Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/DcWrDv1rHtKQyWc4WrCMByJ4rL4.roa
File: DcWrDv1rHtKQyWc4WrCMByJ4rL4.roa (raw, json)
Hash identifier: EmT3rf7qF8tnaRcpw2JQfI9POl4y2iAn/l/I3/iU190=
Subject key identifier: 0D:C5:AB:0E:FD:6B:1E:D2:90:C9:67:38:5A:B0:8C:07:22:78:AC:BE
Certificate issuer: /CN=722a8c1d311895016108ffbd14575c77cc28773a
Certificate serial: 01917EC989586EF77ACECCBC8A7254ECE804
Authority key identifier: 72:2A:8C:1D:31:18:95:01:61:08:FF:BD:14:57:5C:77:CC:28:77:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ciqMHTEYlQFhCP-9FFdcd8wodzo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/DcWrDv1rHtKQyWc4WrCMByJ4rL4.roa
Signing time: Fri 23 Aug 2024 10:30:22 +0000
ROA not before: Fri 23 Aug 2024 10:30:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29622
IP address blocks: 83.222.176.0/24 maxlen: 24
83.222.177.0/24 maxlen: 24
109.160.14.0/24 maxlen: 24
109.160.15.0/24 maxlen: 24
109.160.72.0/24 maxlen: 24
109.160.73.0/24 maxlen: 24
109.160.74.0/24 maxlen: 24
109.160.75.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 09:49:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:7e:c9:89:58:6e:f7:7a:ce:cc:bc:8a:72:54:ec:e8:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=722a8c1d311895016108ffbd14575c77cc28773a
Validity
Not Before: Aug 23 10:30:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0dc5ab0efd6b1ed290c967385ab08c072278acbe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:30:3b:87:61:7c:a9:9e:1f:34:fc:1a:85:3e:
0b:2e:25:77:87:d4:bc:50:be:8f:52:33:ec:93:49:
de:4d:26:66:d0:f5:a1:85:f3:b8:8d:50:83:74:fd:
2a:d2:bf:d3:fc:cb:32:d7:a6:da:cb:4a:db:7a:47:
c7:77:c6:93:23:9b:90:d5:eb:66:93:29:14:2c:03:
bf:81:5e:ff:e2:32:69:a8:0c:e4:a2:64:54:96:c2:
9c:39:1b:9c:b5:62:39:73:16:11:9a:38:ff:b3:e3:
86:67:61:65:f5:9d:27:0d:1d:4c:b5:84:17:47:40:
15:74:0c:f3:c7:3e:b4:e9:1e:0d:34:69:64:b0:3a:
3f:34:ea:1e:5a:6c:60:78:3c:0a:b6:df:9b:97:1e:
9e:1a:f6:8d:6b:dd:36:4e:33:63:3b:f7:37:15:69:
1b:10:f4:b5:8f:b4:a5:a7:ec:32:a7:81:3b:74:f5:
41:5c:83:bb:6e:68:6c:d6:4c:4c:55:95:45:be:1b:
68:be:60:97:b4:3d:58:2a:98:5f:3e:83:9e:90:10:
4f:59:01:35:ee:80:df:ca:4e:fc:90:ad:9c:0f:c8:
07:b5:4f:cd:e5:4e:d2:6a:54:72:0a:d5:22:74:8f:
27:07:58:fb:7b:f0:78:6e:c1:b5:66:0a:3d:5c:8c:
76:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:C5:AB:0E:FD:6B:1E:D2:90:C9:67:38:5A:B0:8C:07:22:78:AC:BE
X509v3 Authority Key Identifier:
keyid:72:2A:8C:1D:31:18:95:01:61:08:FF:BD:14:57:5C:77:CC:28:77:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ciqMHTEYlQFhCP-9FFdcd8wodzo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/DcWrDv1rHtKQyWc4WrCMByJ4rL4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/ciqMHTEYlQFhCP-9FFdcd8wodzo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.222.176.0/23
