Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/b416a5-ee4f-4cc7-b0c4-7475f70df9fa/1/DMfUVTHRwFiLSP9JVhYCIXqHYos.roa
File: DMfUVTHRwFiLSP9JVhYCIXqHYos.roa (raw, json)
Hash identifier: ZPi5EuNhJtIW8M9aHYEl5lDoGB9NXmndYtWl/lMkQ4I=
Subject key identifier: 0C:C7:D4:55:31:D1:C0:58:8B:48:FF:49:56:16:02:21:7A:87:62:8B
Certificate issuer: /CN=ff1f615b91839f51ed3a5b53753b27b02c76da95
Certificate serial: 018FBF22891D89D5BBC52D68770F5A34832D
Authority key identifier: FF:1F:61:5B:91:83:9F:51:ED:3A:5B:53:75:3B:27:B0:2C:76:DA:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_x9hW5GDn1HtOltTdTsnsCx22pU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/b416a5-ee4f-4cc7-b0c4-7475f70df9fa/1/DMfUVTHRwFiLSP9JVhYCIXqHYos.roa
Signing time: Tue 28 May 2024 12:17:42 +0000
ROA not before: Tue 28 May 2024 12:17:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215098
IP address blocks: 185.220.195.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 08 Jun 2024 22:45:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:bf:22:89:1d:89:d5:bb:c5:2d:68:77:0f:5a:34:83:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff1f615b91839f51ed3a5b53753b27b02c76da95
Validity
Not Before: May 28 12:17:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0cc7d45531d1c0588b48ff49561602217a87628b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:1b:cc:b1:2f:65:76:ec:01:4e:e8:49:58:cf:
60:f5:ba:9c:25:59:81:8a:b8:fe:11:4d:7b:f1:09:
d1:74:36:38:4d:a8:ed:0a:bb:38:4f:98:63:92:5e:
b2:57:86:ea:1f:4b:e8:14:01:8f:31:c5:50:88:bd:
66:88:d0:28:7b:8b:b0:da:59:77:87:4b:a3:ef:ec:
64:f5:6d:6e:39:65:b3:68:05:41:d1:d6:e3:13:fa:
ab:94:62:b4:f1:8b:a5:33:14:85:0f:37:7b:5a:84:
55:9b:f7:07:90:c6:cd:a6:2d:94:fd:60:cd:aa:c8:
6f:22:62:db:c0:7c:0c:7c:0a:68:bb:1f:f3:21:26:
1f:16:9b:c5:6c:72:8f:76:78:e6:63:3c:2c:fb:e2:
f9:85:5b:a2:7c:d3:77:ad:a8:2b:00:49:be:71:29:
b2:0b:d2:fb:e6:29:16:44:35:0f:e9:f0:1e:87:d3:
c0:8d:0c:a4:a8:ed:fe:91:02:e2:e9:9e:7e:4b:6c:
7c:f4:d9:10:3b:3f:52:f7:c3:72:ee:63:f6:e0:25:
d3:e3:f1:f4:11:09:25:d8:b7:5d:2d:c9:e3:83:89:
e0:9d:46:ed:7f:55:bd:16:98:bd:3f:01:c7:16:47:
30:39:2c:fc:8b:3a:3b:14:75:f2:ea:d8:1e:78:32:
20:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:C7:D4:55:31:D1:C0:58:8B:48:FF:49:56:16:02:21:7A:87:62:8B
X509v3 Authority Key Identifier:
keyid:FF:1F:61:5B:91:83:9F:51:ED:3A:5B:53:75:3B:27:B0:2C:76:DA:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_x9hW5GDn1HtOltTdTsnsCx22pU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/b416a5-ee4f-4cc7-b0c4-7475f70df9fa/1/DMfUVTHRwFiLSP9JVhYCIXqHYos.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/b416a5-ee4f-4cc7-b0c4-7475f70df9fa/1/_x9hW5GDn1HtOltTdTsnsCx22pU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.220.195.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:bb:81:0d:1a:6a:c7:fc:ea:c6:40:89:2c:7a:46:d6:21:f8:
