Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/2bb706-66d4-4fae-93a1-b97c2c4ad439/1/DtnEmVALS8SpBLyisAtUMD2QlmM.roa
File: DtnEmVALS8SpBLyisAtUMD2QlmM.roa (raw, json)
Hash identifier: 1lHgSzQlIZhw57KgxD0h68FwJqwAO/IwzHPpXCfoTsA=
Subject key identifier: 0E:D9:C4:99:50:0B:4B:C4:A9:04:BC:A2:B0:0B:54:30:3D:90:96:63
Certificate issuer: /CN=aa8fd05eeb6ea05a11d667abedd8ea1093d271b3
Certificate serial: 018CC5DC40FEA62A798BF822E8264B4752B7
Authority key identifier: AA:8F:D0:5E:EB:6E:A0:5A:11:D6:67:AB:ED:D8:EA:10:93:D2:71:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qo_QXutuoFoR1mer7djqEJPScbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/2bb706-66d4-4fae-93a1-b97c2c4ad439/1/DtnEmVALS8SpBLyisAtUMD2QlmM.roa
Signing time: Mon 01 Jan 2024 16:29:55 +0000
ROA not before: Mon 01 Jan 2024 16:29:55 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48757
IP address blocks: 95.128.176.0/22 maxlen: 22
95.128.180.0/22 maxlen: 22
95.128.181.0/24 maxlen: 24
95.128.183.0/24 maxlen: 24
95.128.180.0/24 maxlen: 24
185.17.140.0/22 maxlen: 22
95.128.182.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 02 Feb 2024 07:05:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:40:fe:a6:2a:79:8b:f8:22:e8:26:4b:47:52:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa8fd05eeb6ea05a11d667abedd8ea1093d271b3
Validity
Not Before: Jan 1 16:29:55 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0ed9c499500b4bc4a904bca2b00b54303d909663
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:8d:da:09:9e:10:10:b7:f7:b0:5d:24:1d:5a:
bf:b7:23:1f:39:3f:67:d2:96:97:cf:5f:22:cf:9a:
57:e1:2c:7e:d7:73:da:fa:55:55:94:e2:56:ce:7f:
66:f8:5b:d7:d7:ba:5c:30:f5:31:43:06:cf:a8:db:
c8:68:06:27:66:91:61:a1:a7:41:75:28:7d:2c:5d:
7e:88:25:65:c7:d5:da:63:fb:10:eb:ee:5f:0f:75:
a9:c0:3b:e4:fd:10:05:4a:cb:8c:91:5e:c5:2c:42:
44:03:21:2a:5c:7c:2f:c0:bf:17:8a:00:e1:f5:4e:
f4:11:b7:f8:7a:37:97:84:72:41:79:b7:18:52:91:
1b:e2:c8:21:20:1c:df:b9:3f:92:c0:ce:b0:ee:b2:
d4:aa:56:c5:9e:f3:5b:ca:34:17:12:5d:26:19:23:
92:f3:a7:20:64:ef:b4:84:c1:68:29:18:a0:85:31:
49:e4:9d:dd:47:06:d8:15:7a:68:c2:bb:a4:27:69:
56:e0:8d:20:7f:87:28:92:0c:1d:b8:95:a3:68:6b:
91:a3:ba:8e:dd:f6:16:c9:67:65:21:a3:04:35:22:
0a:f0:43:cf:20:e2:b6:22:9b:93:1f:73:6f:2d:e3:
75:af:18:b6:b9:da:42:4c:99:70:51:c0:86:59:27:
99:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:D9:C4:99:50:0B:4B:C4:A9:04:BC:A2:B0:0B:54:30:3D:90:96:63
X509v3 Authority Key Identifier:
keyid:AA:8F:D0:5E:EB:6E:A0:5A:11:D6:67:AB:ED:D8:EA:10:93:D2:71:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qo_QXutuoFoR1mer7djqEJPScbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/2bb706-66d4-4fae-93a1-b97c2c4ad439/1/DtnEmVALS8SpBLyisAtUMD2QlmM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/2bb706-66d4-4fae-93a1-b97c2c4ad439/1/qo_QXutuoFoR1mer7djqEJPScbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.128.176.0/21
