Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/487c15-6f6f-407f-949f-a8e4e71bee51/1/DFBaIfpnBbuuj5UB4g4acv-Tab0.roa
File: DFBaIfpnBbuuj5UB4g4acv-Tab0.roa (raw, json)
Hash identifier: G7OApVznU63p7pSD/g/niiIvsgMlLkLuA4E0pMm5woY=
Subject key identifier: 0C:50:5A:21:FA:67:05:BB:AE:8F:95:01:E2:0E:1A:72:FF:93:69:BD
Certificate issuer: /CN=42c4c90ed16aa20e49178420bfc84a883c12ac68
Certificate serial: 018CC94BD71A3B38432345482AFA2D28BD47
Authority key identifier: 42:C4:C9:0E:D1:6A:A2:0E:49:17:84:20:BF:C8:4A:88:3C:12:AC:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QsTJDtFqog5JF4Qgv8hKiDwSrGg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ce/487c15-6f6f-407f-949f-a8e4e71bee51/1/DFBaIfpnBbuuj5UB4g4acv-Tab0.roa
Signing time: Tue 02 Jan 2024 08:30:39 +0000
ROA not before: Tue 02 Jan 2024 08:30:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212388
IP address blocks: 185.206.71.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 15:48:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4b:d7:1a:3b:38:43:23:45:48:2a:fa:2d:28:bd:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=42c4c90ed16aa20e49178420bfc84a883c12ac68
Validity
Not Before: Jan 2 08:30:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0c505a21fa6705bbae8f9501e20e1a72ff9369bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:1f:44:5e:97:c4:92:04:6e:5f:fe:db:d8:e2:
6d:dc:bc:ad:60:c5:9e:46:8c:6d:ae:ca:b6:c7:e7:
0f:1f:3e:da:f5:5f:d5:c3:88:e7:87:fa:47:a2:ca:
ab:c7:25:2b:00:00:c8:96:01:6a:c8:5e:83:b0:45:
4d:a3:50:7a:ea:f8:bf:7d:a7:f8:13:71:86:9c:90:
04:45:ef:49:53:93:c7:b0:ee:f8:29:4f:02:52:b5:
c7:f9:a0:c8:07:97:27:e6:55:4c:1f:b0:d6:20:15:
d5:38:7a:09:c9:2e:b6:9a:4f:55:74:d1:a1:30:58:
ad:8a:7f:60:6f:68:7c:6d:c3:32:10:f8:f4:b1:83:
50:4a:bf:e9:96:38:c1:4a:d6:50:20:92:2e:cc:54:
a4:6a:fd:3f:8b:7f:7b:96:2c:6d:e1:48:17:ae:04:
53:01:80:ee:3a:96:ca:db:fe:dc:93:17:6c:df:3a:
99:39:44:3f:c8:22:a3:dc:5f:45:02:72:4d:f4:b3:
28:15:fd:26:3a:68:f3:72:be:75:ea:df:60:f6:9b:
56:3f:f3:b8:21:ef:b8:9a:0f:e7:bf:dd:39:47:f0:
c7:5b:8f:c6:12:41:ea:28:70:a5:72:41:26:ac:01:
60:e4:05:e1:ad:c1:06:33:0a:01:68:8b:65:39:b6:
4d:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:50:5A:21:FA:67:05:BB:AE:8F:95:01:E2:0E:1A:72:FF:93:69:BD
X509v3 Authority Key Identifier:
keyid:42:C4:C9:0E:D1:6A:A2:0E:49:17:84:20:BF:C8:4A:88:3C:12:AC:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QsTJDtFqog5JF4Qgv8hKiDwSrGg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/487c15-6f6f-407f-949f-a8e4e71bee51/1/DFBaIfpnBbuuj5UB4g4acv-Tab0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/487c15-6f6f-407f-949f-a8e4e71bee51/1/QsTJDtFqog5JF4Qgv8hKiDwSrGg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.206.71.0/24
