Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/945dbd-2fb7-4dd1-96a6-0585de4d4ee7/1/DLEg7sPIeT6HeP1N1h99eCkUphQ.roa
File: DLEg7sPIeT6HeP1N1h99eCkUphQ.roa (raw, json)
Hash identifier: o6NFGBM9DXxLSGjoD0NDCLwZe5iSC9k+PfSh9ePp/uI=
Subject key identifier: 0C:B1:20:EE:C3:C8:79:3E:87:78:FD:4D:D6:1F:7D:78:29:14:A6:14
Certificate issuer: /CN=44007172df9fc2d4a2ddbba934cebc9f0286d3ca
Certificate serial: 018CC26D729457647CF3BE34B1510686B68A
Authority key identifier: 44:00:71:72:DF:9F:C2:D4:A2:DD:BB:A9:34:CE:BC:9F:02:86:D3:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RABxct-fwtSi3bupNM68nwKG08o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/945dbd-2fb7-4dd1-96a6-0585de4d4ee7/1/DLEg7sPIeT6HeP1N1h99eCkUphQ.roa
Signing time: Mon 01 Jan 2024 00:30:01 +0000
ROA not before: Mon 01 Jan 2024 00:30:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44222
IP address blocks: 185.83.213.0/24 maxlen: 24
185.83.212.0/24 maxlen: 24
2a05:9f02::/31 maxlen: 31
2a05:9f06::/31 maxlen: 31
2a05:9f00::/31 maxlen: 48
2a05:9f04::/31 maxlen: 31
Validation: Failed, certificate revoked on Wed 01 Jan 2025 07:48:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:72:94:57:64:7c:f3:be:34:b1:51:06:86:b6:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=44007172df9fc2d4a2ddbba934cebc9f0286d3ca
Validity
Not Before: Jan 1 00:30:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0cb120eec3c8793e8778fd4dd61f7d782914a614
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:e2:a6:45:d1:ac:a8:48:5a:9c:a8:6b:3b:14:
a4:b2:08:c8:8e:93:73:56:53:d6:69:fc:94:ac:39:
d8:02:50:a4:bc:c2:6d:df:be:dc:c3:92:d3:cd:fa:
e2:29:e0:4d:94:86:33:0a:e1:34:3f:b1:29:bc:58:
5d:a5:bb:25:c3:22:4c:46:ac:ef:04:6f:64:45:4e:
59:ee:b5:45:36:e6:29:be:3b:a5:0f:ab:bf:3a:2c:
81:f3:76:7a:d5:13:5c:f5:5b:15:b4:19:3d:4c:fa:
e7:6b:52:99:1e:7d:55:d3:0a:f1:89:2c:44:8d:d6:
ca:08:cb:bd:24:e9:21:73:7a:86:71:e0:e5:45:af:
e0:f4:b7:69:95:39:58:5a:25:13:cb:97:20:cd:e3:
aa:10:4a:27:f9:4a:8e:2a:54:e6:a5:28:39:75:2a:
53:a8:55:f5:e6:3f:6e:f8:e3:3a:48:54:bd:36:cb:
b7:d4:61:ff:93:c9:3c:a7:34:bc:63:64:13:d4:eb:
72:4c:a1:52:db:5c:e2:bb:0e:3c:05:fe:be:c7:49:
4d:8f:77:8f:bc:5b:fc:b4:7c:a5:ef:8f:04:57:24:
8e:67:24:07:a1:83:5e:8e:5b:34:14:bd:61:9d:84:
6c:50:c4:c5:cd:b4:f0:34:39:09:ed:a0:74:98:b8:
3c:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:B1:20:EE:C3:C8:79:3E:87:78:FD:4D:D6:1F:7D:78:29:14:A6:14
X509v3 Authority Key Identifier:
keyid:44:00:71:72:DF:9F:C2:D4:A2:DD:BB:A9:34:CE:BC:9F:02:86:D3:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RABxct-fwtSi3bupNM68nwKG08o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/945dbd-2fb7-4dd1-96a6-0585de4d4ee7/1/DLEg7sPIeT6HeP1N1h99eCkUphQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/945dbd-2fb7-4dd1-96a6-0585de4d4ee7/1/RABxct-fwtSi3bupNM68nwKG08o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.83.212.0/23
