Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/DA-KQuAYbfTS-XjXakYBHSKTm9s.roa
File: DA-KQuAYbfTS-XjXakYBHSKTm9s.roa (raw, json)
Hash identifier: /uEFdDnx64QoC+Y7QXstxw49w0X4jAq4kJEDH07volE=
Subject key identifier: 0C:0F:8A:42:E0:18:6D:F4:D2:F9:78:D7:6A:46:01:1D:22:93:9B:DB
Certificate issuer: /CN=253a3b5f51808168c212c094a2baaff38e16464a
Certificate serial: 019270532CB10DFEDF2572F443BC626B5922
Authority key identifier: 25:3A:3B:5F:51:80:81:68:C2:12:C0:94:A2:BA:AF:F3:8E:16:46:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JTo7X1GAgWjCEsCUorqv844WRko.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/DA-KQuAYbfTS-XjXakYBHSKTm9s.roa
Signing time: Wed 09 Oct 2024 08:09:12 +0000
ROA not before: Wed 09 Oct 2024 08:09:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204272
IP address blocks: 194.190.196.0/22 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 07:49:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:70:53:2c:b1:0d:fe:df:25:72:f4:43:bc:62:6b:59:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=253a3b5f51808168c212c094a2baaff38e16464a
Validity
Not Before: Oct 9 08:09:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0c0f8a42e0186df4d2f978d76a46011d22939bdb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:cb:b7:59:29:c9:b7:a5:14:82:7a:73:d1:e1:
88:2b:30:ea:92:25:6b:8b:48:dc:72:db:c0:cc:67:
1f:9d:20:0e:75:48:15:8f:26:e2:79:c8:bd:a6:7b:
6c:f0:d4:74:5d:24:f5:f5:2f:c5:ca:02:0e:3a:6f:
a2:2d:f5:85:7d:6b:11:f4:56:5e:e2:33:8f:bb:f3:
fb:5b:21:4c:ae:29:75:2e:0a:bf:34:65:a1:fd:da:
af:0c:a9:35:9c:5c:f9:f3:14:13:aa:01:14:11:46:
f2:e6:d9:8f:2e:9f:d3:cb:f7:c6:ac:99:db:dd:4c:
91:96:f8:a6:46:db:26:29:54:6a:45:70:e9:e4:a7:
18:cd:c8:35:41:06:7b:fc:a6:1a:69:02:cb:1d:2b:
1f:69:ec:f6:43:16:74:e2:8b:fe:0b:53:cf:c8:06:
cd:b4:e5:1c:dc:e2:54:a3:6a:0e:92:7d:fe:be:3f:
58:70:6a:85:77:1e:a5:80:d4:13:93:95:8e:54:fa:
62:e7:11:b1:d8:2b:ea:5a:ec:93:02:e9:3b:1c:4f:
d0:3a:1e:60:e6:42:28:03:07:46:d8:db:93:04:52:
af:aa:62:f5:35:e9:4f:eb:04:ab:39:8b:ac:71:50:
b2:62:85:c8:86:b1:d5:80:a0:28:a4:6a:d6:65:97:
22:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:0F:8A:42:E0:18:6D:F4:D2:F9:78:D7:6A:46:01:1D:22:93:9B:DB
X509v3 Authority Key Identifier:
keyid:25:3A:3B:5F:51:80:81:68:C2:12:C0:94:A2:BA:AF:F3:8E:16:46:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JTo7X1GAgWjCEsCUorqv844WRko.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/DA-KQuAYbfTS-XjXakYBHSKTm9s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/JTo7X1GAgWjCEsCUorqv844WRko.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.190.196.0/22
