Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/97f917-93f8-405c-9d55-a3c061d8be91/1/pDVmUDWcaRN7Ng8vzqc1QzdKSIc.roa
File: pDVmUDWcaRN7Ng8vzqc1QzdKSIc.roa (raw, json)
Hash identifier: 0sAdHbSXp1c0t8zllBkrXYiNgoIHRb7FBz4QmeMAbSk=
Subject key identifier: A4:35:66:50:35:9C:69:13:7B:36:0F:2F:CE:A7:35:43:37:4A:48:87
Certificate issuer: /CN=01fab8f3d1fb3d2a35c4f67a48f6f6083eaba575
Certificate serial: 0192E283CDB7A059DBBD6DA71307DDF82567
Authority key identifier: 01:FA:B8:F3:D1:FB:3D:2A:35:C4:F6:7A:48:F6:F6:08:3E:AB:A5:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Afq489H7PSo1xPZ6SPb2CD6rpXU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/97f917-93f8-405c-9d55-a3c061d8be91/1/pDVmUDWcaRN7Ng8vzqc1QzdKSIc.roa
Signing time: Thu 31 Oct 2024 12:19:01 +0000
ROA not before: Thu 31 Oct 2024 12:19:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203667
IP address blocks: 185.233.72.0/22 maxlen: 22
2a0c:d700::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 01 Jan 2025 13:48:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:e2:83:cd:b7:a0:59:db:bd:6d:a7:13:07:dd:f8:25:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=01fab8f3d1fb3d2a35c4f67a48f6f6083eaba575
Validity
Not Before: Oct 31 12:19:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a4356650359c69137b360f2fcea73543374a4887
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:7a:06:3f:0a:81:90:44:87:39:cc:50:7b:9d:
72:94:22:4d:f7:78:86:f6:c5:92:3b:10:43:35:ff:
2f:06:8f:d6:91:26:f3:92:a4:1f:73:9f:ef:44:c4:
0d:ca:d1:a9:90:28:42:9f:de:d1:2f:00:0d:44:e9:
2f:c7:19:33:b7:4c:26:58:7a:3d:df:ef:a6:53:0c:
89:5a:b6:30:f5:c3:3a:45:49:16:7a:65:e7:9a:f5:
3e:54:11:7f:48:d2:42:49:b5:da:33:4f:2d:d7:51:
7e:62:02:f6:f8:6a:5f:5a:8d:51:aa:12:ff:78:b5:
3d:f4:ca:55:37:2d:20:89:39:ae:3d:1e:e4:8d:ce:
9b:2c:2a:25:14:ed:bd:4f:fc:b7:91:e6:3a:c7:00:
89:ea:a6:11:74:81:80:ea:27:8d:b3:3d:ed:9b:a6:
d1:0a:cb:c9:3f:71:cd:18:87:10:90:56:5b:57:24:
f0:44:43:58:f5:b0:e6:e9:29:91:66:48:0f:6a:2a:
b7:84:aa:60:0e:c7:75:3c:8b:e7:a3:f2:0c:76:78:
42:8c:81:2f:04:34:a2:d2:cb:1a:0d:72:ea:7b:0b:
f7:03:93:53:87:41:91:4f:91:24:32:58:a3:43:8e:
5f:de:a5:76:de:2d:e8:63:a9:99:06:35:aa:dd:f7:
d7:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:35:66:50:35:9C:69:13:7B:36:0F:2F:CE:A7:35:43:37:4A:48:87
X509v3 Authority Key Identifier:
keyid:01:FA:B8:F3:D1:FB:3D:2A:35:C4:F6:7A:48:F6:F6:08:3E:AB:A5:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Afq489H7PSo1xPZ6SPb2CD6rpXU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/97f917-93f8-405c-9d55-a3c061d8be91/1/pDVmUDWcaRN7Ng8vzqc1QzdKSIc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/97f917-93f8-405c-9d55-a3c061d8be91/1/Afq489H7PSo1xPZ6SPb2CD6rpXU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.233.72.0/22
