Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/2fc375-da14-4f7f-8fae-15a6e7df45c9/1/PDtZnEbEMjuPedGoIAcT4Ehz8do.roa
File: PDtZnEbEMjuPedGoIAcT4Ehz8do.roa (raw, json)
Hash identifier: 2twmoSDMxrQpu5OG+PHy1A6WciQbbIpY8P07WJ2ehAQ=
Subject key identifier: 3C:3B:59:9C:46:C4:32:3B:8F:79:D1:A8:20:07:13:E0:48:73:F1:DA
Certificate issuer: /CN=ddfcffd100dc007f1a96a4430ea872389c57d6cf
Certificate serial: 01929EE53F09F3600F5E4A86585DB98D3BC2
Authority key identifier: DD:FC:FF:D1:00:DC:00:7F:1A:96:A4:43:0E:A8:72:38:9C:57:D6:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3fz_0QDcAH8alqRDDqhyOJxX1s8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/2fc375-da14-4f7f-8fae-15a6e7df45c9/1/PDtZnEbEMjuPedGoIAcT4Ehz8do.roa
Signing time: Fri 18 Oct 2024 09:11:16 +0000
ROA not before: Fri 18 Oct 2024 09:11:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42267
IP address blocks: 185.121.153.0/24 maxlen: 24
185.121.155.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 11:48:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:9e:e5:3f:09:f3:60:0f:5e:4a:86:58:5d:b9:8d:3b:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddfcffd100dc007f1a96a4430ea872389c57d6cf
Validity
Not Before: Oct 18 09:11:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3c3b599c46c4323b8f79d1a8200713e04873f1da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:05:a0:6b:1e:7e:ff:6d:bb:5c:00:db:a9:ad:
3a:3e:9b:b3:4c:68:54:ca:13:02:c2:69:a1:b2:fd:
c4:0c:b2:f1:a1:c3:42:3c:32:9c:74:45:2b:e1:b6:
62:03:e6:50:b0:c5:2e:da:01:76:ba:f4:86:47:ec:
ab:47:7f:83:c9:89:e3:1d:b5:c9:a8:5d:5e:15:17:
44:b6:53:43:45:0a:80:a1:4f:11:50:e6:d5:0c:c4:
04:15:19:28:31:95:15:94:f3:6a:29:58:46:8c:e0:
40:c1:08:2d:13:d0:b3:17:40:e4:af:6d:28:dd:32:
02:8b:0b:b9:81:57:a5:ad:68:aa:63:17:8f:18:c5:
81:34:2b:65:c7:4e:93:b0:1f:c0:6e:a2:b9:89:e1:
3e:f6:08:66:d6:a0:33:ab:d7:2f:e3:a1:6b:8c:13:
47:88:49:7f:bb:a3:6e:22:28:44:be:62:e0:2a:5f:
b0:3a:6a:bf:c6:a4:bb:1d:7d:9b:22:32:87:86:15:
69:de:4f:50:c6:84:2d:f9:f8:f0:76:23:63:b2:6c:
64:d7:66:79:f3:09:66:58:69:1e:ac:65:f6:f9:95:
ce:b2:3a:60:01:be:f2:1c:58:7d:62:7e:68:9b:f5:
01:38:aa:ce:aa:7e:c9:80:35:eb:82:e6:9e:96:7f:
7e:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:3B:59:9C:46:C4:32:3B:8F:79:D1:A8:20:07:13:E0:48:73:F1:DA
X509v3 Authority Key Identifier:
keyid:DD:FC:FF:D1:00:DC:00:7F:1A:96:A4:43:0E:A8:72:38:9C:57:D6:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fz_0QDcAH8alqRDDqhyOJxX1s8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/2fc375-da14-4f7f-8fae-15a6e7df45c9/1/PDtZnEbEMjuPedGoIAcT4Ehz8do.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/2fc375-da14-4f7f-8fae-15a6e7df45c9/1/3fz_0QDcAH8alqRDDqhyOJxX1s8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.121.153.0/24
