Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/136b3f-459e-4a96-a4ab-3b990878a52b/1/DAM9NVA7WyTV1SujcvxJY6mL7Uk.roa
File: DAM9NVA7WyTV1SujcvxJY6mL7Uk.roa (raw, json)
Hash identifier: AawYJof5+wUw3EyV7+3qkztSMUlofSMgbcx9DVSRXXo=
Subject key identifier: 0C:03:3D:35:50:3B:5B:24:D5:D5:2B:A3:72:FC:49:63:A9:8B:ED:49
Certificate issuer: /CN=d0ccd09a54bfa63141997cd653b77bc99392ef62
Certificate serial: 018CC6B7CF90078E4D91F91F20941A6AEFD4
Authority key identifier: D0:CC:D0:9A:54:BF:A6:31:41:99:7C:D6:53:B7:7B:C9:93:92:EF:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0MzQmlS_pjFBmXzWU7d7yZOS72I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/136b3f-459e-4a96-a4ab-3b990878a52b/1/DAM9NVA7WyTV1SujcvxJY6mL7Uk.roa
Signing time: Mon 01 Jan 2024 20:29:44 +0000
ROA not before: Mon 01 Jan 2024 20:29:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51896
IP address blocks: 89.17.128.0/19 maxlen: 19
31.209.136.0/21 maxlen: 21
185.191.232.0/22 maxlen: 22
46.22.96.0/24 maxlen: 24
46.22.96.0/20 maxlen: 20
2a00:5000::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 02 Jan 2025 01:49:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b7:cf:90:07:8e:4d:91:f9:1f:20:94:1a:6a:ef:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d0ccd09a54bfa63141997cd653b77bc99392ef62
Validity
Not Before: Jan 1 20:29:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0c033d35503b5b24d5d52ba372fc4963a98bed49
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:11:5c:22:50:95:e0:04:97:91:4a:f1:c9:3c:
e6:84:85:62:c9:86:3e:d2:f9:8c:bb:a6:82:27:6f:
8f:9a:b0:89:62:88:ab:c2:fd:21:be:d6:f0:18:4a:
b2:d4:1a:20:57:6e:a8:9e:0e:68:2c:09:d6:f1:29:
e2:a8:12:a9:f0:98:89:05:c5:d8:39:0a:77:92:73:
cc:53:a6:1f:28:20:da:71:b3:de:fe:d7:3a:7a:47:
11:95:8b:76:6c:a0:78:1e:0d:44:32:ae:d9:44:ce:
05:00:29:a2:99:56:a8:74:f0:26:54:d7:bf:f4:14:
2d:83:3f:aa:9f:6a:99:a1:b4:08:78:39:60:7b:2c:
fc:ba:2c:11:8d:69:e9:45:34:07:63:a3:63:b1:fa:
6b:95:21:7e:be:fa:37:71:e2:ac:33:62:fa:7e:ed:
aa:d2:92:12:82:e8:9f:ec:b2:65:7d:d1:ec:f8:30:
33:4e:f3:52:f4:64:96:b5:63:52:9f:ac:eb:fc:e7:
90:ee:fa:a2:ac:93:76:c0:e8:50:8d:2f:7a:75:69:
b6:dd:74:15:9a:bf:39:53:42:c1:89:d7:6c:22:bd:
32:f9:3d:a9:e5:f8:15:a3:f7:c2:67:12:fa:6e:9b:
01:24:bb:df:a8:80:be:e3:71:f7:29:d4:46:50:97:
a9:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:03:3D:35:50:3B:5B:24:D5:D5:2B:A3:72:FC:49:63:A9:8B:ED:49
X509v3 Authority Key Identifier:
keyid:D0:CC:D0:9A:54:BF:A6:31:41:99:7C:D6:53:B7:7B:C9:93:92:EF:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0MzQmlS_pjFBmXzWU7d7yZOS72I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/136b3f-459e-4a96-a4ab-3b990878a52b/1/DAM9NVA7WyTV1SujcvxJY6mL7Uk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/136b3f-459e-4a96-a4ab-3b990878a52b/1/0MzQmlS_pjFBmXzWU7d7yZOS72I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.209.136.0/21