Signature Algorithm: sha256WithRSAEncryption
53:c3:60:dd:5d:46:78:1d:cc:32:1c:69:78:68:ef:69:f8:45:
7e:7b:87:ae:74:08:61:42:3c:c7:4c:35:2b:91:6e:92:49:80:
e8:3e:0f:86:73:0f:a0:ea:f8:9c:66:e3:b9:c3:fb:76:ae:b7:
74:b8:93:9a:fb:43:b0:a3:78:1b:85:d8:e7:65:8e:a9:ca:46:
c0:cd:f5:e1:cc:42:52:05:fe:af:61:a3:92:4d:47:c4:4b:d7:
78:40:75:52:62:ea:a1:31:7b:11:10:6f:1a:3d:12:c6:51:b8:
98:90:9d:ce:2a:ac:69:c0:b5:a4:43:c0:f0:64:e1:d9:52:4c:
60:d7:6b:37:8a:a6:6c:2b:d3:25:54:0e:de:f1:ce:b0:e2:5a:
43:66:8c:e4:a7:0c:e2:5e:1d:d8:48:43:3b:bb:07:f2:bd:00:
96:cb:c6:f0:34:35:e5:eb:0a:1d:0a:26:8c:13:25:49:37:9a:
53:4e:b4:c6:64:d1:08:eb:9c:dc:96:ec:b3:cd:21:1c:fc:2c:
41:71:f8:89:c8:55:67:06:13:79:d6:10:66:5d:62:db:20:53:
b6:31:25:1e:fc:f7:9b:c6:91:d5:bc:09:73:40:86:8c:50:8e:
ce:58:cf:11:e3:7f:a6:a9:19:f5:5e:35:e1:e1:7b:a9:a7:f0:
2b:ed:44:ce
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZJwUyyxDf7fJXL0Q7xia1kiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1M2EzYjVmNTE4MDgxNjhjMjEyYzA5NGEyYmFhZmYzOGUx
NjQ2NGEwHhcNMjQxMDA5MDgwOTEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzBmOGE0MmUwMTg2ZGY0ZDJmOTc4ZDc2YTQ2MDExZDIyOTM5YmRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyMu3WSnJt6UUgnpz0eGIKzDqkiVr
i0jcctvAzGcfnSAOdUgVjybieci9pnts8NR0XST19S/FygIOOm+iLfWFfWsR9FZe
4jOPu/P7WyFMril1Lgq/NGWh/dqvDKk1nFz58xQTqgEUEUby5tmPLp/Ty/fGrJnb
3UyRlvimRtsmKVRqRXDp5KcYzcg1QQZ7/KYaaQLLHSsfaez2QxZ04ov+C1PPyAbN
tOUc3OJUo2oOkn3+vj9YcGqFdx6lgNQTk5WOVPpi5xGx2CvqWuyTAuk7HE/QOh5g
5kIoAwdG2NuTBFKvqmL1NelP6wSrOYuscVCyYoXIhrHVgKAopGrWZZciLQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAwPikLgGG300vl412pGAR0ik5vbMB8GA1UdIwQY
MBaAFCU6O19RgIFowhLAlKK6r/OOFkZKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSlRvN1gxR0FnV2pDRXNDVW9ycXY4NDRXUmtvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS85NzQ3NGMtMWRjMi00NjJjLWFhZGQt
OWU5YTFlMDM3MzhlLzEvREEtS1F1QVliZlRTLVhqWGFrWUJIU0tUbTlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS85NzQ3NGMtMWRjMi00NjJjLWFhZGQtOWU5YTFlMDM3Mzhl
LzEvSlRvN1gxR0FnV2pDRXNDVW9ycXY4NDRXUmtvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwr7EMA0G
CSqGSIb3DQEBCwUAA4IBAQBTw2DdXUZ4HcwyHGl4aO9p+EV+e4eudAhhQjzHTDUr
kW6SSYDoPg+Gcw+g6vicZuO5w/t2rrd0uJOa+0Owo3gbhdjnZY6pykbAzfXhzEJS
Bf6vYaOSTUfES9d4QHVSYuqhMXsREG8aPRLGUbiYkJ3OKqxpwLWkQ8DwZOHZUkxg
12s3iqZsK9MlVA7e8c6w4lpDZozkpwziXh3YSEM7uwfyvQCWy8bwNDXl6wodCiaM
EyVJN5pTTrTGZNEI65zcluyzzSEc/CxBcfiJyFVnBhN51hBmXWLbIFO2MSUe/Peb
xpHVvAlzQIaMUI7OWM8R43+mqRn1XjXh4Xupp/Ar7UTO
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:59:22 2025 by rpki-client