Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/a93da0-e155-4324-9ba9-62098d1ec1e6/1/996s0xZtUdqyg97N1Bvfc3Evl0w.roa
File: 996s0xZtUdqyg97N1Bvfc3Evl0w.roa (raw, json)
Hash identifier: J4IdN3tAuJ6I3GdKtlWJbTjp8j9lVW0PsoW2qa4D9VU=
Subject key identifier: F7:DE:AC:D3:16:6D:51:DA:B2:83:DE:CD:D4:1B:DF:73:71:2F:97:4C
Certificate issuer: /CN=d04079bb7070ed0eeea3a1a467c79462bcc5455f
Certificate serial: 0192721688F1F60A620E58AAE1D781D6EEAB
Authority key identifier: D0:40:79:BB:70:70:ED:0E:EE:A3:A1:A4:67:C7:94:62:BC:C5:45:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0EB5u3Bw7Q7uo6GkZ8eUYrzFRV8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/a93da0-e155-4324-9ba9-62098d1ec1e6/1/996s0xZtUdqyg97N1Bvfc3Evl0w.roa
Signing time: Wed 09 Oct 2024 16:22:12 +0000
ROA not before: Wed 09 Oct 2024 16:22:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47638
IP address blocks: 185.66.205.0/24 maxlen: 24
185.66.206.0/24 maxlen: 24
185.149.208.0/24 maxlen: 24
185.149.210.0/23 maxlen: 24
185.161.132.0/22 maxlen: 24
194.0.116.0/22 maxlen: 24
2a04:1840::/29 maxlen: 48
2a0b:8640::/29 maxlen: 48
2a0f:cd40::/29 maxlen: 48
Validation: Failed, certificate revoked on Fri 08 Nov 2024 10:57:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:72:16:88:f1:f6:0a:62:0e:58:aa:e1:d7:81:d6:ee:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d04079bb7070ed0eeea3a1a467c79462bcc5455f
Validity
Not Before: Oct 9 16:22:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f7deacd3166d51dab283decdd41bdf73712f974c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:bf:95:91:08:a8:db:ae:a3:26:71:f5:56:30:
cd:56:ab:f2:b6:d3:49:21:37:82:22:84:13:0a:1e:
88:c9:8c:19:df:e1:ee:8d:5f:0a:da:3e:cf:1c:f5:
70:17:9e:ca:27:60:99:d2:12:81:4c:a9:68:75:aa:
61:73:60:1b:84:92:11:18:fc:33:a7:c5:fe:19:4e:
49:70:e5:68:e6:d1:dc:cd:02:6f:d2:45:e4:0a:13:
04:dd:31:1a:63:7b:c2:fd:59:3f:f9:aa:73:b6:c6:
22:00:71:db:46:65:9d:89:f2:f1:33:f3:4f:10:d8:
53:57:cc:64:bd:d4:2f:2a:3d:0f:a5:4c:3b:95:38:
b0:99:ae:61:c8:31:4e:90:04:d2:8c:f4:e0:bf:9a:
3b:9f:7a:cb:45:20:1a:5f:be:66:15:3a:56:62:9f:
e6:b1:ec:37:44:85:58:56:94:29:74:d4:cc:52:cf:
fd:c5:bb:25:23:5e:95:e9:63:3e:2e:59:fb:49:f8:
1b:df:53:ed:a6:7c:8a:8c:11:55:fa:f0:1a:43:76:
f6:b7:5f:fd:73:d8:6b:4f:80:38:f4:13:41:8d:6a:
08:c6:c7:a6:79:f4:42:b0:bc:7a:ad:5d:6f:33:47:
eb:dd:f8:00:42:11:09:73:d9:93:19:b8:b8:da:31:
6c:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:DE:AC:D3:16:6D:51:DA:B2:83:DE:CD:D4:1B:DF:73:71:2F:97:4C
X509v3 Authority Key Identifier:
keyid:D0:40:79:BB:70:70:ED:0E:EE:A3:A1:A4:67:C7:94:62:BC:C5:45:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0EB5u3Bw7Q7uo6GkZ8eUYrzFRV8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/a93da0-e155-4324-9ba9-62098d1ec1e6/1/996s0xZtUdqyg97N1Bvfc3Evl0w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/a93da0-e155-4324-9ba9-62098d1ec1e6/1/0EB5u3Bw7Q7uo6GkZ8eUYrzFRV8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.66.205.0-185.66.206.255