109.160.14.0/23
109.160.72.0/22
Signature Algorithm: sha256WithRSAEncryption
6f:c4:3e:ab:b0:ff:67:53:50:d0:88:3a:07:81:18:3a:a4:21:
d3:24:a0:e7:0f:3b:3d:28:6d:6a:b1:6e:36:36:bf:be:a0:97:
c4:22:8a:54:a6:11:0e:87:b5:71:e0:b5:c2:af:3a:35:4b:96:
26:6a:01:12:de:eb:62:73:41:77:96:8b:fa:91:98:53:a0:7f:
f5:09:e7:a5:be:9b:ca:bb:1f:12:13:5f:b1:60:c8:1b:09:25:
a9:f1:8c:20:02:60:83:5f:75:e3:50:b9:66:43:46:95:64:6f:
e0:cc:c5:36:c0:8e:c8:23:73:53:57:e8:b9:c7:0d:ed:b1:1b:
85:db:2a:a1:0b:e7:e2:65:55:8f:c8:44:b9:c7:75:36:17:aa:
5c:69:93:6d:c1:a8:2c:a1:bf:42:9a:18:fd:b8:90:e9:87:13:
ec:54:21:9e:13:52:91:06:19:8c:26:3e:2c:c1:96:62:2c:dd:
c4:58:72:f6:08:0f:86:29:09:b6:d8:2f:f1:15:92:55:86:65:
73:2d:e1:8c:54:fb:e2:ed:df:b0:36:ea:f8:2b:54:ab:d0:d8:
18:93:0a:7b:c3:5b:c3:ce:74:9b:eb:a6:5f:fd:e5:47:8c:2c:
2e:0f:c5:09:63:c4:9b:9f:4d:ad:24:76:72:30:6e:29:6b:9d:
15:66:b8:65
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZF+yYlYbvd6zsy8inJU7OgEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMmE4YzFkMzExODk1MDE2MTA4ZmZiZDE0NTc1Yzc3Y2My
ODc3M2EwHhcNMjQwODIzMTAzMDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZGM1YWIwZWZkNmIxZWQyOTBjOTY3Mzg1YWIwOGMwNzIyNzhhY2JlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmTA7h2F8qZ4fNPwahT4LLiV3h9S8
UL6PUjPsk0neTSZm0PWhhfO4jVCDdP0q0r/T/Msy16bay0rbekfHd8aTI5uQ1etm
kykULAO/gV7/4jJpqAzkomRUlsKcORuctWI5cxYRmjj/s+OGZ2Fl9Z0nDR1MtYQX
R0AVdAzzxz606R4NNGlksDo/NOoeWmxgeDwKtt+blx6eGvaNa902TjNjO/c3FWkb
EPS1j7Slp+wyp4E7dPVBXIO7bmhs1kxMVZVFvhtovmCXtD1YKphfPoOekBBPWQE1
7oDfyk78kK2cD8gHtU/N5U7SalRyCtUidI8nB1j7e/B4bsG1Zgo9XIx2MQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFA3Fqw79ax7SkMlnOFqwjAcieKy+MB8GA1UdIwQY
MBaAFHIqjB0xGJUBYQj/vRRXXHfMKHc6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2lxTUhURVlsUUZoQ1AtOUZGZGNkOHdvZHpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC9iMWY2ZWUtYzRlZi00MzU1LWFmMzYt
YTU1OGVlNjU0MzFmLzEvRGNXckR2MXJIdEtReVdjNFdyQ01CeUo0ckw0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC9iMWY2ZWUtYzRlZi00MzU1LWFmMzYtYTU1OGVlNjU0MzFm
LzEvY2lxTUhURVlsUUZoQ1AtOUZGZGNkOHdvZHpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBU96wAwQB
baAOAwQCbaBIMA0GCSqGSIb3DQEBCwUAA4IBAQBvxD6rsP9nU1DQiDoHgRg6pCHT
JKDnDzs9KG1qsW42Nr++oJfEIopUphEOh7Vx4LXCrzo1S5YmagES3utic0F3lov6
kZhToH/1CeelvpvKux8SE1+xYMgbCSWp8YwgAmCDX3XjULlmQ0aVZG/gzMU2wI7I
I3NTV+i5xw3tsRuF2yqhC+fiZVWPyES5x3U2F6pcaZNtwagsob9Cmhj9uJDphxPs
VCGeE1KRBhmMJj4swZZiLN3EWHL2CA+GKQm22C/xFZJVhmVzLeGMVPvi7d+wNur4
K1Sr0NgYkwp7w1vDznSb66Zf/eVHjCwuD8UJY8Sbn02tJHZyMG4pa50VZrhl
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:54:25 2025 by rpki-client