Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/bDTiTMmPhv9jWUTdB1Eh93_b8lQ.roa
File: bDTiTMmPhv9jWUTdB1Eh93_b8lQ.roa (raw, json)
Hash identifier: VZOLqhpdgwsSBNWvjgMejUs1M4TslnzqX0xN2xlwNbY=
Subject key identifier: 6C:34:E2:4C:C9:8F:86:FF:63:59:44:DD:07:51:21:F7:7F:DB:F2:54
Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Certificate serial: 01908157E244BECB0907280C6CCA960F4B8C
Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/bDTiTMmPhv9jWUTdB1Eh93_b8lQ.roa
Signing time: Fri 05 Jul 2024 05:22:18 +0000
ROA not before: Fri 05 Jul 2024 05:22:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202984
IP address blocks: 185.39.205.0/24 maxlen: 24
2a09:e2c0::/30 maxlen: 30
2a09:e2c4::/30 maxlen: 30
2a10:4102::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 20 Aug 2024 02:20:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:81:57:e2:44:be:cb:09:07:28:0c:6c:ca:96:0f:4b:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Validity
Not Before: Jul 5 05:22:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6c34e24cc98f86ff635944dd075121f77fdbf254
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:a3:e7:47:2b:81:0c:89:18:3a:4d:f4:ff:e6:
8e:3a:c5:fa:9d:00:2f:06:c8:ef:48:d1:a8:b4:01:
f6:45:75:06:ae:58:1b:1c:37:15:6e:dd:4e:e4:57:
25:60:4d:7d:62:7a:52:f5:9e:9d:0d:39:4e:9a:37:
01:f8:a2:04:49:e2:21:d2:9d:2b:54:98:2c:75:70:
67:3a:80:ac:f6:17:3d:dc:a1:f9:75:dc:e3:18:43:
3a:30:ac:62:fe:5d:46:c1:d9:e4:d9:70:1a:5a:5d:
80:56:13:16:97:d1:b4:06:f9:34:d1:8c:eb:84:6b:
8f:e4:71:18:37:ce:08:88:4e:b2:d1:7f:37:a8:ee:
81:f7:50:f3:de:72:30:98:1d:64:00:af:eb:4a:7d:
69:47:dc:04:51:94:b4:6e:3b:22:1c:da:5f:41:f4:
00:3a:b0:6f:e0:83:c7:35:c6:a3:a9:ed:fa:8b:86:
98:28:d0:21:0e:57:13:47:38:2d:29:69:67:2f:87:
a7:56:11:71:16:f5:a6:8c:f0:fa:ed:af:43:24:d4:
78:e9:94:fc:c3:46:35:4a:96:25:ed:b7:84:35:cf:
91:f5:71:16:c5:d2:3f:e7:73:a2:50:16:ee:53:e0:
54:23:e9:2f:bc:45:6a:80:bb:a7:e3:7b:73:38:20:
9f:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:34:E2:4C:C9:8F:86:FF:63:59:44:DD:07:51:21:F7:7F:DB:F2:54
X509v3 Authority Key Identifier:
keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/bDTiTMmPhv9jWUTdB1Eh93_b8lQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.39.205.0/24
IPv6:
2a09:e2c0::/29
2a10:4102::/32
Signature Algorithm: sha256WithRSAEncryption
d5:b6:88:41:a7:a4:f4:d8:d4:2a:7b:d5:12:e8:ec:bd:f5:68:
af:11:b9:bc:1c:4e:cf:4e:2a:e6:46:c2:14:60:21:ce:e2:44:
2a:03:d1:50:47:7d:3f:13:db:4f:4e:0c:b1:43:0c:7c:5e:bb:
7a:35:f0:06:fa:62:18:9b:0b:dd:f2:84:14:a7:ab:48:e3:c6:
24:7b:50:13:1b:a6:b0:e8:9d:2b:54:15:f4:a2:ce:fa:b7:58:
76:b0:9e:8c:c7:31:47:c4:b3:3d:cf:9e:2d:3c:56:c6:60:ad:
1c:8c:82:73:93:81:bb:ce:52:20:67:9d:56:e9:e6:e8:d9:21:
65:80:a9:95:b5:bc:a2:2c:2f:30:54:89:94:c9:54:4b:2d:5b:
7e:71:52:f3:87:8f:26:57:d4:99:c8:1b:6c:42:05:84:05:53:
d8:2a:30:af:ee:4f:d0:6a:5b:cd:cd:31:78:cf:4a:6b:1c:a9:
7c:f3:dc:44:a0:68:56:cb:b2:25:2b:f2:c6:c0:75:fc:95:82:
80:f5:b4:78:24:c3:cd:7f:a2:3c:98:c9:8c:4c:33:b0:86:c2:
6a:90:ae:bb:4c:6e:37:49:a0:36:d3:0e:d7:5a:74:0c:ad:3f:
07:a4:70:14:46:bd:48:06:e0:1d:e8:1a:b9:e5:5c:49:48:ba:
07:99:d3:d0
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZCBV+JEvssJBygMbMqWD0uMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl
NWVjZjIwHhcNMjQwNzA1MDUyMjE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzM0ZTI0Y2M5OGY4NmZmNjM1OTQ0ZGQwNzUxMjFmNzdmZGJmMjU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlKPnRyuBDIkYOk30/+aOOsX6nQAv
BsjvSNGotAH2RXUGrlgbHDcVbt1O5FclYE19YnpS9Z6dDTlOmjcB+KIESeIh0p0r
VJgsdXBnOoCs9hc93KH5ddzjGEM6MKxi/l1Gwdnk2XAaWl2AVhMWl9G0Bvk00Yzr
hGuP5HEYN84IiE6y0X83qO6B91Dz3nIwmB1kAK/rSn1pR9wEUZS0bjsiHNpfQfQA
OrBv4IPHNcajqe36i4aYKNAhDlcTRzgtKWlnL4enVhFxFvWmjPD67a9DJNR46ZT8
w0Y1SpYl7beENc+R9XEWxdI/53OiUBbuU+BUI+kvvEVqgLun43tzOCCfiwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFGw04kzJj4b/Y1lE3QdRIfd/2/JUMB8GA1UdIwQY
MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt
MTcxYzM2N2JlNzgyLzEvYkRUaVRNbVBodjlqV1VUZEIxRWg5M19iOGxRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWItMTcxYzM2N2JlNzgy
LzEvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAMBAIAATAGAwQAuSfNMBQE
AgACMA4DBQMqCeLAAwUAKhBBAjANBgkqhkiG9w0BAQsFAAOCAQEA1baIQaek9NjU
KnvVEujsvfVorxG5vBxOz04q5kbCFGAhzuJEKgPRUEd9PxPbT04MsUMMfF67ejXw
BvpiGJsL3fKEFKerSOPGJHtQExumsOidK1QV9KLO+rdYdrCejMcxR8SzPc+eLTxW
xmCtHIyCc5OBu85SIGedVunm6NkhZYCplbW8oiwvMFSJlMlUSy1bfnFS84ePJlfU
mcgbbEIFhAVT2Cowr+5P0Gpbzc0xeM9KaxypfPPcRKBoVsuyJSvyxsB1/JWCgPW0
eCTDzX+iPJjJjEwzsIbCapCuu0xuN0mgNtMO11p0DK0/B6RwFEa9SAbgHegaueVc
SUi6B5nT0A==
-----END CERTIFICATE-----
Generated at Sat Apr 5 19:11:20 2025 by rpki-client