Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/706fa8-52a2-4ed2-a2e1-04e4e4dc5fba/1/dPuXrhWEtVNvhodi-3I_wc0dH-w.roa
File: dPuXrhWEtVNvhodi-3I_wc0dH-w.roa (raw, json)
Hash identifier: qWwqXExrtqmRuH4tKW5eF+YvAfmeP02KgYnEPejAdxY=
Subject key identifier: 74:FB:97:AE:15:84:B5:53:6F:86:87:62:FB:72:3F:C1:CD:1D:1F:EC
Certificate issuer: /CN=b2df00f38cced92197993076cb3685bf32bc5e69
Certificate serial: 01922D6AAD24BC9D20141995297BE5EBECDE
Authority key identifier: B2:DF:00:F3:8C:CE:D9:21:97:99:30:76:CB:36:85:BF:32:BC:5E:69
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/st8A84zO2SGXmTB2yzaFvzK8Xmk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/706fa8-52a2-4ed2-a2e1-04e4e4dc5fba/1/dPuXrhWEtVNvhodi-3I_wc0dH-w.roa
Signing time: Thu 26 Sep 2024 08:20:18 +0000
ROA not before: Thu 26 Sep 2024 08:20:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 28941
IP address blocks: 185.103.112.0/22 maxlen: 22
185.103.112.0/24 maxlen: 24
185.103.113.0/24 maxlen: 24
185.103.114.0/24 maxlen: 24
185.103.115.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 27 Sep 2024 08:13:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:2d:6a:ad:24:bc:9d:20:14:19:95:29:7b:e5:eb:ec:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2df00f38cced92197993076cb3685bf32bc5e69
Validity
Not Before: Sep 26 08:20:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=74fb97ae1584b5536f868762fb723fc1cd1d1fec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f7:de:cc:92:5e:24:d2:ee:61:c4:9c:ff:53:ef:
6a:50:27:cb:52:58:31:90:11:3b:15:c5:c7:10:84:
31:0d:a9:d5:a7:25:8a:a4:10:81:43:93:74:e8:72:
b0:2d:94:31:71:0a:e4:15:3c:3b:cc:42:84:c2:15:
05:b5:3b:bc:4f:06:4e:8f:cd:f5:43:36:96:f8:22:
ec:85:09:51:e6:da:0c:05:07:d6:97:79:1d:7c:d9:
b4:5f:8f:0e:56:2e:9b:22:f8:1c:a9:5a:ef:4c:93:
6e:14:71:a2:1a:34:db:d0:65:2a:4d:47:e9:05:b1:
de:26:2c:7d:37:ab:21:99:f4:fd:e3:4c:ed:eb:98:
03:c9:01:2f:38:59:a3:ea:62:84:5b:1a:8d:75:d5:
e1:ca:f0:c2:5a:0e:c3:04:44:c0:a1:09:d3:a3:24:
e1:bc:cb:2e:0d:eb:a1:02:3f:c6:26:ba:df:27:db:
98:18:76:78:b2:36:a9:4e:53:3e:16:92:9a:60:33:
c6:8d:a7:d3:a8:53:dc:15:85:c8:34:d4:2d:0e:d5:
0b:19:c5:b4:ff:b3:0c:03:f2:f0:ca:4e:86:14:61:
ac:52:de:ec:50:1f:94:c5:c4:a0:12:b7:48:75:64:
2d:5e:82:0a:45:2f:74:7f:4d:97:bc:f0:6a:32:48:
81:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:FB:97:AE:15:84:B5:53:6F:86:87:62:FB:72:3F:C1:CD:1D:1F:EC
X509v3 Authority Key Identifier:
keyid:B2:DF:00:F3:8C:CE:D9:21:97:99:30:76:CB:36:85:BF:32:BC:5E:69
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/st8A84zO2SGXmTB2yzaFvzK8Xmk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/706fa8-52a2-4ed2-a2e1-04e4e4dc5fba/1/dPuXrhWEtVNvhodi-3I_wc0dH-w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/706fa8-52a2-4ed2-a2e1-04e4e4dc5fba/1/st8A84zO2SGXmTB2yzaFvzK8Xmk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.103.112.0/22
