Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/81d94d-2e40-4546-8b89-804f17ec245e/1/vD6A37Hb84PdXuDKksgrMQHz4hI.roa
File: vD6A37Hb84PdXuDKksgrMQHz4hI.roa (raw, json)
Hash identifier: SYkXGonC0G/PPtsqetHUMulaneG7pvoVSmupydtye8o=
Subject key identifier: BC:3E:80:DF:B1:DB:F3:83:DD:5E:E0:CA:92:C8:2B:31:01:F3:E2:12
Certificate issuer: /CN=0c17dae04476db1016caa43e3ed9bc6bd69f3975
Certificate serial: 018CC3B715AE72EDF23461ED2082AEA9A1F9
Authority key identifier: 0C:17:DA:E0:44:76:DB:10:16:CA:A4:3E:3E:D9:BC:6B:D6:9F:39:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DBfa4ER22xAWyqQ-Ptm8a9afOXU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/81d94d-2e40-4546-8b89-804f17ec245e/1/vD6A37Hb84PdXuDKksgrMQHz4hI.roa
Signing time: Mon 01 Jan 2024 06:30:04 +0000
ROA not before: Mon 01 Jan 2024 06:30:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203228
IP address blocks: 185.124.72.0/22 maxlen: 22
185.124.75.0/24 maxlen: 24
2a03:93e0::/32 maxlen: 32
2a03:93e0:1000::/36 maxlen: 36
Validation: Failed, certificate revoked on Wed 01 Jan 2025 01:47:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b7:15:ae:72:ed:f2:34:61:ed:20:82:ae:a9:a1:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0c17dae04476db1016caa43e3ed9bc6bd69f3975
Validity
Not Before: Jan 1 06:30:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bc3e80dfb1dbf383dd5ee0ca92c82b3101f3e212
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:98:a2:b2:f3:f4:fa:55:39:f3:c7:9d:e2:c6:
bb:3e:47:71:b5:0c:39:18:6a:ae:79:a6:4a:18:0a:
78:a4:32:ea:27:f6:1b:a0:85:0c:1d:32:c3:36:3e:
e7:36:0c:55:98:42:32:f2:6b:5a:cb:eb:30:aa:43:
2d:f5:a8:9c:97:9d:85:cc:00:6f:87:97:b0:93:4f:
08:ce:4e:5e:bf:74:74:4b:b8:9c:5c:43:88:2d:3e:
68:5c:5e:38:aa:0c:67:47:93:97:fb:62:d6:1b:fb:
86:ad:21:30:be:20:b3:ad:fd:a7:75:cb:c4:b9:6c:
4e:22:e6:1e:75:b5:f5:2d:6c:5e:20:0a:5a:36:84:
e1:a4:e4:48:8d:84:29:1f:b0:b2:02:de:dd:9a:96:
18:e1:11:29:a9:7d:f5:70:57:28:2d:bb:78:39:05:
9a:81:a7:77:6f:1e:00:56:a0:88:d6:ef:6c:6f:d9:
5f:a9:69:67:6c:f8:98:d5:18:b2:41:29:d8:f4:c6:
ce:d2:e6:19:e8:38:c2:a4:1f:d9:7c:34:78:ac:33:
83:26:42:94:d6:13:4f:f6:5f:7b:8e:64:de:c4:bf:
f5:f3:61:43:74:36:ac:18:13:d1:3b:0e:c1:0a:07:
f6:2a:50:56:49:d2:97:5f:2c:9b:4b:2f:e0:c5:03:
34:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:3E:80:DF:B1:DB:F3:83:DD:5E:E0:CA:92:C8:2B:31:01:F3:E2:12
X509v3 Authority Key Identifier:
keyid:0C:17:DA:E0:44:76:DB:10:16:CA:A4:3E:3E:D9:BC:6B:D6:9F:39:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DBfa4ER22xAWyqQ-Ptm8a9afOXU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/81d94d-2e40-4546-8b89-804f17ec245e/1/vD6A37Hb84PdXuDKksgrMQHz4hI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/81d94d-2e40-4546-8b89-804f17ec245e/1/DBfa4ER22xAWyqQ-Ptm8a9afOXU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.124.72.0/22