185.121.155.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:85:d9:7e:12:29:51:d6:34:2f:f0:95:8d:0f:9f:14:5e:a6:
80:96:0a:7a:b9:6c:58:e2:fb:f4:a1:ac:78:47:14:a6:8a:6b:
5c:db:bd:0c:cd:c3:3b:76:29:38:56:be:64:8d:bd:e4:06:d7:
c9:cc:a9:17:a5:cc:90:70:74:92:7c:04:f2:a4:ab:b2:05:bb:
6b:88:89:1e:b0:c6:a8:58:ac:5d:37:8b:61:cc:16:02:18:ae:
c4:70:4e:81:5b:1f:58:cd:af:c5:1a:17:f5:31:73:29:68:2b:
27:06:bb:8e:e7:af:1a:8c:72:59:30:fd:91:9b:5d:bd:62:ea:
6f:4d:70:39:f8:f7:d5:40:9c:bc:e7:1d:4b:57:cf:4a:71:93:
a8:68:fb:1b:22:c0:05:5d:ec:7b:a2:e1:9f:ba:90:0b:3e:30:
29:89:91:4f:31:a4:61:a7:4a:a9:48:ca:34:2e:22:99:76:5a:
29:f0:ce:92:f6:bc:42:c5:5c:97:19:6b:df:bf:52:9c:f9:0b:
31:cd:41:a0:60:05:87:9f:5f:e8:53:c9:27:1b:03:bb:af:16:
29:18:bc:2f:65:7c:bc:71:a1:f0:3a:00:2b:c6:87:17:23:f8:
06:c8:44:6c:1f:fa:39:01:eb:00:1d:70:bd:19:bb:ab:d8:49:
e7:54:56:4d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZKe5T8J82APXkqGWF25jTvCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZmNmZmQxMDBkYzAwN2YxYTk2YTQ0MzBlYTg3MjM4OWM1
N2Q2Y2YwHhcNMjQxMDE4MDkxMTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzNiNTk5YzQ2YzQzMjNiOGY3OWQxYTgyMDA3MTNlMDQ4NzNmMWRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5AWgax5+/227XADbqa06PpuzTGhU
yhMCwmmhsv3EDLLxocNCPDKcdEUr4bZiA+ZQsMUu2gF2uvSGR+yrR3+DyYnjHbXJ
qF1eFRdEtlNDRQqAoU8RUObVDMQEFRkoMZUVlPNqKVhGjOBAwQgtE9CzF0Dkr20o
3TICiwu5gVelrWiqYxePGMWBNCtlx06TsB/AbqK5ieE+9ghm1qAzq9cv46FrjBNH
iEl/u6NuIihEvmLgKl+wOmq/xqS7HX2bIjKHhhVp3k9QxoQt+fjwdiNjsmxk12Z5
8wlmWGkerGX2+ZXOsjpgAb7yHFh9Yn5om/UBOKrOqn7JgDXrguaeln9+9wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDw7WZxGxDI7j3nRqCAHE+BIc/HaMB8GA1UdIwQY
MBaAFN38/9EA3AB/GpakQw6ocjicV9bPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2Z6XzBRRGNBSDhhbHFSRERxaHlPSnhYMXM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS8yZmMzNzUtZGExNC00ZjdmLThmYWUt
MTVhNmU3ZGY0NWM5LzEvUER0Wm5FYkVNanVQZWRHb0lBY1Q0RWh6OGRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS8yZmMzNzUtZGExNC00ZjdmLThmYWUtMTVhNmU3ZGY0NWM5
LzEvM2Z6XzBRRGNBSDhhbHFSRERxaHlPSnhYMXM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuXmZAwQA
uXmbMA0GCSqGSIb3DQEBCwUAA4IBAQAPhdl+EilR1jQv8JWND58UXqaAlgp6uWxY
4vv0oax4RxSmimtc270MzcM7dik4Vr5kjb3kBtfJzKkXpcyQcHSSfATypKuyBbtr
iIkesMaoWKxdN4thzBYCGK7EcE6BWx9Yza/FGhf1MXMpaCsnBruO568ajHJZMP2R
m129YupvTXA5+PfVQJy85x1LV89KcZOoaPsbIsAFXex7ouGfupALPjApiZFPMaRh
p0qpSMo0LiKZdlop8M6S9rxCxVyXGWvfv1Kc+QsxzUGgYAWHn1/oU8knGwO7rxYp
GLwvZXy8caHwOgArxocXI/gGyERsH/o5AesAHXC9Gbur2EnnVFZN
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:17:17 2025 by rpki-client