Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/6ef23e-99ba-4c69-92e3-6bb7080409b4/1/dgo-TxTjRLaR6GUujA1pI5Y6j4s.roa
File: dgo-TxTjRLaR6GUujA1pI5Y6j4s.roa (raw, json)
Hash identifier: BAP+ozcRBETR+bjceVisJN7OKxr37zVeHbxNSzHwRQs=
Subject key identifier: 76:0A:3E:4F:14:E3:44:B6:91:E8:65:2E:8C:0D:69:23:96:3A:8F:8B
Certificate issuer: /CN=4fb3a8a4a0d8c5ae01a9695b041ed2c6d0296a9e
Certificate serial: 018CC64A69C93520E641D423F8693ECE60F4
Authority key identifier: 4F:B3:A8:A4:A0:D8:C5:AE:01:A9:69:5B:04:1E:D2:C6:D0:29:6A:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T7OopKDYxa4BqWlbBB7SxtApap4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/6ef23e-99ba-4c69-92e3-6bb7080409b4/1/dgo-TxTjRLaR6GUujA1pI5Y6j4s.roa
Signing time: Mon 01 Jan 2024 18:30:14 +0000
ROA not before: Mon 01 Jan 2024 18:30:14 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56970
IP address blocks: 176.124.56.0/24 maxlen: 24
176.124.57.0/24 maxlen: 24
2a0e:fa40:1::/48 maxlen: 48
2a0e:fa40::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 03:49:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4a:69:c9:35:20:e6:41:d4:23:f8:69:3e:ce:60:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fb3a8a4a0d8c5ae01a9695b041ed2c6d0296a9e
Validity
Not Before: Jan 1 18:30:14 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=760a3e4f14e344b691e8652e8c0d6923963a8f8b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:b6:93:dc:6e:47:16:04:87:5e:c4:50:fc:77:
f0:70:9d:c8:1c:33:50:5b:13:3b:60:f5:e8:8c:d4:
08:bd:46:26:6a:55:b8:bd:d8:7f:ec:4c:7b:b4:e6:
52:9b:98:78:0d:9e:3e:c6:1e:a1:65:10:4e:e8:31:
b7:53:f4:af:00:58:e4:97:19:93:ee:fd:f6:ec:21:
e1:b5:a6:ce:50:9e:57:7f:8f:3f:36:9d:63:c2:02:
2f:95:ec:d0:d3:3d:2b:ed:ce:90:a6:4d:51:5d:12:
83:01:44:46:1e:8c:53:7a:ef:75:5d:dc:a2:7a:fe:
fe:8f:b8:ee:7e:6d:68:8a:6c:57:84:99:a7:94:e4:
88:7b:48:fa:7e:65:5a:4d:b7:82:9e:a3:fb:26:f5:
36:e2:4e:a2:67:a3:99:e5:05:76:2f:7e:45:53:07:
18:06:4b:63:ed:79:0e:f8:c3:90:66:91:0a:01:a2:
e1:dd:5e:1d:d8:04:02:a1:8f:43:72:db:9b:bc:35:
ef:a4:2e:1b:8b:de:57:42:c8:50:2f:44:48:54:18:
68:97:35:a9:97:25:e1:d0:19:6e:c3:73:2a:d1:e9:
20:1a:de:74:ad:6f:44:bc:20:72:de:72:09:cb:7d:
d0:0e:5d:b2:0f:eb:8f:b5:c7:d8:8b:a6:1e:df:ab:
ca:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:0A:3E:4F:14:E3:44:B6:91:E8:65:2E:8C:0D:69:23:96:3A:8F:8B
X509v3 Authority Key Identifier:
keyid:4F:B3:A8:A4:A0:D8:C5:AE:01:A9:69:5B:04:1E:D2:C6:D0:29:6A:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T7OopKDYxa4BqWlbBB7SxtApap4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/6ef23e-99ba-4c69-92e3-6bb7080409b4/1/dgo-TxTjRLaR6GUujA1pI5Y6j4s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/6ef23e-99ba-4c69-92e3-6bb7080409b4/1/T7OopKDYxa4BqWlbBB7SxtApap4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.124.56.0/23
