Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/dlGjiwRs39lCnCx2McbYxGiFAYE.roa
File: dlGjiwRs39lCnCx2McbYxGiFAYE.roa (raw, json)
Hash identifier: 4EoPnbZmDM9NTA+8ZjXGrrS1ReqQfjJp+yLmUq9ohWQ=
Subject key identifier: 76:51:A3:8B:04:6C:DF:D9:42:9C:2C:76:31:C6:D8:C4:68:85:01:81
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 01938B983C78EEFE2E5761BDCFC92E25F66C
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/dlGjiwRs39lCnCx2McbYxGiFAYE.roa
Signing time: Tue 03 Dec 2024 08:17:10 +0000
ROA not before: Tue 03 Dec 2024 08:17:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 1299
IP address blocks: 192.71.161.0/24 maxlen: 24
193.180.119.0/24 maxlen: 24
193.182.245.0/24 maxlen: 24
193.234.18.0/24 maxlen: 24
193.234.82.0/24 maxlen: 24
193.235.104.0/24 maxlen: 24
193.235.106.0/24 maxlen: 24
194.71.221.0/24 maxlen: 24
194.132.122.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 13:50:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:8b:98:3c:78:ee:fe:2e:57:61:bd:cf:c9:2e:25:f6:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Dec 3 08:17:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7651a38b046cdfd9429c2c7631c6d8c468850181
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:41:a5:1d:38:c5:b1:75:50:f4:63:4f:71:39:
33:d5:ec:e5:c5:de:a7:b2:6d:40:97:62:ef:34:b0:
28:25:9d:2c:78:70:55:17:43:6b:22:53:ba:93:79:
2b:14:c6:cf:87:e2:72:16:ee:59:53:5d:9c:03:43:
06:30:60:83:5b:24:59:4e:60:c6:4e:90:df:68:57:
40:e4:81:27:04:ef:ec:25:ac:ff:66:e5:68:e0:43:
2b:c6:17:9b:8f:86:54:cd:5a:f7:47:f5:cc:d0:23:
98:ea:b5:ff:3e:26:37:69:c4:17:4e:aa:44:75:b0:
60:55:d4:8d:76:e0:d2:32:7a:8e:bf:99:8b:65:87:
da:fa:d7:7f:dd:08:ab:64:de:4a:4e:9c:42:a2:d5:
30:a9:48:ed:ee:71:7d:4f:6e:8d:fa:86:ce:e8:df:
bd:92:fb:06:1c:4c:28:95:bc:a7:52:26:fe:06:ab:
7c:94:15:2c:30:29:eb:2e:25:ea:b0:fe:96:fd:e6:
39:7d:ec:24:eb:ff:bc:19:35:8a:01:72:1d:ea:3f:
89:42:2b:d2:71:16:79:83:8c:43:89:ec:a0:a2:70:
26:ce:57:00:0b:51:02:7c:e1:5f:58:94:12:08:8d:
3c:c4:22:88:8c:a0:72:fa:9e:f0:ca:a6:0e:2c:15:
82:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:51:A3:8B:04:6C:DF:D9:42:9C:2C:76:31:C6:D8:C4:68:85:01:81
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/dlGjiwRs39lCnCx2McbYxGiFAYE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.71.161.0/24
193.180.119.0/24
193.182.245.0/24
193.234.18.0/24
193.234.82.0/24
193.235.104.0/24
193.235.106.0/24
194.71.221.0/24
194.132.122.0/24
Signature Algorithm: sha256WithRSAEncryption
14:43:b7:19:32:9e:51:2c:ce:14:fc:3d:cf:02:93:c1:a1:b6:
f2:76:64:aa:7f:28:a3:3e:32:57:be:97:2f:f9:04:30:67:2e:
9b:87:60:07:be:58:8a:f4:e7:04:bd:ef:96:eb:ef:ee:d1:3f:
d7:93:0f:42:db:c6:6a:cd:64:f9:7c:ee:e5:14:54:88:7f:f9:
1e:ee:b5:06:8d:3e:1d:19:66:29:06:f4:0b:e8:f8:8a:6e:2c:
b3:a7:b6:6b:03:bd:f6:ec:f0:d0:9a:40:71:f3:b8:4d:46:e6:
f6:fe:f9:b8:e0:5b:35:d1:40:ca:b2:23:6a:9a:73:4d:b8:1b:
fe:47:e5:24:09:70:29:44:78:30:28:11:91:9d:de:6f:7f:de:
3c:74:02:92:34:9d:de:90:72:10:3e:b3:3c:55:8a:a2:31:d7:
30:81:62:7d:3b:95:58:a1:8a:9a:07:69:f1:9f:48:1b:f1:97:
66:c1:20:07:cd:89:cb:72:22:4f:e4:a5:25:33:dc:e6:f0:55:
07:de:84:3e:d3:b8:8f:da:e4:54:df:2b:e5:23:fe:c2:ac:35:
2f:b7:a7:49:74:db:61:ad:71:df:46:ed:2f:51:cd:d7:eb:11:
fd:04:58:31:0a:52:d0:21:d5:d0:9c:3e:57:a0:f3:e6:99:1b:
44:29:da:68
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZOLmDx47v4uV2G9z8kuJfZsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjQxMjAzMDgxNzEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NjUxYTM4YjA0NmNkZmQ5NDI5YzJjNzYzMWM2ZDhjNDY4ODUwMTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA00GlHTjFsXVQ9GNPcTkz1ezlxd6n
sm1Al2LvNLAoJZ0seHBVF0NrIlO6k3krFMbPh+JyFu5ZU12cA0MGMGCDWyRZTmDG
TpDfaFdA5IEnBO/sJaz/ZuVo4EMrxhebj4ZUzVr3R/XM0COY6rX/PiY3acQXTqpE
dbBgVdSNduDSMnqOv5mLZYfa+td/3QirZN5KTpxCotUwqUjt7nF9T26N+obO6N+9
kvsGHEwolbynUib+Bqt8lBUsMCnrLiXqsP6W/eY5fewk6/+8GTWKAXId6j+JQivS
cRZ5g4xDieygonAmzlcAC1ECfOFfWJQSCI08xCKIjKBy+p7wyqYOLBWCFwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFHZRo4sEbN/ZQpwsdjHG2MRohQGBMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvZGxHaml3UnMzOWxDbkN4Mk1jYll4R2lGQVlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQAwEehAwQA
wbR3AwQAwbb1AwQAweoSAwQAwepSAwQAwetoAwQAwetqAwQAwkfdAwQAwoR6MA0G
CSqGSIb3DQEBCwUAA4IBAQAUQ7cZMp5RLM4U/D3PApPBobbydmSqfyijPjJXvpcv
+QQwZy6bh2AHvliK9OcEve+W6+/u0T/Xkw9C28ZqzWT5fO7lFFSIf/ke7rUGjT4d
GWYpBvQL6PiKbiyzp7ZrA7327PDQmkBx87hNRub2/vm44Fs10UDKsiNqmnNNuBv+
R+UkCXApRHgwKBGRnd5vf948dAKSNJ3ekHIQPrM8VYqiMdcwgWJ9O5VYoYqaB2nx
n0gb8ZdmwSAHzYnLciJP5KUlM9zm8FUH3oQ+07iP2uRU3yvlI/7CrDUvt6dJdNth
rXHfRu0vUc3X6xH9BFgxClLQIdXQnD5XoPPmmRtEKdpo
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:08:24 2025 by rpki-client