5:33:4e:0b:67:d2:1b:
c0:6e:9d:b2:3d:f7:f1:67:ca:b2:87:1f:13:30:49:
6d:9c:c2:c2:4b:45:30:94:5b:96:00:ad:29:b6:c6:
5a:fe:98:e4:6c:ea:bc:0c:7c:ab:00:94:af:d8:51:
20:3c:47:e9:43:8c:43:45:cb:4a:1f:63:85:f2:01:
de:68:19:66:f1:ac:b5:a4:f6:9e:34:fb:c7:b3:a6:
6e:d8:86:29:27:58:c6:3b:23:f8:07:c1:f9:59:64:
3c:2b:e4:a2:52:f2:98:60:b1:6d:a9:af:93:06:b8:
f3:3d:44:26:c4:ad:e5:c4:ba:a8:f4:d8:90:79:5a:
a0:6b:f3:c1:6d:ac:f0:c6:10:52:a0:1c:a6:20:d2:
f9:93:a3:22:ca:53:42:25:3c:2f:1f:56:2d:3f:cc:
a3:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:A9:FD:3F:E9:6B:F1:1C:2A:21:D8:0F:4B:6F:A1:F9:F0:86:34:99
X509v3 Authority Key Identifier:
keyid:74:63:65:35:5B:66:55:64:A2:10:C3:58:C6:8A:01:17:B7:FB:EB:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dGNlNVtmVWSiEMNYxooBF7f765o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/DKn9P-lr8RwqIdgPS2-h-fCGNJk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/dGNlNVtmVWSiEMNYxooBF7f765o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.120.56.0-185.120.58.255
212.22.64.0/24
212.22.75.0/24
212.22.77.0/24
IPv6:
2a06:c3c0:1::/48
Signature Algorithm: sha256WithRSAEncryption
26:61:25:b7:46:9b:87:ac:7b:60:96:3a:65:66:15:0f:60:2e:
2f:3f:fa:52:d0:f0:cd:16:d4:1b:a0:e0:73:a9:b7:36:d6:34:
d3:23:49:ba:26:50:c9:0a:82:1f:e6:a3:65:e3:4a:1d:df:be:
fa:8a:5e:58:30:6d:e5:ea:da:00:6a:48:25:75:48:56:b4:80:
82:a3:62:90:2a:d0:39:5f:1c:7f:b4:d4:8b:18:b0:3b:c4:e7:
6a:b8:ce:00:62:21:77:0c:53:f9:3a:c3:e8:53:ff:81:db:65:
3e:ff:3e:93:84:d4:8a:89:58:1c:e3:4d:89:39:3c:cc:43:a4:
ec:12:c9:9f:e6:42:e4:2d:d3:44:d3:9e:bd:99:a3:5a:d9:42:
f9:2d:00:9a:af:ee:27:98:49:d5:19:c7:75:df:a5:69:af:7b:
b1:25:94:ce:6f:c9:c3:2b:ec:ba:4f:c0:97:df:3b:9e:81:a8:
ed:e6:3b:b5:f5:8b:d5:a6:a7:75:39:03:15:46:45:f8:a8:32:
ee:e3:e6:f2:92:05:5d:3d:a4:1f:55:b5:ed:64:aa:19:71:4f:
67:ae:4b:34:f6:5e:c9:39:41:85:fe:1a:6d:f1:a4:02:d9:37:
52:50:72:01:6a:b7:a9:52:69:da:83:3c:91:71:13:0b:fb:4a:
99:d6:e7:d8
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgISAZC/XTRD9vZhGhndbUahp5SPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0NjM2NTM1NWI2NjU1NjRhMjEwYzM1OGM2OGEwMTE3Yjdm
YmViOWEwHhcNMjQwNzE3MDYyNDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwY2E5ZmQzZmU5NmJmMTFjMmEyMWQ4MGY0YjZmYTFmOWYwODYzNDk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3opc3F74LhrdepiKO3KTQ4B9vm2G
QyPv7DwQBoLqFl4ryYC1co0qma9UFdTZfCnDjLvYgnwNh94GJLplc/EJKsLWLLKS
eHmL9QCqvj9Sk7R/S9nFJ2NWiaKnfra3KQb0VOUzTgtn0hvAbp2yPffxZ8qyhx8T
MEltnMLCS0UwlFuWAK0ptsZa/pjkbOq8DHyrAJSv2FEgPEfpQ4xDRctKH2OF8gHe
aBlm8ay1pPaeNPvHs6Zu2IYpJ1jGOyP4B8H5WWQ8K+SiUvKYYLFtqa+TBrjzPUQm
xK3lxLqo9NiQeVqga/PBbazwxhBSoBymINL5k6MiylNCJTwvH1YtP8yjKwIDAQAB
o4ICNDCCAjAwHQYDVR0OBBYEFAyp/T/pa/EcKiHYD0tvofnwhjSZMB8GA1UdIwQY
MBaAFHRjZTVbZlVkohDDWMaKARe3++uaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEdObE5WdG1WV1NpRU1OWXhvb0JGN2Y3NjVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi9hZWEzNmQtYmFiZi00NDc0LWE3OGIt
NmE0ZWNhZjhiM2IxLzEvREtuOVAtbHI4UndxSWRnUFMyLWgtZkNHTkprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi9hZWEzNmQtYmFiZi00NDc0LWE3OGItNmE0ZWNhZjhiM2Ix
LzEvZEdObE5WdG1WV1NpRU1OWXhvb0JGN2Y3NjVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEoGCCsGAQUFBwEHAQH/BDswOTAmBAIAATAgMAwDBAO5eDgD
BAC5eDoDBADUFkADBADUFksDBADUFk0wDwQCAAIwCQMHACoGw8AAATANBgkqhkiG
9w0BAQsFAAOCAQEAJmElt0abh6x7YJY6ZWYVD2AuLz/6UtDwzRbUG6Dgc6m3NtY0
0yNJuiZQyQqCH+ajZeNKHd+++opeWDBt5eraAGpIJXVIVrSAgqNikCrQOV8cf7TU
ixiwO8TnarjOAGIhdwxT+TrD6FP/gdtlPv8+k4TUiolYHONNiTk8zEOk7BLJn+ZC
5C3TRNOevZmjWtlC+S0Amq/uJ5hJ1RnHdd+laa97sSWUzm/Jwyvsuk/Al987noGo
7eY7tfWL1aandTkDFUZF+Kgy7uPm8pIFXT2kH1W17WSqGXFPZ65LNPZeyTlBhf4a
bfGkAtk3UlByAWq3qVJp2oM8kXETC/tKmdbn2A==
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:34:11 2025 by rpki-client