IPv6:
2a0e:fa40::/47
Signature Algorithm: sha256WithRSAEncryption
b2:2f:5e:35:cd:13:29:62:bf:68:c8:40:2e:29:d9:3c:69:b6:
ce:b8:ff:37:eb:54:92:e2:b6:f7:07:d0:d6:a9:10:ee:80:41:
c4:70:6f:ba:fc:91:ee:f3:e7:d9:de:ec:5c:39:49:8c:ad:81:
80:80:c9:15:2e:6a:1a:79:1e:61:94:37:d1:bd:fb:92:fc:47:
ee:04:f8:4e:f6:f6:30:c5:54:2b:fb:f2:34:2e:4f:b1:15:d4:
2b:6b:eb:bc:9b:88:87:42:8a:d2:9f:1d:6f:a5:23:26:b4:e8:
0a:c1:1c:91:cb:7a:33:19:1f:5c:56:eb:fb:15:88:9b:a6:ce:
bf:58:d5:3a:b1:81:b7:bf:45:f4:cf:99:6c:61:d7:06:e5:2f:
91:69:b0:f8:fd:b0:7c:d7:a3:69:5d:82:e5:7c:97:70:24:91:
aa:04:fd:36:b2:76:e2:15:6a:8e:c1:7e:9e:12:84:52:f9:22:
be:f8:e1:7a:2b:52:6c:b1:00:40:03:47:1f:d1:8e:85:29:38:
b1:85:ed:b7:ed:a0:fe:90:2e:16:67:33:57:f5:72:15:61:65:
e4:00:5b:91:37:05:ae:47:f0:44:b2:a7:74:ff:02:fd:91:1b:
75:fe:d4:18:b7:5b:87:7e:93:1d:cb:d6:1d:9e:a3:6a:29:4a:
8e:02:95:db
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzGSmnJNSDmQdQj+Gk+zmD0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYjNhOGE0YTBkOGM1YWUwMWE5Njk1YjA0MWVkMmM2ZDAy
OTZhOWUwHhcNMjQwMTAxMTgzMDE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NjBhM2U0ZjE0ZTM0NGI2OTFlODY1MmU4YzBkNjkyMzk2M2E4ZjhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn7aT3G5HFgSHXsRQ/HfwcJ3IHDNQ
WxM7YPXojNQIvUYmalW4vdh/7Ex7tOZSm5h4DZ4+xh6hZRBO6DG3U/SvAFjklxmT
7v327CHhtabOUJ5Xf48/Np1jwgIvlezQ0z0r7c6Qpk1RXRKDAURGHoxTeu91Xdyi
ev7+j7jufm1oimxXhJmnlOSIe0j6fmVaTbeCnqP7JvU24k6iZ6OZ5QV2L35FUwcY
Bktj7XkO+MOQZpEKAaLh3V4d2AQCoY9DctubvDXvpC4bi95XQshQL0RIVBholzWp
lyXh0Bluw3Mq0ekgGt50rW9EvCBy3nIJy33QDl2yD+uPtcfYi6Ye36vKDwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHYKPk8U40S2kehlLowNaSOWOo+LMB8GA1UdIwQY
MBaAFE+zqKSg2MWuAalpWwQe0sbQKWqeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDdPb3BLRFl4YTRCcVdsYkJCN1N4dEFwYXA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi82ZWYyM2UtOTliYS00YzY5LTkyZTMt
NmJiNzA4MDQwOWI0LzEvZGdvLVR4VGpSTGFSNkdVdWpBMXBJNVk2ajRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi82ZWYyM2UtOTliYS00YzY5LTkyZTMtNmJiNzA4MDQwOWI0
LzEvVDdPb3BLRFl4YTRCcVdsYkJCN1N4dEFwYXA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBsHw4MA8E
AgACMAkDBwEqDvpAAAAwDQYJKoZIhvcNAQELBQADggEBALIvXjXNEyliv2jIQC4p
2Txpts64/zfrVJLitvcH0NapEO6AQcRwb7r8ke7z59ne7Fw5SYytgYCAyRUuahp5
HmGUN9G9+5L8R+4E+E729jDFVCv78jQuT7EV1Ctr67ybiIdCitKfHW+lIya06ArB
HJHLejMZH1xW6/sViJumzr9Y1Tqxgbe/RfTPmWxh1wblL5FpsPj9sHzXo2ldguV8
l3AkkaoE/TayduIVao7Bfp4ShFL5Ir744XorUmyxAEADRx/RjoUpOLGF7bftoP6Q
LhZnM1f1chVhZeQAW5E3Ba5H8ESyp3T/Av2RG3X+1Bi3W4d+kx3L1h2eo2opSo4C
lds=
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:06:06 2025 by rpki-client