Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/D0QdKXGsV9D73Yj6dW-zjk0RfX4.roa
File: D0QdKXGsV9D73Yj6dW-zjk0RfX4.roa (raw, json)
Hash identifier: I/ENWDBsZ4rcgPCVNbAcN5ZPsTbfgDSScZ3mmagsTkg=
Subject key identifier: 0F:44:1D:29:71:AC:57:D0:FB:DD:88:FA:75:6F:B3:8E:4D:11:7D:7E
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 018E97DCFA5AF75F2508AF80031633948265
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/D0QdKXGsV9D73Yj6dW-zjk0RfX4.roa
Signing time: Mon 01 Apr 2024 04:13:45 +0000
ROA not before: Mon 01 Apr 2024 04:13:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 134176
IP address blocks: 79.174.20.0/24 maxlen: 32
85.209.254.0/24 maxlen: 32
185.190.81.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 21 Jun 2024 15:20:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:97:dc:fa:5a:f7:5f:25:08:af:80:03:16:33:94:82:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Apr 1 04:13:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0f441d2971ac57d0fbdd88fa756fb38e4d117d7e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:7b:42:13:5e:30:73:45:bd:12:a2:b2:ef:50:
e4:0e:4f:48:4b:cb:01:97:ad:45:7a:55:07:16:78:
55:ad:80:1e:3e:8d:59:ab:dd:70:39:0c:be:ae:f5:
c5:f6:39:90:4b:58:91:89:15:29:a9:36:a6:f2:4b:
f0:65:fb:3f:f0:06:19:05:69:6e:23:6c:dd:f3:0a:
33:00:d5:ec:c7:a1:6d:65:7d:6f:20:6b:01:34:4f:
b9:38:09:a8:94:62:f4:f6:31:67:1a:67:e7:3f:64:
18:69:f4:b3:7a:32:dd:2b:5c:12:4d:e8:e5:cf:8f:
23:a5:97:c3:a4:de:8c:1f:87:54:b1:52:27:95:2d:
5c:cd:d5:d8:61:54:0f:b2:8e:56:9e:7c:55:62:19:
1f:46:c1:e0:5e:3a:ed:80:b6:16:bf:6a:fe:6f:f3:
1f:4f:29:c5:5a:8d:a3:de:2e:5f:a1:cd:7b:61:b3:
cd:48:7d:59:c3:47:bb:d3:ff:0c:29:21:69:a3:55:
8e:40:22:78:52:bc:31:98:47:19:41:91:10:dd:05:
34:cb:36:56:10:28:c2:68:82:e4:f2:ee:48:ad:6a:
75:d0:96:c7:cb:cb:5c:ef:5e:ad:44:9d:cd:03:35:
48:27:ff:e8:13:f4:35:9c:e1:5d:03:25:a1:34:89:
ae:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:44:1D:29:71:AC:57:D0:FB:DD:88:FA:75:6F:B3:8E:4D:11:7D:7E
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/D0QdKXGsV9D73Yj6dW-zjk0RfX4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.174.20.0/24
85.209.254.0/24
185.190.81.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:07:87:39:83:e0:97:ae:ec:09:2d:ba:6d:35:7e:80:e6:50:
fa:73:47:d7:09:65:09:41:ba:f5:44:51:31:76:68:15:bd:46:
40:c1:d3:6b:f1:fe:93:2e:12:f8:5f:fa:96:9a:bc:f5:1d:e5:
41:f7:b8:7e:94:72:a8:54:f0:f0:06:a9:b0:ab:25:f2:53:f3:
8e:52:6f:bd:d8:87:94:83:fa:37:7e:22:0e:97:ae:66:d0:8f:
da:df:3b:76:7b:41:2d:d2:bd:d5:ef:a1:0b:8a:5f:4b:9f:49:
eb:10:fb:53:09:6f:5f:1a:a6:d3:dd:2d:f1:e6:a3:19:43:01:
71:65:66:da:78:aa:40:07:9d:0f:16:a4:b1:a0:42:1e:97:15:
5c:cd:67:0f:99:d0:c3:f7:c5:d1:c9:d1:7a:14:85:37:19:e6:
a2:b8:76:fa:40:35:ce:65:13:47:3f:14:2b:4a:74:df:49:67:
b4:8b:60:52:99:1d:f1:73:6c:b7:fa:2a:bf:07:c5:14:6b:2d:
8f:ea:7f:f3:19:2c:1f:26:a8:f7:82:6d:96:ec:c8:a9:8d:e4:
f5:c7:9b:7a:e5:a2:11:44:d2:c0:94:6c:74:a5:40:12:5e:74:
fb:c6:e2:b8:13:1f:9f:9d:02:b2:40:bf:95:7a:c0:20:a7:6a:
74:93:f4:7f
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY6X3Ppa918lCK+AAxYzlIJlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjOGZkMWE4YWU1OTk2YzFlNTY5MmMxYThjNDJiZmU5YzNi
YTU3NDUwHhcNMjQwNDAxMDQxMzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjQ0MWQyOTcxYWM1N2QwZmJkZDg4ZmE3NTZmYjM4ZTRkMTE3ZDdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnXtCE14wc0W9EqKy71DkDk9IS8sB
l61FelUHFnhVrYAePo1Zq91wOQy+rvXF9jmQS1iRiRUpqTam8kvwZfs/8AYZBWlu
I2zd8wozANXsx6FtZX1vIGsBNE+5OAmolGL09jFnGmfnP2QYafSzejLdK1wSTejl
z48jpZfDpN6MH4dUsVInlS1czdXYYVQPso5WnnxVYhkfRsHgXjrtgLYWv2r+b/Mf
TynFWo2j3i5foc17YbPNSH1Zw0e70/8MKSFpo1WOQCJ4UrwxmEcZQZEQ3QU0yzZW
ECjCaILk8u5IrWp10JbHy8tc716tRJ3NAzVIJ//oE/Q1nOFdAyWhNImueQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFA9EHSlxrFfQ+92I+nVvs45NEX1+MB8GA1UdIwQY
MBaAFGyP0aiuWZbB5WksGoxCv+nDuldFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMt
ZmVhYzI2ZWFlY2MyLzEvRDBRZEtYR3NWOUQ3M1lqNmRXLXpqazBSZlg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMtZmVhYzI2ZWFlY2My
LzEvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAT64UAwQA
VdH+AwQAub5RMA0GCSqGSIb3DQEBCwUAA4IBAQAPB4c5g+CXruwJLbptNX6A5lD6
c0fXCWUJQbr1RFExdmgVvUZAwdNr8f6TLhL4X/qWmrz1HeVB97h+lHKoVPDwBqmw
qyXyU/OOUm+92IeUg/o3fiIOl65m0I/a3zt2e0Et0r3V76ELil9Ln0nrEPtTCW9f
GqbT3S3x5qMZQwFxZWbaeKpAB50PFqSxoEIelxVczWcPmdDD98XRydF6FIU3Geai
uHb6QDXOZRNHPxQrSnTfSWe0i2BSmR3xc2y3+iq/B8UUay2P6n/zGSwfJqj3gm2W
7MipjeT1x5t65aIRRNLAlGx0pUASXnT7xuK4Ex+fnQKyQL+VesAgp2p0k/R/
-----END CERTIFICATE-----
Generated at Fri Jun 21 18:06:50 2024 by rpki-client on console-fra.rpki-client.org