Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c6/8c0f0c-19c7-4eaf-96f5-7d40c11a9500/1/DAsJ4WIsZN_oTcLv8NbcFCbUIuc.roa
File: DAsJ4WIsZN_oTcLv8NbcFCbUIuc.roa (raw, json)
Hash identifier: aLKH374p048AfXiT57Md/fOOwpJkfMF1BN51yYYGnbE=
Subject key identifier: 0C:0B:09:E1:62:2C:64:DF:E8:4D:C2:EF:F0:D6:DC:14:26:D4:22:E7
Certificate issuer: /CN=89d3a9145973c79a3e7b95531e3d0df7d28c4a04
Certificate serial: 018CC34894FAD6881F275E3BD8C1B33FA845
Authority key identifier: 89:D3:A9:14:59:73:C7:9A:3E:7B:95:53:1E:3D:0D:F7:D2:8C:4A:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/idOpFFlzx5o-e5VTHj0N99KMSgQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c6/8c0f0c-19c7-4eaf-96f5-7d40c11a9500/1/DAsJ4WIsZN_oTcLv8NbcFCbUIuc.roa
Signing time: Mon 01 Jan 2024 04:29:23 +0000
ROA not before: Mon 01 Jan 2024 04:29:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61124
IP address blocks: 185.13.188.0/22 maxlen: 22
85.193.144.0/20 maxlen: 20
148.252.32.0/19 maxlen: 19
176.123.32.0/20 maxlen: 20
2a03:3ec0::/32 maxlen: 48
Validation: Failed, certificate revoked on Tue 22 Oct 2024 13:39:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:94:fa:d6:88:1f:27:5e:3b:d8:c1:b3:3f:a8:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89d3a9145973c79a3e7b95531e3d0df7d28c4a04
Validity
Not Before: Jan 1 04:29:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0c0b09e1622c64dfe84dc2eff0d6dc1426d422e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:a2:46:e9:56:ec:98:86:cf:4b:a4:ea:a4:9a:
df:fb:1c:aa:ff:f5:c9:3b:f9:c2:6c:5c:d3:b8:ae:
54:bb:84:40:8a:b7:61:75:98:63:68:02:57:19:27:
db:a0:6e:1a:90:74:8e:17:4c:d6:bf:bb:c8:b7:e5:
47:20:5d:04:c4:0e:b3:6d:0e:d8:20:b7:9a:5b:b1:
e1:00:40:36:af:b2:af:49:7d:fd:22:14:98:29:ea:
66:84:b0:a1:93:28:20:27:b0:89:a6:aa:46:95:8f:
a8:0d:06:fa:f5:33:f4:e5:54:fb:12:57:e9:f4:08:
f4:2e:45:74:5a:57:49:75:d6:78:c7:52:50:2d:c7:
8c:a0:3f:c0:24:3f:fe:c4:a0:62:c3:1b:02:d8:1c:
68:80:53:ac:80:f0:1d:b9:0d:71:b4:99:9d:49:45:
e4:d6:96:d3:e5:bb:84:94:1d:b2:93:9f:59:b3:66:
de:11:4f:6e:23:b5:b1:b5:21:17:29:42:5a:ce:60:
77:63:dc:39:a0:f4:32:3b:d3:86:7f:7e:0e:4c:e3:
53:48:f3:f3:79:66:1e:64:31:64:5c:05:76:64:9f:
dd:58:0f:86:4d:db:ad:d1:f9:ad:39:ca:e6:b0:4e:
0b:58:95:56:dc:a5:90:97:8f:a1:04:17:1a:44:b8:
52:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:0B:09:E1:62:2C:64:DF:E8:4D:C2:EF:F0:D6:DC:14:26:D4:22:E7
X509v3 Authority Key Identifier:
keyid:89:D3:A9:14:59:73:C7:9A:3E:7B:95:53:1E:3D:0D:F7:D2:8C:4A:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/idOpFFlzx5o-e5VTHj0N99KMSgQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/8c0f0c-19c7-4eaf-96f5-7d40c11a9500/1/DAsJ4WIsZN_oTcLv8NbcFCbUIuc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/8c0f0c-19c7-4eaf-96f5-7d40c11a9500/1/idOpFFlzx5o-e5VTHj0N99KMSgQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.193.144.0/20