IPv6:
2a05:9f00::/29
Signature Algorithm: sha256WithRSAEncryption
43:b1:73:cf:44:f0:ec:20:d9:c4:83:70:53:0e:3b:ec:40:97:
6f:d8:64:14:3a:8e:ad:63:ff:f7:54:b2:58:97:48:17:92:0f:
b9:51:ad:a4:bf:54:fc:3f:98:31:56:60:c8:07:be:ca:87:0d:
e1:11:84:76:6a:72:2f:0c:9a:9f:15:56:95:cd:c2:f6:7c:2e:
ec:11:1e:d4:1a:af:d3:46:4c:c2:40:b5:65:a6:24:eb:ee:27:
1b:fc:e6:8b:fd:50:6d:30:e9:dc:88:a2:c4:c2:80:90:59:9f:
a3:ca:14:37:58:68:72:d1:c9:7c:fc:9d:ae:a8:87:64:04:13:
81:98:2f:27:52:6c:20:92:e1:bf:0c:a4:8c:4f:f3:30:f4:3c:
ff:fd:a9:b6:5d:bc:31:ef:ab:77:35:bc:66:18:f4:f7:35:0b:
c0:6c:b0:60:ba:15:00:51:9b:10:7c:0c:96:1d:cd:bd:35:ad:
c2:2e:bb:11:96:61:20:13:ce:97:c8:ce:22:a5:5b:37:91:46:
02:e9:0e:07:a5:17:b7:14:99:c6:55:e7:6d:22:23:a0:69:17:
03:41:f8:52:0a:a9:fc:4f:d6:fd:b1:31:f4:76:4e:f1:5f:9f:
45:18:83:21:bc:54:f2:cd:6b:7d:27:cc:3d:11:b7:a1:2a:b0:
b0:9c:5d:eb
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzCbXKUV2R88740sVEGhraKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0MDA3MTcyZGY5ZmMyZDRhMmRkYmJhOTM0Y2ViYzlmMDI4
NmQzY2EwHhcNMjQwMTAxMDAzMDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwY2IxMjBlZWMzYzg3OTNlODc3OGZkNGRkNjFmN2Q3ODI5MTRhNjE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhOKmRdGsqEhanKhrOxSksgjIjpNz
VlPWafyUrDnYAlCkvMJt377cw5LTzfriKeBNlIYzCuE0P7EpvFhdpbslwyJMRqzv
BG9kRU5Z7rVFNuYpvjulD6u/OiyB83Z61RNc9VsVtBk9TPrna1KZHn1V0wrxiSxE
jdbKCMu9JOkhc3qGceDlRa/g9LdplTlYWiUTy5cgzeOqEEon+UqOKlTmpSg5dSpT
qFX15j9u+OM6SFS9Nsu31GH/k8k8pzS8Y2QT1OtyTKFS21ziuw48Bf6+x0lNj3eP
vFv8tHyl748EVySOZyQHoYNejls0FL1hnYRsUMTFzbTwNDkJ7aB0mLg8CQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFAyxIO7DyHk+h3j9TdYffXgpFKYUMB8GA1UdIwQY
MBaAFEQAcXLfn8LUot27qTTOvJ8ChtPKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkFCeGN0LWZ3dFNpM2J1cE5NNjhud0tHMDhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS85NDVkYmQtMmZiNy00ZGQxLTk2YTYt
MDU4NWRlNGQ0ZWU3LzEvRExFZzdzUEllVDZIZVAxTjFoOTllQ2tVcGhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS85NDVkYmQtMmZiNy00ZGQxLTk2YTYtMDU4NWRlNGQ0ZWU3
LzEvUkFCeGN0LWZ3dFNpM2J1cE5NNjhud0tHMDhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBuVPUMA0E
AgACMAcDBQMqBZ8AMA0GCSqGSIb3DQEBCwUAA4IBAQBDsXPPRPDsINnEg3BTDjvs
QJdv2GQUOo6tY//3VLJYl0gXkg+5Ua2kv1T8P5gxVmDIB77Khw3hEYR2anIvDJqf
FVaVzcL2fC7sER7UGq/TRkzCQLVlpiTr7icb/OaL/VBtMOnciKLEwoCQWZ+jyhQ3
WGhy0cl8/J2uqIdkBBOBmC8nUmwgkuG/DKSMT/Mw9Dz//am2Xbwx76t3NbxmGPT3
NQvAbLBguhUAUZsQfAyWHc29Na3CLrsRlmEgE86XyM4ipVs3kUYC6Q4HpRe3FJnG
VedtIiOgaRcDQfhSCqn8T9b9sTH0dk7xX59FGIMhvFTyzWt9J8w9EbehKrCwnF3r
-----END CERTIFICATE-----
Generated at Sun Feb 16 21:52:37 2025 by rpki-client