Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/04292f-f104-417c-acda-571af066cf1e/1/dpW4jDgkjGy40AfY8kpCCGRYbHk.roa
File: dpW4jDgkjGy40AfY8kpCCGRYbHk.roa (raw, json)
Hash identifier: bADB+zDjbXkpUfN+d1ev9sJPDpdbAwd54eMa4jb4TRk=
Subject key identifier: 76:95:B8:8C:38:24:8C:6C:B8:D0:07:D8:F2:4A:42:08:64:58:6C:79
Certificate issuer: /CN=574e25a16e5d3aa110ac5e8335f88f63e54b42f1
Certificate serial: 018CC2DB1162F1A2CD323743A63A17798BF4
Authority key identifier: 57:4E:25:A1:6E:5D:3A:A1:10:AC:5E:83:35:F8:8F:63:E5:4B:42:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V04loW5dOqEQrF6DNfiPY-VLQvE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/04292f-f104-417c-acda-571af066cf1e/1/dpW4jDgkjGy40AfY8kpCCGRYbHk.roa
Signing time: Mon 01 Jan 2024 02:29:45 +0000
ROA not before: Mon 01 Jan 2024 02:29:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202214
IP address blocks: 185.50.64.0/23 maxlen: 24
185.50.66.0/23 maxlen: 24
185.50.65.0/24 maxlen: 24
185.50.67.0/24 maxlen: 24
2a01:a6a0::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 05 Mar 2024 09:49:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:11:62:f1:a2:cd:32:37:43:a6:3a:17:79:8b:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=574e25a16e5d3aa110ac5e8335f88f63e54b42f1
Validity
Not Before: Jan 1 02:29:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7695b88c38248c6cb8d007d8f24a420864586c79
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:77:e7:db:d4:43:16:c3:9c:6a:0b:00:d1:4b:
d5:4c:9c:96:2a:25:93:a1:a8:18:cc:1a:fd:b1:74:
5b:8c:f6:f9:8a:02:c4:98:dc:2d:d0:38:9f:38:2d:
72:b0:0a:c3:34:cf:c3:64:3f:2e:86:1e:28:11:8a:
34:06:54:3d:5c:86:7e:82:fa:62:66:d7:fa:7e:80:
c0:6e:68:53:86:20:69:cb:e8:d9:1b:80:d8:a6:f0:
a5:4e:72:f5:81:a1:d4:21:7c:a7:03:07:4a:4e:7f:
82:67:62:50:29:26:a8:ec:a1:0d:2e:39:5f:1e:78:
d4:35:e7:ea:2c:2b:69:ec:20:f9:83:d7:f7:54:2d:
b1:85:74:f9:3c:b7:3e:66:05:e6:aa:40:cb:20:ae:
f5:4c:5c:89:fa:4d:6b:19:8f:97:c6:96:43:e6:49:
5a:88:94:ca:d8:94:98:7d:02:16:ae:01:5e:27:4a:
8b:1a:3d:08:9e:fd:4b:a3:bb:96:39:b3:04:87:03:
8c:ce:0d:68:82:8e:52:ba:57:bb:16:4b:3d:5d:7e:
6e:10:ab:09:51:7a:6d:ae:7f:11:54:9d:7d:28:a4:
b5:cd:40:71:e2:20:6e:99:95:c0:3e:25:c1:df:64:
26:85:24:39:65:a5:6d:a4:cf:93:ed:7e:9d:eb:39:
88:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:95:B8:8C:38:24:8C:6C:B8:D0:07:D8:F2:4A:42:08:64:58:6C:79
X509v3 Authority Key Identifier:
keyid:57:4E:25:A1:6E:5D:3A:A1:10:AC:5E:83:35:F8:8F:63:E5:4B:42:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V04loW5dOqEQrF6DNfiPY-VLQvE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/04292f-f104-417c-acda-571af066cf1e/1/dpW4jDgkjGy40AfY8kpCCGRYbHk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/04292f-f104-417c-acda-571af066cf1e/1/V04loW5dOqEQrF6DNfiPY-VLQvE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.50.64.0/22