IPv6:
2a0c:d700::/29
Signature Algorithm: sha256WithRSAEncryption
05:4f:e5:9e:b0:78:45:f3:ca:2a:99:31:66:a5:48:3c:57:16:
a7:3a:b0:35:53:0e:08:0c:01:67:f0:29:4b:19:20:a6:a9:62:
6e:a1:71:37:e9:05:63:96:44:b1:b3:70:63:ec:bd:c5:f8:9f:
cd:d0:4d:6e:44:28:65:2a:9f:5a:aa:fb:f0:aa:28:08:e7:a1:
c8:9f:d1:e3:6e:d8:bb:c1:2d:c3:bb:7b:b8:06:42:51:52:8c:
f7:01:ae:33:c4:6e:61:37:25:b0:0e:d5:29:b0:40:33:2c:92:
0d:ef:02:e7:d8:a8:e9:f9:cb:b1:df:b8:58:84:9c:01:db:81:
fc:55:9c:fb:13:e6:fa:34:fe:53:b3:6b:f3:7f:2f:a8:96:51:
f4:97:b4:49:a5:87:2b:69:8d:11:35:84:d1:b0:be:4e:45:38:
79:4f:fe:44:aa:81:b7:6c:6d:a4:52:85:78:6e:17:4e:60:75:
b4:2b:2b:72:ca:87:64:e2:f7:8a:7a:1f:af:fa:6d:78:d7:00:
bc:ea:df:e9:d1:e0:67:49:4c:e8:16:7c:81:54:c2:54:cb:f4:
5f:7d:af:e6:91:32:38:4b:9d:f3:f7:4a:ee:49:1b:52:95:35:
49:b1:37:1b:36:c0:68:84:b0:4d:35:4a:96:8e:89:19:f1:bc:
f3:5c:da:b2
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZLig823oFnbvW2nEwfd+CVnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxZmFiOGYzZDFmYjNkMmEzNWM0ZjY3YTQ4ZjZmNjA4M2Vh
YmE1NzUwHhcNMjQxMDMxMTIxOTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDM1NjY1MDM1OWM2OTEzN2IzNjBmMmZjZWE3MzU0MzM3NGE0ODg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0HoGPwqBkESHOcxQe51ylCJN93iG
9sWSOxBDNf8vBo/WkSbzkqQfc5/vRMQNytGpkChCn97RLwANROkvxxkzt0wmWHo9
3++mUwyJWrYw9cM6RUkWemXnmvU+VBF/SNJCSbXaM08t11F+YgL2+GpfWo1RqhL/
eLU99MpVNy0giTmuPR7kjc6bLColFO29T/y3keY6xwCJ6qYRdIGA6ieNsz3tm6bR
CsvJP3HNGIcQkFZbVyTwRENY9bDm6SmRZkgPaiq3hKpgDsd1PIvno/IMdnhCjIEv
BDSi0ssaDXLqewv3A5NTh0GRT5EkMlijQ45f3qV23i3oY6mZBjWq3ffX5wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKQ1ZlA1nGkTezYPL86nNUM3SkiHMB8GA1UdIwQY
MBaAFAH6uPPR+z0qNcT2ekj29gg+q6V1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWZxNDg5SDdQU28xeFBaNlNQYjJDRDZycFhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy85N2Y5MTctOTNmOC00MDVjLTlkNTUt
YTNjMDYxZDhiZTkxLzEvcERWbVVEV2NhUk43Tmc4dnpxYzFRemRLU0ljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy85N2Y5MTctOTNmOC00MDVjLTlkNTUtYTNjMDYxZDhiZTkx
LzEvQWZxNDg5SDdQU28xeFBaNlNQYjJDRDZycFhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuelIMA0E
AgACMAcDBQMqDNcAMA0GCSqGSIb3DQEBCwUAA4IBAQAFT+WesHhF88oqmTFmpUg8
VxanOrA1Uw4IDAFn8ClLGSCmqWJuoXE36QVjlkSxs3Bj7L3F+J/N0E1uRChlKp9a
qvvwqigI56HIn9Hjbti7wS3Du3u4BkJRUoz3Aa4zxG5hNyWwDtUpsEAzLJIN7wLn
2Kjp+cux37hYhJwB24H8VZz7E+b6NP5Ts2vzfy+ollH0l7RJpYcraY0RNYTRsL5O
RTh5T/5EqoG3bG2kUoV4bhdOYHW0Kytyyodk4veKeh+v+m141wC86t/p0eBnSUzo
FnyBVMJUy/Rffa/mkTI4S53z90ruSRtSlTVJsTcbNsBohLBNNUqWjokZ8bzzXNqy
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:53:30 2025 by rpki-client