Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/a214a5-4449-44af-87ff-c967c9db5752/1/DOMB3NefoLeOAabLVx1Qm6-nqOU.roa
File: DOMB3NefoLeOAabLVx1Qm6-nqOU.roa (raw, json)
Hash identifier: V3Oh9uWBYFjlKoVlOWJ5WH8JuWZChVnJYYXgreq5nyY=
Subject key identifier: 0C:E3:01:DC:D7:9F:A0:B7:8E:01:A6:CB:57:1D:50:9B:AF:A7:A8:E5
Certificate issuer: /CN=7bf39e6eb3131ecf3cddcd0c9e378c352da41fc2
Certificate serial: 018E5607F38976685EE7492C5462A5C3E0FB
Authority key identifier: 7B:F3:9E:6E:B3:13:1E:CF:3C:DD:CD:0C:9E:37:8C:35:2D:A4:1F:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e_OebrMTHs883c0MnjeMNS2kH8I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/a214a5-4449-44af-87ff-c967c9db5752/1/DOMB3NefoLeOAabLVx1Qm6-nqOU.roa
Signing time: Tue 19 Mar 2024 09:25:45 +0000
ROA not before: Tue 19 Mar 2024 09:25:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43930
IP address blocks: 185.108.32.0/22 maxlen: 24
185.108.33.0/24 maxlen: 24
185.108.34.0/24 maxlen: 24
185.194.164.0/23 maxlen: 23
185.194.164.0/24 maxlen: 24
185.194.165.0/24 maxlen: 24
193.57.128.0/22 maxlen: 22
193.57.128.0/23 maxlen: 23
2a02:c800::/32 maxlen: 32
2a02:c800:42::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 19:48:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:56:07:f3:89:76:68:5e:e7:49:2c:54:62:a5:c3:e0:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7bf39e6eb3131ecf3cddcd0c9e378c352da41fc2
Validity
Not Before: Mar 19 09:25:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0ce301dcd79fa0b78e01a6cb571d509bafa7a8e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:43:bd:ff:77:be:27:11:c7:85:49:c6:f7:df:
b9:f3:94:78:8e:2b:91:b9:fe:c8:63:bf:fd:7c:28:
29:65:02:38:bc:d3:7f:50:98:8f:0d:9a:f8:94:2e:
0b:84:eb:e0:89:79:11:b7:90:cb:c6:1a:a9:b1:05:
4c:70:54:47:b1:14:cc:24:ee:22:32:70:6d:3d:02:
bd:67:5d:15:d9:2b:d3:aa:8f:53:ce:60:03:35:ae:
c3:57:41:95:3e:89:68:b3:f3:ae:4a:20:4b:99:f1:
22:6c:88:33:35:af:81:df:78:2e:12:16:48:a5:f6:
f1:73:b9:93:ae:28:41:07:78:cd:42:58:1b:40:20:
ea:00:b5:55:6f:29:5f:ee:aa:6c:5e:ef:38:01:da:
36:22:d2:09:5c:90:ae:0f:60:35:ba:29:19:c9:31:
df:f1:fc:43:0d:ba:e9:2a:15:77:d0:e9:75:41:cc:
6e:f4:5b:b9:00:d1:02:c0:8f:89:6f:f1:33:29:50:
f7:b9:da:e2:20:b3:ca:f9:35:d0:3b:e2:49:9f:ae:
95:bf:f4:f8:1a:2e:ab:43:9c:81:5e:9a:de:e4:8b:
a6:05:5c:07:79:40:eb:d8:b1:bd:0b:0a:2b:49:fa:
09:25:db:b5:6d:a3:6d:af:69:9a:c9:ac:af:80:aa:
38:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:E3:01:DC:D7:9F:A0:B7:8E:01:A6:CB:57:1D:50:9B:AF:A7:A8:E5
X509v3 Authority Key Identifier:
keyid:7B:F3:9E:6E:B3:13:1E:CF:3C:DD:CD:0C:9E:37:8C:35:2D:A4:1F:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e_OebrMTHs883c0MnjeMNS2kH8I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/a214a5-4449-44af-87ff-c967c9db5752/1/DOMB3NefoLeOAabLVx1Qm6-nqOU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/a214a5-4449-44af-87ff-c967c9db5752/1/e_OebrMTHs883c0MnjeMNS2kH8I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.108.32.0/22
