Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/DJyph1GV5BxB0XWeGvIKsUH_xMo.roa
File: DJyph1GV5BxB0XWeGvIKsUH_xMo.roa (raw, json)
Hash identifier: QcUwnDnKuB001TPwWph14akeBWYjl7km+jF21LG3J0g=
Subject key identifier: 0C:9C:A9:87:51:95:E4:1C:41:D1:75:9E:1A:F2:0A:B1:41:FF:C4:CA
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 01937631B84EFBA6B0235F17A590D48AFF6F
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/DJyph1GV5BxB0XWeGvIKsUH_xMo.roa
Signing time: Fri 29 Nov 2024 04:33:10 +0000
ROA not before: Fri 29 Nov 2024 04:33:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8100
IP address blocks: 89.35.130.0/24 maxlen: 24
185.34.101.0/24 maxlen: 24
185.141.216.0/24 maxlen: 24
185.254.66.0/24 maxlen: 24
185.254.67.0/24 maxlen: 24
188.64.142.0/24 maxlen: 24
217.19.4.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 19 Dec 2024 08:18:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:76:31:b8:4e:fb:a6:b0:23:5f:17:a5:90:d4:8a:ff:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Nov 29 04:33:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0c9ca9875195e41c41d1759e1af20ab141ffc4ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:4b:33:47:05:0b:c9:8d:68:f8:c0:79:65:04:
1d:3e:35:7a:fd:de:81:8a:e3:8c:50:9b:69:e3:bc:
26:cc:c7:ab:e1:59:e7:26:e7:41:f2:c1:36:9b:64:
6d:42:c1:a5:b2:30:99:a6:da:35:cd:ac:b7:3b:3e:
64:66:fb:30:3b:c2:eb:7f:d7:f9:94:bb:46:66:1d:
2e:44:fc:4d:52:18:db:79:27:8d:73:f3:7f:5c:78:
db:51:25:dc:0f:e8:48:da:38:11:57:af:36:f7:01:
eb:ea:bc:ef:55:74:29:75:21:4b:ee:e2:51:ec:6b:
93:92:02:65:05:39:dd:f1:6c:00:a8:39:7d:2c:16:
f4:cb:4f:23:e1:30:7f:9c:40:1d:83:a7:85:00:10:
32:3c:76:2b:46:31:22:cc:b4:43:24:52:91:03:8e:
2b:aa:b5:cd:e3:7c:9c:7a:de:3f:72:4c:4d:2e:39:
dc:f2:9f:d1:fe:94:56:4f:40:7f:31:06:82:13:67:
e3:72:ee:73:f6:0a:8e:b3:fd:14:77:79:03:cb:57:
41:b7:a5:69:3f:d0:66:14:c9:2c:4b:f7:6b:86:c2:
08:78:3e:6c:4f:26:b4:6f:f1:0d:62:e4:1f:54:30:
26:80:85:62:6c:b4:9f:f8:4b:b1:96:3e:8e:57:2c:
fd:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:9C:A9:87:51:95:E4:1C:41:D1:75:9E:1A:F2:0A:B1:41:FF:C4:CA
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/DJyph1GV5BxB0XWeGvIKsUH_xMo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.35.130.0/24
185.34.101.0/24
185.141.216.0/24
185.254.66.0/23
188.64.142.0/24
217.19.4.0/24
Signature Algorithm: sha256WithRSAEncryption
15:03:c7:64:61:50:12:de:aa:2e:cd:eb:a1:65:a5:9e:e9:07:
34:e7:1c:28:c5:4f:03:25:4e:48:59:7f:93:bf:6b:f9:85:24:
0e:5d:58:4c:d4:c6:74:7b:2d:b2:62:97:7a:01:13:5b:99:89:
e7:9c:9b:ac:e3:18:89:cb:27:30:cc:9c:8c:7f:7b:3f:03:aa:
c0:9b:c6:b6:f7:f9:6f:9e:53:b4:6c:12:3b:6e:64:54:09:89:
91:8e:aa:a7:eb:85:1d:66:44:0e:4d:68:2e:7a:fd:db:e3:32:
70:08:bd:6a:aa:7d:37:7f:fd:da:48:92:9b:76:74:e0:1c:f4:
6a:0d:5b:95:09:43:32:1e:d5:e1:d0:c6:7c:fe:da:bb:53:a4:
4f:3c:64:66:8e:90:81:91:53:d9:bc:de:89:51:b6:21:0b:d4:
d4:ca:13:82:99:ec:47:70:43:b7:1f:27:ed:2a:37:da:08:39:
e5:2f:cf:c2:8e:fe:1d:fe:24:8c:73:30:d7:28:e8:23:97:76:
40:c7:bc:9d:f8:f4:4c:d2:3b:5f:dc:70:06:59:0c:80:4b:fd:
8b:0f:9b:b2:90:3a:3c:b1:76:48:04:8c:36:bc:ed:d7:81:b0:
2f:16:76:00:20:c5:64:34:29:d7:39:88:2e:3b:86:3c:53:cd:
dc:57:ee:83
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZN2MbhO+6awI18XpZDUiv9vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjQxMTI5MDQzMzEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzljYTk4NzUxOTVlNDFjNDFkMTc1OWUxYWYyMGFiMTQxZmZjNGNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6UszRwULyY1o+MB5ZQQdPjV6/d6B
iuOMUJtp47wmzMer4VnnJudB8sE2m2RtQsGlsjCZpto1zay3Oz5kZvswO8Lrf9f5
lLtGZh0uRPxNUhjbeSeNc/N/XHjbUSXcD+hI2jgRV6829wHr6rzvVXQpdSFL7uJR
7GuTkgJlBTnd8WwAqDl9LBb0y08j4TB/nEAdg6eFABAyPHYrRjEizLRDJFKRA44r
qrXN43ycet4/ckxNLjnc8p/R/pRWT0B/MQaCE2fjcu5z9gqOs/0Ud3kDy1dBt6Vp
P9BmFMksS/drhsIIeD5sTya0b/ENYuQfVDAmgIVibLSf+Euxlj6OVyz9MQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFAycqYdRleQcQdF1nhryCrFB/8TKMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvREp5cGgxR1Y1QnhCMFhXZUd2SUtzVUhfeE1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAWSOCAwQA
uSJlAwQAuY3YAwQBuf5CAwQAvECOAwQA2RMEMA0GCSqGSIb3DQEBCwUAA4IBAQAV
A8dkYVAS3qouzeuhZaWe6Qc05xwoxU8DJU5IWX+Tv2v5hSQOXVhM1MZ0ey2yYpd6
ARNbmYnnnJus4xiJyycwzJyMf3s/A6rAm8a29/lvnlO0bBI7bmRUCYmRjqqn64Ud
ZkQOTWguev3b4zJwCL1qqn03f/3aSJKbdnTgHPRqDVuVCUMyHtXh0MZ8/tq7U6RP
PGRmjpCBkVPZvN6JUbYhC9TUyhOCmexHcEO3HyftKjfaCDnlL8/Cjv4d/iSMczDX
KOgjl3ZAx7yd+PRM0jtf3HAGWQyAS/2LD5uykDo8sXZIBIw2vO3XgbAvFnYAIMVk
NCnXOYguO4Y8U83cV+6D
-----END CERTIFICATE-----
Generated at Fri Mar 14 11:41:18 2025 by rpki-client