Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/cb0153-803a-4bb6-b19d-a774e41d264c/1/DYLjWvwGvcKYsqCmuztGnKr95UA.roa
File: DYLjWvwGvcKYsqCmuztGnKr95UA.roa (raw, json)
Hash identifier: OwrMp0gdCY+Dd9BXuTtFc90A7ASg0umQC4it/lmUd+I=
Subject key identifier: 0D:82:E3:5A:FC:06:BD:C2:98:B2:A0:A6:BB:3B:46:9C:AA:FD:E5:40
Certificate issuer: /CN=6fccdffda6a4c48914b5e8cde7da5d820b9c9718
Certificate serial: 0194221F9569ED0A757A87C5C9FFA06EFC8B
Authority key identifier: 6F:CC:DF:FD:A6:A4:C4:89:14:B5:E8:CD:E7:DA:5D:82:0B:9C:97:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b8zf_aakxIkUtejN59pdgguclxg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/cb0153-803a-4bb6-b19d-a774e41d264c/1/DYLjWvwGvcKYsqCmuztGnKr95UA.roa
Signing time: Wed 01 Jan 2025 13:48:02 +0000
ROA not before: Wed 01 Jan 2025 13:48:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15626
IP address blocks: 185.253.0.0/24 maxlen: 24
195.28.182.0/23 maxlen: 23
2001:67c:2f6c::/48 maxlen: 48
2a0a:8c46::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 11 Feb 2025 15:40:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:95:69:ed:0a:75:7a:87:c5:c9:ff:a0:6e:fc:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6fccdffda6a4c48914b5e8cde7da5d820b9c9718
Validity
Not Before: Jan 1 13:48:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0d82e35afc06bdc298b2a0a6bb3b469caafde540
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:dc:57:9a:7f:23:41:fc:46:fe:38:2a:71:17:
19:47:38:2e:4a:52:f0:e5:b7:79:86:b7:22:02:cd:
0f:86:33:ba:ba:72:ad:fd:03:35:0b:63:d9:a1:e1:
34:5c:ff:81:44:d3:a1:a3:f0:3c:7c:28:41:36:7d:
11:82:f2:0a:c8:6e:57:48:61:d4:a9:31:93:3c:1a:
ae:84:dd:29:fa:14:24:9c:c7:15:27:9b:bd:cf:cb:
a4:6e:f6:4b:48:a2:4c:60:d7:08:c2:5f:f5:87:a2:
e9:e0:4f:9c:cc:b0:64:88:e4:7a:33:e6:b4:fe:5f:
3e:6b:9b:26:20:63:9e:6c:74:e8:f0:36:91:00:68:
bf:8e:f7:5e:5e:e6:cc:bf:db:87:39:16:44:8a:67:
3e:cf:f8:30:6a:32:82:10:9d:eb:76:e5:e1:da:28:
86:74:59:a1:c6:2b:59:a6:24:3e:62:78:72:d5:17:
41:2b:07:56:1b:c5:c8:fe:f5:5f:e9:7b:8c:76:53:
a1:b9:4f:a7:3f:6b:7e:61:05:50:01:26:2f:7c:14:
0f:79:74:0b:19:7e:12:7b:c8:e4:c0:49:61:93:7a:
17:f6:09:a1:3b:95:39:da:6a:ad:0d:60:9e:a1:9b:
ed:62:13:29:d2:75:55:07:81:e1:9c:91:c5:38:9d:
fc:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:82:E3:5A:FC:06:BD:C2:98:B2:A0:A6:BB:3B:46:9C:AA:FD:E5:40
X509v3 Authority Key Identifier:
keyid:6F:CC:DF:FD:A6:A4:C4:89:14:B5:E8:CD:E7:DA:5D:82:0B:9C:97:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8zf_aakxIkUtejN59pdgguclxg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/cb0153-803a-4bb6-b19d-a774e41d264c/1/DYLjWvwGvcKYsqCmuztGnKr95UA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/cb0153-803a-4bb6-b19d-a774e41d264c/1/b8zf_aakxIkUtejN59pdgguclxg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.253.0.0/24