185.194.164.0/23
193.57.128.0/22
IPv6:
2a02:c800::/32
Signature Algorithm: sha256WithRSAEncryption
72:60:01:76:b1:2f:80:d9:49:42:2d:05:9c:48:bc:aa:91:5d:
0b:c6:24:df:16:c5:9e:01:7c:5e:7f:66:35:05:cd:4c:91:ad:
97:70:35:25:b7:77:f2:fe:8b:64:1b:83:f9:57:4b:fc:19:aa:
1f:50:a5:e0:dd:b1:37:25:ac:b5:21:7e:5a:00:b0:03:6e:24:
d9:82:a4:c9:ae:52:58:68:6f:b8:9f:8a:e6:d9:77:91:0f:50:
dd:8f:d5:12:10:73:2a:17:d2:dd:d6:92:b2:32:51:74:ad:eb:
5d:37:6f:0d:30:03:7d:e3:9c:35:f8:8f:a4:59:53:c6:8d:88:
cc:10:b6:da:aa:16:5a:8e:e3:1d:e3:21:49:c2:98:c7:89:e8:
67:22:10:82:f4:a9:fe:1f:12:f3:aa:12:2c:bf:76:b2:7a:6b:
fd:15:25:b9:72:cf:e8:41:fe:6b:ad:0b:05:5b:db:1f:34:96:
be:3e:02:3b:62:3a:37:7f:46:0c:b4:8a:0c:ff:ed:2a:30:4b:
ee:98:70:05:e2:61:8e:d8:aa:9e:0a:8e:9d:a3:69:8d:80:db:
78:a4:32:f7:9d:53:45:eb:5e:eb:61:b3:40:2a:a4:86:40:e3:
88:16:98:95:09:0e:95:11:14:ee:47:fd:61:45:6d:c4:dd:5c:
c5:c5:36:83
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAY5WB/OJdmhe50ksVGKlw+D7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiZjM5ZTZlYjMxMzFlY2YzY2RkY2QwYzllMzc4YzM1MmRh
NDFmYzIwHhcNMjQwMzE5MDkyNTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwY2UzMDFkY2Q3OWZhMGI3OGUwMWE2Y2I1NzFkNTA5YmFmYTdhOGU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAokO9/3e+JxHHhUnG99+585R4jiuR
uf7IY7/9fCgpZQI4vNN/UJiPDZr4lC4LhOvgiXkRt5DLxhqpsQVMcFRHsRTMJO4i
MnBtPQK9Z10V2SvTqo9TzmADNa7DV0GVPolos/OuSiBLmfEibIgzNa+B33guEhZI
pfbxc7mTrihBB3jNQlgbQCDqALVVbylf7qpsXu84Ado2ItIJXJCuD2A1uikZyTHf
8fxDDbrpKhV30Ol1Qcxu9Fu5ANECwI+Jb/EzKVD3udriILPK+TXQO+JJn66Vv/T4
Gi6rQ5yBXpre5IumBVwHeUDr2LG9CworSfoJJdu1baNtr2mayayvgKo4hQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFAzjAdzXn6C3jgGmy1cdUJuvp6jlMB8GA1UdIwQY
MBaAFHvznm6zEx7PPN3NDJ43jDUtpB/CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZV9PZWJyTVRIczg4M2MwTW5qZU1OUzJrSDhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy9hMjE0YTUtNDQ0OS00NGFmLTg3ZmYt
Yzk2N2M5ZGI1NzUyLzEvRE9NQjNOZWZvTGVPQWFiTFZ4MVFtNi1ucU9VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy9hMjE0YTUtNDQ0OS00NGFmLTg3ZmYtYzk2N2M5ZGI1NzUy
LzEvZV9PZWJyTVRIczg4M2MwTW5qZU1OUzJrSDhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCuWwgAwQB
ucKkAwQCwTmAMA0EAgACMAcDBQAqAsgAMA0GCSqGSIb3DQEBCwUAA4IBAQByYAF2
sS+A2UlCLQWcSLyqkV0LxiTfFsWeAXxef2Y1Bc1Mka2XcDUlt3fy/otkG4P5V0v8
GaofUKXg3bE3Jay1IX5aALADbiTZgqTJrlJYaG+4n4rm2XeRD1Ddj9USEHMqF9Ld
1pKyMlF0retdN28NMAN945w1+I+kWVPGjYjMELbaqhZajuMd4yFJwpjHiehnIhCC
9Kn+HxLzqhIsv3ayemv9FSW5cs/oQf5rrQsFW9sfNJa+PgI7Yjo3f0YMtIoM/+0q
MEvumHAF4mGO2KqeCo6do2mNgNt4pDL3nVNF617rYbNAKqSGQOOIFpiVCQ6VERTu
R/1hRW3E3VzFxTaD
-----END CERTIFICATE-----
Generated at Mon Apr 21 22:22:09 2025 by rpki-client