Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/797057-278a-4f73-80a1-4dce4f3ea13e/1/dvhI30-iQRKr-U1gZSqlvBrrC-A.roa
File: dvhI30-iQRKr-U1gZSqlvBrrC-A.roa (raw, json)
Hash identifier: JrYv65qk6AFeTY48g2OV5VsYJKYm+BxIa5lAUzL37Bk=
Subject key identifier: 76:F8:48:DF:4F:A2:41:12:AB:F9:4D:60:65:2A:A5:BC:1A:EB:0B:E0
Certificate issuer: /CN=3ea14842d877e27bc4068b981fe74aeb8bee7e73
Certificate serial: 018CC5012821798BE9FB9B2A4B93C991A9FD
Authority key identifier: 3E:A1:48:42:D8:77:E2:7B:C4:06:8B:98:1F:E7:4A:EB:8B:EE:7E:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PqFIQth34nvEBouYH-dK64vufnM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/797057-278a-4f73-80a1-4dce4f3ea13e/1/dvhI30-iQRKr-U1gZSqlvBrrC-A.roa
Signing time: Mon 01 Jan 2024 12:30:36 +0000
ROA not before: Mon 01 Jan 2024 12:30:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199837
IP address blocks: 185.128.148.0/22 maxlen: 24
185.44.212.0/22 maxlen: 24
2a06:cfc0::/29 maxlen: 29
2a04:9f00::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 01 Jan 2025 09:48:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:28:21:79:8b:e9:fb:9b:2a:4b:93:c9:91:a9:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ea14842d877e27bc4068b981fe74aeb8bee7e73
Validity
Not Before: Jan 1 12:30:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=76f848df4fa24112abf94d60652aa5bc1aeb0be0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:01:72:a1:bc:03:de:c8:4f:f2:bc:a7:62:51:
2d:74:74:a4:6f:9e:e9:bb:b5:44:83:0b:ed:87:fa:
2b:bf:ba:2b:28:d4:5d:91:96:01:ec:a7:8b:3f:ad:
90:56:a2:69:f9:ac:a5:5e:ad:e0:69:f9:ad:39:9b:
05:d2:01:a8:b7:41:07:10:00:66:7a:e0:28:90:10:
88:43:6f:33:ca:ad:d9:10:a9:82:44:66:31:3b:96:
12:2e:57:f5:0d:05:88:b1:6c:fb:43:6b:6e:6e:52:
4d:91:c5:43:ba:7a:ab:64:fc:62:88:3e:e5:e4:db:
20:3d:07:cf:f3:30:17:aa:a6:9d:e5:10:40:7d:58:
8c:a6:ee:fc:d7:72:c0:57:5c:3f:1a:44:a2:b7:70:
ad:ae:12:ba:c4:f3:ff:4e:b6:e7:e1:18:d4:2d:39:
31:89:72:b4:43:7f:ca:5a:75:a4:cd:9a:09:f6:03:
59:f7:24:69:00:4c:4d:54:f7:54:f8:2b:0b:8b:15:
00:f1:a4:c4:66:01:61:9e:56:bf:a3:05:cb:63:95:
5c:3d:f6:43:21:a2:e8:a6:41:8b:ad:3d:cf:d3:69:
c2:bd:36:2a:77:45:e0:81:19:df:37:50:07:c4:f5:
d1:8f:03:eb:6a:b9:b0:53:8a:05:04:09:3f:3d:22:
f9:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:F8:48:DF:4F:A2:41:12:AB:F9:4D:60:65:2A:A5:BC:1A:EB:0B:E0
X509v3 Authority Key Identifier:
keyid:3E:A1:48:42:D8:77:E2:7B:C4:06:8B:98:1F:E7:4A:EB:8B:EE:7E:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PqFIQth34nvEBouYH-dK64vufnM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/797057-278a-4f73-80a1-4dce4f3ea13e/1/dvhI30-iQRKr-U1gZSqlvBrrC-A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/797057-278a-4f73-80a1-4dce4f3ea13e/1/PqFIQth34nvEBouYH-dK64vufnM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.44.212.0/22
