Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/DDylEnW2HuCe1W8nZ9UnUlDZkdg.roa
File: DDylEnW2HuCe1W8nZ9UnUlDZkdg.roa (raw, json)
Hash identifier: cZFwvuQDZY1MXm+g3W6RJD07saObHQB72HrX1K5bY94=
Subject key identifier: 0C:3C:A5:12:75:B6:1E:E0:9E:D5:6F:27:67:D5:27:52:50:D9:91:D8
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 0193D78C6627A1B85362652A5E15F63A5DA5
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/DDylEnW2HuCe1W8nZ9UnUlDZkdg.roa
Signing time: Wed 18 Dec 2024 02:15:22 +0000
ROA not before: Wed 18 Dec 2024 02:15:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43793
IP address blocks: 31.47.144.0/20 maxlen: 20
46.183.80.0/21 maxlen: 21
78.111.240.0/20 maxlen: 20
109.205.144.0/21 maxlen: 21
185.43.100.0/22 maxlen: 22
Validation: Failed, certificate revoked on Thu 02 Jan 2025 09:50:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:d7:8c:66:27:a1:b8:53:62:65:2a:5e:15:f6:3a:5d:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Dec 18 02:15:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0c3ca51275b61ee09ed56f2767d5275250d991d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:59:88:80:85:22:cb:d3:47:3b:ba:4c:2e:ac:
fc:28:6c:93:13:a5:be:79:a1:4d:b5:35:b1:f6:e4:
9b:a9:b7:95:e4:74:78:0d:b7:67:fe:e0:8b:50:7a:
8b:44:39:6c:41:0b:3b:65:d7:b6:ba:ce:df:4b:2b:
78:ac:23:9a:1e:0e:0e:cf:ef:27:8a:75:b1:83:ab:
05:b1:1a:03:41:3c:d4:cf:c1:3d:f7:f7:8b:05:d2:
9c:47:81:65:64:e8:07:04:02:e0:2c:4f:cf:fa:ce:
a6:90:21:9b:f5:3d:49:df:ff:f6:a7:0e:f6:26:e8:
fc:f7:08:3f:c2:e5:ed:ba:3f:88:6b:30:0e:b7:97:
12:5e:9e:ca:b0:10:a2:5a:54:43:52:43:d0:57:bd:
df:b8:08:17:5e:e0:ba:69:76:0a:8d:60:89:bf:df:
d3:af:75:59:74:48:bf:39:76:68:4e:41:5a:1b:d9:
35:cf:64:33:a2:a1:a7:cb:f3:37:33:49:b3:38:f6:
85:c2:1b:9a:28:8c:b4:0f:d8:81:d7:b3:88:c9:5c:
39:b2:7a:f7:25:19:3b:ec:03:5f:9a:0d:52:e0:fe:
12:47:8d:bf:30:fe:0b:93:e1:6e:cc:c7:fb:fa:07:
d3:0b:6d:0b:dc:ca:c5:11:64:37:1d:c4:be:54:78:
6f:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:3C:A5:12:75:B6:1E:E0:9E:D5:6F:27:67:D5:27:52:50:D9:91:D8
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/DDylEnW2HuCe1W8nZ9UnUlDZkdg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.47.144.0/20
46.183.80.0/21
78.111.240.0/20
109.205.144.0/21
185.43.100.0/22
Signature Algorithm: sha256WithRSAEncryption
04:f5:ec:30:e9:80:28:5a:16:f1:e4:64:03:5f:0b:44:5d:dd:
ec:73:90:b8:30:dd:e1:e4:76:77:08:19:04:72:b5:9d:c0:35:
15:ac:1d:b6:94:2c:a7:67:48:3e:b4:96:f2:7e:56:b9:42:65:
23:44:b0:a4:3d:f2:70:a6:d2:9c:0c:f4:ce:c3:cd:61:0a:55:
f3:0f:78:af:fe:06:31:5a:23:3f:8a:73:47:c1:61:7c:37:e4:
3d:64:1e:cc:c5:75:e7:b8:d1:ab:e2:5d:cb:7c:3c:0f:0a:dc:
67:4a:b0:ca:f6:f8:ef:93:dc:7f:00:00:ac:79:5d:96:87:85:
e6:4a:94:57:85:80:df:2d:fb:83:2f:46:1f:bf:d0:fa:62:65:
43:f3:23:6d:31:5c:4e:b4:26:db:5a:a1:b2:78:a5:28:5d:05:
07:0a:e3:bc:10:74:8d:b2:b9:3e:56:a3:a4:47:d5:e5:0b:a1:
e8:cc:fc:be:5b:5a:c4:12:01:6a:aa:0a:a6:58:df:d5:3a:22:
d0:91:06:c7:09:63:6d:9b:5a:28:bf:4e:93:9d:aa:40:e3:12:
b1:40:a4:bf:ad:9a:c8:57:a2:ef:c9:fa:8b:ed:da:64:b9:c7:
d6:83:8f:2d:e8:5d:d2:0c:ff:c8:a9:fa:11:fb:08:f6:c4:55:
1b:41:c5:a9
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZPXjGYnobhTYmUqXhX2Ol2lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjQxMjE4MDIxNTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzNjYTUxMjc1YjYxZWUwOWVkNTZmMjc2N2Q1Mjc1MjUwZDk5MWQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoVmIgIUiy9NHO7pMLqz8KGyTE6W+
eaFNtTWx9uSbqbeV5HR4Dbdn/uCLUHqLRDlsQQs7Zde2us7fSyt4rCOaHg4Oz+8n
inWxg6sFsRoDQTzUz8E99/eLBdKcR4FlZOgHBALgLE/P+s6mkCGb9T1J3//2pw72
Juj89wg/wuXtuj+IazAOt5cSXp7KsBCiWlRDUkPQV73fuAgXXuC6aXYKjWCJv9/T
r3VZdEi/OXZoTkFaG9k1z2QzoqGny/M3M0mzOPaFwhuaKIy0D9iB17OIyVw5snr3
JRk77ANfmg1S4P4SR42/MP4Lk+FuzMf7+gfTC20L3MrFEWQ3HcS+VHhvNwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFAw8pRJ1th7gntVvJ2fVJ1JQ2ZHYMB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEvRER5bEVuVzJIdUNlMVc4blo5VW5VbERaa2RnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQEHy+QAwQD
LrdQAwQETm/wAwQDbc2QAwQCuStkMA0GCSqGSIb3DQEBCwUAA4IBAQAE9eww6YAo
Whbx5GQDXwtEXd3sc5C4MN3h5HZ3CBkEcrWdwDUVrB22lCynZ0g+tJbyfla5QmUj
RLCkPfJwptKcDPTOw81hClXzD3iv/gYxWiM/inNHwWF8N+Q9ZB7MxXXnuNGr4l3L
fDwPCtxnSrDK9vjvk9x/AACseV2Wh4XmSpRXhYDfLfuDL0Yfv9D6YmVD8yNtMVxO
tCbbWqGyeKUoXQUHCuO8EHSNsrk+VqOkR9XlC6HozPy+W1rEEgFqqgqmWN/VOiLQ
kQbHCWNtm1oov06TnapA4xKxQKS/rZrIV6LvyfqL7dpkucfWg48t6F3SDP/IqfoR
+wj2xFUbQcWp
-----END CERTIFICATE-----
Generated at Thu Apr 17 10:10:30 2025 by rpki-client