Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/cf7d5c-04a5-48a7-b8c6-37a442e65f18/1/gDMb6OF__G0Kcz2L-Yl1MTf7Rao.roa
File: gDMb6OF__G0Kcz2L-Yl1MTf7Rao.roa (raw, json)
Hash identifier: MJkF1mS9V3Qgbd+ynZWNvgdTgLHE+Apaea/QfruG4hY=
Subject key identifier: 80:33:1B:E8:E1:7F:FC:6D:0A:73:3D:8B:F9:89:75:31:37:FB:45:AA
Certificate issuer: /CN=64a9856db1ab3b24f09e9cb92743768668301411
Certificate serial: 01908E9AA8962528B39020A62041E0A9FD05
Authority key identifier: 64:A9:85:6D:B1:AB:3B:24:F0:9E:9C:B9:27:43:76:86:68:30:14:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZKmFbbGrOyTwnpy5J0N2hmgwFBE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/cf7d5c-04a5-48a7-b8c6-37a442e65f18/1/gDMb6OF__G0Kcz2L-Yl1MTf7Rao.roa
Signing time: Sun 07 Jul 2024 19:10:18 +0000
ROA not before: Sun 07 Jul 2024 19:10:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212583
IP address blocks: 185.196.60.0/24 maxlen: 24
195.85.2.0/23 maxlen: 23
2a10:7840::/31 maxlen: 31
Validation: Failed, certificate revoked on Wed 01 Jan 2025 23:47:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:8e:9a:a8:96:25:28:b3:90:20:a6:20:41:e0:a9:fd:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=64a9856db1ab3b24f09e9cb92743768668301411
Validity
Not Before: Jul 7 19:10:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=80331be8e17ffc6d0a733d8bf989753137fb45aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:32:8d:7b:3d:a2:b0:4a:2c:60:43:5a:40:49:
41:30:42:57:3e:7a:da:02:39:2f:0f:97:f6:97:eb:
07:e7:58:0e:2d:03:bf:e7:0e:6f:b0:fb:4a:5f:f0:
95:95:62:07:ab:8c:9e:92:b1:da:ad:ab:70:cf:90:
49:df:dc:46:3f:63:07:40:f6:9f:a7:dd:3c:88:2e:
8f:4c:b0:3f:70:c1:bf:ef:14:5d:db:d4:46:fc:b5:
0c:ec:2c:8a:7e:18:16:7c:76:70:b5:61:1d:9d:7d:
11:b1:1b:51:b4:85:80:ef:d6:1b:01:fc:61:e3:60:
5f:3e:50:02:9b:67:90:43:0e:91:80:b8:bb:45:fd:
21:86:04:f2:e1:16:3a:35:ed:29:fb:41:a7:a6:8c:
52:19:7a:87:d8:d8:25:72:e8:f9:eb:29:26:f4:c7:
54:87:f6:54:75:1a:c3:20:5c:5f:9a:c7:41:25:8e:
9b:c6:10:ae:08:58:f0:c5:03:58:9d:1b:6c:3b:63:
37:20:df:c9:69:71:05:d9:52:c8:c3:5d:a0:c1:39:
37:da:e7:90:51:07:0f:03:6e:a5:f6:5a:13:d5:5e:
30:ce:bc:19:bd:55:95:9e:11:41:44:18:cf:be:31:
3a:d2:2f:2d:d6:19:fa:3f:62:15:4f:bf:d8:86:0d:
80:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:33:1B:E8:E1:7F:FC:6D:0A:73:3D:8B:F9:89:75:31:37:FB:45:AA
X509v3 Authority Key Identifier:
keyid:64:A9:85:6D:B1:AB:3B:24:F0:9E:9C:B9:27:43:76:86:68:30:14:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZKmFbbGrOyTwnpy5J0N2hmgwFBE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cf7d5c-04a5-48a7-b8c6-37a442e65f18/1/gDMb6OF__G0Kcz2L-Yl1MTf7Rao.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cf7d5c-04a5-48a7-b8c6-37a442e65f18/1/ZKmFbbGrOyTwnpy5J0N2hmgwFBE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.196.60.0/24