75:68:51:ba:0b:ce:48:18:ba:9b:92:77:3c:b1:62:f7:be:7e:
b4:89:62:02:a1:13:22:2f:54:0e:c6:0d:3f:4f:29:96:a9:a3:
9f:a2:a9:cd:d2:f3:2d:fc:95:81:d0:d2:83:d2:08:74:91:24:
90:27:3d:b4:41:fd:53:82:ee:8d:cd:dd:ed:ac:4b:e5:e4:a2:
7f:7a:2c:10:7d:c9:40:ab:5a:8d:1c:2c:23:4b:12:14:a5:90:
3c:4c:db:9a:b6:e5:c5:ed:dd:2a:b2:1f:a4:40:5d:83:2f:7d:
37:17:8d:43:0c:cd:71:0c:67:0e:19:06:5f:ea:37:76:5a:07:
f9:30:f8:89:5f:d2:ea:1d:fc:f0:c7:74:36:ed:4a:4c:ff:2c:
89:a0:24:f7:1b:be:ed:a2:50:76:17:9d:cc:80:14:d4:86:dd:
ad:a4:4c:d1:02:e9:2d:6a:89:a0:4b:8f:11:ea:14:95:63:14:
f3:a7:df:68:2f:be:a1:e2:57:ea:c9:76:2a:0b:11:0c:33:6a:
49:c5:15:cc:db:83:19:52:f6:f6:fe:e0:ee:91:e0:f8:35:ed:
cd:b5:ae:21:37:a3:fd:78:6c:83:38:8c:1f:92:4a:07:b1:d8:
76:4a:5e:7e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY+/IokdidW7xS1odw9aNIMtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmMWY2MTViOTE4MzlmNTFlZDNhNWI1Mzc1M2IyN2IwMmM3
NmRhOTUwHhcNMjQwNTI4MTIxNzQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwY2M3ZDQ1NTMxZDFjMDU4OGI0OGZmNDk1NjE2MDIyMTdhODc2MjhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlhvMsS9lduwBTuhJWM9g9bqcJVmB
irj+EU178QnRdDY4TajtCrs4T5hjkl6yV4bqH0voFAGPMcVQiL1miNAoe4uw2ll3
h0uj7+xk9W1uOWWzaAVB0dbjE/qrlGK08YulMxSFDzd7WoRVm/cHkMbNpi2U/WDN
qshvImLbwHwMfApoux/zISYfFpvFbHKPdnjmYzws++L5hVuifNN3ragrAEm+cSmy
C9L75ikWRDUP6fAeh9PAjQykqO3+kQLi6Z5+S2x89NkQOz9S98Ny7mP24CXT4/H0
EQkl2LddLcnjg4ngnUbtf1W9Fpi9PwHHFkcwOSz8izo7FHXy6tgeeDIgGwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAzH1FUx0cBYi0j/SVYWAiF6h2KLMB8GA1UdIwQY
MBaAFP8fYVuRg59R7TpbU3U7J7AsdtqVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX3g5aFc1R0RuMUh0T2x0VGRUc25zQ3gyMnBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS9iNDE2YTUtZWU0Zi00Y2M3LWIwYzQt
NzQ3NWY3MGRmOWZhLzEvRE1mVVZUSFJ3RmlMU1A5SlZoWUNJWHFIWW9zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS9iNDE2YTUtZWU0Zi00Y2M3LWIwYzQtNzQ3NWY3MGRmOWZh
LzEvX3g5aFc1R0RuMUh0T2x0VGRUc25zQ3gyMnBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAudzDMA0G
CSqGSIb3DQEBCwUAA4IBAQB6u4ENGmrH/OrGQIksekbWIfh1aFG6C85IGLqbknc8
sWL3vn60iWICoRMiL1QOxg0/TymWqaOfoqnN0vMt/JWB0NKD0gh0kSSQJz20Qf1T
gu6Nzd3trEvl5KJ/eiwQfclAq1qNHCwjSxIUpZA8TNuatuXF7d0qsh+kQF2DL303
F41DDM1xDGcOGQZf6jd2Wgf5MPiJX9LqHfzwx3Q27UpM/yyJoCT3G77tolB2F53M
gBTUht2tpEzRAuktaomgS48R6hSVYxTzp99oL76h4lfqyXYqCxEMM2pJxRXM24MZ
Uvb2/uDukeD4Ne3Nta4hN6P9eGyDOIwfkkoHsdh2Sl5+
-----END CERTIFICATE-----
Generated at Sun Apr 27 22:19:17 2025 by rpki-client