IPv6:
2a01:a6a0::/32
Signature Algorithm: sha256WithRSAEncryption
81:f0:5a:d7:15:95:40:1b:05:73:47:28:30:a8:76:be:57:98:
9f:17:0d:f0:e1:36:ee:2c:c8:62:48:bb:fd:8f:08:69:00:1c:
90:d7:ff:21:37:8d:77:7e:b5:47:ef:0a:26:fc:45:ff:b8:af:
74:59:5a:ae:20:a6:79:93:22:81:8d:8d:ff:e2:1a:c0:45:52:
39:4d:42:63:17:f9:6d:98:13:94:7e:62:e4:5f:5c:10:35:b8:
57:4a:e6:d7:e6:a9:f4:f1:5c:17:5f:03:40:2b:49:a2:af:e0:
71:31:bc:28:e5:c5:4c:e2:35:8a:82:8e:9a:35:2e:89:a8:9a:
83:56:d5:fa:4c:0c:f5:5f:4d:91:c5:f6:19:2f:03:33:91:d9:
d5:28:a4:17:b7:ab:67:59:69:dc:8e:36:48:96:71:cf:6c:13:
c6:f5:33:20:b6:20:05:93:92:f1:db:19:3e:80:a3:0f:ff:7b:
e7:8e:59:cf:da:d0:7d:a2:ea:c5:d5:1b:1a:c8:c6:e5:7a:37:
e1:8d:61:4f:c8:f9:8a:e7:3c:a4:89:55:86:22:1f:96:98:56:
b7:96:20:90:58:40:d8:50:40:d8:8d:e6:c6:28:0e:cc:63:20:
f5:11:ec:03:8d:3e:58:49:76:56:35:96:22:83:51:e1:97:cb:
68:69:14:b3
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzC2xFi8aLNMjdDpjoXeYv0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3NGUyNWExNmU1ZDNhYTExMGFjNWU4MzM1Zjg4ZjYzZTU0
YjQyZjEwHhcNMjQwMTAxMDIyOTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Njk1Yjg4YzM4MjQ4YzZjYjhkMDA3ZDhmMjRhNDIwODY0NTg2Yzc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnnfn29RDFsOcagsA0UvVTJyWKiWT
oagYzBr9sXRbjPb5igLEmNwt0DifOC1ysArDNM/DZD8uhh4oEYo0BlQ9XIZ+gvpi
Ztf6foDAbmhThiBpy+jZG4DYpvClTnL1gaHUIXynAwdKTn+CZ2JQKSao7KENLjlf
HnjUNefqLCtp7CD5g9f3VC2xhXT5PLc+ZgXmqkDLIK71TFyJ+k1rGY+XxpZD5kla
iJTK2JSYfQIWrgFeJ0qLGj0Inv1Lo7uWObMEhwOMzg1ogo5Sule7Fks9XX5uEKsJ
UXptrn8RVJ19KKS1zUBx4iBumZXAPiXB32QmhSQ5ZaVtpM+T7X6d6zmIAwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFHaVuIw4JIxsuNAH2PJKQghkWGx5MB8GA1UdIwQY
MBaAFFdOJaFuXTqhEKxegzX4j2PlS0LxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjA0bG9XNWRPcUVRckY2RE5maVBZLVZMUXZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC8wNDI5MmYtZjEwNC00MTdjLWFjZGEt
NTcxYWYwNjZjZjFlLzEvZHBXNGpEZ2tqR3k0MEFmWThrcENDR1JZYkhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC8wNDI5MmYtZjEwNC00MTdjLWFjZGEtNTcxYWYwNjZjZjFl
LzEvVjA0bG9XNWRPcUVRckY2RE5maVBZLVZMUXZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuTJAMA0E
AgACMAcDBQAqAaagMA0GCSqGSIb3DQEBCwUAA4IBAQCB8FrXFZVAGwVzRygwqHa+
V5ifFw3w4TbuLMhiSLv9jwhpAByQ1/8hN413frVH7wom/EX/uK90WVquIKZ5kyKB
jY3/4hrARVI5TUJjF/ltmBOUfmLkX1wQNbhXSubX5qn08VwXXwNAK0mir+BxMbwo
5cVM4jWKgo6aNS6JqJqDVtX6TAz1X02RxfYZLwMzkdnVKKQXt6tnWWncjjZIlnHP
bBPG9TMgtiAFk5Lx2xk+gKMP/3vnjlnP2tB9ourF1RsayMblejfhjWFPyPmK5zyk
iVWGIh+WmFa3liCQWEDYUEDYjebGKA7MYyD1EewDjT5YSXZWNZYig1Hhl8toaRSz
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:16 2024 by rpki-client on console-fra.rpki-client.org