195.28.182.0/23
IPv6:
2001:67c:2f6c::/48
2a0a:8c46::/32
Signature Algorithm: sha256WithRSAEncryption
ac:b2:83:a5:ba:b0:44:91:de:84:53:60:d4:8f:0f:74:06:40:
10:ab:e6:4e:93:54:33:05:78:a9:0f:14:fb:0f:58:f6:12:c7:
15:d2:a9:55:8b:78:64:93:5d:52:fa:81:9a:6e:08:b4:82:0f:
c4:b3:ea:69:54:ff:fc:55:98:c5:fd:37:52:84:d0:01:b6:d9:
d1:8a:17:82:4b:53:e7:e9:d2:40:03:bc:76:f8:40:5e:e7:6c:
af:fd:fe:f3:cc:50:51:50:8e:56:cf:cf:0e:22:1c:23:59:cb:
f3:ce:25:22:36:dc:0c:1f:ed:70:d0:e4:32:9b:97:0e:9d:d3:
dd:38:f2:b7:14:35:c1:cf:2d:35:eb:47:e4:9a:52:b0:15:48:
94:84:ff:7e:cf:a1:6d:f5:7d:28:a0:9e:7a:d0:8c:c4:91:d6:
55:68:a1:4b:52:00:ee:9b:37:12:48:cf:0f:af:be:5b:53:0a:
1a:ad:bf:bd:62:37:bf:86:0a:92:c2:b4:2b:2d:e5:7e:e8:fe:
2a:ba:a2:db:1a:1b:b0:57:7f:f4:b4:fe:4e:51:03:68:ce:6f:
1a:d4:d9:d4:c2:5d:69:32:24:5d:33:43:03:98:ed:b0:f6:d8:
1a:b2:65:44:86:ee:33:f7:f4:51:02:42:0e:c5:4e:f1:4a:ff:
af:af:c4:07
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZQiH5Vp7Qp1eofFyf+gbvyLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmY2NkZmZkYTZhNGM0ODkxNGI1ZThjZGU3ZGE1ZDgyMGI5
Yzk3MTgwHhcNMjUwMTAxMTM0ODAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDgyZTM1YWZjMDZiZGMyOThiMmEwYTZiYjNiNDY5Y2FhZmRlNTQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6dxXmn8jQfxG/jgqcRcZRzguSlLw
5bd5hrciAs0PhjO6unKt/QM1C2PZoeE0XP+BRNOho/A8fChBNn0RgvIKyG5XSGHU
qTGTPBquhN0p+hQknMcVJ5u9z8ukbvZLSKJMYNcIwl/1h6Lp4E+czLBkiOR6M+a0
/l8+a5smIGOebHTo8DaRAGi/jvdeXubMv9uHORZEimc+z/gwajKCEJ3rduXh2iiG
dFmhxitZpiQ+Ynhy1RdBKwdWG8XI/vVf6XuMdlOhuU+nP2t+YQVQASYvfBQPeXQL
GX4Se8jkwElhk3oX9gmhO5U52mqtDWCeoZvtYhMp0nVVB4HhnJHFOJ38IwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFA2C41r8Br3CmLKgprs7Rpyq/eVAMB8GA1UdIwQY
MBaAFG/M3/2mpMSJFLXozefaXYILnJcYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjh6Zl9hYWt4SWtVdGVqTjU5cGRnZ3VjbHhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi9jYjAxNTMtODAzYS00YmI2LWIxOWQt
YTc3NGU0MWQyNjRjLzEvRFlMald2d0d2Y0tZc3FDbXV6dEduS3I5NVVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi9jYjAxNTMtODAzYS00YmI2LWIxOWQtYTc3NGU0MWQyNjRj
LzEvYjh6Zl9hYWt4SWtVdGVqTjU5cGRnZ3VjbHhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDASBAIAATAMAwQAuf0AAwQB
wxy2MBYEAgACMBADBwAgAQZ8L2wDBQAqCoxGMA0GCSqGSIb3DQEBCwUAA4IBAQCs
soOlurBEkd6EU2DUjw90BkAQq+ZOk1QzBXipDxT7D1j2EscV0qlVi3hkk11S+oGa
bgi0gg/Es+ppVP/8VZjF/TdShNABttnRiheCS1Pn6dJAA7x2+EBe52yv/f7zzFBR
UI5Wz88OIhwjWcvzziUiNtwMH+1w0OQym5cOndPdOPK3FDXBzy0160fkmlKwFUiU
hP9+z6Ft9X0ooJ560IzEkdZVaKFLUgDumzcSSM8Pr75bUwoarb+9Yje/hgqSwrQr
LeV+6P4quqLbGhuwV3/0tP5OUQNozm8a1NnUwl1pMiRdM0MDmO2w9tgasmVEhu4z
9/RRAkIOxU7xSv+vr8QH
-----END CERTIFICATE-----
Generated at Tue Apr 22 16:20:52 2025 by rpki-client