185.149.208.0/24
185.149.210.0/23
185.161.132.0/22
194.0.116.0/22
IPv6:
2a04:1840::/29
2a0b:8640::/29
2a0f:cd40::/29
Signature Algorithm: sha256WithRSAEncryption
83:5e:ee:67:96:ca:c4:e9:f5:53:b1:28:14:55:d9:d9:ce:10:
ec:b6:27:34:2f:80:b4:14:f4:a7:99:e5:2f:e5:b5:c0:a0:f6:
c8:39:8f:8c:ec:43:e8:8d:c5:08:06:9c:77:a6:41:84:f9:ee:
65:ac:5a:7e:59:9e:d8:e5:fb:e3:cb:b9:8c:d3:59:ad:b5:46:
c9:39:91:3a:37:73:9f:34:8d:a5:e5:57:3a:2e:59:f1:37:fb:
d9:b7:57:f2:60:46:4c:bc:ee:d0:46:69:dc:81:12:52:04:73:
cd:a9:55:89:b6:80:ad:59:32:86:4c:8e:c6:c5:fb:b3:94:5a:
69:b8:0d:d5:f1:e9:70:8a:2b:71:37:5b:ee:c8:a6:61:4f:90:
4a:ac:a3:7f:1e:b1:8e:db:5f:46:05:19:77:8a:08:53:62:66:
7a:9a:47:ae:1f:21:38:28:61:fe:b9:c9:e5:75:d7:59:b6:c5:
9d:b4:31:e8:d2:ba:18:ff:b2:39:e9:a6:9c:c5:b7:83:a4:51:
74:0b:48:a5:aa:fa:de:26:ac:40:95:b7:db:0c:3a:05:c7:7a:
a1:09:85:36:57:eb:4e:50:64:31:c0:4c:28:5b:08:0b:b2:d9:
5a:35:20:f1:ce:e7:01:19:2c:06:68:a1:60:d8:98:a7:b7:d8:
42:2f:8c:bf
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgISAZJyFojx9gpiDliq4deB1u6rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwNDA3OWJiNzA3MGVkMGVlZWEzYTFhNDY3Yzc5NDYyYmNj
NTQ1NWYwHhcNMjQxMDA5MTYyMjEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmN2RlYWNkMzE2NmQ1MWRhYjI4M2RlY2RkNDFiZGY3MzcxMmY5NzRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5L+VkQio266jJnH1VjDNVqvyttNJ
ITeCIoQTCh6IyYwZ3+HujV8K2j7PHPVwF57KJ2CZ0hKBTKlodaphc2AbhJIRGPwz
p8X+GU5JcOVo5tHczQJv0kXkChME3TEaY3vC/Vk/+apztsYiAHHbRmWdifLxM/NP
ENhTV8xkvdQvKj0PpUw7lTiwma5hyDFOkATSjPTgv5o7n3rLRSAaX75mFTpWYp/m
sew3RIVYVpQpdNTMUs/9xbslI16V6WM+Lln7Sfgb31PtpnyKjBFV+vAaQ3b2t1/9
c9hrT4A49BNBjWoIxsemefRCsLx6rV1vM0fr3fgAQhEJc9mTGbi42jFsdwIDAQAB
o4ICRjCCAkIwHQYDVR0OBBYEFPferNMWbVHasoPezdQb33NxL5dMMB8GA1UdIwQY
MBaAFNBAebtwcO0O7qOhpGfHlGK8xUVfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEVCNXUzQnc3UTd1bzZHa1o4ZVVZcnpGUlY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS9hOTNkYTAtZTE1NS00MzI0LTliYTkt
NjIwOThkMWVjMWU2LzEvOTk2czB4WnRVZHF5Zzk3TjFCdmZjM0V2bDB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS9hOTNkYTAtZTE1NS00MzI0LTliYTktNjIwOThkMWVjMWU2
LzEvMEVCNXUzQnc3UTd1bzZHa1o4ZVVZcnpGUlY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFwGCCsGAQUFBwEHAQH/BE0wSzAsBAIAATAmMAwDBAC5Qs0D
BAC5Qs4DBAC5ldADBAG5ldIDBAK5oYQDBALCAHQwGwQCAAIwFQMFAyoEGEADBQMq
C4ZAAwUDKg/NQDANBgkqhkiG9w0BAQsFAAOCAQEAg17uZ5bKxOn1U7EoFFXZ2c4Q
7LYnNC+AtBT0p5nlL+W1wKD2yDmPjOxD6I3FCAacd6ZBhPnuZaxaflme2OX748u5
jNNZrbVGyTmROjdznzSNpeVXOi5Z8Tf72bdX8mBGTLzu0EZp3IESUgRzzalVibaA
rVkyhkyOxsX7s5RaabgN1fHpcIorcTdb7simYU+QSqyjfx6xjttfRgUZd4oIU2Jm
eppHrh8hOChh/rnJ5XXXWbbFnbQx6NK6GP+yOemmnMW3g6RRdAtIpar63iasQJW3
2ww6Bcd6oQmFNlfrTlBkMcBMKFsIC7LZWjUg8c7nARksBmihYNiYp7fYQi+Mvw==
-----END CERTIFICATE-----
Generated at Fri Nov 8 16:57:55 2024 by rpki-client on console-ams.rpki-client.org