IPv6:
2a03:93e0::/32
Signature Algorithm: sha256WithRSAEncryption
83:a9:da:be:1a:fe:81:f7:19:b7:cd:5d:6d:e4:63:ed:44:84:
f5:14:89:27:45:8b:54:82:f6:62:c3:68:48:0c:82:b3:0c:f1:
53:6a:80:7e:73:53:57:2f:04:cc:af:76:37:ba:16:88:39:2b:
28:1e:b2:2b:c5:07:5b:96:1f:8c:f5:8d:63:2c:3f:0c:ce:cb:
36:67:e6:e9:b3:dd:f4:39:7f:36:ae:04:c2:77:82:73:86:4e:
39:9f:7c:53:c2:1d:ae:1b:09:6d:0a:18:22:20:50:42:7e:9d:
a3:7a:44:b1:8d:94:c3:4a:45:6c:97:7a:4b:a4:99:47:6c:28:
19:26:d6:fc:cb:18:63:1f:5d:44:47:81:b5:3a:e6:de:8a:3a:
58:21:4c:c8:e7:a7:74:19:44:21:60:2c:10:22:31:a6:b4:2b:
c2:d5:59:74:15:98:0e:cc:a9:d8:fc:f1:68:dd:db:97:df:ad:
c2:c8:6c:02:cc:ce:2f:ac:3e:bc:1f:a2:20:04:1f:df:06:5e:
a1:e9:a8:45:2d:3f:7e:41:22:81:5c:bc:cf:e9:30:90:e2:d6:
2e:2f:5b:f8:37:83:ae:63:6b:2c:f7:8a:66:b5:be:94:62:9e:
44:14:ca:d0:a5:28:68:ae:1d:ac:0d:d4:d9:26:9b:29:17:b8:
83:c3:2a:4a
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzDtxWucu3yNGHtIIKuqaH5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjMTdkYWUwNDQ3NmRiMTAxNmNhYTQzZTNlZDliYzZiZDY5
ZjM5NzUwHhcNMjQwMTAxMDYzMDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzNlODBkZmIxZGJmMzgzZGQ1ZWUwY2E5MmM4MmIzMTAxZjNlMjEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArJiisvP0+lU588ed4sa7PkdxtQw5
GGqueaZKGAp4pDLqJ/YboIUMHTLDNj7nNgxVmEIy8mtay+swqkMt9aicl52FzABv
h5ewk08Izk5ev3R0S7icXEOILT5oXF44qgxnR5OX+2LWG/uGrSEwviCzrf2ndcvE
uWxOIuYedbX1LWxeIApaNoThpORIjYQpH7CyAt7dmpYY4REpqX31cFcoLbt4OQWa
gad3bx4AVqCI1u9sb9lfqWlnbPiY1RiyQSnY9MbO0uYZ6DjCpB/ZfDR4rDODJkKU
1hNP9l97jmTexL/182FDdDasGBPROw7BCgf2KlBWSdKXXyybSy/gxQM08QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLw+gN+x2/OD3V7gypLIKzEB8+ISMB8GA1UdIwQY
MBaAFAwX2uBEdtsQFsqkPj7ZvGvWnzl1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvREJmYTRFUjIyeEFXeXFRLVB0bThhOWFmT1hVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi84MWQ5NGQtMmU0MC00NTQ2LThiODkt
ODA0ZjE3ZWMyNDVlLzEvdkQ2QTM3SGI4NFBkWHVES2tzZ3JNUUh6NGhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi84MWQ5NGQtMmU0MC00NTQ2LThiODktODA0ZjE3ZWMyNDVl
LzEvREJmYTRFUjIyeEFXeXFRLVB0bThhOWFmT1hVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuXxIMA0E
AgACMAcDBQAqA5PgMA0GCSqGSIb3DQEBCwUAA4IBAQCDqdq+Gv6B9xm3zV1t5GPt
RIT1FIknRYtUgvZiw2hIDIKzDPFTaoB+c1NXLwTMr3Y3uhaIOSsoHrIrxQdblh+M
9Y1jLD8Mzss2Z+bps930OX82rgTCd4Jzhk45n3xTwh2uGwltChgiIFBCfp2jekSx
jZTDSkVsl3pLpJlHbCgZJtb8yxhjH11ER4G1OubeijpYIUzI56d0GUQhYCwQIjGm
tCvC1Vl0FZgOzKnY/PFo3duX363CyGwCzM4vrD68H6IgBB/fBl6h6ahFLT9+QSKB
XLzP6TCQ4tYuL1v4N4OuY2ss94pmtb6UYp5EFMrQpShorh2sDdTZJpspF7iDwypK
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:53:01 2025 by rpki-client