185.17.140.0/22
Signature Algorithm: sha256WithRSAEncryption
2a:2e:a1:73:74:f5:51:1e:29:fe:c8:b1:74:fd:5e:f2:0a:d4:
88:7b:78:88:78:9b:60:f4:4a:94:49:94:d4:71:b8:a0:36:29:
74:82:3b:7b:5b:07:72:90:25:37:dc:fe:8e:69:2d:20:05:4d:
1a:1d:7e:df:1a:55:f4:a8:34:8a:f6:b7:dd:77:40:c0:03:e5:
2d:47:f3:8f:e5:25:c8:fe:07:2d:a8:f2:c5:8c:af:df:88:92:
67:07:9f:f9:52:73:88:df:0d:c4:f7:dd:38:6d:6b:3a:b0:db:
8f:e2:04:be:de:be:0c:bb:be:c3:8e:b5:34:1f:f9:42:cf:08:
db:35:64:ad:f8:f1:75:24:24:34:0e:12:ad:62:4a:09:7e:e8:
50:12:d6:3b:ed:1e:50:d6:8e:05:83:be:6f:cb:3d:90:e4:21:
3b:8f:08:ad:59:07:be:c8:75:9c:5b:57:b3:df:d5:12:44:b6:
7f:45:94:08:a7:ea:11:50:50:df:a3:c7:15:81:21:db:dd:d0:
8c:b0:48:d1:94:37:7b:30:53:17:af:80:b0:14:c1:7b:6b:c4:
41:1a:89:2f:09:3e:dd:01:85:ce:e0:49:21:f9:f7:59:23:61:
60:43:8c:37:32:86:1b:ab:70:7c:0c:49:d9:ce:25:e2:c0:0a:
d7:df:f5:33
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzF3ED+pip5i/gi6CZLR1K3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhOGZkMDVlZWI2ZWEwNWExMWQ2NjdhYmVkZDhlYTEwOTNk
MjcxYjMwHhcNMjQwMTAxMTYyOTU1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZWQ5YzQ5OTUwMGI0YmM0YTkwNGJjYTJiMDBiNTQzMDNkOTA5NjYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsY3aCZ4QELf3sF0kHVq/tyMfOT9n
0paXz18iz5pX4Sx+13Pa+lVVlOJWzn9m+FvX17pcMPUxQwbPqNvIaAYnZpFhoadB
dSh9LF1+iCVlx9XaY/sQ6+5fD3WpwDvk/RAFSsuMkV7FLEJEAyEqXHwvwL8XigDh
9U70Ebf4ejeXhHJBebcYUpEb4sghIBzfuT+SwM6w7rLUqlbFnvNbyjQXEl0mGSOS
86cgZO+0hMFoKRighTFJ5J3dRwbYFXpowrukJ2lW4I0gf4cokgwduJWjaGuRo7qO
3fYWyWdlIaMENSIK8EPPIOK2IpuTH3NvLeN1rxi2udpCTJlwUcCGWSeZ7QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFA7ZxJlQC0vEqQS8orALVDA9kJZjMB8GA1UdIwQY
MBaAFKqP0F7rbqBaEdZnq+3Y6hCT0nGzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcW9fUVh1dHVvRm9SMW1lcjdkanFFSlBTY2JNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy8yYmI3MDYtNjZkNC00ZmFlLTkzYTEt
Yjk3YzJjNGFkNDM5LzEvRHRuRW1WQUxTOFNwQkx5aXNBdFVNRDJRbG1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy8yYmI3MDYtNjZkNC00ZmFlLTkzYTEtYjk3YzJjNGFkNDM5
LzEvcW9fUVh1dHVvRm9SMW1lcjdkanFFSlBTY2JNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDX4CwAwQC
uRGMMA0GCSqGSIb3DQEBCwUAA4IBAQAqLqFzdPVRHin+yLF0/V7yCtSIe3iIeJtg
9EqUSZTUcbigNil0gjt7WwdykCU33P6OaS0gBU0aHX7fGlX0qDSK9rfdd0DAA+Ut
R/OP5SXI/gctqPLFjK/fiJJnB5/5UnOI3w3E9904bWs6sNuP4gS+3r4Mu77DjrU0
H/lCzwjbNWSt+PF1JCQ0DhKtYkoJfuhQEtY77R5Q1o4Fg75vyz2Q5CE7jwitWQe+
yHWcW1ez39USRLZ/RZQIp+oRUFDfo8cVgSHb3dCMsEjRlDd7MFMXr4CwFMF7a8RB
GokvCT7dAYXO4Ekh+fdZI2FgQ4w3MoYbq3B8DEnZziXiwArX3/Uz
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:29:24 2025 by rpki-client