Signature Algorithm: sha256WithRSAEncryption
68:e4:1c:d3:b6:0f:02:37:76:78:04:01:cd:62:0c:ca:65:73:
37:25:b8:57:cf:bd:48:01:60:43:b0:96:ec:e6:16:ac:c5:1f:
2c:3f:cd:a5:e9:f2:5f:9e:49:6b:fe:72:fa:71:8f:66:59:be:
d3:c3:04:b9:3a:a3:9e:c0:f6:4a:ab:24:2f:e4:0f:04:a0:04:
53:7a:25:45:0e:32:36:7f:47:a9:98:9d:08:0d:1b:b0:b0:58:
be:be:45:94:72:52:7f:ff:33:72:98:3c:d1:dc:83:a1:a1:b2:
fb:d5:89:be:89:4c:0e:82:91:d7:5b:29:ca:c5:06:49:82:03:
3a:74:70:d7:14:24:73:96:4b:14:fb:ec:df:63:93:ad:fd:99:
02:29:bb:59:e5:cb:9f:64:a6:22:2d:1a:7f:56:13:22:99:2c:
58:6e:9f:fe:ed:ee:de:46:2a:2e:b4:87:2b:9a:a7:de:95:0d:
df:bf:b2:52:91:8e:26:f3:9e:25:3d:c5:0a:29:41:1a:fa:b2:
d8:e8:cb:61:bb:da:a3:2e:39:82:05:76:09:f4:7b:6d:ab:d3:
2a:da:14:cf:e2:2c:c6:13:ea:fc:1a:ef:ce:5f:dc:fe:09:16:
7b:95:f9:23:bc:f5:6f:4e:04:04:7b:6b:18:35:4f:69:4c:e9:
2f:6a:2d:52
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZItaq0kvJ0gFBmVKXvl6+zeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyZGYwMGYzOGNjZWQ5MjE5Nzk5MzA3NmNiMzY4NWJmMzJi
YzVlNjkwHhcNMjQwOTI2MDgyMDE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NGZiOTdhZTE1ODRiNTUzNmY4Njg3NjJmYjcyM2ZjMWNkMWQxZmVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA997Mkl4k0u5hxJz/U+9qUCfLUlgx
kBE7FcXHEIQxDanVpyWKpBCBQ5N06HKwLZQxcQrkFTw7zEKEwhUFtTu8TwZOj831
QzaW+CLshQlR5toMBQfWl3kdfNm0X48OVi6bIvgcqVrvTJNuFHGiGjTb0GUqTUfp
BbHeJix9N6shmfT940zt65gDyQEvOFmj6mKEWxqNddXhyvDCWg7DBETAoQnToyTh
vMsuDeuhAj/GJrrfJ9uYGHZ4sjapTlM+FpKaYDPGjafTqFPcFYXINNQtDtULGcW0
/7MMA/Lwyk6GFGGsUt7sUB+UxcSgErdIdWQtXoIKRS90f02XvPBqMkiBRwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHT7l64VhLVTb4aHYvtyP8HNHR/sMB8GA1UdIwQY
MBaAFLLfAPOMztkhl5kwdss2hb8yvF5pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3Q4QTg0ek8yU0dYbVRCMnl6YUZ2eks4WG1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi83MDZmYTgtNTJhMi00ZWQyLWEyZTEt
MDRlNGU0ZGM1ZmJhLzEvZFB1WHJoV0V0Vk52aG9kaS0zSV93YzBkSC13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi83MDZmYTgtNTJhMi00ZWQyLWEyZTEtMDRlNGU0ZGM1ZmJh
LzEvc3Q4QTg0ek8yU0dYbVRCMnl6YUZ2eks4WG1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuWdwMA0G
CSqGSIb3DQEBCwUAA4IBAQBo5BzTtg8CN3Z4BAHNYgzKZXM3JbhXz71IAWBDsJbs
5hasxR8sP82l6fJfnklr/nL6cY9mWb7TwwS5OqOewPZKqyQv5A8EoARTeiVFDjI2
f0epmJ0IDRuwsFi+vkWUclJ//zNymDzR3IOhobL71Ym+iUwOgpHXWynKxQZJggM6
dHDXFCRzlksU++zfY5Ot/ZkCKbtZ5cufZKYiLRp/VhMimSxYbp/+7e7eRioutIcr
mqfelQ3fv7JSkY4m854lPcUKKUEa+rLY6Mthu9qjLjmCBXYJ9Httq9Mq2hTP4izG
E+r8Gu/OX9z+CRZ7lfkjvPVvTgQEe2sYNU9pTOkvai1S
-----END CERTIFICATE-----
Generated at Fri Sep 27 09:46:39 2024 by rpki-client on console-fra.rpki-client.org