185.128.148.0/22
IPv6:
2a04:9f00::/29
2a06:cfc0::/29
Signature Algorithm: sha256WithRSAEncryption
86:ae:c0:6f:84:b5:56:cd:dc:f5:b3:1c:a2:f1:17:ac:2b:4a:
ad:ad:15:bf:2c:1a:d5:f4:55:47:bb:1e:03:f3:37:c0:df:c6:
2e:1f:31:42:51:66:75:8c:3b:51:5d:0a:8a:72:ce:3c:2b:a2:
f9:1d:d1:24:2f:7a:36:cf:fd:1b:f9:43:2f:a3:f4:86:e2:c6:
bd:36:3e:a3:bc:5b:1e:43:73:8e:cc:c8:69:b6:cb:c4:ee:c8:
d2:eb:5a:25:f0:61:24:8a:88:db:7c:d9:8b:de:64:d1:0c:ad:
22:43:b3:c1:9d:fa:b4:d0:a7:dc:83:e6:89:21:fa:2f:ad:90:
33:b2:f6:da:ab:05:c8:12:f3:83:c4:e2:37:d7:45:16:16:7c:
63:5a:23:94:24:da:3d:1b:7a:cd:0f:90:5a:24:9c:f9:ef:c5:
4b:db:28:11:23:d0:a0:54:de:61:88:a6:b3:94:f0:f6:b2:67:
12:58:65:87:73:18:8d:ac:d0:53:eb:0a:49:6e:eb:45:7e:8b:
4a:65:51:52:8c:b1:f2:88:c4:6d:54:b2:3e:d8:38:dd:cf:41:
60:8e:4f:41:ed:c5:ee:a0:60:ed:92:e3:2f:54:86:4b:d8:e5:
a2:ad:d7:68:38:0f:1e:d1:3f:0b:94:59:19:e1:63:26:40:34:
72:97:76:25
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYzFASgheYvp+5sqS5PJkan9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlYTE0ODQyZDg3N2UyN2JjNDA2OGI5ODFmZTc0YWViOGJl
ZTdlNzMwHhcNMjQwMTAxMTIzMDM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NmY4NDhkZjRmYTI0MTEyYWJmOTRkNjA2NTJhYTViYzFhZWIwYmUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzQFyobwD3shP8rynYlEtdHSkb57p
u7VEgwvth/orv7orKNRdkZYB7KeLP62QVqJp+aylXq3gafmtOZsF0gGot0EHEABm
euAokBCIQ28zyq3ZEKmCRGYxO5YSLlf1DQWIsWz7Q2tublJNkcVDunqrZPxiiD7l
5NsgPQfP8zAXqqad5RBAfViMpu7813LAV1w/GkSit3CtrhK6xPP/Trbn4RjULTkx
iXK0Q3/KWnWkzZoJ9gNZ9yRpAExNVPdU+CsLixUA8aTEZgFhnla/owXLY5VcPfZD
IaLopkGLrT3P02nCvTYqd0XggRnfN1AHxPXRjwPrarmwU4oFBAk/PSL5BQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFHb4SN9PokESq/lNYGUqpbwa6wvgMB8GA1UdIwQY
MBaAFD6hSELYd+J7xAaLmB/nSuuL7n5zMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHFGSVF0aDM0bnZFQm91WUgtZEs2NHZ1Zm5NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC83OTcwNTctMjc4YS00ZjczLTgwYTEt
NGRjZTRmM2VhMTNlLzEvZHZoSTMwLWlRUktyLVUxZ1pTcWx2QnJyQy1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC83OTcwNTctMjc4YS00ZjczLTgwYTEtNGRjZTRmM2VhMTNl
LzEvUHFGSVF0aDM0bnZFQm91WUgtZEs2NHZ1Zm5NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQCuSzUAwQC
uYCUMBQEAgACMA4DBQMqBJ8AAwUDKgbPwDANBgkqhkiG9w0BAQsFAAOCAQEAhq7A
b4S1Vs3c9bMcovEXrCtKra0Vvywa1fRVR7seA/M3wN/GLh8xQlFmdYw7UV0KinLO
PCui+R3RJC96Ns/9G/lDL6P0huLGvTY+o7xbHkNzjszIabbLxO7I0utaJfBhJIqI
23zZi95k0QytIkOzwZ36tNCn3IPmiSH6L62QM7L22qsFyBLzg8TiN9dFFhZ8Y1oj
lCTaPRt6zQ+QWiSc+e/FS9soESPQoFTeYYims5Tw9rJnElhlh3MYjazQU+sKSW7r
RX6LSmVRUoyx8ojEbVSyPtg43c9BYI5PQe3F7qBg7ZLjL1SGS9jloq3XaDgPHtE/
C5RZGeFjJkA0cpd2JQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:25:31 2025 by rpki-client