195.85.2.0/23
IPv6:
2a10:7840::/31
Signature Algorithm: sha256WithRSAEncryption
2d:5b:9f:a2:64:8f:eb:1d:87:39:9e:91:3b:f9:bd:ac:f3:5b:
ab:b4:69:cc:6e:a9:2d:7b:05:9b:31:74:eb:ed:26:e2:f2:38:
d4:da:68:1e:b6:d1:f6:da:06:b1:f3:62:2e:bf:33:24:0c:ca:
00:cc:58:8c:7e:61:86:c0:b3:bd:b5:c0:cf:e6:00:48:82:d2:
dd:bb:28:e2:2a:84:71:25:c6:24:69:bc:34:d0:d2:bf:a9:a1:
57:24:8f:e5:3c:83:70:7c:fe:a5:d6:a3:51:2f:dd:fa:a7:fe:
f2:17:6f:46:04:5e:86:fc:7e:c8:1b:7b:34:f1:bb:fb:4f:2c:
eb:30:71:af:85:ae:e1:5b:a2:c0:e2:d5:be:18:60:c5:34:ca:
6c:f8:a9:6d:fc:de:89:35:ad:12:64:5c:00:77:65:48:ec:01:
5d:7c:fb:72:37:21:89:09:28:3e:3b:9e:20:90:cf:55:65:dc:
7f:78:89:2f:b3:04:f7:7f:a0:2a:fe:08:a9:17:7a:d4:94:82:
6f:c6:1d:fc:08:92:ba:8a:95:d7:88:2e:90:eb:7b:96:fa:0b:
ba:f6:ca:de:10:23:b4:32:6d:44:b2:49:b8:fd:10:a8:0d:d7:
4b:f9:ca:ff:e6:7a:14:bb:1b:0e:e6:bf:78:c3:0e:42:2c:ac:
00:7b:e0:4b
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZCOmqiWJSizkCCmIEHgqf0FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0YTk4NTZkYjFhYjNiMjRmMDllOWNiOTI3NDM3Njg2Njgz
MDE0MTEwHhcNMjQwNzA3MTkxMDE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDMzMWJlOGUxN2ZmYzZkMGE3MzNkOGJmOTg5NzUzMTM3ZmI0NWFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzDKNez2isEosYENaQElBMEJXPnra
AjkvD5f2l+sH51gOLQO/5w5vsPtKX/CVlWIHq4yekrHaratwz5BJ39xGP2MHQPaf
p908iC6PTLA/cMG/7xRd29RG/LUM7CyKfhgWfHZwtWEdnX0RsRtRtIWA79YbAfxh
42BfPlACm2eQQw6RgLi7Rf0hhgTy4RY6Ne0p+0GnpoxSGXqH2Nglcuj56ykm9MdU
h/ZUdRrDIFxfmsdBJY6bxhCuCFjwxQNYnRtsO2M3IN/JaXEF2VLIw12gwTk32ueQ
UQcPA26l9loT1V4wzrwZvVWVnhFBRBjPvjE60i8t1hn6P2IVT7/Yhg2ADQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFIAzG+jhf/xtCnM9i/mJdTE3+0WqMB8GA1UdIwQY
MBaAFGSphW2xqzsk8J6cuSdDdoZoMBQRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWkttRmJiR3JPeVR3bnB5NUowTjJobWd3RkJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9jZjdkNWMtMDRhNS00OGE3LWI4YzYt
MzdhNDQyZTY1ZjE4LzEvZ0RNYjZPRl9fRzBLY3oyTC1ZbDFNVGY3UmFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy9jZjdkNWMtMDRhNS00OGE3LWI4YzYtMzdhNDQyZTY1ZjE4
LzEvWkttRmJiR3JPeVR3bnB5NUowTjJobWd3RkJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAucQ8AwQB
w1UCMA0EAgACMAcDBQEqEHhAMA0GCSqGSIb3DQEBCwUAA4IBAQAtW5+iZI/rHYc5
npE7+b2s81urtGnMbqktewWbMXTr7Sbi8jjU2mgettH22gax82IuvzMkDMoAzFiM
fmGGwLO9tcDP5gBIgtLduyjiKoRxJcYkabw00NK/qaFXJI/lPINwfP6l1qNRL936
p/7yF29GBF6G/H7IG3s08bv7TyzrMHGvha7hW6LA4tW+GGDFNMps+Klt/N6JNa0S
ZFwAd2VI7AFdfPtyNyGJCSg+O54gkM9VZdx/eIkvswT3f6Aq/gipF3rUlIJvxh38
CJK6ipXXiC6Q63uW+gu69sreECO0Mm1Eskm4/RCoDddL+cr/5noUuxsO5r94ww5C
LKwAe+BL
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:30:34 2025 by rpki-client