Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/634a12-e58c-455c-8933-6e6e8d9303e9/1/DjY7On3c_V-UHOYS6eDZgyHMk6Q.roa
File: DjY7On3c_V-UHOYS6eDZgyHMk6Q.roa (raw, json)
Hash identifier: seGeVcnTnYoSLWvZ8BGgzpL46OvU4OMiM66GiaDiVlM=
Subject key identifier: 0E:36:3B:3A:7D:DC:FD:5F:94:1C:E6:12:E9:E0:D9:83:21:CC:93:A4
Certificate issuer: /CN=04a2ae2cd094333018c41daafb474c6cfa80d07d
Certificate serial: 018CCA2A5AFA8ED82B150251E32F10DCF103
Authority key identifier: 04:A2:AE:2C:D0:94:33:30:18:C4:1D:AA:FB:47:4C:6C:FA:80:D0:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BKKuLNCUMzAYxB2q-0dMbPqA0H0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/634a12-e58c-455c-8933-6e6e8d9303e9/1/DjY7On3c_V-UHOYS6eDZgyHMk6Q.roa
Signing time: Tue 02 Jan 2024 12:33:42 +0000
ROA not before: Tue 02 Jan 2024 12:33:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12426
IP address blocks: 185.28.144.0/22 maxlen: 22
217.145.192.0/20 maxlen: 20
185.69.48.0/22 maxlen: 22
Validation: Failed, certificate revoked on Fri 06 Sep 2024 07:24:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:5a:fa:8e:d8:2b:15:02:51:e3:2f:10:dc:f1:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=04a2ae2cd094333018c41daafb474c6cfa80d07d
Validity
Not Before: Jan 2 12:33:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0e363b3a7ddcfd5f941ce612e9e0d98321cc93a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:29:e2:74:a9:a0:2f:b9:be:e4:1f:b7:bc:5c:
f2:47:38:ce:05:91:bc:7b:e7:06:39:fa:72:22:b0:
88:36:39:8e:ef:fe:bd:da:f0:35:58:f8:b6:2c:f1:
ee:3b:93:43:f3:6a:07:d6:71:29:8c:0a:e9:7e:c4:
40:3e:f2:4a:3e:c2:b8:4f:33:3c:3e:0b:b4:96:0b:
d0:79:0e:d2:f8:93:92:11:b1:2e:a8:c3:ff:64:63:
66:14:b0:9e:1f:d9:3e:93:55:3b:6e:aa:db:72:7b:
e5:19:59:e4:22:ab:f4:0b:fb:a6:86:11:1c:bf:76:
e9:f0:dd:b4:00:4d:b0:f2:9a:be:ba:e3:de:c8:c5:
43:46:02:a0:d8:81:5a:7d:f7:18:58:19:49:c1:7b:
13:b1:01:94:40:92:39:4b:57:c9:6c:51:42:fa:35:
c2:a7:72:f0:fa:d7:cd:47:58:9e:00:dd:48:f6:9c:
68:8e:43:58:39:b4:07:bb:77:a3:51:ff:4d:e3:1b:
ab:1a:19:a6:e0:44:0c:26:a6:94:e9:f3:ed:33:fa:
80:b2:34:3a:59:a4:b1:08:58:22:b2:18:d4:04:24:
73:1b:8c:fa:e9:91:c9:f4:e5:35:2f:3a:b9:28:d5:
d5:69:c7:76:f3:77:92:c9:2e:ff:24:a2:ee:d6:23:
5c:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:36:3B:3A:7D:DC:FD:5F:94:1C:E6:12:E9:E0:D9:83:21:CC:93:A4
X509v3 Authority Key Identifier:
keyid:04:A2:AE:2C:D0:94:33:30:18:C4:1D:AA:FB:47:4C:6C:FA:80:D0:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BKKuLNCUMzAYxB2q-0dMbPqA0H0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/634a12-e58c-455c-8933-6e6e8d9303e9/1/DjY7On3c_V-UHOYS6eDZgyHMk6Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/634a12-e58c-455c-8933-6e6e8d9303e9/1/BKKuLNCUMzAYxB2q-0dMbPqA0H0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.28.144.0/22