46.22.96.0/20
89.17.128.0/19
185.191.232.0/22
IPv6:
2a00:5000::/29
Signature Algorithm: sha256WithRSAEncryption
30:7a:5a:8d:89:be:06:46:45:ae:f9:b5:db:b1:d3:63:14:04:
5f:52:97:70:70:60:b8:b5:12:a3:bd:32:3f:41:10:b3:51:aa:
dc:ca:bf:7e:7d:e5:26:87:11:20:55:b0:5d:42:17:5c:f5:85:
85:af:89:4b:84:49:ef:b3:ac:17:df:15:c8:a4:75:5e:c6:d3:
e1:3e:a1:39:d8:83:ca:e8:d0:a6:68:28:4f:7c:9c:e6:8d:83:
e2:85:5b:ec:73:9d:86:bc:ee:d2:61:34:a0:cf:15:64:05:68:
c8:f5:73:c0:c3:74:82:4f:b8:96:6a:fc:0d:9b:d8:70:4e:59:
de:f2:28:5c:e5:99:77:eb:a0:f7:86:23:6e:94:6f:8f:31:f0:
a2:d8:07:15:52:d4:54:26:49:38:74:77:61:94:82:2c:71:93:
33:b3:2f:4c:d5:32:dd:c2:35:0e:39:48:5d:a4:67:52:a1:b8:
0f:ea:68:d4:8f:19:dd:6f:a5:ce:70:a0:b5:c2:09:56:37:59:
99:6b:14:ed:11:be:b4:d0:3b:f6:96:11:e5:1d:26:4f:d3:31:
03:61:6c:01:ab:56:3a:fa:b4:3c:18:9b:11:d7:84:73:ae:73:
84:57:ec:3b:36:56:3c:63:89:c4:fd:e2:66:6f:ed:e6:db:37:
df:b7:f1:50
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzGt8+QB45NkfkfIJQaau/UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwY2NkMDlhNTRiZmE2MzE0MTk5N2NkNjUzYjc3YmM5OTM5
MmVmNjIwHhcNMjQwMTAxMjAyOTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzAzM2QzNTUwM2I1YjI0ZDVkNTJiYTM3MmZjNDk2M2E5OGJlZDQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiBFcIlCV4ASXkUrxyTzmhIViyYY+
0vmMu6aCJ2+PmrCJYoirwv0hvtbwGEqy1BogV26ong5oLAnW8SniqBKp8JiJBcXY
OQp3knPMU6YfKCDacbPe/tc6ekcRlYt2bKB4Hg1EMq7ZRM4FACmimVaodPAmVNe/
9BQtgz+qn2qZobQIeDlgeyz8uiwRjWnpRTQHY6NjsfprlSF+vvo3ceKsM2L6fu2q
0pISguif7LJlfdHs+DAzTvNS9GSWtWNSn6zr/OeQ7vqirJN2wOhQjS96dWm23XQV
mr85U0LBiddsIr0y+T2p5fgVo/fCZxL6bpsBJLvfqIC+43H3KdRGUJepIQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFAwDPTVQO1sk1dUro3L8SWOpi+1JMB8GA1UdIwQY
MBaAFNDM0JpUv6YxQZl81lO3e8mTku9iMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvME16UW1sU19wakZCbVh6V1U3ZDd5Wk9TNzJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC8xMzZiM2YtNDU5ZS00YTk2LWE0YWIt
M2I5OTA4NzhhNTJiLzEvREFNOU5WQTdXeVRWMVN1amN2eEpZNm1MN1VrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC8xMzZiM2YtNDU5ZS00YTk2LWE0YWItM2I5OTA4NzhhNTJi
LzEvME16UW1sU19wakZCbVh6V1U3ZDd5Wk9TNzJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQDH9GIAwQE
LhZgAwQFWRGAAwQCub/oMA0EAgACMAcDBQMqAFAAMA0GCSqGSIb3DQEBCwUAA4IB
AQAwelqNib4GRkWu+bXbsdNjFARfUpdwcGC4tRKjvTI/QRCzUarcyr9+feUmhxEg
VbBdQhdc9YWFr4lLhEnvs6wX3xXIpHVextPhPqE52IPK6NCmaChPfJzmjYPihVvs
c52GvO7SYTSgzxVkBWjI9XPAw3SCT7iWavwNm9hwTlne8ihc5Zl366D3hiNulG+P
MfCi2AcVUtRUJkk4dHdhlIIscZMzsy9M1TLdwjUOOUhdpGdSobgP6mjUjxndb6XO
cKC1wglWN1mZaxTtEb600Dv2lhHlHSZP0zEDYWwBq1Y6+rQ8GJsR14RzrnOEV+w7
NlY8Y4nE/eJmb+3m2zfft/FQ
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:24:51 2025 by rpki-client