148.252.32.0/19
176.123.32.0/20
185.13.188.0/22
IPv6:
2a03:3ec0::/32
Signature Algorithm: sha256WithRSAEncryption
9b:9e:1f:fe:eb:e4:c1:8e:70:7e:6a:af:30:62:62:6f:f2:ae:
26:29:93:f5:46:46:2b:31:cf:b7:58:4f:b2:a3:0f:27:07:08:
13:47:a5:a1:46:5d:14:93:6a:72:e1:ec:77:62:6b:aa:f7:45:
4c:8f:e1:7c:35:7e:61:b7:c7:7a:f3:6a:fc:61:91:70:88:6e:
8f:69:74:05:88:7f:76:b9:d4:14:d5:33:bd:03:fe:27:94:d3:
75:b8:b4:f7:01:45:94:64:ac:56:6e:76:3e:ab:a2:51:57:3a:
f2:74:79:00:04:8e:f6:68:e7:de:34:d0:f8:62:b2:15:ea:47:
57:e9:f6:86:9a:84:7b:f9:f8:41:54:4c:18:d3:91:33:bc:38:
2d:29:cd:67:f5:17:19:78:4e:1e:78:b4:40:05:fc:9a:fa:70:
43:83:f1:7e:1c:eb:3c:d9:da:6c:46:ad:ce:fc:78:16:f1:1a:
d9:1e:af:93:c4:65:06:45:a4:75:d1:19:d5:ed:dc:45:b8:fa:
0d:c5:b1:7a:89:ed:e7:2b:f0:3a:f4:5a:65:ba:29:5a:8f:dd:
7a:27:d5:33:f6:cd:08:54:a5:bb:4c:bd:ff:2f:61:61:c1:74:
a0:13:8b:3c:5e:28:f9:96:90:2e:43:97:57:36:8d:74:e5:50:
62:98:99:a9
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzDSJT61ogfJ1472MGzP6hFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5ZDNhOTE0NTk3M2M3OWEzZTdiOTU1MzFlM2QwZGY3ZDI4
YzRhMDQwHhcNMjQwMTAxMDQyOTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzBiMDllMTYyMmM2NGRmZTg0ZGMyZWZmMGQ2ZGMxNDI2ZDQyMmU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhqJG6VbsmIbPS6TqpJrf+xyq//XJ
O/nCbFzTuK5Uu4RAirdhdZhjaAJXGSfboG4akHSOF0zWv7vIt+VHIF0ExA6zbQ7Y
ILeaW7HhAEA2r7KvSX39IhSYKepmhLChkyggJ7CJpqpGlY+oDQb69TP05VT7Elfp
9Aj0LkV0WldJddZ4x1JQLceMoD/AJD/+xKBiwxsC2BxogFOsgPAduQ1xtJmdSUXk
1pbT5buElB2yk59Zs2beEU9uI7WxtSEXKUJazmB3Y9w5oPQyO9OGf34OTONTSPPz
eWYeZDFkXAV2ZJ/dWA+GTdut0fmtOcrmsE4LWJVW3KWQl4+hBBcaRLhS0wIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFAwLCeFiLGTf6E3C7/DW3BQm1CLnMB8GA1UdIwQY
MBaAFInTqRRZc8eaPnuVUx49DffSjEoEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWRPcEZGbHp4NW8tZTVWVEhqME45OUtNU2dRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNi84YzBmMGMtMTljNy00ZWFmLTk2ZjUt
N2Q0MGMxMWE5NTAwLzEvREFzSjRXSXNaTl9vVGNMdjhOYmNGQ2JVSXVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNi84YzBmMGMtMTljNy00ZWFmLTk2ZjUtN2Q0MGMxMWE5NTAw
LzEvaWRPcEZGbHp4NW8tZTVWVEhqME45OUtNU2dRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQEVcGQAwQF
lPwgAwQEsHsgAwQCuQ28MA0EAgACMAcDBQAqAz7AMA0GCSqGSIb3DQEBCwUAA4IB
AQCbnh/+6+TBjnB+aq8wYmJv8q4mKZP1RkYrMc+3WE+yow8nBwgTR6WhRl0Uk2py
4ex3Ymuq90VMj+F8NX5ht8d682r8YZFwiG6PaXQFiH92udQU1TO9A/4nlNN1uLT3
AUWUZKxWbnY+q6JRVzrydHkABI72aOfeNND4YrIV6kdX6faGmoR7+fhBVEwY05Ez
vDgtKc1n9RcZeE4eeLRABfya+nBDg/F+HOs82dpsRq3O/HgW8RrZHq+TxGUGRaR1
0RnV7dxFuPoNxbF6ie3nK/A69Fpluilaj916J9Uz9s0IVKW7TL3/L2FhwXSgE4s8
Xij5lpAuQ5dXNo105VBimJmp
-----END CERTIFICATE-----
Generated at Sun Apr 20 04:14:51 2025 by rpki-client