185.69.48.0/22
217.145.192.0/20
Signature Algorithm: sha256WithRSAEncryption
6a:83:42:7d:08:62:9e:d1:92:83:1a:b5:38:d8:d8:f8:43:0a:
e8:f8:11:a8:0e:c6:46:fc:5c:08:c3:42:60:c0:bc:4f:8a:15:
60:45:01:7d:eb:7c:29:8a:d3:1e:94:7c:7b:14:34:72:ba:00:
2f:61:97:b3:05:30:a8:13:62:5e:18:b1:70:2e:2b:79:fb:55:
43:2f:47:81:bd:31:9c:01:14:ee:da:13:25:0a:b1:26:fa:f9:
c7:48:10:a3:f3:27:0f:2c:2e:ee:11:a8:87:d7:f9:28:ad:10:
8e:1e:fe:40:46:f8:59:60:e1:16:b7:68:72:da:af:fb:b1:16:
3e:40:7f:b9:61:75:f8:a0:ea:c0:e3:ea:62:6e:0a:3e:9b:7b:
b0:ae:2c:63:70:79:33:94:37:c8:1b:f3:4b:67:3f:b2:37:7b:
3c:ae:82:e1:65:a0:31:c6:af:a1:a2:c0:da:3a:c0:45:96:c7:
1d:61:af:59:5a:59:01:50:75:31:d5:aa:ac:5c:30:a3:a7:5e:
55:b2:53:c7:98:15:25:7e:8f:5f:54:f7:ef:e3:31:3a:b5:7c:
b8:c4:0a:1f:4a:b5:85:c2:92:6b:1c:6d:4a:a2:1e:5e:22:de:
51:b0:51:5b:e7:34:c2:dd:03:94:a1:bb:34:1f:01:68:e8:d2:
43:7b:55:0f
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzKKlr6jtgrFQJR4y8Q3PEDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0YTJhZTJjZDA5NDMzMzAxOGM0MWRhYWZiNDc0YzZjZmE4
MGQwN2QwHhcNMjQwMTAyMTIzMzQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZTM2M2IzYTdkZGNmZDVmOTQxY2U2MTJlOWUwZDk4MzIxY2M5M2E0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjinidKmgL7m+5B+3vFzyRzjOBZG8
e+cGOfpyIrCINjmO7/692vA1WPi2LPHuO5ND82oH1nEpjArpfsRAPvJKPsK4TzM8
Pgu0lgvQeQ7S+JOSEbEuqMP/ZGNmFLCeH9k+k1U7bqrbcnvlGVnkIqv0C/umhhEc
v3bp8N20AE2w8pq+uuPeyMVDRgKg2IFaffcYWBlJwXsTsQGUQJI5S1fJbFFC+jXC
p3Lw+tfNR1ieAN1I9pxojkNYObQHu3ejUf9N4xurGhmm4EQMJqaU6fPtM/qAsjQ6
WaSxCFgishjUBCRzG4z66ZHJ9OU1Lzq5KNXVacd283eSyS7/JKLu1iNcAQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFA42Ozp93P1flBzmEung2YMhzJOkMB8GA1UdIwQY
MBaAFASirizQlDMwGMQdqvtHTGz6gNB9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQktLdUxOQ1VNekFZeEIycS0wZE1iUHFBMEgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS82MzRhMTItZTU4Yy00NTVjLTg5MzMt
NmU2ZThkOTMwM2U5LzEvRGpZN09uM2NfVi1VSE9ZUzZlRFpneUhNazZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS82MzRhMTItZTU4Yy00NTVjLTg5MzMtNmU2ZThkOTMwM2U5
LzEvQktLdUxOQ1VNekFZeEIycS0wZE1iUHFBMEgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCuRyQAwQC
uUUwAwQE2ZHAMA0GCSqGSIb3DQEBCwUAA4IBAQBqg0J9CGKe0ZKDGrU42Nj4Qwro
+BGoDsZG/FwIw0JgwLxPihVgRQF963wpitMelHx7FDRyugAvYZezBTCoE2JeGLFw
Lit5+1VDL0eBvTGcARTu2hMlCrEm+vnHSBCj8ycPLC7uEaiH1/korRCOHv5ARvhZ
YOEWt2hy2q/7sRY+QH+5YXX4oOrA4+pibgo+m3uwrixjcHkzlDfIG/NLZz+yN3s8
roLhZaAxxq+hosDaOsBFlscdYa9ZWlkBUHUx1aqsXDCjp15VslPHmBUlfo9fVPfv
4zE6tXy4xAofSrWFwpJrHG1Koh5eIt5RsFFb5zTC3QOUobs0HwFo6NJDe1UP
-----END CERTIFICATE-----
Generated at Fri Sep 6 09:29:23 2024 by rpki-client on console-fra.rpki-client.org