Signature Algorithm: sha256WithRSAEncryption
0b:ad:1f:01:b5:a9:25:fd:e8:6b:23:97:bc:2c:48:97:cd:1b:
b9:56:8b:36:60:3d:30:01:3d:47:64:ec:92:a6:97:e7:01:07:
98:be:6d:d9:f7:91:79:a5:78:48:e5:5f:d2:63:62:8a:6e:d8:
fd:ea:4d:d6:9c:f4:2a:04:db:19:6b:58:2c:51:bd:f2:9b:14:
85:83:3e:d1:54:9c:c8:1f:0c:ca:71:3f:4e:ab:5c:ae:e4:18:
47:88:2f:6f:1f:8e:55:2d:59:46:17:4d:b6:ed:26:01:5b:15:
ac:f5:25:c4:10:52:a4:cb:69:12:af:ec:4b:91:48:2b:72:1e:
76:c7:f1:55:93:53:18:04:c4:2a:43:58:a9:92:47:c7:10:47:
01:e2:fd:f1:8a:5b:fe:cf:94:f6:73:43:99:8a:f1:2e:65:43:
0e:bf:22:ca:50:bf:76:ab:52:17:08:a7:b2:a0:e8:ac:49:91:
18:51:29:4f:3b:30:d1:fb:ca:34:eb:70:8d:09:df:35:17:45:
c8:0f:9a:27:4b:c9:3a:2d:c0:4e:12:9b:d9:0f:78:de:d4:ad:
7c:06:bb:69:00:51:b7:66:0f:19:17:d8:dc:f9:4a:b0:88:d2:
71:cc:64:35:5c:04:36:d2:e0:b6:55:1e:fe:73:48:57:1a:ba:
f0:1d:20:dc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJS9caOzhDI0VIKvotKL1HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyYzRjOTBlZDE2YWEyMGU0OTE3ODQyMGJmYzg0YTg4M2Mx
MmFjNjgwHhcNMjQwMTAyMDgzMDM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzUwNWEyMWZhNjcwNWJiYWU4Zjk1MDFlMjBlMWE3MmZmOTM2OWJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjx9EXpfEkgRuX/7b2OJt3LytYMWe
Roxtrsq2x+cPHz7a9V/Vw4jnh/pHosqrxyUrAADIlgFqyF6DsEVNo1B66vi/faf4
E3GGnJAERe9JU5PHsO74KU8CUrXH+aDIB5cn5lVMH7DWIBXVOHoJyS62mk9VdNGh
MFitin9gb2h8bcMyEPj0sYNQSr/pljjBStZQIJIuzFSkav0/i397lixt4UgXrgRT
AYDuOpbK2/7ckxds3zqZOUQ/yCKj3F9FAnJN9LMoFf0mOmjzcr516t9g9ptWP/O4
Ie+4mg/nv905R/DHW4/GEkHqKHClckEmrAFg5AXhrcEGMwoBaItlObZNZwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAxQWiH6ZwW7ro+VAeIOGnL/k2m9MB8GA1UdIwQY
MBaAFELEyQ7RaqIOSReEIL/ISog8EqxoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXNUSkR0RnFvZzVKRjRRZ3Y4aEtpRHdTckdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS80ODdjMTUtNmY2Zi00MDdmLTk0OWYt
YThlNGU3MWJlZTUxLzEvREZCYUlmcG5CYnV1ajVVQjRnNGFjdi1UYWIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS80ODdjMTUtNmY2Zi00MDdmLTk0OWYtYThlNGU3MWJlZTUx
LzEvUXNUSkR0RnFvZzVKRjRRZ3Y4aEtpRHdTckdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuc5HMA0G
CSqGSIb3DQEBCwUAA4IBAQALrR8Btakl/ehrI5e8LEiXzRu5Vos2YD0wAT1HZOyS
ppfnAQeYvm3Z95F5pXhI5V/SY2KKbtj96k3WnPQqBNsZa1gsUb3ymxSFgz7RVJzI
HwzKcT9Oq1yu5BhHiC9vH45VLVlGF0227SYBWxWs9SXEEFKky2kSr+xLkUgrch52
x/FVk1MYBMQqQ1ipkkfHEEcB4v3xilv+z5T2c0OZivEuZUMOvyLKUL92q1IXCKey
oOisSZEYUSlPOzDR+8o063CNCd81F0XID5onS8k6LcBOEpvZD3je1K18BrtpAFG3
Zg8ZF9jc+UqwiNJxzGQ1XAQ20uC2VR7+c0hXGrrwHSDc
-----END CERTIFICATE-----
Generated at Sat Apr 12 18:29:52 2025 by rpki-client